HP ProLiant xw2x220c Remote Graphics Software 5.2.5 User Guide - Page 109
Remote USB Access Control List
View all HP ProLiant xw2x220c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 109 highlights
6-3-4 Remote USB Access Control List RGS supports a per-Remote Computer access control list (ACL) file that specifies which USB devices are allowed to be remotely attached to the Remote Computer from a Local Computer, and which USB devices are denied attachment. The ACL file, which resides on the Remote Computer, supports allowing/denying USB device attachments based on the following nine USB descriptor fields: 1. Device Class 2. Device Subclass 3. Device Protocol 4. Vendor ID 5. Product ID 6. Device BCD 7. Manufacturer 8. Product Type 9. Serial Number USB device mounting can also be allowed/denied based on the following two parameters: 10. IP address of the Local Computer 11. The domain group of the local user The ACL file supports two rule types: "allow" and "deny". The rules are evaluated by the Remote Computer for each USB connection request from a Local Computer as follows: • If any rule indicates the USB connection should be denied, the connection is denied, regardless of any other rule. • If any rule indicates the USB connection should be allowed, and if there are no rules that deny the connection, the connection is allowed. • If no rules match at all, the connection is denied. Therefore, a deny rule takes precedence over an allow rule. The ACL file is implemented as an XML (Extensible Markup Language) file. The ACL schema file is located at: C:\Program Files\Hewlett-Packard\Remote Graphics Sender\hprUsbAcl.xsd For backwards compatibility, the following default ACL file(installed during Sender installation) allows all USB connections to be made: C:\Program Files\Hewlett-Packard\Remote Graphics Sender\hprDefaultUsbAcl.xml The names for these files can be changed using the properties described in Section 8-6-5, "USB access control list properties." The default ACL file contains the following contents, which allows all USB connections to be made: Allow all USB devices (HP default) The following example ACL file denies all remote USB attachment requests: Advanced capabilities 109