How can I secure communications between client and server using terminal server?

John Savill

September 22, 2000

1 Min Read
ITPro Today logo in a gray background | ITPro Today

A. Windows 2000 Server Terminal Services supports three levels of encryption: low, medium, and high. The default encryption is medium, which should be fine for most networks. Nevertheless, let's review all the levels:

Low

This level secures the user logon information and data sent to the server, but not the data sent from the server to the client. Microsoft recommends that you use this encryption level when the network is secure (e.g., an intranet).

Medium

This level encrypts the data transmission in both directions. Microsoft recommends that you use this encryption level when the network isn't secure and resides outside of North America (because of 128-bit export restrictions). NOTE: If you connect to a Win2K server running Terminal Services set for Low or Medium encryption levels and use version 4.0 of the Terminal Services client, your data is encrypted using a 40-bit key. If you are using version 5.0 of the Terminal Services client, your data is encrypted with a 56 bit-key.

High

This level encrypts the data transmission in both directions using a 128-bit key. Microsoft recommends that you use this encryption level when the network isn't secure and resides within North America.


To modify the encryption setting, perform the following steps:

  1. Start the Terminal Services Configuration MMC snap-in (Start, Programs, Administrative Tools, Terminal Services Configuration).

  2. Select the Connections branch and double-click the connection whose encryption level you want to change.

  3. Select the General tab.

  4. Select the appropriate encryption level from the Encryption level drop-down list.

    Click here to view image

  5. Click OK.

The new encryption level takes effect the next time a user logs on. If you need multiple levels of encryption running on one server, install multiple network adapters and configure each one separately.

About the Author

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like