When using an AWS hardware VPN connection, customers can set up encryption in transit by using standard IPSEC Increased security, it is possible to connect a WorkSpaces VPC with the on-premises network (where AD resides) using a VPNĬonnection. No user credentials are transmitted in plaintext at any time. The AWS Directory Service also supports LDAP with TLS. Before implementing client-side LDAPS functionality, review Client-side LDAPS support in ADC is also available toĮncrypt queries between Microsoft AD and AWS Applications. The communication from the authentication gateway toĪWS Directory Service takes place over HTTPS, so no userĬredentials are transmitted in plaintext.Īuthentication - Active Directory Connector (ADC)ĪD Connector uses Kerberos to establish authenticatedĬommunication with on-premises AD, so it can bind to LDAP and execute subsequent LDAP queries. Gateway sends an authentication request to AWS Directory (HTTPS) traffic, for updates, registration, and authentication.Īfter receiving credentials from the client, the authentication The authentication gateway returns an OAuth 2.0 token to theĭesktop client, through the same HTTPS connection.Īpplication supports the use of a proxy server for port 443 At the end of this stage, if the authentication succeeds, The communicationīetween the desktop client and authentication gateway uses The desktop client initiates authentication by sendingĬredentials to the authentication gateway. The desktop client application communicates with Amazon for Of the encryption used by Amazon WorkSpaces in transit isįor information about the encryption at rest, refer to the The AWS Directory Service can be found in this section.Īmazon WorkSpaces uses cryptography to protect confidentiality atĭifferent stages of communication (in transit) and also to protectĭata at rest (encrypted WorkSpaces). How to control end device access to WorkSpaces by using TrustedĪdditional information on authentication (including MFA support) in This section also provides information on It describes encryption in transitĪnd at rest, and the use of security groups to protect networkĪccess to the WorkSpaces. This section explains how to secure data by using encryption when
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |