In short, nothing; we're just letting you know that it's happening.
3389 is a well-known port that is often left open or unprotected to allow RDP sessions to connect. This has the unfortunate side effect of making it a common target for intrusion attempts. However, NG Firewall blocks incoming traffic by default. Anything trying to connect to 3389 will be blocked unless you've created a Port Forward Rule to allow that traffic in. The alert is just to let you know that we're seeing some unusual traffic. You can read about disabling those alerts here.
The one caveat to this would be if the NG Firewall is bridged to another device upstream, in which case we're not blocking anything. In that case, however, we would expect the upstream device(s) would be acting as a firewall.Follow