Independently developed by H3C Technology Co., Ltd., H3C Workspace Cloud Desktop is a desktop virtualization product based on the hybrid architecture of virtual desktop infrastructure (VDI), intelligent desktop virtualization (IDV) and Virtual OS Infrastructure (VOI). Relying on Workspace Cloud Desktop Studio, this product transfers the virtualized desktop components (including application software, OSs and user data) to the cloud data center for hosting, manages and controls them in unified and centralized mode. Users can access the desktop OS through thin clients, rich clients, mobile clients, PCs and other equipment, and get PC-like use experiences. Centralization is the greatest feature of the virtualization architecture of H3C Workspace Cloud Desktop, and is embodied in the following:
Security centralization: With centralized applications and data, you can more easily monitor application security and protect confidential data; you just need to protect server-side security, without consideration for client security;
Management centralization: An administrator can control applications and data available to users in centralized and unified mode; from the server side he can uniformly schedule and flexibly allocate hardware resource used by the user virtualization desktop, and supply idle hardware resources to other users to ensure demand-based allocation; he can also monitor any operation of users in the virtual desktop in unified mode. In VDI mode, all data is centralized in the cloud, and no data is available on local clients. In IDV and VOI modes, each client is equipped with a personal web disk, through which personal data is centralized to the backend data center for storage.
Operation and maintenance (O&M) centralization: In VDI mode, since no data and applications are available for clients, you just need to connect the simple functions of the virtual desktop, without maintenance. Thus, all maintenance work is centralized on the server side. In IDV and VOI modes, applications and OSs can be pushed and updated in batches through the management platform, and thus O&M is significantly improved.
The diagram of H3C Workspace Cloud Desktop solution is as follows:
H3C Workspace Cloud Desktop solution consists of the following components:
1. H3C Cloud Space Console
This is a component of Cloud Desktop Studio, which is deployed on the server. Through the platform, an administrator can manage such virtualization platforms, desktop images, desktop pools and users as are related to cloud desktop services.
2. H3C Workspace App
This is a client program connected to the VDI cloud desktop and deployed in the PC or on the thin client. Through the client, the user can efficiently transmit desktop images, and map local equipment on the PC or the thin client to the VDI cloud desktop.
3. H3C IDV/VOI Client
H3C IDV/VOI client runs on the IDV/VOI client, and a user can use the IDV/VOI desktop through H3C IDV/VOI client.
4. H3C Workspace SpaceAgent
This is an agent program used by H3C Workspace Studio to manage a client. The program is deployed on the client endpoint to provide multiple endpoint device management capabilities for the management platform.
H3C Workspace Cloud Desktop product meets personalized requirements of users by optimizing its functions and performance for different application scenarios.
Act like a traditional PC
H3C Workspace Cloud Desktop product does not change the habits of user login and poweron/off. VDP desktop connection protocol deeply optimizes the transmission of desktop images, and enables users to log in to the desktop within a few seconds, thus greatly improving desktop access experiences.
Perfect software compatibility
Provide the software compatibility list, and support mainstream application software and anti-virus software. Own complete compatibility of industry software (for example, Client/Server (C/S) and Browser/Server (B/S) application software). GPU pass-through/hardware virtualization technology can meet the performance requirements of professional applications like industrial drafting, and support common mainstream mapping software, for example, 3DS Max, AutoCAD, and ProE. Customize software adaptive to special industry applications.
Smooth video experience
The video redirection technology significantly improves the video experiences of users, effectively reduces the server resource consumption by video decoding, and supports highly dense video concurrency scenarios.
Wide support for various peripherals
Use the independently developed peripheral redirection core technology, and keep a bus channel as a PC does. Thus, users can use such peripherals as printers, scanners and Ukeys just as they use PCs.
Through Cloud-Connection-Client system-based secure, reliable design, H3C Workspace Cloud Desktop ensures multi-level security from clients, networks and cloud platforms to management. With focus on prevention supplemented by monitoring and audit, this product guarantees all-round information security of office desktops, and reliability of clients and platforms.
Client security: Authentication of client endpoint feature codes, identity authentication of multiple factors like fingerprint and USB key, blacklist/whitelist control of ports and peripherals, and so on.
Network security: Isolation of virtual desktop pools, desktop connection security, encrypted transmission and so on.
Data security: H3C Workspace Cloud Desktop sets the use policy of desktop peripherals, and uses application software to control the use of illegal software. Security properties such as desktop watermark and read only for storage equipment ensure that data is not lost.
Cloud platform security: Support the distributed storage, VM image tiering storage, data disk encryption, and data traceless processing. Support the integration with anti-virus software or security software of third parties such as Asiainfo to provide perfect security solutions in the virtualization environment. Without need of installing any agent in the virtual desktop, this product can protect the VM, thus ensuring the security of the virtualization environment.
Management security: An administrator can implement decentralized or domain-based management, and audit the behavior logs of desktop users.
All-round reliability guarantee: H3C Workspace Cloud Desktop offers network status detection, client self-service backup and recovery, automatic reconnection upon network crash, HA resource reservation of key components, batch backup of VMs and so on.
H3C Workspace Cloud Desktop Studio can manage physical resources, virtual resources, virtual desktop lifecycles, system alarms and failures in unified mode to improve the efficiency of IT O&M.
This platform manages virtual desktop lifecycles, alarms and failures in unified mode. It can quickly deploy the basic desktop environment, make the desktop quickly go online and expand, flexibly schedule resources to quickly respond to service change, and raise the service support capability and response speed.
