Friday Feb 21, 2014

Friday Spotlight: Amitego's Tools Updated for latest Oracle Secure Global Desktop

Happy Friday, everyone!

Our spotlight this week is on a fantastic tool, VISULOX Helpdesk from Amitego. If you’re a user of Oracle Secure Global Desktop, you have probably heard of Amitego. They provide tools that extend the feature set of Oracle Secure Global Desktop.

Whereas Oracle Secure Global Desktop is primarily designed for secure remote access to applications and desktops for a single user, Amitego provides extra, complementary tools to control and manage secure access for multiple users to the same session. This is really useful in situations such as where a manager needs to approve a transaction, or if two people with trusted information are needed to complete a task, or, perhaps the most common scenario, providing helpdesk services.

Their new tool, VISULOX Helpdesk, is based on the new VISULOX 3 framework and helps solve this last problem. It allows controlled assisting of a user by another user, without opening up the security risks associated with doing this on your desktop PC. You can do things like assign a group of users that a supervisor can assist with, and then the users can request help from the supervisor, and that supervisor can view their session in tandem. And the user still has control, too -- they can even switch off the cooperation view temporarily to enter a password, for example. And, of course, all of the clients and applications supported by Oracle Secure Global Desktop are supported by VISULOX Helpdesk, so you can even use your tablet device to remotely view and participate in a session.

If you need to do any sort of tandem work or helpdesk services and you’re using or looking at using Oracle Secure Global Desktop, you should go have a look at Amitego and read about their various offerings. Their tools have recently been updated to work with the latest Oracle Secure Global Desktop 5.1.

Have a great week!
-Chris

Tuesday Feb 19, 2013

Oracle Solaris Remote Lab Uses Oracle Secure Global Desktop!

Oracle Solaris Remote Lab (part of Oracle's Exastack Remote Labs) provides independent software vendors access to Oracle Solaris 11 11/11  environments (SPARC and x86) for validating their applications. The lab provides a simple and straight forward cloud interface for configuring an application test environment. It extensively leverages Oracle technologies, meets Oracle's stringent security requirements and is available to Oracle Partner Network members at the gold level and above. The Oracle Solaris Remote Lab leverages Oracle Secure Global Desktop to address many requirements. 
  • Oracle Secure Global Desktop (coupled with Oracle Secure Global Desktop's Secure Gateway) provides access to Solaris desktops and terminal sessions from a variety of client devices and from anywhere in the world, allowing excellent performance even over high-latency WAN links.
  • Oracle Secure Global Desktop (using the Client Drive Mapping or CDM feature) provides the ability to transfer files from user's local computers to the secure storage assigned to them within the Oracle Solaris Remote Lab
  • Oracle Secure Global Desktop is used to secure each independent software vendor's data and desktop access. The lab implements a separate Oracle Secure Global Desktop server per partner which is isolated on a separate VLAN, allowing for a multi-tenant setup.
  • Oracle Secure Global Desktop's web services API allows for seamless integration of functionality within Oracle Solaris Remote Labs' portal, resulting in a coherent user experience for independent software vendors.
  • Oracle Secure Global Desktop's Secure Gateway allows independent software vendors access to their resources using only a single point of entry into the network.The role of this gateway is to direct each user's network traffic to the correct VLAN and, thus, to the correct VMs.

Tuesday Feb 05, 2013

Airbus Deploys Oracle Secure Global Desktop

Airbus, a world leader in the civil air transport market, employs approximately 52,000 people at sixteen sites in France, Germany, the United Kingdom, and Spain. The company relies on partnerships with major companies around the world and has a network of 1,500 suppliers in 30 countries.

Airbus uses Oracle Secure Global Desktop to provide a dispersed workforce of aircraft designers, structural engineers, and other essential, ground-based staff with secure, real-time access to test results during flight trials. Technical teams no longer need to travel to the company’s center in Toulouse, and experts have the ability to start to evaluate results immediately. Using Oracle Secure Global Desktop has helped Airbus accelerate compliance with global aviation regulations, complete tests required by potential customers more quickly, and reduce time to market for new aircraft.

"Oracle Secure Global Desktop enables us to deliver real-time flight test data direct from the cockpit to any number of designers, engineers, component manufacturers, and other authorized users, regardless of location or client device." – Ghislain Banville, IT Architect, Flight Test Data Equipment, Airbus 

Read more details.

