System information

ManualsBrandsVector ManualsComputer equipmentPC-Duo

PC-Duo Host Guide

Authentication

In the PC-Duo model, PC-Duo applications that request information and services are

considered “clients” and those that provide information and services are considered

“servers”. For example, the PC-Duo Master is considered a client when it connects to and

requests a list of Hosts from a PC-Duo Gateway. In turn, the PC-Duo Gateway is

considered a client when it connects to and requests information from a PC-Duo Host in

the same domain.

Connection

Client

Server

Peer-to-peer

Master

Host

Gateway-managed (Gateway & Host are in same domain)

 Master-

Gateway

relationship

Master

Gateway

 Gateway-

Host

relationship

Gateway

Host

Gateway-managed (Gateway & Host are not in same domain)

 Master-

Gateway

relationship

Master

Gateway

 Gateway-

Host

relationship

Host

Gateway

When PC-Duo Host is not in the same domain as the Gateway, the relationship is

automatically reversed: The Host is programmed to be the client and will reach out to the

Gateway (see “Firewall-friendly connections” for more information about PC-Duo firewall-

friendly connections).

To guarantee security in the PC-Duo environment, it is critical that PC-Duo components

acting as servers validate the credentials of users of PC-Duo components acting as

clients before they provide access or data. The burden is placed on the client to

authenticate itself to the server. PC-Duo implements two types of authentication to

support this:

 “Identity Authentication”

 “Endpoint Authentication”

Identity Authentication

In general, this operation answers the following security question: How does the server

know who the client is? A PC-Duo application acting as a server will not provide access