Manualshelf

Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureHybrid Client
6789101112131415
Table Of Contents
Table 3. Network exposure
Service
name
Port Summary
SSH 22 Used for Secure Shell (SSH) connections.
VNC 5900 Used for VNC connections.
Communication security settingsDell Hybrid Client supports the following access methods:
Use the Wyse Management Suite server to configure and manage the device settings.
Use the VNC connection to remotely control the device.
Use the SSH connection to remotely access the device.
All access methods must be configured from Wyse Management Suite before use.
Firewall settings using Uncomplicated Firewall (UFW)This feature is enabled when the security level is set to High.
By default, the firewall is disabled on the device. When the firewall is enabled, the following actions take place:
Denies incoming packets with exception for ports utilized for Dell Hybrid Client features.
Allows all the outgoing packets.
Disables routed packets.
Data security
Data at RestThe home folder of an AD user is encrypted and secured using the ZFS encryption. All the user-level data
and device-level data are protected with approved encryption mechanisms. All encryption keys are stored securely.
Data in FlightAll data communication that is transmitted to and from the device uses a standard TLS encryption
mechanismTLS version 1.2 and later. When the user logs off, the user-specific configurations is encrypted and backed up
in the Wyse Management Suite server or a cloud server.
Cryptography
AES 256 algorithm is used to encrypt user data at rest.
TLS version 1.2 and later are used for remote communicationsVDI, cloud, and Wyse Management Suite.
Auditing and logging
Table 4. Auditing and logging
Component Summary
Log protection To comply with the security standards, Dell Hybrid client system does not log any sensitive data in the
log file.
Logging format Log format includes <time stamp> <Type> <Service> <log message>. Type specifies
whether the log is an INFO, ERROR, or a DEBUG log.
Alerting Alert logs are displayed on the system as notifications.
Request log files using Wyse Management Suite
The device must be enabled to pull the log file using Wyse Management Suite. When this method is used, all the required logs
are pulled to the Wyse Management Suite server.
Steps
1. Go to the Devices page, and click a particular device.
The device details are displayed.
2. Click the Device Log tab.
Product and subsystem security
13