Remote Access to Windows Remote Desktop Servers in a new Dimension
HOB GmbH & Co. KG21.08.2012HOBLink JWT - the Diamondamong the RDP-ClientsRemote AccessRemote Access to Windows Remote Desktop Serversin a new Dimension!
Secure Business Connectivity2HOBLink JWT 04Overview 06Benefits in a Nutshell 07HOBLink JWT is Special 08HOBLink JWT Scores in Terms of Security 09 Management of Rights with a Local Parameter-Cache 10 Partial Local Drive Mapping (LDM) 11 Virus Scan with Local Drive Mapping 11 SOCKS-Proxy Tunneling 12 A Single Password for All Systems with Single Sign-On 12 Trust in Modern Java-Technology 14 Controlling the RDP Security Mode 15 Configuration of Individual Client Names 15HOBLink JWT Exceeds in Terms of Adaptability 16 Integration into your own Website 18 Branding: Look & Feel According to Your own Corporate Identity 19 Individual Configuration of Keypads and Hot Keys 19 Configuration possible for any Printer and Printer Name 20
Secure Business Connectivity3 It can be Done without a Server Component 21 Universally Employable with all Platforms 22 Add-on: Access to Mac 22HOBLink JWT: Great Comfort for Users and Administrators 23 Event Handling can be Implemented in Java-Script 24 Use Virtual Channel APIs with Java 25 Remotely Boot your PC with Wake-on-LAN 26 Client-oriented Keyboard Mapping 27 No Matter if Righty or Lefty: Comfortable Working possible 28 HOB Load Balancing for Perfect Performance and Optimal Load-Balancing 29 Optimized Data Stream 30 Assessable Audio Quality 30 Reliable Connection Management 31 Easy Installation and Configuration 32Picture sources 33At a Glance 34Interested? 35
Secure Business Connectivity4HOBLink JWTHOBLink JWT is an HOB-developedRDP client for flexible remote access toWindows Remote Desktop Servers (for-merly known as Windows Terminal Ser-vers). This makes HOBLink JWT a dia-mond among the RDP clients. Why?Well, HOBLink JWT has the greatest andlargest amount of options and featuresthat are available for RDP clients. Fromthe RDP rough diamond, HOB has de-veloped the most polished RDP clientin the world. Sounds unbelievable? Notat all – learn what is so special aboutHOBLink JWT and why this RDP cli-ent is the jewel among the RDP clientson the following pages. HOBLink JWToffers you various additional functionsthat other RDP clients simply can-not.It presents highly precise configurationoptions for an exact adaption to indivi-dual needs that greatly exceed what isusually available. Furthermore, for years,HOBLink JWT has been constantlyfurther developed for improved perfor-mance. In close consulta-tion with ourcustomers, we develop extraordinaryand excellent solutions to suit your needsand solve your problems. Therefore, you
Secure Business Connectivity5receive a perfected, hardened and opti-mally functioning RDP client that is de-veloped with attention to the smallestdetail and is tailored to the needs of ourcustomers. There is a reason why largecompanies trust us and have successfullydeployed HOBLink JWT for many yearswith thousands of licenses. Especially forcompanies that have to work with high-ly sensitive data, such as banks and in-surance companies, HOBLink JWT hasproven itself to be easy to use, custom-configurable and nonetheless highly se-cure and extremely performant. Illustration: What you can access with HOBLink JWT
Secure Business Connectivity6OverviewHOBLink JWT is an extraordinary soluti-on for web-based RDP access to Win-dows servers, VDI and desktop systems.With it, you can access centrally ins-talled Windows-, UNIX-, Linux- and MacOS- applications from any Java-capableplatform. As a result, embrace all thebenefits of a web-based, server-basedcomputing solution. HOBLink JWT offersmultiple additional benefits that impro-ve the installation, usability and security.HOBLink JWT is easy to integrate intopreexisting infrastructures. It can also beintegrated into third-party environments,such as thin clients, appliances and cloudportals. Use HOBLink JWT, combinedwith modern security mechanisms, to ac-cess your applications in a local networkor worldwide. Full support of modern au-thentication and encryption technologiesallows customers and users to stay onthe safe side.
