Skip to content

HP PCoIP Connection Manager and Security Gateway

The PCoIP Connection Manager and the PCoIP Security Gateway are components of HP Anyware, and can be deployed together as a set or individually. Multiple instances of the Connection Manager and/or the Security Gateway can be deployed to handle mixed LAN and WAN access points, enable security gateway failover, or for scaling large systems.

Components in this release

The PCoIP Connection Manager and Security Gateway 23.12 is a combined release containing:

  • PCoIP Connection Manager 23.12
  • PCoIP Security Gateway 23.04

About the PCoIP Connection Manager

The PCoIP Connection Manager enables connections between PCoIP clients and PCoIP agents installed on remote desktops. It uses a required third-party connection broker to authenticate users, query available desktops and applications, and then establish a PCoIP connection between the client and the selected desktop.

About the PCoIP Security Gateway

The PCoIP Security Gateway enables WAN users to securely access their remote desktops via the Internet without a VPN connection. You can optionally deploy multiple PCoIP Security Gateways so that if the gateway being used by a PCoIP session becomes unavailable, the session is automatically transferred to the next available gateway. To use this feature, configure the Connection Manager using the --external-sg-ip flag with the addresses of the failover security brokers.

Note

The PCoIP Security Gateway is not required for LAN access.

Establishing a PCoIP Connection With the Connection Manager and Security Gateway

The diagram shown next illustrates a brokered connection to the PCoIP host machine using the PCoIP Connection Manager and the PCoIP Security Gateway.

Alt Text

Caution: A dedicated server is strongly recommended

Since the PCoIP Connection Manager is a component that handles authentication data for users connecting to virtual desktops, we strongly recommend installing the PCoIP Connection Manager and PCoIP Security Gateway on a dedicated server that is accessible only by authorized system administrators according to your organization's security policy.

Deployment Scenarios

Depending on your deployment scenario, you can install the PCoIP Connection Manager with the PCoIP Security Gateway disabled.

  • All your desktops are on a LAN (internal access only): you may only need to install one PCoIP Connection Manager. Since a PCoIP Security Gateway isn't required for LAN connections, you can optionally disable it.

  • All your desktops are on a WAN: Install one PCoIP Connection Manager, and enabling one or more Security Gateways. The Connection Manager handles PCoIP Connection establishment and the Security Gateway(s) secures the PCoIP session across the public internet.

  • Your desktops are on both a LAN and WAN: We recommend installing at least two groups of connection managers; one for internal access with the PCoIP Security Gateway disabled, and one for external access with one or more PCoIP Security Gateway(s) enabled. You can set up the DNS so that internal and external users are routed to the appropriate connection manager.

  • If you are exceeding the system specifications or have high availability requirements: If you serve a large number of desktops, or require high availability, install additional connection managers and implement load balancing.