tmuster2k 22 Posted September 27, 2018 Share Posted September 27, 2018 Need to figure out how to block Remote Desktop Connection to everyone except one computer. Meaning the tech's computer should be the only one that can remote desktop into any computer on the network. No other computers on network should not be able to remote desktop into any computer. We want to retain the network address in the Trusted Zone on the global policy for endpoints using EES. I created a a firewall rule on the global policy to deny PORT 3389 and application c:\windows\system32\mstsc.exe and similar rule to allow on the one tech computer. After confirming policy took I can still connect to every computer via RDP. The only way I can prevent remote desktop is to take out the network address in Trusted Zone. Is there any other recommended way to configure this policy for remote desktop? Link to comment Share on other sites More sharing options...
Pinni3 21 Posted September 27, 2018 Share Posted September 27, 2018 If You run active directory, this should be run by gpo Link to comment Share on other sites More sharing options...
tmuster2k 22 Posted September 27, 2018 Author Share Posted September 27, 2018 This is not possible to do within ESET policy? Link to comment Share on other sites More sharing options...
bbahes 29 Posted September 27, 2018 Share Posted September 27, 2018 If you use v5 there is Tab "Advanced setup" (Windows desktop v5 > Personal firewall > Settings > Rule setup) where you uncheck "Allow remote desktop in the Trusted zone". Did you try unchecking this option? Link to comment Share on other sites More sharing options...
Recommended Posts