Secure Business Connectivity7Benefits in a Nutshell• Maximum amount of possibilities to configure and personalize for greater flexibility• No software-installation and administration rights needed on the clientside• Individual solution, independent of the operating system being used• Desktop systems can also be accessed• Optimal utilization of the existing network infrastructure• Scalable in any desired way, be- cause it is solely software-based
Secure Business Connectivity8HOBLink JWT isSpecialComparing HOBLink JWT to other, simi-lar products, one thing becomes clearvery easily:HOBLink JWT offers you more than “just”RDP. Convince yourself – on the fol-lowing pages or with the help of a freetest-installation!As is notable in the scenario areas abo-ve – security, adaptability and comfort –HOBLink JWT presents itself as the jewelamong the RDP-clients. Neither user norIT controllers could turn this down.“HOBLink JWToffers you morethan“just”RDP“
Secure Business Connectivity9HOBLink JWT Scoresin Terms of Security
Secure Business Connectivity10employee has in a remote session canbe decided according to the functionsthey have in the company and the levelof trust they have acquired. Implemen-tation of highly granular security policiesis thus ensured. Every parameter of theHOBLink JWT settings can be opened,blocked or provided with a certain selec-tion. Likewise, local drive mapping (localdrives are also available in the remotesession) can be made highly flexible inHOBLink JWT.HOBLink JWT contains various out-standing security features which cannotbe found in the solutions of other provi-ders. If HOBLink JWT is combined withHOB RD VPN or HOB RD ES, an evengreater number of security featuresare available.Management of Rights with aLocal Parameter CacheHOBLink JWT allows individual user-rightssettings for remote access and while wor-king in a remote session. The rights an“Precise definitionand managementof rules - full con-trol for the IT-administratior“
Secure Business Connectivity11Partial Local DriveMapping (LDM)While “standard products” can only mapwhole drives, HOBLink JWT allows forprecise settings as to which drives, direc-tories or sub-directories can be mapped.Access rights can therefore be mappedwith greater individuality according to thesecurity guidelines of a company. Unau-thorized access to critical data can hencebe eliminated.Virus Scan with LocalDrive MappingIf HOBLink JWT is used in combinationwith HOB Remote Desktop EnhancedServices (HOB RD ES) or HOB RemoteDesktop VPN (HOB RD VPN), it is alsopossible to scan data for viruses beforethey even find their way to the companyserver. This, as a matter of fact, increasessecurity and protects the company net-work from viruses, Trojans and the like.“You decide, if andwhich local drivesare available in theremote session!“
Secure Business Connectivity12SOCKS-Proxy TunnelingThis feature allows you to easily decidewhich way the client takes to leave thenetwork, for example via SOCKS or HTTP.With HOBLink JWT this is quite easy; withother manufacturers, additional productswould need to be purchased..A Single Password for AllSystems with Single Sign-OnHOBLink JWT is completely compatiblewith the RDP Single Sign-On solution.Thus the IT administrator is able to killtwo birds with one stone: on one handthe security level is increased significantlyand on the other hand the administrativeeffort is greatly reduced. Even though thetopic “Single Sign-On“ is often discussedcontroversially, experts agree: executedcorrectly, SSO-solutions yield a big plusin security for companies.“Single Sign-Onfor safer pass-words and less ad-ministrative effort“
Secure Business Connectivity13Single Sign-On solutions allow access toall services and applications with just onelog-in (one-time user log-in), as long asthe user has the general authorization forthe access. After this one-time authenti-cation, the SSO solution takes over thetask of authenticating the user at otherservices or applications. A separate user-name or password is therefore not nee-ded. Hence, the user only has to remem-ber one password, which can then be amore complex one.In addition to this, help desks costs aredecreased because users would rarelyforget their password anymore and wouldhave fewer problems when going throughthe authentication process.You can find detailed information witha description of the benefits and risksabout this topic in our blog article “SingleSign-On”:
Secure Business Connectivity14Trust in ModernJava-TechnologyWhile other RDP-clients, for example theMicrosoft Client, use Active X Techno-logy, HOBLink JWT employs Java. Onone hand, you will achieve greater secu-rity, since Java runs – contrary to ActiveX – on all operating systems; Active X isonly available for Windows interfaces atthe moment. Another benefit is that Javais considered to be more secure thanActive X – and not only because of itssandbox characteristics.“Long-time testedand universallyusable Java tech-nology - secureand flexible“
Secure Business Connectivity15Configuration of IndividualClient NamesYou can define an individual name foreach client, so that the client can be iden-tified on the server with absolute certainty.Should security offences or conspicuousbehavior occur, you will know for surewhich user might have disregarded thepolicies – without having to search in thedark. It is especially important to knowimmediately when an extreme security-critical incident has occurred in order toreact immediately.Controlling the RDPSecurity ModeWith HOBLink JWT, you decide whichRDP security modes are to be used.This means, you can even define an in-dividual sequence, so that unsuccessfulconnection attempts due to unsuppor-ted RDP security modes on the serverside can be prevented. All in all, an in-dividual definition of the security modesand their order leads to highly improvedtime management.
