HyperClient is the software that a users has to run on his PC to perform actions on the HyperManager platform. “Actions” are meant as the possibility to connect remotely to a device or the possibility to change some configurations using the WEB interface.

The primary function of HyperClient is to authenticate the user connected to the platform, using a token that has been created on the user’s PC at his first connection to the platform. The WEB interface of HyperManage recognize the user using a set of three parameters as credentials: Domain, Username and Password. HyperClient on the first connection enforces credential creating a token on the PC of the user, protected by a personal passphrase and encrypted using RSA algorithms.

After the authentication of the user, HyperClient encrypts all data exchanged by the user with the server or HyperNodes using stream encryption algorithms and key exchanges made using RSA keys. RSA keys exchanged are from 1024 to 4096 bit long, and ensures a privacy level much higher than ones used, for example, in banking transactions.

During remote sessions, HyperClient represents one of the encryption end-point of the communication between the user and the target device, the other encryption end-point is naturally the HyperNode.

Eventually, HyperClient creates on the user’s PC some virtual resources, virtual serial ports or virtual IP addresses, on which the user will connect his maintenance software for the target device. It is very important to understand, in fact, that during a remote connection the HyperManage platform becomes totally transparent to the user: if normally the user would have connected his PC to the device via a serial port, with HyperManage the user will simply continue to use his maintenance software, connecting it to a virtual serial port instead of a physical one.

The same happens on LAN connection: a transparent VPN on demand will be created among the user’s PC and the remote HyperNode that will then forward data to the final device. The user will simply connect his maintenance software to the virtual IP address supplied by HyperManage and visible on the HyperClient floating popup.

All Communications will be delivered using a core component called HyperRelay, that will permit to establish the connection between HyperClient and HyperNode without the need to open incoming ports on both user’s and target’s sides. All needed communications path are always in the outgoing direction, simplifying the configuration of networks and avoiding to change local security policies.

The picture aside is showing information paths and steps of a connection between the user and the remote HyperNode.

From the moment in which the connection is established to its end, HyperManage will log a series of information, to trace the connection itself: name of the connected user, start date and time of the connection, end date and time of the connection, IP address of the connected user. More than this, if configured by HyperManage’s administrators all the session will be recorded in different ways:

• Terminal or command-line sessions will be recorded as text, highlighting user commands to distinguish them from device answers
• Graphical sessions (like KVM sessions) will be recorded as movie files

All recordings can then be played back by authorized users of the HyperManage platform, for example for technical sharing reasons or for responsibility assignment.