Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
rochim
Participant

can checkpoint possible block file transfer over RDP? (disable clipboard)

Hi all,

rdp can transfer file from server RDP to local laptop/pc. can checkpoint block only transfer file between server RDP with local laptop/pc.

i means normally rdp is we do rdp to server/pc and copy some file and paste to local pc/laptop is success, but i want block feature copy/paste on rdp.

thanks.

0 Kudos
6 Replies
vinceneil666
Advisor

I am not 100% sure if CP can block this, I think not. But I would still rather fix this in the RDP setup with a GPO or policy or something like that. That will also give you a bit more flexebility if, say, you want some of the sessions to be able to do this.

 

https://serverfault.com/questions/1038954/how-to-block-filetransfer-through-rdp-port-3389

0 Kudos
Alex-
Advisor
Advisor

I don't have the possibility to test this for now but could Content Awareness help?

If you make a policy with RDP as service and create a data type with any file type in either direction. You'd have to have RDP inspection enabled in case you do encryption though.

 

EDIT: Tried it but RDP is not in the list of supported protocols for Content Awareness, so it won't work.

 

0 Kudos
PhoneBoy
Admin
Admin

Using Native RDP? No.
It is something we can definitely block when accessed through Harmony Connect (specifically the clientless access piece).
Believe you can also block it by accessing through Mobile Access Blade (using Guacamole).

Antonis_Hassiot
Contributor

Is it possible to block using harmony endpoint?

0 Kudos
Antonis_Hassiot
Contributor

To answer my question, it seems possible to control clipboard access on Harmony Endpoint by "restricting" remote access when clipboard setting is enabled in RDP. 

This is controlled by the following registry: HKLM/SOFTWARE\Microsoft\Terminal Server Client\DisableClipboardRedirection. Set REG_DWORD to 1 for disable, 0 for enable clipboard. 

You can create a Compliance->Applications/Files check -> Modify and check registry, input the above key name in the registry value name, check REG_DWORD under "Reg type" and Exist under "Check registry key and value". 

The problem is that it seems the compliance check, goes and checks the wrong registry location. I found that by selecting Action=Update. I found that it updated the following location: HKLM/SOFTWARE\WOW6432Node\Microsoft\Terminal Server Client\DisableClipboardRedirection. So it's adding WOW6432Node in the registry path. 

Any idea on how to resolve this?

0 Kudos
PhoneBoy
Admin
Admin

Sounds like that might be worth a TAC case.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events