Advanced Security Features for Secure Thin Client Management
Enhance your system security with advanced features like firmware customization, fail-safe updates, and protection against tampering. Manage your Thin Client devices efficiently and securely with the latest technology.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
SECURITY FEATURE COLLECTION PRODUCT MARKETING
o allows to turn pre-installed features on or off s.a. Citrix Receiver, ThinPrint, etc. similar to Windows Features IGEL PARTITIONS
UNIVERSAL DESKTOP (LX 10) o Protection against tampering and extended system security during the update process the update- and boot- mechanism uses a hash value check, whether the partition has been modified if there is a modified critical partition the device will not boot there are two different critical partitions existing on the system system partition user partition if there is a modified uncritical partition the device will boot, but only the affected part will be deactivated and the scope of function is restricted apart from the two critical partitions all other partitions are considered as uncritical
o firmware customization on customer side size the firmware down to basic functions minimize the lines of active code extend the system performance IGEL PARTITIONS: BENEFITS o flash medium cannot be mounted on any other device IGEL uses its own partitioning system IGEL partitions are compressed, thus data is obfuscated checksums of IGEL partitions avoid loading of modified code o configuration is written to a dedicated and compressed partition
o particularly secure Thin Client management firmware updates always finish completely the device always keeps running the device always stays bootable update process without critical phases critical updates always processed by two phases FAIL-SAFE FIRMWARE UPDATE
FAIL-SAFE FIRMWARE UPDATE PROCESS If Update failed Reboot Update OK Reboot Start Update Free Space (UD Firmware 1) UDFirmware1 UD Firmware 1 UD Firmware 1 UD Firmware 2 (Incomplete) UD Firmware 2 (Complete) UD Firmware 2 (Complete) Free Space Free Space Free Space Free Space Update starts again Start new system
o Define one session type and combine it with an auto logoff command: user logged out of the last RDP session the device execute command logoff and logs the device combined with Kerberos, the device is logged and secure user name and password is required to log-in again AUTO LOG-OFF
o pure Kerberos-Ticket-Handling, based on username and password sophisticated Two-Factor-Smartcard-Solutions (Smartcard and PIN) o through a three-party-constellation IGEL Thin Client Active Directory infrastructure Kerberos enabled service (s.a. Citrix XenApp or XenDesktop) PRE-INSTALLED AND READY FOR USE o with a sophisticated rules and rights rollout management across the network on application level for services o no local Fake-Active-Directory
o IGEL USB-Management (basic function) based on USB class, vendor/product-ID or by device UUID very simplified access and denial mechanism PRE-INSTALLED AND READY FOR USE o FabulaTech (extended function, requires optional server components from third party vendor) based on protocols (RDP, Horizon, Citrix) features depend on used protocol
o Smartcard support individually adaptable (look @ IGEL Partitions) IGEL Smartcard Gemalto IDPrime cryptas SecMaker NetID A.E.T. SafeSign SafeNet Aladdin eToken PRE-INSTALLED SSO SOLUTIONS o Smartcard reader support individually adaptable (look @ IGEL Partitions) PC/SC Lite M.U.S.C.L.E. HID OMNIKEY REINER SCT cyberjack
o OpenVPN VPN based IGEL client management by IGEL UMS o NCP-e VPN client (optional NCP-e licensing) universal IPsec-Client PRE-INSTALLED VPN SOLUTIONS o Genua GenuCard support full management trough the IGEL UMS connection buildup through the IGEL Thin Client supports ADSL, LAN, EDGE, 3G and 4G connections o VS-NfD, NATO RESTRICED and RESTREINT UE authorized and certified
o enables customer to achieve company compliance standards log the shadowing distribute different shadowing permissions define shadowing groups and security levels ban VNC sessions between client to client (if it s integrate in to the client desktop) allow only the IGEL shadowing or a 3rd party VNC client at the UMS console ban external/unknown 3rd party VNC clients in the whole network VNC SECURE MODE
o Deleted objects moved there Restore objects to the original point Delete objects finally By mistake deleted objects can be restored RECYCLE BIN o
o File Based Write Filter (FBWF) security standard similar to Linux the user has the option to deactivate enables the Windows OS customization install drivers and applications Embedded Linux management manages the WES system in an update or emergency case manages the device through the embedded Linux, if it boots not correctly WES SECURITY FEATURES o
o Two or several UMS-Server within the network redundancy or scaling automatic failover mechanism o Integrated Load Balancer independent simultaneous booting processes especially developed for larger environments (500+) can also be used as a redundant system HIGH AVAILABILITY EXTENSION o Supported database-clusters Oracle DB (11g or higher) Microsoft SQL Server (2008 or higher)
