Distributed Deployment
Last updated
Was this helpful?
Last updated
Was this helpful?
A distributed deployment architecture in Thinfinity® Workspace offers a scalable and secure solution by strategically distributing key components across different network segments. This approach enhances performance, security, and resource optimization by separating roles such as Gateway management, session brokering, and virtualization processes.
This deployment model offloads the brokering and virtualization processes into a separate server, creating an architecture that improves resource efficiency and security.
Remote and local users connect via the Gateway using HTTPS (Port 443).
The Gateway forwards the authentication requests of the users to the Primary Broker to manage them.
The Primary Broker handles session management and virtualization requests. It delivers applications and desktops to end-users over a secure SSL-encrypted protocol.
Enhanced Security: Isolation of the Gateway in the DMZ minimizes exposure of internal resources.
Improved Performance: Better response time by offloading session and virtualization processes to a dedicated broker server.
Scalability: Scale easily by adding more brokers or gateways as needed.
Simplified Maintenance: Separation of components makes updates and troubleshooting easier.
This is a fundamental use case applicable to most scenarios. It involves deploying the gateway and the broker on separate devices, reducing the workload on a single machine compared to the Single Machine Deployment model. In this setup:
The Gateway manages network access points.
The Broker handles authentication and maintains direct connections to end resources.
Example applications for the RDP protocol include:
Access on-premises Windows desktops from any device without a VPN.
Grant remote contractors access to isolated environments with restricted permissions.
Manage servers via remote desktop without exposing RDP ports to the internet.
Allow users to access their personal or corporate desktops from any location securely.
Run GPU-intensive applications remotely by connecting to high-performance desktops.
Deliver specific business applications running on premises without exposing the full desktop environment.
Allow legacy Windows applications to be used remotely via a browser.