Horizon Workspace Administrator's Guide - Horizon Workspace 1
Ceedo Client Workspace
description
Transcript of Ceedo Client Workspace
![Page 1: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/1.jpg)
© 2012 All rights reserved to Ceedo.Flexible Desktops. Dynamic Workplace.
Ceedo Client WorkspaceConcept and Technology Overview
Ceedo Client Workspace Virtualization Technology
• About Ceedo
• The ‘Ceedo Client’ Concept
• The “Workspace”
• Ceedo Enterprise overview and use cases
• Security overview
![Page 2: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/2.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
About Ceedo
We are a privately held company, established
in 2005
We specialize in developing IT solutions,
aimed at the toughest issues confronting
modern IT
Our products are based on our proprietary
run-time virtualization technology –
Workspace Virtualization
![Page 3: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/3.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Just a Few of Our Customers
Our products have been shipped to over 4,000,000 users worldwide(consumer and businesses alike)
![Page 4: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/4.jpg)
© 2012 All rights reserved to Ceedo.
The Ceedo ClientManaged Workspaces forProductivity and Security Beyond the Organization
![Page 5: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/5.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
A picture is worth a thousand dollars…Zero-install portable computing environment that can run Windows applications in plug-’n’-play mode on any PC, and with central management…
![Page 6: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/6.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
A picture is worth a thousand dollars…Supports any type of portable device including:Encrypted USB Drives
![Page 7: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/7.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
65985
A picture is worth a thousand dollars…Supports any type of portable device including:Two-Factor Authentication Devices
![Page 8: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/8.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
A picture is worth a thousand dollars…Supports any type of portable device including:Locally installed, and more...
![Page 9: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/9.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
The concept is simple – corporate applications
Mount Applicationson Portable Devices
![Page 10: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/10.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
The concept is simple – corporate “workspace”
Mount Applicationson Portable Devices“Workspaces”
Regular installationinto workspace
Workspace deployedon portable device
![Page 11: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/11.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
The concept is simple – work on any PC
Let users work from anywhere
![Page 12: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/12.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
The concept is simple – manage the “unmanaged PCs”
Manage Apps/Workspaces Remotely
![Page 13: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/13.jpg)
© 2012 All rights reserved to Ceedo.
Ceedo’s Technological FoundationWorkspace Virtualization
![Page 14: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/14.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Most virtualization technologies focus on separating specific “layers” or components of the stack.
The Workspace Concept
Virtualize Applications• Each app is packaged separately• Lots of configuration and packaging overhead• Problems for apps to inter-communicate• Management requires installed agent
![Page 15: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/15.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Most virtualization technologies focus on separating specific “layers” or components of the stack.
The Workspace Concept
Policies
Settings and customizations
Virtualize Applications Virtualize Users
But the user “is”this…
![Page 16: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/16.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
OS Resources
Most virtualization technologies focus on separating specific “layers” or components of the stack.
The Workspace Concept
Policies
Settings and customizations
Virtualize DesktopsVirtualize Applications Virtualize Users• “Heavy”• Extra Licenses
![Page 17: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/17.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
OS Resources
We focus on converging these layers and treating them as a single “block”…
The Workspace Concept
![Page 18: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/18.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Provides the environment with OS-like resources (not VM):apps are installed normally (no special packaging needed) and inter-communicate freely.
Can provide varying degrees of “transparency” to the host (resource access, processes, etc.).
Cross-windows compatibility (Windows 2000 and above).
Does not effect or pollute the host’s OS (including user-installed apps)
Can be fitted for plug-’n’-play mode on USB drives, streamed at file level from the cloud, or installed locally.
Virtual Workspace Features
Self-contained
Sandboxed
Compatible
Unobtrusive
Versatile
![Page 19: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/19.jpg)
© 2012 All rights reserved to Ceedo.
Ceedo Client WorkspaceImplementations, Features and Benefits
Ceedo Client familyUnmanaged Desktops / USB on a Stick
![Page 20: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/20.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Ceedo Enterprise
Workspaces are deployed to portable devices with central management allowing administrators to manage corporate applications on un-managed PCs.
Used as lap-top replacement (PC on a Stick)Or for special needs:Ceedo for CitrixCeedo for AvayaSecure browsing/remote connections…
Ceedo Personal
Workspaces are embedded on portable devices for consumers as “PC on a Stick”.
