Scanning Windows Firewall on Remote Desktop session hosts is exceptionally slow
This can occur when the Remote Desktop session host is dynamically creating Windows Firewall rules for each logon and those rules are not subsequently deleted after logoff. The dynamically created rules can number in the tens of thousands.
- An update KB4467684 has been provided by Microsoft to address this issue
Addresses an issue that slows server performance or causes the server to stop responding because of numerous Windows firewall rules.
To enable the changes, add a new registry key “DeleteUserAppContainersOnLogoff” (DWORD) on “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy” using Regedit, and set it to 1.
- or -