I will try to avoid being too technical. For those who read either they will understand if they are interested/working in Network security or they won't and I really want to avoid explaining details as this will make the post several pages long. What I describe below is a personal experience while I was helping a friend that worked in a relatively big company to upgrade their security after having some "issues".
I would suggest to look and dig deeper into what you think secure is. RDPGuard and other such programs are based on parsing windows logs and extracting IP addresses, and so those programs absolutely DO NOT detect any TLS RDP connections, since Windows event logs don't include the IP of the TLS source or at least that was the case a year or so ago when I first saw that program. You can find on GitHub and elsewhere, vbs scripts that do exactly that for free. Just google for the ts_block.vbs or Blocking brute force Terminal Services login attempts. Also, not sure if they fixed the bug that the service, even tho it appeared it was running, after 2-3 weeks or xxx amount of connections, it would stop the logging and prevention and you had to manually restart the service.
If you absolutely must have such a program then use CyberArms Intrusion Detection software that is free and logs TLS. it uses its own private approve/deny list, unlike RDPGuard which floods the windows firewall entries, could track RDP running in a port other than 3389, and has whitelisting that worked.
You must understand and without scaring you, that those measures will NOT stop exploits and poorly patched PCs/Servers and companies that don't have good practices (allowing admin account through rdp for example or open RDP to the internet is a big no-no). When the CIA hacking toolkit got "released", they made programs such as the above absolutely useless, They completely bypassed standard login methods due to exploits and login exploits =no brute forcing needed. Why brute force when you can just step around the door so to speak.
Please don't get me wrong, if and when you find this (or other) program, you can use it and it will do its job. It helps automate some tasks barebones as it is. Just don't ever think "Ok I'm secure now". My personal suggestion is to use L2TP VPN to connect in or allow RDP private gateway through HTTPS (again google is your friend). It basically covers RDP with an HTTPS portal. In any way, protection via the edge (firewalls) and good policies/practices will help you more, and researching on how to protect RDP sessions is a must.
Hope it helped.
