| | AUGUST 20219Ensuring Office-Like Performance in Entry Level EndpointsGraphics workstations work with monitors which have extremely high resolution and refresh rates, and powerful processors with high clock speeds and VRAM, and the average remote endpoint will be no match to the power of these workstations. So, enabling an exact office-like performance with high accuracy of colours and details is something that many remote access mechanisms fail to achieve. But with such a shortcoming, the entire purpose of remote access to graphics workstations would be lost.Steps to Overcome the Above Challenges Choosing the Right ProtocolsAny remote access solution has to make use of a transmission protocol and a display protocol. Choosing the right protocols is the most critical factor in ensuring high quality access to graphics workstations or applications. Most remote access mechanisms make use of a Transmission Control Protocol (TCP). While TCP will be well suited for many use cases, when it comes to transmission of high-quality graphics, TCP based solutions fare poorly. User Datagram Protocol (UDP) performs very well while delivering graphics workstations, where high speed delivery and handling transmission losses efficiently are more critical.With regard to display protocol, the conventionally used protocol is Microsoft's Remote Desktop Protocol. RDP in combination with UDP for transmission can be highly effective for several graphics applications and can perform more than satisfactorily. But as the intensity of graphics goes up, RDP's efficiency may drop, as they may not be able to transmit the large number of bits that needs to be transmitted for crystal clear display. This is where PCoIP protocol developed by Teradici (a Canada-based software company) can be effective. PCoIP is capable of efficiently transmitting much more bits than RDP. This effectively means that PCoIP is capable of producing high quality remote reproduction of graphics-intense images, but at the expense of high bandwidth consumption. So, PCoIP is ineffective in most average low-bandwidth networks. In comparison, RDP scores better in bandwidth utilization. So, depending on the needs and the bandwidth availability, organizations have to choose the display protocol that suits them the best.The access gateway which connects the user endpoints and graphics workstations or applications must be able to adapt to dynamic network conditions using adaptive encoders to ensure best possible user experience irrespective of network conditions. This will maintain high throughput and low ping latency, which are essential for providing remote access over internet.Data Protection Features To protect the corporate data, first thing to ensure is that the data never leaves the corporate environment and enters the user endpoint. Ideally, all users must be given only an https-based connection to the corporate network. This ensures that there is no bridging between user network and corporate network and mitigates the risks posed by any malware potentially sitting in any user endpoint.The access gateway must make use of state-of-the-art cryptography mechanisms like noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, and HKDF, and all the pixel streams leaving the graphic workstations must be encrypted in real-time.The solution must also ensure data leakage prevention with the ability to block out features like copy-paste, screen recording, screen printing, file download and restrict access to USB ports and internet usage.BYOD-Friendly Solution: The solution must be supportive of BYOD, wherein all users can use their own devices to connect to graphics workstations. But BYOD should be supported without even the slightest compromise of security. Device entry control features to allow access only to authorized devices based on device fingerprinting, and to check for compliance status to allow only compliant devices must be present.For additional security in some scenarios, the remote access solution must also have the capabilities to bind any user to one particular device based on the device fingerprint. Modern multi-factor authentication mechanisms which support not only OTP via SMS or email, but also push notifications and biometrics-based authentication must be integrated to ensure compliance and optimal security.Providing remote access to graphics workstations might not have been a necessity for many organizations till very recently. But now is a time when organizations are looking beyond the usual options to sustain and grow, and providing remote access to graphics-intense applications is one such option that many organizations can make use of to ensure improved productivity and business growth.
< Page 8 | Page 10 >