VMware THIN4-CL-C Getting Started Guide - Page 12

Security Features of ThinApp, Streaming Applications with ThinApp, Sandbox, Group policy security

Get VMware THIN4-CL-C - ThinApp Client - PC PDF manuals and user guides View all VMware THIN4-CL-C manuals
Add to My Manuals
Save this manual to your list of manuals

Page 12 highlights

Introduction to VMware ThinApp Security Features of ThinApp ThinApp has the following security features: „ Group policy security- Because ThinApp has no kernel‐mode code, it cannot violate machine group policy applied to user accounts. ThinApp has no ability to give applications elevated permissions for devices on a machine, such as the file system, registry, networking devices, or printers. „ Runs in restricted user accounts - Because ThinApp requires no device drivers, it can run applications in guest user accounts without previous installations of the software. „ Allows applications requiring administrator rights to run without additional privileges - When you make global changes using a virtual application, the ThinApp sandbox provides a user‐ and application‐specific location to make those changes. The host system is not affected. This feature enables applications to run in secure, restricted environments like Terminal Server and Windows Vista. Streaming Applications with ThinApp ThinApp provides streaming capability without requiring a new server or client. ThinApp uses the standard SMB protocol to stream applications over a LAN, so any Windows file share can instantly become a streaming server. ThinApp embedded client technology enables you to click on executable files from network shares after which the client is loaded directly into memory. ThinAppsupports the following streaming features: „ Windows Client „ Server can be any SMB share „ Block‐by‐block streaming „ Instant start for packages over 8GB in size „ Streams from any source media, including network shares and ISCSI, hard drives, USB Flash, and CD‐ROM Sandbox The sandbox holds runtime modifications that applications make as they are running. The executable that you build never changes, so it can be placed in a shared folder with read‐only access. The sandbox has the following features: „ Provides per‐user and per‐application storage of application modifications. „ Provides protection for the host machine since the virtual application is self‐contained. „ Enables applications to run on Terminal Server if they are not already able to do so. „ Enables most applications to run on Vista if they are not already able to do so. „ Enables IT to maintain locked‐down desktops. „ Reverts to a known application state when you delete the sandbox. 12 VMware, Inc.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
Introduction to VMware ThinApp
12
VMware, Inc.
Security Features of ThinApp
ThinApp has the following security features:
Group policy security
– Because ThinApp has no kernel
mode code, it cannot violate machine group
policy applied to user accounts.
ThinApp has no ability to give applications elevated permissions for devices on a machine, such as the
file system, registry, networking devices, or printers.
Runs in restricted user accounts
– Because ThinApp requires no device drivers, it can run applications in
guest user accounts without previous installations of the software.
Allows applications requiring administrator rights to run without additional privileges
– When you
make global changes using a virtual application, the ThinApp sandbox provides a user
and
application
specific location to make those changes. The host system is not affected. This feature enables
applications to run in secure, restricted environments like Terminal Server and Windows Vista.
Streaming Applications with ThinApp
ThinApp provides streaming capability without requiring a new server or client. ThinApp uses the standard
SMB protocol to stream applications over a LAN, so any Windows file share can instantly become a streaming
server. ThinApp embedded client technology enables you to click on executable files from network shares after
which the client is loaded directly into memory.
ThinAppsupports the following streaming features:
Windows Client
Server can be any SMB share
Block
by
block streaming
Instant start for packages over 8GB in size
Streams from any source media, including network shares and ISCSI, hard drives, USB Flash, and
CD
ROM
Sandbox
The sandbox holds runtime modifications that applications make as they are running. The executable that you
build never changes, so it can be placed in a shared folder with read
only access. The sandbox has the
following features:
Provides per
user and per
application storage of application modifications.
Provides protection for the host machine since the virtual application is self
contained.
Enables applications to run on Terminal Server if they are not already able to do so.
Enables most applications to run on Vista if they are not already able to do so.
Enables IT to maintain locked
down desktops.
Reverts to a known application state when you delete the sandbox.