Intel Unite Solution - Enterprise Deployment Guide
Intel UniteĀ® Solution Enterprise Deployment Guide v3.1.7 80 of 83
Step 2: PIN Lookup
The image below shows how PINs are resolved by the Enterprise Server. All network communication during
the PIN lookup processes is SSL encrypted over a web service (TCP 443).
When a user enters a PIN of the target in the Client, the Client sends the PIN to the Enterprise Server to
obtain the connection information. On a successful lookup, the Enterprise Server returns the valid
connection information of the target. The target can either be a Hub or a Client (with Intel vPro technology)
running the Intel Unite software.
In addition to receiving connection information, the public key of the target is also given, so that the Client
application can validate that it is communicating with the correct target.
NOTE: PIN lookup for Hub and Clients follows the same flow.
PIN Lookup Back off
To prevent attackers from trying to harvest PINs from the Enterprise Server, failed attempts are logged. A
user can have up to 3 failed attempts in a 10 second period before the back off mechanism begins
enforcing a delay in responses (2^x seconds, where x=number of failed attempts within a 5 minute period).