Secure Global Desktop Administration Guide > Security > Improving security between client devices and Secure Global Desktop servers
Read this topic to... |
---|
|
In minimal Secure Global Desktop installations, information is not encrypted when transmitted between a client device and Secure Global Desktop server. Passwords are encoded to deter casual eavesdroppers. These connections are called standard connections.
Where higher security is required (for example, if you want to access Secure Global Desktop from outside a firewall) we recommend you use the Sun Secure Global Desktop Security Pack. A Secure Global Desktop server with the Sun Secure Global Desktop Security Pack installed can provide secure connections (which are based on SSL, the Secure Sockets Layer), in addition to standard connections. Secure connections have these benefits:
Benefit | Description |
---|---|
No eavesdropping | SSL encrypts all information before transmission. |
No tampering | SSL can check that a message hasn't changed between the client device and the Secure Global Desktop server. |
No message forgery | SSL requires that the server prove its identity to client devices before communication can take place, and also guards against replay attacks. |
You install the Sun Secure Global Desktop Security Pack after installing Secure Global Desktop on a host. You can install the Sun Secure Global Desktop Security Pack on all array members, or a subset.
We also recommend that you use a secure (HTTPS) web server on all Secure Global Desktop hosts. This ensures all web pages that users see are encrypted. Using a secure web server does not encrypt Secure Global Desktop-related information, such as key presses or display updates.
For best results, you should use both a secure web server and the Sun Secure Global Desktop Security Pack.
Copyright © 1997-2005 Sun Microsystems, Inc. All rights reserved.