Is RD Gateway hosted by Amazon secure enough? (aws.amazon.com)

submitted 1 year ago by YourHuckleberry@lemmy.world to c/sysadmin@lemmy.world

8 comments fedilink hide all child comments

My company is about to shift a large workload to a vendor that uses an RD Gateway hosted at Amazon to serve access to the front-end application. It's open to the internet at 443. There's no MFA. How worried should I be?

you are viewing a single comment's thread
view the rest of the comments

[-] KingSlareXIV@infosec.pub 3 points 1 year ago

Yeah, I hate it. I'd want some sort of SAML SSO auth in front of the actual RDS Gateway to allow you to use whatever identity provider and MFA you already have.

You really don't want to allow all manner of auth attempts able to be made against your actual workload servers, which is what it sounds like you are describing.

this post was submitted on 28 Jul 2023

11 points (76.2% liked)

Sysadmin

7542 readers

1 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago

MODERATORS

DarraignTheSane@lemmy.world

00Lemming@lemmy.world

L3s@lemmy.world