CoIP Access Platform provides built-in secure remote desktop access functions, which allow administrators to deploy secure VNC or RDP access to users. This access uses overlay networking over outbound TCP 443, allowing sensitive VNC and RDP ports (5000, 3389, etc) to be shut down throughout the network. This has the benefit of significantly increasing the degree of difficulty for hackers who often leverage RDP or VNC to maintain a persistent connection to their targets.
Secure Remote Desktop Access Concepts
CoIP Access Platform defines Users, User Roles, and Access Desktops/Servers. Users are assigned one or more User Roles, which granted them the ability to connect to one more Access Desktops.
Types of access include VNC and RDP. File Transfer Manager (FTM) and remote debugging (GDB) are outside the scope of this Quick Start Guide.
Defining Access Servers
An Access Server is an endpoint that can be a landing target for desktop access. To designate endpoints as Access Servers, go to Advanced Mode > Project Management > Endpoint Profiles and select the target endpoints. Then, click the icon to enable access.
Any endpoint may be designated as an Access Server, but Access Servers are licensed separately from the basic Cloud Server type; online Access Servers will consume an Access Server license.
Creating User Roles
New User Roles may be created from the Roles tab at Onboarding and Management > Users.
A role is associated with an Access Control List, which specifies the Access Servers that can be accessed by this role, along with functions that can be used in conjunction with that Access Servers.
User creation for secure remote desktop access uses the same process by which users are normally onboarded to CoIP Access Platform. Refer to the CoIP Onboarding Guide Quick Start Guide for details.
Administrators can see in-progress remote desktop sessions and a history of sessions under Monitoring and Reporting > Virtual Desktop Sessions. You can also terminate an in-progress user session from this page.