RD Session Host Security settings in Windows Server 2016 (SSL, High encryption, etc.)
Gpedit.msc, computer configuration, administrative templates, windows components, remote desktop services, remote desktop session host, security, see various options.
- “Require use of specific security layer for remote (RDP) connections” – Changing Security Layer to SSL is the recommendation listed in Windows 2016,
- “Client Connection Encryption Level to High” – enabled/Yes
- “Require Secure RPC communication” – enabled/Yes
- “Require user authentication for remote connections by using NLA” – enabled/Yes