Viewable by the world

CrowdStrike and Cisco VPN are now a requirement for Remote Desktop Protocol:

Connecting to a system via Remote Desktop Protocol that is not secured with CrowdStrike will cause your device to be automatically blocked.


Before connecting your device to another system via RDP:

  • RDP from the Internet to a Berkeley Lab computer requires VPN

    If you need to RDP into a Berkeley Lab Windows computer that uses DHCP, first connect the Lab VPN, then RDP. This requirement does not apply to computers with a static IP address. 


  • All Berkeley Lab computers accepting RDP connections must have CrowdStrike installed

CrowdStrike must be installed on any computer with a listening RDP service; this applies to both DHCP and static IP addresses, and both hosts are used from the Internet or only from on-site. If you don't use RDP, you should disable RDP to meet this requirement.


If you believe your device has been blocked, please check using Onestop to confirm, and how to address the issue:

Onestop.lbl.gov - Is My Device Blocked?


For additional help:

Additional resources:

Was this site useful for you? Do you have any feedback or suggestions? Please click here to send your comments about this FAQ to IT.