Cloud Access Software incorporates features that maximize the security of any deployment model, including on-premises, hybrid or public cloud architectures:
- RADIUS-based multi-factor authentication (MFA).
- All PCoIP components use security certificates to ensure a trusted, end-to-end Transport Layer Security (TLS) connection for TCP communications.
- The PCoIP UDP protocol is encrypted with industry-standard secure AES-256 encryption.
- Cloud Access Connector ensures secure PCoIP traffic flow between external and internal networks.
- The PCoIP protocol is host-rendered and no data ever leaves the remote workstation, except encrypted pixels.
The PCoIP protocol uses ports UDP:4172, TCP:4172 and either TCP:443 or TCP:60443 as preferred. These ports must be open to allow the flow of PCoIP traffic through the firewall. For an in-depth look at the port settings for different environments relating to Cloud Access Software, PCoIP Management Console and PCoIP Zero Clients, see the following KB Article.
Certificates are used to ensure that all communication endpoints are trusted. All communications between PCoIP components are performed over encrypted secure channels that use certificates for validation.