RdpGuard is a host-based intrusion prevention system (HIPS) that protects your Windows Server from brute-force attacks on various protocols and services (RDP, MS-SQL, FTP, SMTP, MySQL, IIS Web Login, ASP.NET Web Forms). It monitors the logs on your server and detects failed logon attempts. If the number of failed logon attempts from a single IP address reaches a set limit, the attacker's IP address will be blocked for a specified period of time. Why do you need it? Many Windows Server machines are under constant attack. Network scanners and RDP brute-force tools work 24/7. Eventually they may find a password to access your server! Moreover, RDP brute-force attacks may abuse server resources (CPU and bandwidth). Take a look at your server's Security EventLog. How many failed login attempts do you see? The log may note thousands of failed login attempts from a single IP address. This means that someone is trying to find a password to access your server.