What is remote desktop protocol (RDP)?
Remote desktop protocol (RDP) is a secure network communications protocol developed by Microsoft. It enables network administrators to remotely diagnose problems that users encounter and gives users remote access to their physical work desktop computers.
Employees who need access to their work computers while working from home or traveling can use RDP. It's also often used by support technicians who need to diagnose and repair a user's system remotely and by administrators providing system maintenance.
RDP can also be used for accessing files, running applications and printing documents remotely. Its use extends beyond PCs to include server and virtual server environments, especially in enterprise settings.
How does remote desktop protocol work?
To use a remote desktop session, a user or admin must employ RDP client software to connect to the remote Windows PC or server running RDP server software. A graphical user interface enables the remote user or admin to open applications and edit files as if they were sitting in front of the desktop.
This article is part of
What is desktop management and how does it work?
RDP clients are available for most versions of Windows as well as for macOS, Linux, Unix, Google through Chrome Remote Desktop, Android and Apple iOS. An open source version is also available. RDP is an extension of the International Telecommunications Union-Telecommunication T.128 application sharing protocol.
RDP provides remote access through a dedicated network channel. An RDP-enabled application or service packages the data to be transmitted, and the Microsoft Communications Service directs the data to an RDP channel. From there, the operating system (OS) encrypts the RDP data and adds it to a frame so that it can be transmitted.
The Terminal Server Device Redirector Driver handles all RDP activity. This kernel driver comprises subcomponents such as the RDP driver, which handles user interfaces, transfers, encryption, compression and framing. The transport driver is responsible for packaging the protocol sent across a TCP/IP network.
The RDP protocol uses network port 3389 to establish a dedicated channel for data exchange between the remote desktop and the local computer.
Features of RDP
RDP creates secure connections between clients, servers and virtual machines. It works across different Windows and other OSes and devices and provides strong physical security through remote data storage.
Noteworthy properties of RDP include the following:
- Smart card authentication. RDP enables users to authenticate using smart cards, which are physical security tokens with an embedded chip.
- Multiple displays. RDP enables admins to use multiple monitors or displays.
- Temporary disconnect. RDP lets admins disconnect temporarily without logging off or terminating the session.
- Virtualized graphics processing unit support. RDP provides RemoteFX virtualized GPU support, as it includes RemoteFX protocols for delivering virtual desktops over local area networks, enhancing the user experience with advanced graphics coding and virtualization.
- Encryption. RDP uses 128-bit encryption for mouse and keyboard data using RSA security's RC4 cipher encryption.
- Audio redirection. RDP can direct audio from a remote desktop to the user's computer.
- Local file redirection. RDP can redirect local files to a remote desktop.
- Connection to local printers. With RDP, local printers can be used in remote desktop sessions.
- Access to local ports. When using RDP, applications in the remote desktop session can access local ports.
- Clipboard sharing. RDP lets users share clipboards between local and remote computers.
- Access to remote applications. When using RDP, applications on a remote desktop can be run on a local computer.
- Transport layer security. RDP supports TLS, which helps prevent eavesdropping and man-in-the-middle (MitM) attacks. This is important for maintaining the confidentiality and integrity of the data being transmitted.
- RemoteApp support. Users can run remote applications seamlessly alongside local applications through the RemoteApp feature. It improves workflow by integrating remote applications into the local desktop environment.
- Bandwidth reduction. RDP can support up to 64,000 independent channels for data transmission. Data can be encrypted using 128-bit keys. The bandwidth reduction feature optimizes the data transfer rate in low-speed connections.
Note that not every RDP client supports all these features. Additionally, a client might only support certain features when operating in enhanced session mode.
RDP use cases
The following are three main use cases for RDP:
- Remote troubleshooting. Whether assisting a corporate help desk or aiding a friend or family member with computer issues, RDP enables network admins or users to diagnose and resolve problems from a distance. This approach can save time, reduce travel costs and offer more efficient support.
- Remote desktop access. RDP enables remote access to a computer or a server, giving users the ability to access a home or office PC while traveling.
- Remote administration. RDP enables network admins to make configuration changes on remote machines. For example, they can update configurations, apply changes and manage network servers without needing to be physically present at the server location.
What are the benefits of RDP?
RDP provides various benefits for businesses and individuals seeking to improve their remote access capabilities. Key benefits of RDP include the following:
- Data security. With RDP, data can be securely stored and encrypted using cloud servers, reducing the risk of data loss through breaches or device failure.
- No VPN is required. RDP doesn't require the use of a virtual private network (VPN).
- Remote accessibility. RDP enables employees at companies with legacy on-premises IT infrastructure to work remotely.
- Cost efficiency. RDP can lower IT costs by reducing the need for physical hardware and infrastructure. Organizations save on capital expenditures by using cloud and subscription-based options instead of investing in servers and maintenance.
- Centralized management. RDP facilitates centralized management of applications and data, enabling IT departments to deploy updates, manage resources and ensure security compliance more easily. This approach streamlines IT administration and boosts overall efficiency.