Secure Business Connectivity16HOBLink JWTExceeds in Termsof Adaptability
Secure Business Connectivity17HOBLink JWT can easily be integratedinto existing IT structures and, therefo-re, can be employed on a long-term ba-sis – even if processes or conditions inthe company are changing. Moreover,HOBLink JWT can be adapted to yourparticular needs. Just see for yourself inthe following chapter.“High adaptabilitydue to numerousparameters“
Secure Business Connectivity18Integration into YourOwn WebsiteYou have the option to incorporateHOBLink JWT into your company web-site, customer portals or your very ownintranet page. Sounds kind of banal, butthis offers the benefit that employees areprovided with a central point of entry anddo not have to start HOBLink JWT overa dedicated web address. Also, integra-tion helps in-house acceptance, becauseintranet content is often perceived as res-pectable and “true” (an inspection of thiscontent by colleagues and by the editorialstaff is assumed).“Integration into yourown website - centralpoint of entry for allusers“
Secure Business Connectivity19Branding: Look & FeelAccording to Your OwnCorporate IdentityMany elements of HOBLink JWT, for ex-ample, the starting dialogue, the windowtitle text or even banners can be adaptedto your corporate identity. The look andfeel of HOBLink JWT therefore even de-picts your company graphically. The ad-vantage: users are less distracted and areable to find their way around more easily.Especially with larger numbers of users oruser groups, this is a big plus. Moreover,you can individually deter-mine the size ofyour window – full screen, just a certainpercentage of the desktop, or a fixed size(flexible windows mode).Individual Configuration ofKeypads and Hot KeysSo called “hot keys,” meaning definedkey combinations, for example <ALT>+ <TAB> can be reconfigured (for spe-cial functions), offering extreme flexibi-lity in accordance to your needs. Withother clients, these are universally pre-set and cannot be changed. In cont-rast: with HOBLink JWT you can easi-ly manage cascading sessions – withother products, this often becomes aninsurmountable hurdle!“Configuration ofenvironment vari-ables according toyour wishes “
Secure Business Connectivity20Configuration Possible for AnyPrinter and Printer NameHOBLink JWT allows you to configureevery printer individually; such a granularselection cannot be found within otherproducts. The following statement says itbest: “all or nothing.” However, you canmap, for example, only the standard prin-ter or virtual printers only, just as you like,with the help of HOBLink JWT. Due to theintegrated Easy-Print function, emplo-yees are able to get their print job doneright away, no matter which drivers are in-stalled on the server. Fast printing or ma-naging complex print jobs therefore po-ses no problem to the users any longer.“Configure printersindividually for fastand easy printing “
Secure Business Connectivity21Moreover, the printer name within thesession can be generated per pattern.Meaning: you can define any random textfor the printer, so that the user is moreeasily able to identify exactly the differentprinters (for example printer accountinginstead of HP2012ON).It Can Be Done Withouta Server ComponentHOBLink JWT can also be used withoutthe server component of HOB, if thefunctions of the HOB server componentHOB RD ES are not needed – a simp-le web browser is enough for the use ofHOBLink JWT. You are even more flexiblein terms of your process design..“HOBLink JWTeven runs withoutthe HOB servercomponent“
Secure Business Connectivity22Universally Employable withall PlatformsA crucial advantage of HOBLink JWT:regardless from which operating systemyou would like to access another, whe-ther you have Windows, Mac or evenUnix/Linux operating systems in use –HOBLink JWT is compatible with all ofthem. While other products can only beused with either one or the other opera-ting system, with HOBLink JWT you recei-ve a completely universal RDP client thatis able to support all popular operatingsystems. This proves to be particularlyvaluable in heterogeneous environmentswhere many diverse operating systemsare used in parallel at the same time.Add-on: Access to MacIf access to Macs is also needed, theperfect add-on for you would be, for ex-ample, HOB MacGate: the perfect com-plement to HOBLink JWT. The user thencan comfortably start a HOBLink JWTsession and access all applications anddata on their Mac.“Compatible to allcommon operatingsystems for greaterfreedom to design“
