Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureWyse 5060 Thin Client
161162163164165166167168169170
Security Changes
A new global security policy has been dened for ThinOS and this policy is applied to all secure connections (https/SSL connections) with
a few exceptions.
Purpose: To improve the security level by default and add the global conguration. This security policy integrates security setting for each
application.
INI Parameter Description
SecurityPolicy={full | warning (default) |
low}
SecuredNetworkProtocol={yes | no (default)}
TLSMinVersion={1 (default), 2, 3}
TLSMaxVesion={1, 2, 3 (default)}
Full: SSL connection need to verify server certicate. If it is
untrusted, cancel the connection.
Warning (default): SSL connection need to verify server
certicate. If it is untrusted, the user can continue or cancel the
connection.
Low: Server certicate is not veried– this is the value set for a
few applications.
After rmware is updated, the default value is set to warning for all
applicable applications immediately.
There is one exception for le server and WDM.
The old ini SecurityLevel |SecureProtocol from Privilege segment
is deleted.
All applications running on the default SSL security mode follow the global mode. In the global mode, the default value is Warning. The
aected applications include VMware View, Amazon Workspaces (AWS), File Server, WDMService, Caradigm Server, and OneSign Server.
For more information about the security mode INI parameters, see Dell Wyse ThinOS INI Guide.
The following are the exceptions:
File Server and WDM in factory reset state: Before loading any INI parameter, the SSL security mode is set to Low, and after loading the
INI parameter, the value is changed to follow the global mode value. For example, the default value is set to Warning, if the value is not
changed by the INI parameter.
System with previous settings (default value is set to Low) follows the global mode after the unit is upgraded. For example, the default
value is set to Warning, if the value is not changed by the INI parameter.
VMware View and AWS brokers include own security settings (GUI and INI). From 8.3 release, an additional option is added to follow
the global mode as its new default value. The security mode GUI context is updated for better understanding.
D
162 Security Changes