Virtual applications

Download Report

Transcript Virtual applications

A Quick Tour of Ceedo
Deliver environments to un-managed PCs
When working beyond organization, the administrator
needs to manage the unmanaged.
•
How to deliver org. apps?
•
How to separate the org.
environment from the host?
•
How to manage and revoke rights?
•
How to update\add\remove apps?
VDI\TS is not always an options
(price, complexity, performance, etc.), and even
when it is, managing it is a huge challenge.
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Conceptually…
If you could some how create a barrier – an abstraction
layer – in the PC stack, you could:
Applications
Applications
Desktop Environment
Desktop Environment
Operating System
Operating System
Hard Disk
Hard Disk
Another HDD
Move entire discrete desktops
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Abstraction Layer
=
Virtualization
2015 © CEEDO TECHNOLOGIES (2005) LTD.
Ceedo’s virtualization engines - overview
Disk virtualization
• Ceedo has an internal VHD-based virtual disk-mounting system
• Disks are mounted through internal OS<->disk interface
• Disks can be mounted from local files, over UNC or via our Disk over IP protocol
• Disks can be mounted with no mount point
Applications
Desktop Environment
Operating System
Hard Disk
VHD
• Create child disks, merge disks, etc.
Full environment virtualization
• Complete capture of all R/W transactions at kernel-level
• Every operation the environment tries to execute is manipulated and redirected
• Includes all system tweaks, device drivers, settings, files, etc.
Applications
Desktop Environment
Operating System
Hard Disk
VHD
• Can create fully captured layers for use on other Windows PCs
2016 © CEEDO TECHNOLOGIES (2005) LTD.
How do we isolate windows components?
Think of regular firewalls: Internet\network
firewalls allow companies to decide which
applications can have incoming or outgoing
connections to the network depending on rules
Now think of PCs: Our Kernel Firewall allows
companies to decide which applications can
have access to the OS and other apps!
Completely isolating apps depending on rules
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Applications
Desktop Environment
Operating System
Hard Disk
VHD
External Asset Management
Extending IT reach beyond the organization
2015 © CEEDO TECHNOLOGIES (2005) LTD.
Computing beyond the organization
One of the major problems
facing modern IT, is delivering
Windows software applications
and working environments (i.e.
data, permissions, etc.) to users
that are not directly managed
by the organization, or that use
un-managed machines.
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Computing beyond the organization
Managed machines
Administered and secured via traditional
means, and applications are delivered in
various ways.
Unmanaged machines
Administer and secure: VPN, 2FA and DLP
Desktop (workspace) Delivery: ???
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Current solutions for applications delivery
Fully managed corporate PCs
Companies provide laptops, desktops and sometime entire cloud infrastructures to contractors
and outsourced assets, with a huge bill at the end.
Virtual applications
Require companies to go through a tedious task of packaging applications, infrastructure to
deliver them, supporting only ~65% of applications and with limited management over WAN.
Remote unattended installation
Requires companies to create MSI packages that install themselves on a client machine with
hopes that no conflicts will arise and with very limited management and auditing possibilities.
VDI and Terminal Sessions
Expensive to implement, works only online, and might diminish user experience to an
unacceptable level (usually appropriate only for basic task workers)
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Ceedo in applications delivery context
Applications
Desktop Environment
Operating System
Hard Disk
VHD
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Ceedo in applications delivery context
Deploy an entire desktop without the OS or hardware
With Ceedo companies can deploy an entire desktop without the OS itself, that works offline on the end-point
machine with all the applications the users require (not a VM!).
Applications “Layer”
Applications are not packaged separately and do not require any packaging or special tweaking. Simply “record” an
application installation, and “playback” on a client machine.
Manage permissions and secure data
Applications are stored in encrypted containers locked to a specific machine ID and user SID.
Application Layers can be deployed internally inside organization
Same workspaces used for beyond-premise, can be deployed to internal employees desktops, allowing for singleimage management (esp. important in VDI).
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Ceedo’s application and workspace delivery
1) “Record” applications – capture everything an installer does
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Ceedo’s application and workspace delivery
2) “Playback” applications – merge “layer” with underlying OS
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Ceedo’s application and workspace delivery
3) Store all components in a locked-down encrypted container
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Ceedo’s application and workspace delivery
4) Update and manage remotely from a central location
Layers Repository
Management Console
2016 © CEEDO TECHNOLOGIES (2005) LTD.
Thank You
www.ceedo.com
2015 © CEEDO TECHNOLOGIES (2005) LTD.