Secure Business Connectivity23HOBLink JWT: GreatComfort for Users andAdministrators
Secure Business Connectivity25in advance is unnecessary. The benefit:even local devices, for example, dictatingmachines or microphones, can be usedover the Windows Terminal Server sessi-on. Environment variables can be used toconfigure the virtual channel modules asneeded.Use Virtual Channel APIswith JavaWith HOBLink JWT, virtual channel APIscan even be used from the client side viaJava. To be more precise, the neededprogram libraries (.dll) do not have to beinstalled on every client, but can be cen-trally deposited on the server, once. Notonly is the principle of “zero touch” clientstherefore supported, but it also increasessecurity and helps with central manage-ment. You will see: it will reduce a greatdeal of your workload if not every clienthas to be physically touched!And also the download of the programlibraries for virtual channels is done byHOBLink JWT for the user; an installation
Secure Business Connectivity26Remotely Boot Your PC withWake-on-LANUsers and administrators can easilyswitch on the shut down desktop PC re-motely, whenever it is required. This notonly decreases costs, but also ensuresthat everything is ready to hand at alltimes and whenever it is needed. There-fore, Wake-on-LAN also works withinthe company network (LAN). Moreover,it is also possible to remotely wake upyour PC via IPsec (not only SSL), if theWake-on-LAN relay is installed in the net-work of the target PC. Various productscomparable to HOBLink JWT cannot dothis. Whether you enjoy this for your owncomfort, the reduced costs or are happyabout the approach to Green IT – it is agreat tool from every side! You and yourusers certainly will not want to miss outon this function any more!“Access possibleat any time due tothe possibility ofremotely bootingyour target PC“
Secure Business Connectivity27Client-orientedKeyboard MappingAs generally known, Windows and Mackeyboards differ in some ways: herethe Apple key, there the Windows but-ton; even the configuration of variousother keys can be different. Due to theclient-oriented keyboard mapping ofHOBLink JWT, the user has a decisiveadvantage: the user does not have to re-member the Windows keyboard settingwhen he tries to access the WindowsTerminal Server via a Mac. HOBLink JWTrecognizes which keyboard is present onthe client and maps the correspondingkeyboard. It is therefore possible to workeasily and productively.“Work with anydesired operatingsystem“
Secure Business Connectivity28No Matter if Righty or Lefty:Comfortable Working PossibleWorking without a mouse – clearly notimaginable in today’s world! But what if aleft-handed person has to torture them-selves with a mouse created for rightiesor the other way around? No problemwith HOBLink JWT, since the mouse but-tons can easily be switched!“Comfortableworking for righ-ties and lefties “
Secure Business Connectivity29HOB Load Balancing for PerfectPerformance and OptimalLoad BalancingHOBLink JWT even brings along theload balancing function. This is a Termi-nal Server load balancing that does notuse a round robin selection. Due to manyvariable parameters, it is granularly defi-ned which server should be connected tobased on its workload. No other productoffers you this kind of variety when it co-mes to parameters for load balancing thatallow for an optimal use of a server farm.When server requests are optimally dis-tributed to the servers, users and IT ad-ministrators profit. The user has an ext-remely performant and stable connectionto the server that lets them work produc-tively. The IT Administrator profits in termsof servers that run reliably and do fail dueto work overload. Additionally, fewer ser-vers in conjunction are needed and costsare effectively reduced.
