1 / 28

Ceedo Client Workspace

Ceedo Client Workspace Virtualization Technology About Ceedo The ‘Ceedo Client’ Concept The “Workspace” Ceedo Enterprise overview and use cases Security overview. Ceedo Client Workspace. Concept and Technology Overview. About Ceedo. We are a privately held company, established in 2005

tavon
Download Presentation

Ceedo Client Workspace

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ceedo Client Workspace Virtualization Technology About Ceedo The ‘Ceedo Client’ Concept The “Workspace” Ceedo Enterprise overview and use cases Security overview Ceedo Client Workspace Concept and Technology Overview

  2. About Ceedo • We are a privately held company, established in 2005 • We specialize in developing IT solutions, aimed at the toughest issues confronting modern IT • Our products are based on our proprietary run-time virtualization technology – Workspace Virtualization

  3. Just a Few of Our Customers Our products have been shipped to over 4,000,000 users worldwide (consumer and businesses alike)

  4. The Ceedo Client Managed Workspaces for Productivity and Security Beyond the Organization

  5. A picture is worth a thousand dollars… Zero-install portable computing environment that can run Windows applications in plug-’n’-play mode on any PC, and with central management…

  6. A picture is worth a thousand dollars… Supports any type of portable device including: Encrypted USB Drives

  7. A picture is worth a thousand dollars… Supports any type of portable device including: Two-Factor Authentication Devices 65985

  8. A picture is worth a thousand dollars… Supports any type of portable device including: Locally installed, and more...

  9. The concept is simple – corporate applications Mount Applications on Portable Devices

  10. The concept is simple – corporate “workspace” Mount Applications on Portable Devices “Workspaces” Regular installation into workspace Workspace deployed on portable device

  11. The concept is simple – work on any PC Let users work from anywhere

  12. The concept is simple – manage the “unmanaged PCs” Manage Apps/Workspaces Remotely

  13. Ceedo’s Technological Foundation Workspace Virtualization

  14. The Workspace Concept • Most virtualization technologies focus on separating specific “layers” or components of the stack. Virtualize Applications • Each app is packaged separately • Lots of configuration and packaging overhead • Problems for apps to inter-communicate • Management requires installed agent

  15. The Workspace Concept • Most virtualization technologies focus on separating specific “layers” or components of the stack. Virtualize Applications Virtualize Users But the user “is” this… Settings and customizations Policies

  16. The Workspace Concept • Most virtualization technologies focus on separating specific “layers” or components of the stack. Virtualize Applications Virtualize Users Virtualize Desktops • “Heavy” • Extra Licenses Settings and customizations Policies OS Resources

  17. The Workspace Concept • We focus on converging these layers and treating them as a single “block”… OS Resources

  18. Virtual Workspace Features • Provides the environment with OS-like resources (not VM):apps are installed normally (no special packaging needed) and inter-communicate freely. • Can provide varying degrees of “transparency” to the host (resource access, processes, etc.). • Cross-windows compatibility (Windows 2000 and above). • Does not effect or pollute the host’s OS (including user-installed apps) • Can be fitted for plug-’n’-play mode on USB drives, streamed at file level from the cloud, or installed locally. Self-contained Sandboxed Compatible Unobtrusive Versatile

  19. Ceedo Client family Unmanaged Desktops / USB on a Stick Ceedo Client Workspace Implementations, Features and Benefits

  20. Ceedo Client - Virtual Workspace Implementations Main mission: Dealing with portability, home PCs, and allows for managing applications on unmanaged machines beyond the organization’s boundary. Or as OEM supplement for portable device… Applications Policies Ceedo management tools Ceedo Enterprise Workspaces are deployed to portable devices with central management allowing administrators to manage corporate applications on un-managed PCs. Used as lap-top replacement (PC on a Stick) Or for special needs:Ceedo for CitrixCeedo for AvayaSecure browsing/remote connections… Ceedo Personal Workspaces are embedded on portable devices for consumers as “PC on a Stick”. OEMs, manufacturers and suppliers + Ceedo’s online shop.

  21. What is Ceedo Enterprise? • A centrally managed Workspace that can be mounted on portable devices or installed locally. • Prepared by simply installing apps into the workspace and “freezing” it. • Admin can control host <-> workspace relations • Block access to drives, printers, removable drives, etc. • Prevent from running on PCs without anti-virus. • Prevent specific processes from running. • And more… • User can run withoutadmin rights in a plug-and-play fashion. • Zero footprint +Full sandbox User Data Pre Installed Apps NON-corporate/un-managed PC

  22. What can Ceedo Enterprise be Used for? • Laptop replacement / roaming users / home office enabler • Allow contactors to use corporate applications • Disaster recovery / backup system during critical infrastructure failure • Used for pin-point solutions with specific components • Ceedo for Citrix: Mount Citrix Receiver, a sandboxed browser, VPN-SSL and PKI middleware - on Two-Factor Authentication devices or Encrypted drives. • Ceedo for Call Center: VoIP, messaging, VPN SSL, etc. for call center employees. • Ceedo for Safe Browsing: A sandboxes browser pre-configured with self-certificates and made to run a specific URL, with VPN SSL, fully sandboxed, etc. • And: deploy applications to end-points… Plug-and-Play Centrally Managed Online/Offline Secure

  23. Taking Care of Security Mitigating Risks and Elevating Security

  24. Recommended Security Measures • Use hardware with encryption and active anti-malware scan • Add soft Two Factor Authentication (or deploy on physical 2FA hardware devices) • Whitelist processes that are allowed to run in Ceedo (+MD5 signatures) • Turn-on Ceedo’s antivirus detection and OS patch level. • Use a VPN-SSL solution with strong Access Control benchmark settings • Use an independent browser rather than the virtualized “mapped” IE • Add to the internal browser safe browsing add-ons and configurations • Configure Ceedo Enterprise to block writing to host drives, printers, etc. • Leave the data in the datacenter or use Citrix’s ShareFile / similar solution • Employ 3rd party anti-malware, security applications, soft-biometric apps, etc. • *In 2FA devices - Mount components on read-only partition

  25. Example of Security Flow User plugs in device Encrypted drive password check Encrypted drive runs antivirus scan Drive is decrypted Ceedo checks host antivirus, firewall, network connection, etc. Ceedo checks processes MD5 signature (continuous throughout session) Ceedo enforces host recourse accessibility and Ceedo updates Ceedo sandbox fires-up with independent runtime environment Second antivirus and/or antimalware scan Two Factor Authentication software/middleware VPN SSL (can include second access control check, such as Juniper SSL) External solution’s security (such as Citrix’s own security features)

  26. Workspace Leakage Protection • Device BindingWorkspaces licenses are device-bound and cannot work if copied to unauthorized devices + most cases of copying a workspace will break it. Ceedo

  27. Two Factor Authentication – One Solution: Two Options • Mount pre-configured, ready-to-run, plug-and-play PKI middleware and remote connection solutions on 2FA devices’ flash memory HARDWAREExtend 2FA USB devices with plug-n-play pre-configured Public Key Middleware and remote office applications such as Citrix Receiver, VNC, VPN-SSL tunnels, etc. • Mount pre-configured, ready-to-run, plug-and-play 2FA security SOFTWARE tokensWith software based 2FA solutions, such as RSASecurID Software Token, installed into Ceedo’s Workspace, any portable storage device can turn into a 2FA device. Citrix Receiver VPN SSL Add-on PKI Middleware Configured Browser Data & User Policies USB Flash 2FA Device

  28. Thank you for Your Time

More Related