Preventing Clipboard Access over Boundary RDP Connections

Hi Team,

Looking at Boundary as a potential replacement for costly bastion hosts. Very early stages and I’m still getting to grips with what the product can and can’t do. Is there a way to use this service in order to explicitly prevent things like clipboard/video device redirection etc?

Kind regards,

Boundary operates very much at the network level, so it would not be aware enough of RDP to do this for you.

Whilst (in my opinion) it is a lot easier to make more secure & auditable than a standard bastion host, its appearance to traffic originating from a user is very much the same as SSH port forwarding. Boundary essentially says, “here’s a local proxy connecting you to what you want, chuck TCP packets down it”.

You’ll likely be looking at RDP client & server configuration to restrict behaviour in this way.

Thanks,
Chris.

2 Likes

Thank you Chris, much appreciated. Have a gr8 day