H3C Enterprise Cloud Desktop Solution

    04-11-2022

1. Demands

The construction requires taking virtual desktops as the delivery form and building an IaaS platform based on server virtualization. The cloud computing technologies need to solve problems faced by the traditional IT infrastructure at the security level. The solution needs to meet requirements such as unified management and high system stability, and give full play to advantages of virtual desktop in the post-PC era.

Low management and O&M efficiency

The widely distributed PCs make the users have an increasing need to visit the desktop environment of PCs anywhere. Therefore, it is hard to realize centralized PC management. In addition, due to the wide variety of hardware and batch purchase of PCs, it is difficult to maintain and manage various endpoints for asset management. Moreover, users have different needs for the modification of the desktop environment, making the standardization of PC desktops a challenge.

Insufficient data protection

Due to the lack of necessary safety protection measures, endpoints have a great potential risk of leaking and divulging secrets when using PCs for work. Users can download confidential information to a local drive and disclose it via unauthorized means such as copying and recording. To ensure data security, IT O&M personnel run various security protection software on the PC desktop. However, if the PC desktop is booted from devices such as a CD-ROM and USB, or the user hooks up a drive to another computer as a slave drive, the protection system can be easily bypassed and the unauthorized user can obtain confidential information and implant virus and Trojan horses without leaving a trace, thereby affecting the safe operation of all desktops in the local area network (LAN).


Low scalability and flexibility

The current PCs are not scalable and flexible enough, especially when there are temporary and short-term expansion requirements, such as PC application and deployment for a new employee. The traditional mode requires a lot of deployment work, lacking scalability and timeliness.

2. Solution design

H3C Cloud Desktop Studio

Components of Cloud Desktop Studio can be deployed on the server. Through the platform, an administrator can manage virtualization platforms, desktop images, desktop pools, and users that are related to cloud desktop services.

H3C Workspace app

This is a client program connected to the VDI cloud desktop and deployed in the PC or on the thin client. Through the client, users can efficiently transmit desktop images, and map local devices on the PC or thin client to the VDI cloud desktop.

H3C IDV client

The IDV client runs on IDV-compatible endpoints. It allows users to connect to and manage IDV cloud desktops.


H3C Workspace SpaceAgent

This is an agent program used by H3C Workspace Studio to manage an endpoint. The program is deployed on the endpoint to provide multiple endpoint management capabilities for the management platform.

3. Advantages

Better experience

The H3C Workspace Cloud Desktop product meets personalized requirements of users by optimizing its functions and performance for different application scenarios.

Act like a traditional PC

H3C Workspace Cloud Desktop product does not change the habits of user login and power-on/power-off. VDP desktop connection protocol deeply optimizes the transmission of desktop images, and enables users to log in to the desktop within a few seconds, thus greatly improving desktop access experience.

Perfect software compatibility

The solution provides a software compatibility list, and supports mainstream application software and anti-virus software. It is fully compatible with industry software (for example, Client/Server (C/S) and Browser/Server (B/S) application software). GPU pass-through/hardware virtualization technology can meet the performance requirements of professional applications like industrial drafting, and support common mainstream mapping software, for example, 3D Max, AutoCAD, and ProE. Besides, it also enables customized software that is adaptive to special industry applications.

Smooth video experience

The video redirection technology significantly improves users' video experience, effectively reduces the server resource consumption by video decoding, and supports highly dense video concurrency scenarios.

Wide support for various peripherals

The solution uses the independently developed peripheral redirection core technology and keeps a bus channel as a PC does. Thus, users can use such peripherals as printers, scanners, and Ukeys just as they use PCs.

Stronger security

Through Cloud-Connection-Client system-based secure, reliable design, H3C Workspace Cloud Desktop ensures multi-level security from clients, networks, and cloud platforms to management. With a focus on prevention supplemented by monitoring and audit, this product guarantees information security of office desktops and reliability of endpoints and platforms.

 

*Endpoint security: Authentication of endpoint feature codes, identity authentication of multiple factors like fingerprint and USB key, blacklist/whitelist control of ports and peripherals, and so on.

*Network security: Isolation of virtual desktop pools, desktop connection security, encrypted transmission, and so on.

*Data security: H3C Workspace Cloud Desktop sets the use policy of desktop peripherals, and uses application software to control the use of illegal software. Security properties such as desktop watermark and read-only for storage devices ensure that data is not lost.

*Cloud platform security: Supports distributed storage, hierarchical storage of VM images, data disk encryption via software, and traceless data processing. Ensures the security of the underlying virtualization environment with virtualized anti-virus software.

*Management security: An administrator can implement decentralized or domain-based management, and audit the behavior logs of desktop users.

*All-round reliability guarantee: H3C Workspace Cloud Desktop offers network status detection, client self-service backup and recovery, automatic reconnection upon network crash, HA resource reservation of key components, batch backup of VMs, and so on.

Besides, H3C Workspace Cloud Desktop supports the integration with anti-virus software or security software of third parties such as Asiainfo to provide sophisticated security solutions in the virtualization environment. Without installing any agent on the virtual desktop, this product can protect the VM, thus ensuring the security of the virtualization environment.

Simpler management

H3C Workspace Cloud Desktop Studio can manage physical resources, virtual resources, virtual desktop lifecycles, system alarms, and failures in a unified mode to improve the efficiency of IT O&M.

https://resource.h3c.com/cn/202009/28/20200928_5291243_image005_1345602_30007_0.jpg

*This platform manages virtual desktop lifecycles, alarms and failures in a unified mode. It can quickly deploy the basic desktop environment within only one hour, make the desktop quickly go online and expand, and flexibly schedule resources to quickly respond to service change, improving service support capability and response speed.

*It allocates desktop resource pools according to scenarios and supports static, dynamic and manual desktop pools.

*It supports the batch upgrade of OSs and application software without affecting software independently installed by users and personalized data.

*With centralized management of network policies, it designates detailed security access rules (layer 2, layer 3, and layer 4 control, bilateral control, and time interval-based control) for virtual desktop traffic. When virtual desktops are migrated between server hosts, the corresponding network policy configuration (ACL, QoS, VLAN, port binding, etc.) files are also migrated simultaneously to ensure that services are not interrupted and the access control policy remains unchanged.

Smarter O&M

H3C Workspace manages resources in centralized mode, simplifies the O&M process, and balances the cost and efficiency of IT O&M of enterprises to raise the value of IT O&M.

*Rich automation O&M tools: One-key automatic collection and analysis of enterprise office environment information (CPU, memory, disks, etc.), user experience optimizers, one-key log collectors and so on are available to reduce the maintenance difficulty and raise the O&M efficiency.

*The platform supports automatic capacity expansion and automatically discovers the hardware upon being powered on to achieve quick and flexible expansion. The linked clone desktop raises user experience and management efficiency.

The platform has core components with independent intellectual property rights, and open, standard APIs to flexibly adapt to industrial applications, and can quickly build solutions to meet the unique requirements of industries.

新华三官网