Is it Possible to Block File Sharing over Remote Desktop Protocol (ms-rdp)?

Is it Possible to Block File Sharing over Remote Desktop Protocol (ms-rdp)?

34434
Created On 09/26/18 13:49 PM - Last Modified 06/13/23 14:08 PM


Resolution


Issue

File sharing cannot be blocked over Remote Desktop Protocol (ms-rdp).

 

Cause

Remote Desktop Protocol (RDP) is a multi-channel protocol that allows a user to connect to a networked computer.

The ms-rdp characteristics are as follows:

Screen Shot 2015-01-05 at 14.39.41.png

As seen in the above image, the ms-rdp application is capable of transferring files. However, it uses a proprietary form of encryption that is not supported by the Palo Alto Networks firewall. This means that the specific actions occurring within an RDP session cannot be inspected, and the firewall can only be configured to allow or block RDP traffic.

 

Workaround

Disable file sharing over RDP using Group Policy Objects (GPO) on the end client.

 

owner: rvanderveken
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClrGCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language