Thursday May 17, 2012

New Smart Card Features for Oracle Desktop Virtualization

Sun Ray Software 5.3 and Oracle Virtual Desktop Infrastructure 3.4 now include a completely new and improved smart card software stack for Sun Ray 3 Series Clients and clients installed with Oracle Virtual Desktop Client 3.1. The new smart card software stack allows end users to quickly and easily login to their virtual desktops and applications, and offers users an even more secure virtual desktop environment by providing the capability of using two-factor authentication - what you have (your smart card) and what you know (your PIN). Some partner products can also add biometric authentication in conjunction with PIN authentication, thus providing three-factor authentication, making Sun Ray Clients one of the most secure virtual desktop thin client solutions in the industry.

The new smart card software stack allows administrators to easily deploy smart card solutions with Sun Ray 3 Series thin clients or Oracle Virtual Desktop Client on PC, Mac or Linux desktops in their environment.

The Sun Ray Software and Oracle Virtual Desktop Infrastructure smart card software stack is one of the most versatile solutions, providing enhanced compatibility with more smart cards, and smart card middleware partner products, than ever before. By allowing applications to utilize the full addressing space and data storage capabilities of cards and middleware that use the extended APDU format, and by enhancing compatibility with PC/SC on Microsoft Windows, Oracle provides the fastest and most compatible performing smart card-based solutions for virtual desktops. In laboratory testing, smart card data transfer speeds up to 24 times faster than previous releases have been measured on Sun Ray 3 Series Clients, which means that operations such as PIN login and PKI are faster, and the user gets authenticated access to their desktop much more quickly.

With the use of a smart card, users can automatically launch their sessions without the need to enter their login credentials multiple times, saving time and increasing productivity. This enhanced smart card solution is extremely cost-effective and easy to implement, and is critical for environments where security and speed are a must - including healthcare, kiosks, and Point of Sale terminals.

Feature Benefit
Fast auto-launch of sessions - with or without a PIN Increases end-user productivity
Automatic identification of both user and card Provides instant identification and security
User authentication with password, PIN and/or Biometrics Provides additional security using multi-factor authentication
Manage smart cards at multiple levels - local user, sessions/domain  Gives administrators flexibility to choose a configuration that best suits their needs

(This blog posted on behalf of Oracle's Michael Bender) 

Tuesday May 08, 2012

Oracle Desktop Virtualization Security Solution at DISA Mission Partner Conference 2012

Oracle desktop virtualization is showcased with the Oracle Cross Domain Security Solution and Oracle Systems at the DISA (Defense Information Systems Agency) Mission Partner Conference 2012.  This annual DISA conference brings together decision-makers and subject-matter experts from the military services, combatant commands, industry, and academia to share information and ideas that are of mutual interest and are critical to helping the U.S. Department of Defense achieve mission success.  The conference also features a list of stellar speakers including Oracle President Mark Hurd as the featured speaker on Wednesday May 8, 2012.

Oracle Sun Ray Clients and Oracle Solaris with Trusted Extensions are key elements of the accredited Cross Domain Security Solution used by the U.S. Federal Government.  The Oracle Solution for Single Level Security adds the Oracle Virtual Desktop Infrastructure software for the secure access and provisioning of Windows 7 Virtual Desktops.

This years DISA Conference theme is “The Joint Enterprise: Delivered Through Partnership.”  As described by Lt. General Ronnie Hawkins: "DISA realizes that delivering an enterprise that improves security, enhances effectiveness, achieves efficiency, enables innovation, and reduces the warfighter’s burden can be achieved by working with our mission partners".

Oracle Sun Ray Clients are featured at the Oracle Booth for the DISA 2012 Mission Assurance Conference. Solaris Trusted Extensions provide the cross domain multi-level security solution shown to the left with green and red window labeling indicating the security level.

Integrated labeling enforce secure access across security domains and applications including access to Windows desktops hosted on Oracle Virtual Desktop Infrastructure.  The Oracle Cross Domain Security Solution supports the Federal Government Common Access Card and SIPR Token Cards.

Lt. General Ronnie Hawkins stops by the Oracle Booth to discuss the Oracle Cross Domain Security Solution with Oracle sales consultants at the DISA Mission Partner Conference 2012.

Wednesday Jan 26, 2011

Secure Deployment of Oracle VM Server for SPARC

Oracle VM Server for SPARC is the server virtualization solution for SPARC T-Series server. A typical Oracle VM Server for SPARC installation based on best practices is already well secured against unauthorized use. In many cases this level of security turns out to be sufficient. Nevertheless, there is an attack surface that remains. There are risks, how unlikely they might be. Thus many customers want to learn more to secure their virtualization environment.

We just published a technical white paper: Secure Deployment of Oracle VM Server for SPARC written by Stefan Hinker, an Oracle solution architect.

