Securing Your Tera2 PCoIP Zero Client¶
The security needs of your deployment are driven by your specific environment. You can configure Tera2 PCoIP Zero Clients to meet security requirements for a range of scenarios, from high-security environments to trusted environments.
Securing your Tera2 PCoIP Zero Client involves some or all of these tasks, depending on your deployment needs:
-
Disable the AWI: For high security environments, the Administrative Web Interface should be disabled and the PCoIP Management Console used as the tool for configuring PCoIP endpoints. See Configuring Access to Management Tools
-
Disable SLP Discovery: Ensure SLP Discovery is disabled and configure your PCoIP Zero Client to connect to a specific PCoIP host.
-
Peering to Your Remote Workstation Card: Zero Clients can be peered to a unique Remote Workstation Card allowing for a secure connection between dedicated PCoIP Zero Clients and Remote Workstation Cards using custom peer-to-peer certificates. See Peering Remote Workstation Cards
-
Setting the Certificate Checking Mode: Configure how the Tera2 PCoIP Zero Client behaves if it can't verify a secure connection to the server. See Setting Certificate Checking Mode.
-
Uploading certificates to the Tera2 PCoIP Zero Client: Depending on the certificate checking mode you choose, you may have to upload server certificates to the Tera2 PCoIP Zero Client's certificate store. See Uploading Certificates.
-
Configuring the Tera2 PCoIP Zero Client with an Endpoint Manager: Configure your Tera2 PCoIP Zero Client for either automatic or manual discovery by an endpoint manager. See Connecting to an Endpoint Manager.
-
Configuring 802.1X Network Device Authentication: Configure 802.1X network device authentication for enhanced security. See Configuring 802.1X Network Device Authentication.
-
Configuring Access to Management Tools: Configure a PCoIP device management tool for managing the Tera2 PCoIP Zero Client, disable administrative access to the Tera2 PCoIP Zero Client's AWI, or force an administrative password change the next time someone accesses the AWI or OSD. See Configuring Access to Management Tools.
You can access additional security functionality from the PCoIP Management Console
You can configure security settings for multiple devices from the PCoIP Management Console, as well as access additional AWI and OSD security settings (including password settings and the option to hide OSD menus). For more information, see the PCoIP® Management Console Administrators’ Guide.