Security plays a very vital role for any computer network, and for Terminal Service environment it is very important to measure security concerns.

One example: Users are running applications directly on the server. If a potential vulnerability exists in an application or in the server's configuration exists, then the vulnerability could potentially be utilized in an attempt to gain access to the fundamental operating system.

Here are some basic techniques for securing your Terminal Service environment.

Risk #1: Running the Terminal Services Along Side Another Server Application

You should never run the Terminal Services along side another server application. For example: Exchange Server. It leads to major strain on server resources such as the CPU and memory, and results in a huge security risk.

Some versions of the Windows Terminal Services require users to have Log on Locally permissions in order to log in through a Terminal Service session. If the Terminal Services are running on a domain controller and this permission is applied, then users are granted Log on Locally permissions to all of the domain controllers in the domain. This means that if a user can gain physical access to a domain controller, they could just log in.

Risk #2: Inappropriate Security Model

Windows Server maintains backward compatibility with previous versions of Windows Server. Often though, the only way to maintain this backward compatibility is to sacrifice some security features that the older operating system doesn't support.

This is what happens when you deploy the Terminal Services. After installing the Windows Server 2003 version of the Terminal Services, you are given the option of using "relaxed security" as a way of maintaining backward compatibility with older versions of Windows Server.

Assume that you are running the Terminal Services on a Windows Server 2003 system, but you have previous Windows 2000 Servers in your environment and you are running some older software applications. This time you are not sure that Windows Server 2003's security is completely compatible with your older servers and software applications, so you go with the relaxed security model. After some time, you to want to upgrade your remaining servers to Windows Server 2003 and bring all of your applications up to date. The problem is that your Terminal Server is still running in relaxed security mode.

Deployment Planning

If you are running a mixed mode environment, maintain a list of things that should be done once all of the servers are upgraded:

• Tune up to date with the latest operating system (Patching & tuning required.)
• Please note we need to reset Terminal Service security also.

When you choose to run the Terminal Services using a relaxed security model, you are not making a it permanent. The server's security mode can be modified by accessing the Terminal Services Configuration console and selecting the Server Settings container.

You can then right click on the Permission Compatibility option and select the Properties command from the shortcut menu. When you do, the Permission Compatibility dialog box will appear. Just select the Full Security option and click OK.

Terminal Services Configuration console can be used to control a number of security related settings. In Windows Server 2003, most of these options are set to a secure setting by default.

Delete Temporary Folders

The first option on this screen is to delete temporary folders on exit. The Terminal Services store user environment data in temporary folders during a user's session. Microsoft recommends that you delete this data at the end of the session to prevent malicious users from gaining access to another user's environment information.

The second option on the screen is to use temporary folders for each session. This goes back to the user environment information. One should use temporary folders for each session.

Disable Active Desktop

One last setting is related to security is the Active Desktop setting. Web applets are trustworthy enough. To prevent users from accidentally executing a malicious script, Active Desktop should be disabled.

Isolate Terminal Service

To increase Terminal Service security is to isolate terminal service related network traffic from other types of network traffic. Terminal Server clients need to be able to communicate with Terminal Servers, but they do not need to communicate directly with back end servers, such as database servers.

NIC's Can Be Used:

You could isolate client traffic from other types of traffic by placing two NICs into your Terminal Server. One NIC could connect to a network segment containing the client machines, while the other NIC connects to a network segment that services only backend servers. It improves efficiency because clients are not competing with backend servers for network bandwidth.

Patching

Patching is require for the applications that run on Terminal Services and the basic server operating system. If a vulnerability exists in one of the applications that is being run on the terminal server or if a vulnerability exists within Windows itself, the vulnerability could be exploited in an effort to compromise the fundamental Windows operating system.

Once security vulnerability is made public, it is easy for hackers to figure out how to exploit that vulnerability. Hence patch management is important. Don't leave unpatched or delay the process of patching.

Patch management used to be a very expensive and time consuming, but now it is easier to keep systems up to date.

WSUS - for Patching Microsoft Products

Microsoft makes a utility called Windows Server Update Service (WSUS) that will automatically keep most Microsoft products up to date. Keep in mind though that although WSUS doesn't patch non Microsoft applications, it is important for a server administrator to keep up with patches for any application that might be running on a terminal server.