JSI Tip 6637. How do I configure Windows Server 2003 Terminal Services for secure client communications?

Windows Server 2003 Terminal Services supports the following encryption:

Low encrypts data sent from the client to the server using 56-bit encryption but does not encrypt the data that is sent from the server to the client.

Client Compatible encrypts communications between the client and the server at the maximum key strength that the client supports. When you have mixed clients that support varying encryption levels, use this level.

FIPS Compliant encrypts and decrypts all communications using the Federal Information Processing Standard (FIPS) encryption algorithms in the Microsoft cryptographic modules.

High, the default, encrypts the data transmission in both directions by using a 128-bit key.

To alter the encryption level:

1. Open Terminal Services Configuration from the Administrative Tools menu.

2. Press Connections in the left-hand pane.

3. Double-click the the connection you want to modify.

4. Select the General tab.

5. Select the encryption level from the drop-down list.

6. Press Apply and OK.

NOTE: The new encryption level will be used the next time a client logs on.

NOTE: You can use multiple network adapters and configure different encryption for each adapter.