Controls the encryption algorithms advertised by the PCoIP endpoint during session negotiation.
Checking one of the check boxes disables the associated encryption algorithm. You must enable at least one algorithm.
This setting applies to both agent and client. The endpoints negotiate the actual session encryption algorithm that is used. If FIPS140-2 approved mode is enabled, the Disable AES-128-GCM encryption value is always overridden so that AES-128-GCM encryption is enabled.
If the overall "Configure SSL Connections" is disabled or not configured, both the Salsa20-256round12 and AES-128-GCM algorithms are available for negotiation by this endpoint.
Supported encryption algorithms, in order of preference, are SALSA20/12-256, AES-GCM-128, and AES-GCM-256. By default, all supported encryption algorithms are available for negotiation by this endpoint.
If both endpoints are configured to support all 3 algorithms and the connection does not use a Security Gateway (SG), the SALSA20 algorithm will be negotiated and used. However if the connection uses a SG then SALSA20 is automatically disabled and AES128 will be negotiated and used. If either endpoint or the SG disables SALSA20 and either endpoint disables AES128, then AES256 will be negotiated and used.
At least one encryption algorithm must be enabled. (See Explain)
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Teradici\PCoIP\pcoip_admin_defaults |
Value Name | pcoip.enable_salsa20_256_round12 |
Value Type | REG_DWORD |
Default Value | 1 |
True Value | 0 |
False Value | 1 |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Teradici\PCoIP\pcoip_admin_defaults |
Value Name | pcoip.enable_aes_128_gcm |
Value Type | REG_DWORD |
Default Value | 1 |
True Value | 0 |
False Value | 1 |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Teradici\PCoIP\pcoip_admin_defaults |
Value Name | pcoip.enable_aes_256_gcm |
Value Type | REG_DWORD |
Default Value | 1 |
True Value | 0 |
False Value | 1 |