This paper helps you understand the general security concerns in virtualized environments as well as the specific additional threats that arise out of them. It discusses these threats, their relation to Oracle VM Server for SPARC and how to mitigate the risk with a set of appropriate counter measures. Based on these, some general recommendations for secure deployments - both for Oracle VM Server for SPARC and for virtualized systems in general - are given, using a generalized model of security classes as an example.

For more information about Oracle VM Server for SPARC:
Visit oracle.com/virtualization to learn more about Oracle's virtualization solutions.

Wednesday Dec 22, 2010

Leaks on Wikis: "Corporations...You're Next!" Oracle Desktop Virtualization Can Help.

Between all the press coverage on the unauthorized release of 251,287 diplomatic documents and on previous extensive releases of classified documents on the events in Iraq and Afghanistan, one could be forgiven for thinking massive leaks are really an issue for governments, but it is not: It is an issue for corporations as well.

In fact, corporations are apparently set to be the next big target for things like Wikileaks. Just the threat of such a release against one corporation recently caused the price of their stock to drop 3% after the leak organization claimed to have 5GB of information from inside the company, with the implication that it might be damaging or embarrassing information.

At the moment of this blog anyway, we don't know yet if that is true or how they got the information but how did the diplomatic cable leak happen?

For the diplomatic cables, according to press reports, a private in the military, with some appropriate level of security clearance (that is, he apparently had the correct level of security clearance to be accessing the information...he reportedly didn't "hack" his way through anything to get to the documents which might have raised some red flags...), is accused of accessing the material and copying it onto a writeable CD labeled "Lady Gaga" and walking out the door with it. Upload and... Done.

In the same article, the accused is quoted as saying "Information should be free. It belongs in the public domain."

Now think about all the confidential information in your company or non-profit... from credit card information, to phone records, to customer or donor lists, to corporate strategy documents, product cost information, etc, etc.... And then think about that last quote above from what was a very junior level person in the organization...still feeling comfortable with your ability to control all your information?

So what can you do to guard against these types of breaches where there is no outsider (or even insider) intrusion to detect per se, but rather someone with malicious intent is physically walking out the door with data that they are otherwise allowed to access in their daily work?

A major first step it to make it physically, logistically much harder to walk away with the information. If the user with malicious intent has no way to copy to removable or moble media (USB sticks, thumb drives, CDs, DVDs, memory cards, or even laptop disk drives) then, as a practical matter it is much more difficult to physically move the information outside the firewall. But how can you control access tightly and reliably and still keep your hundreds or even thousands of users productive in their daily job?

Oracle Desktop Virtualization products can help.

Oracle's comprehensive suite of desktop virtualization and access products allow your applications and, most importantly, the related data, to stay in the (highly secured) data center while still allowing secure access from just about anywhere your users need to be to be productive. 

Users can securely access all the data they need to do their job, whether from work, from home, or on the road and in the field, but fully configurable policies set up centrally by privileged administrators allow you to control whether, for instance, they are allowed to print documents or use USB devices or other removable media.  Centrally set policies can also control not only whether they can download to removable devices, but also whether they can upload information (see StuxNet for why that is important...)

In fact, by using Sun Ray Client desktop hardware, which does not contain any disk drives, or removable media drives, even theft of the desktop device itself would not make you vulnerable to data loss, unlike a laptop that can be stolen with hundreds of gigabytes of information on its disk drive.  And for extreme security situations, Sun Ray Clients even come standard with the ability to use fibre optic ethernet networking to each client to prevent the possibility of unauthorized monitoring of network traffic.

But even without Sun Ray Client hardware, users can leverage Oracle's Secure Global Desktop software or the Oracle Virtual Desktop Client to securely access server-resident applications, desktop sessions, or full desktop virtual machines without persisting any application data on the desktop or laptop being used to access the information.  And, again, even in this context, the Oracle products allow you to control what gets uploaded, downloaded, or printed for example.

Another benefit of Oracle's Desktop Virtualization and access products is the ability to rapidly and easily shut off user access centrally through administrative polices if, for example, an employee changes roles or leaves the company and should no longer have access to the information.

Oracle's Desktop Virtualization suite of products can help reduce operating expense and increase user productivity, and those are good reasons alone to consider their use.  But the dynamics of today's world dictate that security is one of the top reasons for implementing a virtual desktop architecture in enterprises.

For more information on these products, view the webpages on www.oracle.com and the Oracle Technology Network website.


About

Get the latest scoop on products, strategy, events, news, and more, from Oracle's virtualization experts

Twitter

Facebook

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
5
6
7
8
9
10
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today