action.skip

How Management and Security Server works

This diagram depicts the flow of secure interactions between a client and the host in a typical host session, using Management and Security Server. Note the option to use the Security Proxy Server and other Add-On products.

mss-architecture

  1. User connects to the Administrative Server.

  2. User authenticates to a directory server (LDAP/Active Directory) or other identity management system (optional).

  3. The directory server provides user and group identity (optional).

  4. The Administrative Server sends an emulation session to the authorized client.

  5. When the Security Proxy Server is configured for use by a session, the emulation client makes a TLS connection to Security Proxy and sends it a signed token.

  6. The Security Proxy Server validates the session token and establishes a connection to the specified host:port.

  7. When no Security Proxy is present or a session is not configured to use it, the authorized user connects directly to the host.