7.0.8 Insight Remote Support Security White Paper

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Next Gen Software

The HP support specialist will generate room keys for the Virtual Support Room and share those keys via unencrypted

email or phone with the customer. The keys are required to enter the Virtual Support Room. The room keys are valid for

one hour and must be re-generated after that time.

Joining a VSR session is a single mouse click action. A customer does not need more than a web browser, connecting via

HTTPS to the HP Virtual Support Rooms infrastructure. The VSR server infrastructure is owned and hosted entirely by

HP. The first-time use of the HP Virtual Support Room will initiate a small client download (less than 2Mb).

It allows HP support personnel to diagnose problems, transfer files, and resolve issues. HP support personnel can:

 View and control a customer’s desktop and applications

 Take a snapshot of a customer’s desktop and save the results to a file

 Collect, display, and save system information to a file

 Chat

 Provide support with the customer’s confidence. All actions requested by the support engineer (taking desktop

control or snapshot, collecting system information, file transfer) must first be approved by the customer – via a

popup permissions window, and are completed with secure transmissions.

 The customer views all activity in real time and can suspend a remote access session immediately if so required.

Note: All sessions are encrypted with AES-256 using SSL over HTTPS on port 443. Because VSR is a web

application, web proxy servers can be used to access the HP VSR infrastructure.

Customer

Administrator

HP External

Firewall

Virtual Support Rooms

XP24000

Superdome

Internet

Blade system

Corporate Network

Customer

Firewall

HP Support Specialist

Virtual Room Server

HP Internal

Firewall

Request/Allow Control

over Desktop

Administrator’s Desktop

HP DMZ

Shared Desktop

HTTPS connection to HP Virtual Support Room

TCP/25 (SMTP)

TCP/443 (SSL/TLS)

Remote Connection to HP Supported Device

EMAIL Support Room Key

Allow or Disallow control over Desktop in VSR

Application Specific

Figure 12: Virtual Support Room Architecture

Data Privacy

HP is committed to protecting customer privacy. Personal information provided to HP and any data collected by this RDA

tool or other associated tools and utilities will not be shared with third parties. Information and data might be shared

with other HP entities and business partners who are providing the services described in the Insight Remote Support

documentation and who might be located in other countries. Suppliers and service providers are required to keep the

information received on behalf of HP confidential and may not use it for any purpose other than to carry out the services

they are performing for HP. Our privacy practices are designed to provide protection for your personal information all