OEMs, manufacturers and suppliers + Ceedo’s online shop.
Ceedo Client - Virtual Workspace ImplementationsApplications
Policies
Ceedo management tools
Main mission:Dealing with portability, home PCs, and allows for managing applications on unmanaged machines beyond the organization’s boundary.
Or as OEM supplement for portable device…
![Page 21: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/21.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
NON-corporate/un-managed PC
Pre Installed Apps
User Data
What is Ceedo Enterprise?
A centrally managed Workspace that can be mounted on portable devices or installed locally.
Prepared by simply installing apps into the workspace and “freezing” it.
Admin can control host <-> workspace relations• Block access to drives, printers, removable drives, etc.• Prevent from running on PCs without anti-virus.• Prevent specific processes from running.• And more…
User can run withoutadmin rights in a plug-and-play fashion.
Zero footprint +Full sandbox
![Page 22: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/22.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Laptop replacement / roaming users / home office enabler
Allow contactors to use corporate applications
Disaster recovery / backup system during critical infrastructure failure
Used for pin-point solutions with specific components• Ceedo for Citrix: Mount Citrix Receiver, a sandboxed browser, VPN-SSL and PKI
middleware - on Two-Factor Authentication devices or Encrypted drives.• Ceedo for Call Center: VoIP, messaging, VPN SSL, etc. for call center employees.• Ceedo for Safe Browsing: A sandboxes browser pre-configured with self-certificates
and made to run a specific URL, with VPN SSL, fully sandboxed, etc.• And: deploy applications to end-points…
What can Ceedo Enterprise be Used for?
Plug-and-Play Centrally Managed Online/Offline Secure
![Page 23: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/23.jpg)
© 2012 All rights reserved to Ceedo.
Taking Care of SecurityMitigating Risks and Elevating Security
![Page 24: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/24.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Recommended Security Measures
Use hardware with encryption and active anti-malware scan
Add soft Two Factor Authentication (or deploy on physical 2FA hardware devices)
Whitelist processes that are allowed to run in Ceedo (+MD5 signatures)
Turn-on Ceedo’s antivirus detection and OS patch level.
Use a VPN-SSL solution with strong Access Control benchmark settings
Use an independent browser rather than the virtualized “mapped” IE
Add to the internal browser safe browsing add-ons and configurations
Configure Ceedo Enterprise to block writing to host drives, printers, etc.
Leave the data in the datacenter or use Citrix’s ShareFile / similar solution
Employ 3rd party anti-malware, security applications, soft-biometric apps, etc.
• * In 2FA devices - Mount components on read-only partition
![Page 25: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/25.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Example of Security FlowUser plugs in device
Encrypted drive password check
Encrypted drive runs antivirus scan
Drive is decrypted
Ceedo checks host antivirus, firewall, network connection, etc.
Ceedo checks processes MD5 signature (continuous throughout session)
Ceedo enforces host recourse accessibility and Ceedo updates
Ceedo sandbox fires-up with independent runtime environment
Second antivirus and/or antimalware scan
Two Factor Authentication software/middleware
VPN SSL (can include second access control check, such as Juniper SSL)
External solution’s security (such as Citrix’s own security features)
![Page 26: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/26.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Workspace Leakage Protection
Device BindingWorkspaces licenses are device-bound and cannot work if copied to unauthorized devices + most cases of copying a workspace will break it.
Ceedo
![Page 27: Ceedo Client Workspace](https://reader038.fdocuments.in/reader038/viewer/2022102614/56814163550346895dad3fb3/html5/thumbnails/27.jpg)
© 2012 All rights reserved to Ceedo.
Flexible Desktops. Dynamic Workplace.
Two Factor Authentication – One Solution: Two Options
Mount pre-configured, ready-to-run, plug-and-play PKI middleware and remote connection solutions on 2FA devices’ flash memory HARDWAREExtend 2FA USB devices with plug-n-play pre-configured Public Key Middleware and remote office applications such as Citrix Receiver, VNC, VPN-SSL tunnels, etc.
Mount pre-configured, ready-to-run, plug-and-play 2FA security SOFTWARE tokensWith software based 2FA solutions, such as RSA SecurID Software Token, installed into Ceedo’s Workspace, any portable storage device can turn into a 2FA device.
USB Flash
CitrixReceiver
PKIMiddleware
ConfiguredBrowser
VPN SSLAdd-on
Data & UserPolicies
2FADevice