Skip to content

Security Features

Cloud Access Software incorporates features that maximize the security of any deployment model, including on-premises, hybrid or public cloud architectures:

  • RADIUS-based multi-factor authentication (MFA).
  • All PCoIP components use security certificates to ensure a trusted, end-to-end Transport Layer Security (TLS) connection for TCP communications.
  • The PCoIP UDP protocol is encrypted with industry-standard secure AES-256 encryption.
  • Cloud Access Connector ensures secure PCoIP traffic flow between external and internal networks.
  • The PCoIP protocol is host-rendered and no data ever leaves the remote workstation, except encrypted pixels.

Firewall Settings

The PCoIP protocol uses ports UDP:4172, TCP:4172 and either TCP:443 or TCP:60443 as preferred. These ports must be open to allow the flow of PCoIP traffic through the firewall. For an in-depth look at the port settings for different environments relating to Cloud Access Software, PCoIP Management Console and PCoIP Zero Clients, see the following KB Article.

Security Certificates

Certificates are used to ensure that all communication endpoints are trusted. All communications between PCoIP components are performed over encrypted secure channels that use certificates for validation.

CAS Manager MFA Integrations

It is possible to integrate third-party MFA applications with CAS Manager and Cloud Access Software. Teradici has tested MFA integrations with certain applications and versions of Cloud Access Software, within specific environments. The links outlined below point to knowledge base articles that outline the processes involved in setting up these specific integrations.

Third-Party MFA Information

The knowledge base articles contain steps and processes that were accurate at the time of testing. Teradici does not take responsibility for updates to third-party applications, or updates to how these applications work. Using different versions of these applications may not yield the same results and may lead to different behavior. If you discover that the steps outlined below are no longer valid, please contact Teradici and we will investigate.