Network Level Authentication (NLA) is a security feature that requires user authentication to access a network server. With remote work steadily increasing, enabling NLA is an effective way for healthcare organizations to protect their systems from malicious attacks.
NLA is typically used with Remote Desktop or Remote Access services. These allow users to connect to a computer over a network connection from a different location.
NLA works by requiring users to validate their identity before they can begin a session with the remote server. This is why NLA is also commonly referred to as front authentication. Whenever a remote desktop connection is initiated, users will receive an authentication request that must be fulfilled before the connection can be made.
After the user responds, their credentials will be assessed. If the credentials are authenticated, they will be approved. Users will be denied access if the credentials are not established.
It is important to note that users also can not proceed if they are using an expired password.
In addition, NLA imposes certain restrictions on connections rather than giving full access to every user.
Related: HIPAA Compliant Email: The Definitive Guide
Before NLA was introduced, opening a Remote Desktop session would lead to a loading login screen. This would use up valuable server resources. It was also a possible entry point for cyberattacks.
Now, NLA uses fewer resources by preventing a remote connection until the authentication process is complete. This also helps reduce the risk of Remote Desktop vulnerabilities, such as denial-of-service attacks. These occur when too many network requests are made at once, which ultimately overwhelms the system. It also protects against remote code execution attacks. This is where cybercriminals execute malware and other harmful code from a remote location.
Therefore, NLA is ideal for companies looking to limit connections and ensure that users are automatically connected to a secure network.
From the employee side, it provides an extra layer of protection for administrators who handle support tasks. It also adds single sign-on (SSO) to Remote Desktop Services, which makes password management more seamless for users.
While NLA can help enhance security, this feature is not accessible by everyone. For NLA to work, the client’s computer must be using at least Remote Desktop Connection 6.0. In addition, the operating system needs to support the Credential Security Support Provider protocol, which is also called CredSSP. This requires the system to run Windows XP SP3 or later. NLA cannot be enabled from home networks.
To turn on NLA, go to Advanced Settings and select “require computers to use Network Level Authentication to connect.”
You can also enable NLA via the Control Panel by navigating to System and Security, Allow Remote Access, and then Remote Desktop. Select “allow remote connections to this computer” and “allow connections only from computers running Remote Desktop with Network Level Authentication.”
NLA requires users to authenticate themselves before starting a remote session. Enabling this feature reduces the risk of Remote Desktop cyberattacks, saves resources, and supports a more secure network.