Secure Business Connectivity30Optimized Data StreamIf HOBLink JWT is used together withan HOB RDP server (HOB MacGate,VNC-Bridge within the scope ofHOB RD VPN), an optimized data streamleads to a lower data volume transmissi-on and data is communicated in an evenfaster manner. One of the reasons whymany users rate HOBLink JWT as veryperformant and fast! It helps them to gettheir workload done quickly.Assessable Audio QualityWith HOBLink JWT you can deliberatelymanage the audio quality to prevent qua-lity loss if a short malfunction occurs. Au-dio files are therefore played at a constantsound quality.“Audio settings aremanageable forconstant quality“
Secure Business Connectivity31Reliable ConnectionManagementThanks to unique features, RDP connec-tions with HOBLink JWT can be mana-ged reliably: keepalive on the client sideensures that connection failures due totime outs are prevented to the greatestpossible extent. And even if the connec-tion is disrupted, an automatic reconnectcan take place. Sometimes an automaticreconnect is inconvenient – for example,when a long-term server problem is thecause – in such a case, it is possible tochose in which way this situation shouldbe handled (reconnect or cancel). Thenthe client will not continually try to re-connect when it is currently not possibleto do. Moreover, you can choose if thesession directory / session broker shouldbe activated or deactivated. This featureserves the purpose, for example, to redi-rect the client to the old session (sessionbroker is active) or not (session broker isdeactivated) when reconnecting. Depen-ding on your objectives, you may want touse one or the other of these alternatives.With HOBLink JWT you the freedom ofchoice to design your remote access ac-cording to your needs.“Reliable connec-tions without therisk of data loss incase of termination“
Secure Business Connectivity32Easy Installationand ConfigurationTo install and configure HOBLink JWT isextremely comfortable. Due to its extre-mely high grade of maturation and themanifold experiences deriving from lar-ge installations, the standard configura-tion of our RDP client HOBLink JWT isso universal that it covers most scenari-os successfully right from the beginning.Only if you have extremely special wishes,is an intervention in the configuration ofHOBLink JWT needed. And even thenyou will realize how much added value afully developed system offers you, sinceHOBLink JWT will be able to fulfill nearlyevery single one of your wishes.“Easy installationdue to preset stan-dard configuration“
Secure Business Connectivity33At a GlanceNext to functions that you would expectfrom an RDP client, HOBLink JWT alsooffers you a great variety of additionalfunctions – for greater security, high ad-aptability and more comfort. The benefitsof HOBLink JWT range from the perfectintegration into your existing IT infra-structures to a flexible adaptability for ful-filling your personal needs. No other RDPclient offers such a huge variety of fine tu-ning options. Additionally, HOBLink JWTcan be expanded easily and flexibly, dueto its numerous development interfacesand, it supports the principle of “leanadministration,” since it can be installedcentrally – without having to physicallytouch anything on the client side. Anotheradvantage of HOBLink JWT is the variousprinting options that make remote prin-ting a piece of cake.Check it out for yourself – with a testinstallation free of charge!You have got nothing to lose, but somuch to gain!
Secure Business Connectivity35Interested?Would you like to check out the numerousbenefits of HOBLink JWT?Just call us or send us a quick mail!You are welcome to contact us:HOB GmbH & Co. KGSchwadermühlstraße 390556 CadolzburgTel: +49 9103 715 0E-Mail: email@example.comWebseite: www.hob.deFor more information visit our websitehttp://hob.de/produkte/connect/jwt.jspInformation in this document is subject to change without noticeHOB is not liable for any omissions or errors which may be contained in this document.Product information contained herein is from December 2012.Any trademarks in this document are the property of their owners.Text: Sabrina SturmLayout: Maximilian Göppner