The Communication between the user, on its device, with backend application with its data must be secured. This will be achieved by implement the following parameters:
- Least Privilege’s Access
- Encryption of Transport
- Protocol Session Protection
The Least-Privilege Access means to force users to access the applications they need in work without reaching sensitive parts of the network. For example, HR employees access only HR department applications and data without accessing other department’s applications, data, and servers.
Unified Access Gateway controls access to published applications and virtual desktops by Workspace ONE; to ensure connections from trusted, authenticated and authorized users from managed and compliant devices.
Unified Access Gateway can segment networks by configuring three network cards: Public Network Card NIC 0, Management Network Card NIC 1, and backend server Network Card NIC 2; users can access the backend network using routing.
Contextual Granularity Through Distributed Firewall Rule
Identity Firewall Workflow
Encryption of the Transport Protocol
Blast Extreme protocol
With Horizon 7 the Remote Desktop Session Host service allows a server to host applications and remote desktop sessions. With Horizon Agent installed on an RDS host, users can connect to applications and desktop sessions using the display protocol PCoIP or Blast Extreme.
A session is a temporary connection between two devices or between a user and a computer during which information is communicated and exchanged.
Session Expiration with Unified Access Gateway
Restriction of User Behaviors Based on Session Conditions
Intrusion Detection and Prevention
Network Trust include the implementation of three parameters: Least Privilege – Encryption of Transport and Session Protection.