Skip navigation

Duo Security is now a part of Cisco

About Cisco

Product & Engineering

Protecting Windows Servers and Remote Desktops With Duo

With more than 130,000 desktop sessions integrated, Microsoft Windows Desktop is one of the most popular applications that companies protect with Duo’s Trusted Access platform. Typically, they do this by securing access to Windows Server logins (RDP) and Remote Desktop applications (RD Gateway, RD Web).

Duo can secure any remote desktop workload, regardless of whether they are hosted on-premises or in the public cloud. Let’s look at how you can quickly set this up.

Integrating Duo With RDP to Secure Windows Server Logins

To integrate Duo with Windows RDP, you simply have to run the Duo Authentication for Windows Logon installer on your Microsoft session host with admin privileges. During the installation, you’ll enter in the integration key, secret key and API hostname that Duo provides you. In addition, you can customize a few different policy options (like bypassing auth if the device is offline, or using auto push) as part of the installation process.

Now when you log into a Windows Server, you’ll automatically be prompted for two-factor authentication after providing primary login credentials.

As more companies move workloads to the cloud, it’s important to remember that we can secure your RDP instance whether your Windows server is located on-premises or in Microsoft Azure.

Here’s what Duo integration with Windows RDP looks like:

Duo integration with Windows RDP

For full instructions on how to integrate Duo with Windows RDP, view our Windows RDP documentation.

Integrating Duo With Other Remote Desktop Services (RD Gateway & RD Web)

In some cases, companies may use Microsoft RD Gateway or RD Web to provide end users access to a virtual desktop infrastructure (VDI). This is particularly useful if you have multiple session hosts to broker connections to, but you want to provide users with a single point of access to your remote desktop infrastructure. For small and medium-sized organizations, Microsoft’s remote desktop services are a good, cost-effective alternative to more expensive VDI solutions from Citrix and VMware.

Deploying Duo to protect these Remote Desktop Services is easy. Install the Duo Authentication for RD Web and/or RD Gateway package on its respective server; enter in the integration key, secret key and API hostname that Duo provides you; and you’re good to go!

When your end users arrive at either the Remote Desktop Gateway or Web portal, after providing their login credentials, they’ll automatically be prompted for two-factor authentication.

Again, the Duo integration works the same way whether the RD web portal and gateway is hosted on-premises or in the Azure cloud.

Here’s what Duo integration with Remote Desktop Services look like:

Duo integration with Remote Desktop Services

For full instructions on how to integrate Duo with Microsoft RDS, view our RDS documentation.

More than 7,000 organizations worldwide trust Duo to secure access to Windows Servers and virtual desktop infrastructures. Try Duo free for 30 days to see how you can start today.