Remote Desktop Services and security
By default, RDS works with Microsoft's ISA server to secure traffic. ISA can handle Network Address Translation (NAT) and reverse-proxied connections, and it enables RDP to access only the information needed to function.
But ISA shouldn't be the only layer of security. Administrators need to implement additional security technologies -- like NAC (Network Access Control) -- to integrate with the connection broker. Furthermore, antivirus, antimalware and intrusion-prevention systems should be deployed at the edge of the network and on the VMs.