Virtual Desktop infrastructure for Hospitals
It is well-known that healthcare providers need to collaborate, access to patient data is critical to delivering the best in medical attention. Healthcare providers are however challenged with delivering this access while maintaining the security of patient data as dictated by HIPAA, the Health Information Portability and Accountability Act. An access solution from SolovatSoft delivers anywhere, anytime access securely without compromising the confidentiality of your data.
The new technology that promises to deliver answers is Virtual Desktop Infrastructure (VDI).
Not so different from traditional terminal services deployments, VDI takes it a step further and aims to provide users the look, feel and touch of a standard PC, but also to provide IT Departments with the ability to:
- Secure all data in the organization by bringing it back into the data center
- Streamline administrative tasks; such as, software deployment/upgrades, OS patches and new application deployments
- Enhance support capabilities. Imagine, no more desktop technician replacing a PC with a temp while taking the old one back to the shop to rebuild
- Breathe new life into older hardware, or in the appropriate environments, replace PCs with thin clients
Improved security is another highly touted benefit, and one that’s particularly useful in regulated industries like financial services and health care. High-profile laptop thefts over the last several years — some involving highly sensitive data — have shined a bright spotlight on the need for new approaches. With hosted desktop virtualization, security can be monitored more closely and virus threats reduced. Further, if a thin or zero client is lost or stolen, no loss of valuable data occurs because the device is stateless.
Our solution delivers the most comprehensive desktop brokering, management, and application publishing solution, supporting the world’s leading virtual infrastructure platforms and blade PC implementations, to meet the needs of all types of users within the organization.
The goal of our solution is to enable a user to work as well or better with a remote virtual guest from a client machine as with a desktop PC, and still provide all the advantages that running applications in the computer center offers:
- Simple administration
- Hardware consolidation
- Green IT, i.e., reduction of electrical use and air conditioning
- Simpler backup
- Increased security requirements
With VDI solution, as with Windows Terminal Server Computing, the monitor data from the server as well as the keystrokes and mouse movements from the client are exchanged between the local client and the remote system (with VDI Business, this is a virtual desktop). Our solution’s high performance is provided, on the one hand, by the optimized RDP client, and, on the other hand, by taking care that the RDP data stream is exchanged directly between the client and virtualized desktop, taking no detours.
The developed remote virtual desktop infrastructure (VDI) accessibility provides means to organize RDP connections to virtual PCs which are a part of remote VDI hosted by the majority of existing virtualization solutions such as VMWare Workstation, VMWare ESX and ESXi servers, Microsoft Hyper-V and Microsoft Virtual PC.
The proposed solution provides secure access from Internet to VDI via traffic redirection tools and corresponding client libraries.
Features supported by related solution created by SolveITLabs:
- Secure HTTP connections to VDI environment. Configuration files published on WEB, which are used for automatic connection configuration are accessed via secure protocol.
- Automatic connection configuration based via downloading configuration files. User does not need to specify connection information manually. Instead, it can be downloaded and applied automatically.
- Manual connection / access configuration. Besides auto-configuration user can specify connection information manually.
- Simple user authentication. Simple login/password authentication can be handled by secure access gateway.
- Certificate-based authentication. User can be authenticated by secure access gateway based on certificate installed on client PC.
- Login-password OS based authentication. Login / password Windows based authentication is also supported by secure access gateway which allows usage of domain accounts when accessing remote DVI.
- Automatic obtaining the list of published applications. The list of published application in remote VDI can be retrieved either via configuration files or directly from virtualization solutions.
- RDP-based connection. Client application and secure access gateway support connection to PCs in remote VDIs via RDP protocol and launching published applications.
- RDP traffic encryption by SSL. All traffic between client application and secure access gateway, including RDP traffic, is encrypted with SSL.
- Redirection of encrypted traffic. One secure gateway provides secure access to isolated VDIs from Internet.
- HTTP / HTTPS wrapping of redirected traffic for firewall traversal. RDP traffic can optionally be wrapped to HTTP / HTTPS and as result is not blocked by high security level firewalls.
- Support of Microsoft Internet Security and Acceleration server (MS ISA server). Client and secure gateway handle situations when MS ISA server is in the middle.
- Proxy / firewall traversal. Client application supports firewalls and proxies for Internet connection.
- Secure settings storage. All user sensitive data stored on local PCs is encrypted with strong encryption algorithms.
Remote environment access diagram
The diagram shows how the remote access infrastructure is organized. MS ISA Server is optional on this diagram and can be removed.
- First, Client Program (AppPortal) connects to WEB Server through Proxy / Firewall, Internet and MS ISA server to automatically obtain information about connection options to access remote VDI Access Server.
- Then Client program passes connection information to RDP Module which uses SSL Module to connect to VDI Access Server which provides details about available Virtual PCs and applications published on them according to the specified account.
- Once VDI access details are obtained from the VDI Access Server, Client Program connects to Virtual PCs and launches published applications using RDP Module which again uses SSL Module to traverse SSL Gateway.