VMware THIN4-CL-C Getting Started Guide - Page 12
Security Features of ThinApp, Streaming Applications with ThinApp, Sandbox, Group policy security
View all VMware THIN4-CL-C manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 12 highlights
Introduction to VMware ThinApp Security Features of ThinApp ThinApp has the following security features: Group policy security- Because ThinApp has no kernel‐mode code, it cannot violate machine group policy applied to user accounts. ThinApp has no ability to give applications elevated permissions for devices on a machine, such as the file system, registry, networking devices, or printers. Runs in restricted user accounts - Because ThinApp requires no device drivers, it can run applications in guest user accounts without previous installations of the software. Allows applications requiring administrator rights to run without additional privileges - When you make global changes using a virtual application, the ThinApp sandbox provides a user‐ and application‐specific location to make those changes. The host system is not affected. This feature enables applications to run in secure, restricted environments like Terminal Server and Windows Vista. Streaming Applications with ThinApp ThinApp provides streaming capability without requiring a new server or client. ThinApp uses the standard SMB protocol to stream applications over a LAN, so any Windows file share can instantly become a streaming server. ThinApp embedded client technology enables you to click on executable files from network shares after which the client is loaded directly into memory. ThinAppsupports the following streaming features: Windows Client Server can be any SMB share Block‐by‐block streaming Instant start for packages over 8GB in size Streams from any source media, including network shares and ISCSI, hard drives, USB Flash, and CD‐ROM Sandbox The sandbox holds runtime modifications that applications make as they are running. The executable that you build never changes, so it can be placed in a shared folder with read‐only access. The sandbox has the following features: Provides per‐user and per‐application storage of application modifications. Provides protection for the host machine since the virtual application is self‐contained. Enables applications to run on Terminal Server if they are not already able to do so. Enables most applications to run on Vista if they are not already able to do so. Enables IT to maintain locked‐down desktops. Reverts to a known application state when you delete the sandbox. 12 VMware, Inc.