© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Certificate-Based Authentication (CBA - 2FA) The organization MUST be able to positively determine users’ ID for security CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware Installation and Configuration Issues Citrix Installation might suffer conflicts and related issues (incompatibility, conflicting versions, etc.) If the connection runs through VPN SSL – users will require plug-ins and/or specific browser version Additional plug-ins might be required for organizational portal (.net, Java, etc.) If a self-signed certificate (server certificate) is used, users have to configure end-point’s browser Data Leakage Hard to manage where users export data to (machines/media) and how they use it A misconfigured machine might be used by unauthorized personal for accessing sensitive data
© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Certificate-Based Authentication (CBA - 2FA) The organization MUST be able to positively determine users’ ID for security CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware Installation and Configuration Issues Citrix Installation might suffer conflicts and related issues (incompatibility, conflicting versions, etc.) If the connection runs through VPN SSL – users will require plug-ins and/or specific browser version Additional plug-ins might be required for organizational portal (.Net, Java, etc.) If a self-signed certificate (server certificate) is used, users have to configure end-point’s browser Data Leakage Hard to manage where users export data to (machines/media) and how they use it A misconfigured machine might be used by unauthorized personal for accessing sensitive data Tough security issues. Data compromise. High helpdesk costs. Hard to manage.
© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Additional Software Home PCLaptop/Any PCBranch PCsContractors Self-Signed Certificate VPN SSL Add-on & URL Receiver Client 2FA Middleware Data & User Policies Citrix Farm / IT Dept. Traditional technologies demand that each component will be distributed separately to EACH end-point: 2FA Middleware Citrix Receiver Client (for both managed and unmanaged machines) VPN SSL add-on for browser Self-signed certificate Additional required plug-ins/software Unmanaged machines are handled by the end user. Novice/non-savvy users will probably require helpdesk services. 2FA Hardware End User Helpdesk What a mess…
© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Additional Software Home PCLaptop/Any PCBranch PCsContractors Self-Signed Certificate VPN SSL Add-on & URL Receiver Client 2FA Middleware Data & User Policies Citrix Farm / IT Dept. Middleware Citrix Receiver Client (for both managed and unmanaged machines) VPN SSL add-on for browser Self-signed certificate Additional required plug-ins/software Are all mounted on one device… Centrally managed… In plug-and-play mode… On a single device for any platform at any time. 2FA Hardware End User But what if… Helpdesk This is exactly what Ceedo for Citrix is!
© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Administrator pre-configures components, apps in a Ceedo for Citrix workspace and installs it on a flash drive or USB token. USB drives or installation package delivered to end-users (usually in a read-only partition). Users plug in devices and start working immediately! Zero-install and zero footprint - nothing is left behind after USB is unplugged. Workspaces can be managed remotely from the cloud. Solution: Pack everything into a plug-and-play platform on USB drive or 2FA device! Ceedo Workspace Receiver Client Sandboxed Browser Self-Signed Certificate VPN SSL Add-on & URL PKI Middleware Additional Software Data & User Policies Home PCLaptop/Any PCBranch PCsContractors
© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Device architecture (varies) Flash memory on 2FA device or regular USB drive Partitioned to Read Only and Read/Write Read Only: Ceedo workspace, 2FA Middleware or software and all other applications and components. Read/Write: User Data and customizations. Management System CEM: Creates Ceedo workspaces and their policies. CPC: Creates application packages. CCMS: Assigns users and groups with devices, workspaces, edits and creates policies, aggregates usage data, and more (web-based)… Virtual Runtime Environment Acts as a surrogate OS Runs all components within a sandbox Works entirely in User Mode No admin rights or installation required Cross windows platforms
© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Plug-and-Play zero-install Citrix Receiver on a flash memory of a 2FA device (or any USB thumb-drive). Encrypted data, sandboxed apps and enables configuring user-rights policies enforcement (access to drives, printers, etc.). Includes a built-in pre-configured browser, plug-ins and additional software. Allows for remote management of policies and component updates. Roam from PC to PC, regardless of OS version and user privileges.