Secure Global Desktop Administration Guide > Security > Security and Secure Global Desktop
Read this topic to... |
---|
|
Secure Global Desktop is only one of many components on your network. The information here is related to Secure Global Desktop, and can only help raise security levels as part of an ongoing security strategy.
Secure Global Desktop connects client devices to application servers, acting as a go-between. Also, Secure Global Desktop servers can join together as an array. This means there are three types of connection involved:
Type | Description |
---|---|
Connections between client devices and Secure Global Desktop servers | These may be web server connections (for example, opening the web page that lets you log in to Secure Global Desktop) or Secure Global Desktop-related connections (used by the Secure Global Desktop components running on the client device to connect to the Secure Global Desktop server; for example, to send key presses or receive display updates within emulators). |
Connections between Secure Global Desktop servers and application servers | These are used to start applications on the application server, and to send and receive data from the application, such as key presses and display updates. |
Connections between Secure Global Desktop servers in an array | These are used to update secondary Secure Global Desktop servers with changes made on the primary Secure Global Desktop server. |
In a default Secure Global Desktop installation, all standard connections are unencrypted (in the clear). This is as secure as using the telnet program to communicate between two UNIX hosts.
You can raise security levels in these ways:
When a user has a standard connection to Secure Global Desktop, passwords are encoded between the client device and the Secure Global Desktop server to deter casual eavesdroppers. When they have a secure connection, this information is always encrypted.
Secure Global Desktop encrypts all passwords stored in the password cache.
By default, the encryption key used for the password cache never changes. You can force the key to change whenever Secure Global Desktop servers start by checking the Generate New Encryption Key On Restart box on the Security panel of Array Manager.
Copyright © 1997-2006 Sun Microsystems, Inc. All rights reserved.