Virtual Desktop Infrastructure development
- Remote Access MAC Portal
Business Challenge
vWorkspace from Quest Software integrated closely with Microsoft's Remote Desktop Services and Hyper-V, is the best alternative to XenApp/XenDesktop and Horizon. Remote Access Portal for Mac OS allows users to connect to computers within remote LAN via RDP (Remote Desktop Protocol) and run applications according to user permissions level. With this application users can connect to remote personal work environment from any place in the world using any laptop.
Comprehensive security options and connections being established via dedicated gateway helps controlling access to company VDI in LAN from Internet preventing unauthorized access to computers within LAN and applications installed on them.
VDI Solution
The client, Quest Software, already had working remote access application for Windows, but needed to have a similar client application running on Mac OS since this operating system is also very popular and is widely used by numerous companies and individual users.
The main idea of the project was to implement the application in Objective-C using Cocoa GUI library and use rdesktop open source library to support connections to Microsoft Terminal Services via RDP from Mac OS.
A great deal of attention was paid to client-server network communication security. All communication was organized over secure SSL protocol and authentication broker services were used to redirect incoming connections to remote VDI LAN. All user sensitive data was stored in strongly encrypted form.
The application utilizes SSO (Single Sign-On) mechanism for authentication. It passes authentication procedure only once to gain further access to remote servers and services according to account security policy.
Virtual Desktop Infrastructure Architecture
The entire VDI solution consists of the following modules:
- Client module is a desktop application with convenient Cocoa-based GUI providing user means to work with remote applications and computers.
- Open SSL library located on client computer providing SSL connectivity to remote computers.
- Rdesktop library supporting RDP connections to MS Terminal Services.
- Proxy server used for user authentication and redirection to LAN.
- Web based server application storing user account information and security settings associated with accounts such as lists of available remote computers and applications.
Tools and Technologies
- Mac OS X;
- Xcode;
- Objective-C;
- OpenSSL;
- rdesktop;
- Cocoa.
Benefits
The implemented solution serves as a thin client, which can be used to access MS Windows based VDIs and utilize virtualization capabilities from PCs that run such popular operating system as MacOS X.