- Improved collaboration. RDP enhances team collaboration by enabling multiple users to access the same desktop environment. This is beneficial for training sessions, technical support and collaborative projects, where real-time access to shared resources is crucial.
- Quick deployment. RDP options can be quickly deployed, enabling organizations to adapt to evolving business needs or unexpected events, such as the shift to remote work that occurred during the COVID-19 pandemic.
What are the issues with RDP?
RDP can be useful for administering remote work management and access, especially for companies using an on-premises IT infrastructure. However, along with its many benefits, RDP also has the following issues:
- There can be potential latency issues for remote employees if they have a slow internet connection. Any disruption in connectivity can lead to session drops or the inability to access remote systems. This can be especially problematic for remote workers in areas with unreliable internet service.
- RDP isn't ideal for sustained use over time due to the risk of security vulnerabilities, such as its susceptibility to hash attacks and computer worms.
- Some RDP clients might not support all the features that come with the enhanced session mode, potentially affecting the user experience. For example, functionalities such as file transfer or clipboard sharing might not work smoothly across different platforms or setups.
- Setting up RDP can be complex, particularly in large organizations with various users and security needs. Keeping the system secure and functional in such environments requires ongoing maintenance through updates and RDP security patches.
- RDP sessions can lock the remote desktop, preventing the remote user from seeing what the administrator is doing. This can be a drawback in scenarios where collaboration or demonstration is needed, as it limits the ability to share screens or provide real-time guidance.
How secure is RDP?
According to the Sophos Active Adversary Report of 2024, RDP services were used for 90% of cyberattacks in 2023. RDP communication typically occurs over TCP port 3389, making it vulnerable to MitM attacks and other security threats. Attackers might impersonate communicating parties to gain control of the RDP server. Additionally, using similar passwords for remote logins increases susceptibility to brute-force and credential stuffing attacks.
Therefore, it's important to follow RDP best practices -- such as not using open RDP connections over the internet or giving anyone direct access to an RDP server. Other precautions include defense-in-depth, which uses multiple layers of security and the principle of least privilege, which limits user access to only the systems needed.
Multifactor authentication should also be used with RDP because, without it, even strong credentials can be exploited if stolen. Using MFA can significantly enhance security by requiring an additional layer of verification.
The BlueKeep security flaw affected users of earlier versions of Windows by installing malicious programming and making changes to data. First discovered in May 2019, these vulnerabilities affected Windows 7, Windows XP, Windows 2000, Windows Server 2003 and Windows Server 2008. Historically, RDP has been susceptible to pass the hash attacks and computer worms. Though less effective, brute-force attacks have gained access to past and present versions of RDP.
Microsoft provided security patches for those earlier Windows versions, and newer versions of RDP are far more secure. More recent Windows OSes contain a mechanism for specifying which users can access the system through an RDP session. There's also an option to prevent anyone from remotely accessing the system unless they use network-level authentication.
RDP vs. VPN
Although some people compare RDP and VPN, the two technologies are significantly different. A VPN provides a secure network path or tunnel to an organization's network resources. A remote user who has a VPN connection can work the same way as if they were working on premises.
Where a VPN provides connectivity to a remote network, RDP provides connectivity to a specific remote resource. This resource is usually a physical or a virtual computer, but some options enable RDP connections to specific remote applications.
VPNs provide a higher level of security than RDP because they encrypt all data transmitted between the user and the network, making it hard for third parties to intercept sensitive information. However, they can still be vulnerable, particularly if the user devices or the VPN server itself are compromised.
Alternatives to RDP
RDP is one of the most widely used remote access protocols, but alternatives exist. Gartner Peer Insights notes the following examples of remote desktop software:
- AnyDesk. AnyDesk is a lightweight remote desktop application that supports multiple OSes. It's noted for its ease of use, low latency and reliable network connections, making it suitable for both personal and professional environments.
- BeyondTrust. BeyondTrust Remote Support offers privileged access management and provides remote desktop services. It helps businesses secure and manage their privileges across traditional, hybrid and cloud environments.
- SolarWinds. SolarWinds Dameware Remote Support offers remote support capabilities for both on-premises and cloud versions. It's designed for IT professionals and includes features that focus on enhanced troubleshooting and cybersecurity.
- Splashtop. Splashtop provides high performance and offers clear graphics with low latency. It supports multiple platforms and provides remote access to applications and desktops.
- TeamViewer. TeamViewer Remote is used for remote support and collaboration. It supports various devices and OSes and offers features including file transfer, session recording and remote printing.
- Zoho. Zoho Assist is primarily designed to provide remote support but also offers unattended remote access. Zoho Assist is a paid product, but the company also provides a lightweight free edition.
Not all virtual desktop infrastructure (VDI) software supports all display protocols, so choosing a protocol often depends on what VDI software the organization is using. If the goal is to find an alternative to connect users to a remote or virtual desktop, there are various VDI alternatives available.
A remote machine can sometimes reject an RDP connection, preventing a remote session from taking place. IT admins should follow these steps to establish a successful remote desktop connection.