It allocates different desktop resource pools to scenarios, and supports static, dynamic and manual desktop pools.
It supports the batch upgrade of OSs and application software when not affecting software independently installed by users and personalized data.
It manages network policies in centralized mode. It designates detailed security access rules (L2, L3 and L4 control, bilateral control, and time interval-based control) for virtual desktop traffic. In this platform, as a virtual desktop migrates between server hosts, the corresponding network policy configuration (ACL, QoS, VLAN, port binding and so on) file does the same concurrently. This ensures that services are not interrupted and the access control policy remains unchanged.
H3C Workspace Cloud Desktop Studio manages resources in centralized mode, simplifies the O&M process, and balances the cost and efficiency of IT O&M of enterprises to raise the value of IT O&M.
Rich automation O&M tools: One-key automatic collection and analysis of enterprise office environment information (CPU, memory, disks and so on), user experience optimizers, one-key log collectors and so on are available to reduce the maintenance difficulty and raise the O&M efficiency.
The platform automatically expands both flexibly and quickly, and automatically discovers the hardware upon being powered on; links and clones desktops to raise user experiences and management efficiency.
The platform has core components with independent intellectual property rights, and open, standard interfaces to flexibly adapt to industrial applications, and can quickly build solutions to meet unique requirements of industries.
Through H3C Workspace Cloud Desktop Studio, an administrator can manage and control virtual desktops based on desktop pools. He can deploy virtual desktops in batches in a desktop pool, and authorize local users, domain users and user groups in batches. Through a static desktop pool, he allows users to exclusively enjoy and personalize virtual desktops.
Through a manual desktop pool, an administrator can, according to needs, manually set the restoration point of a desktop pool, and perform the restoration manually if needed.
In a dynamic desktop pool, an administrator can dynamically authorize virtual desktops. When a user logs in to the platform, a virtual desktop is randomly allocated from a dynamic pool. After a user closes a virtual desktop, the desktop is automatically restored to an initial state.
In a static desktop pool, an administrator can import an existing VM, or manually remove it from the pool. In a manual or dynamic desktop pool, the management platform supports the release beyond a certain time after a VM is shut down, namely, the authorization relationship is automatically released over a certain time after the virtual desktop is closed; in this case, the virtual desktop can be requested for use by other users in the pool.
Through the user management module of H3C Workspace Cloud Desktop, an administrator can maintain local users and domain users by group, including adding, modifying, deleting or querying them, or can view the information of virtual desktops authorized by users and user groups. He can manually or periodically synchronize LDAP domain users, and monitor online user information. Additionally, this platform supports the authentication of local users. To log in to the platform, just need to authenticate it. This platform offers faster login and more convenient management.
In H3C Workspace Cloud Desktop, an administrator can configure the visible watermark function of the desktop. The virtual desktop shows the login user name and time, and a user can customize the display content according to actual needs. An administrator can configure the watermark of the fixed position and the full-screen watermark, and adjust its color, angle and font to prevent users from photographing a virtual desktop with camera equipment.
Besides a visible watermark, H3C Workspace Cloud Desktop supports the invisible watermark function, namely, the desktop watermark you can not see. The property of invisible watermark applies to the confidentiality scenario where copyrights are protected or the leakage responsibility for confidential information should be traced. When a user steals sensitive information through a snapshot, leading to the leakage of sensitive information, the platform can trace the cloud desktop and user of information leakage through invisible watermark parsing.
As H3C Workspace Cloud Desktop Studio deploys or updates software to each client desktop, an administrator can separately create a software library, and directly distribute software to a VM, without updating the system template. He just needs to distribute different software libraries to VMs, which then restart and normally use the updated software.
H3C Workspace Cloud Desktop can control the illegally used application software in batches in a desktop pool by setting the authorization policy of software blacklist. This is embodied in the following:
1. Exercise custom control over the use of software in a VM. In a specific scenario, if an administrator or a user does not expect to run some software, they can block it by performing this function.
2. In a specific environment, some software can affect the secure, steady running environment of VMs. In this situation, you can block the software by the software blacklist function to get the good virtual desktop experience.
Through a unified web management console, H3C Workspace Cloud Desktop Studio manages and monitors physical and virtual resources in centralized and unified mode. Through the DashBoard interface, the platform browses cloud resources, and monitors the resources of the data center in unified mode, such as clusters, hosts, storage, VMs and networks. Currently, the platform can monitor top 5 hosts and VMs in CPU, memory and other resources.
H3C Workspace Cloud Desktop cluster is developed on the basis of the server virtualization platform. Supporting the hyper-converged management, this cluster guarantees reliability of multiple systems for users, such as HA, distributed resource scheduler (DRS) and distributed power management (DPM), and thus ensures that the cloud desktop is steady. The advantages of managing clusters in centralized mode are:
1. Using the centralized management function, an administrator can organize, monitor and configure the whole IT environment through the unified interface, thus reducing management cost.
2. Multiple independent server hosts converge into a cluster with a shared resource pool. This cluster makes desktop management less complicated, and offers internal HA. All hosts in the cluster are monitored. As a host malfunctions, the virtualization platform immediately responds, and restarts the affected virtual desktop on another host or you manually migrate the online virtual desktop. At the same time, H3C Workspace Cloud Desktop cluster offers the function of storage online migration that enables a virtual desktop to migrate online across different storage types and storage products of manufacturers. Thus, without interruption or shutdown, a running virtual desktop can migrate from one storage position to another, and this provides users with a cost-effective cloud desktop HA solution.