IGEL UMS and Devices: Secure Terminal Communication Flow
This article describes the communication flow of a secure terminal session in the IGEL Universal Management Suite (UMS) environment.
IGEL OS 12
Direct Connection
Before the secure terminal flow:
REST connection is initiated between the Console and the UMS Server
Unified Protocol WebSocket connection is initiated between the Device and the UMS Server
Secure terminal settings are forwarded
Secure terminal communication flow:
The UMS Console requests the UMS Server to initiate a secure terminal session.
The UMS Server requests the device via the Unified Protocol WebSocket to open the secure terminal session.
The device opens the WebSocket tunnel for secure terminal data to the UMS Server and starts the secure terminal session.
The UMS Server forwards the secure terminal session information to the UMS Console.
The UMS Console opens the WebSocket tunnel for secure terminal data to the UMS Server and starts the secure terminal session.
The terminal data is sent through the opened WebSockets.
Over ICG
Before the secure terminal flow:
Unified Protocol WebSocket connections are initiated between the UMS Server and the ICG and between the Device and the ICG
Secure terminal settings are forwarded
UMS Server sends the secure terminal information of the device through REST to the UMS Console
Secure terminal communication flow:
The UMS Console requests the UMS Server to initiate a secure terminal session.
The UMS Server requests the ICG to open a secure terminal session.
The ICG requests the device via the Unified Protocol WebSocket to open a secure terminal session and the UMS Server forwards the secure terminal session information to the UMS Console.
The device opens the WebSocket tunnel for secure terminal data to the ICG and starts the secure terminal session and the UMS Console opens the WebSocket tunnel for secure terminal data to the ICG and starts the secure terminal session.
The terminal data is sent through the opened WebSockets.
IGEL OS 11 or Earlier
Direct Connection
The UMS Console establishes a connection to the UMS Server. The UMS Server then establishes a TLS tunnel to the device.
The following figure illustrates the communication between the UMS Console, the UMS Server and a device:
Over ICG
Both the UMS Server and the device have established a WebSocket connection to the ICG; this WebSocket is used for commands from the UMS and messages from the device.
The UMS Console and the device establish a dedicated WebSocket for the secure terminal with the ICG.