System information
PC-Duo overview
25
Gateway (see “Firewall-friendly connections” for more information about PC-Duo firewall-
friendly connections).
To guarantee security in the PC-Duo environment, it is critical that PC-Duo components
acting as servers validate the credentials of users of PC-Duo components acting as
clients before they provide access or data. The burden is placed on the client to
authenticate itself to the server. PC-Duo implements two types of authentication to
support this:
“Identity Authentication”
“Endpoint Authentication”
Identity Authentication
In general, this operation answers the following security question: How does the server
know who the client is? A PC-Duo application acting as a server will not provide access
or information to any PC-Duo application acting as a client until it can validate that client‟s
identity. PC-Duo provides the server three different methods of authenticating the identity
of the PC-Duo client:
Connection
Windows
authentication
Simple
password
Shared-
secret
password
Peer-to-peer
Yes
Yes
No
Gateway-managed (Gateway & Host are in same domain)
Master-
Gateway
relationship
Yes
No
No
Gateway-
Host
relationship
Yes
No
Yes
Gateway-managed (Gateway & Host are not in same domain)
Master-
Gateway
relationship
Yes
No
No
Gateway-
Host
relationship
No
No
Yes
Windows authentication: By default, a PC-Duo application acting as a server uses
Windows authentication to check the Windows credentials of the client application:
The Host will check the Windows credentials of the PC-Duo Master user in the
case of a peer-to-peer connection;