Network Level Authentication

Network Level Authentication is a technology used in Remote Desktop Services (RDP Server) or Remote Desktop Connection (RDP Client) that requires the connecting user to authenticate themselves before a session is established with the server. Originally, if you opened an RDP (remote desktop) session to a server it would load the login screen from the server for you. This would use up resources on the server, and was a potential area for denial of service attacks. NLA delegates the user's credentials from the client through a client side Security Support Provider and prompts the user to authenticate before establishing a session on the server.

Network Level Authentication was introduced in RDP 6.0 and supported initially in Windows Vista. It uses the new Security Support Provider, CredSSP, which is available through SSPI in Windows Vista. With Windows XP Service Pack 3, CredSSP was introduced on that platform and the included RDP 6.1 Client supports NLA; however CredSSP must be enabled in the registry first.[1]

Advantages

The advantages of Network Level Authentication are:

Disadvantages

References

External links