Exposing RDP/SSH ports over the Internet isn't desired and is seen as a significant threat surface.

This is often due to protocol vulnerabilities. To contain this threat surface, you can deploy bastion hosts (also known as jump-servers) at the public side of your perimeter network. Bastion host servers are designed and configured to withstand attacks. Bastion servers also provide RDP and SSH connectivity to the workloads sitting behind the bastion, as well as further inside the network.


Popular posts from this blog

Check MySQL query history from command line

Installing chocolatey on Windows