Remote Desktop Services and Virtual Apps – A Primer

If your organization is looking to support remote workers or off-network employees, you might have arrived at two potential options: Remote Desktop Services (RDS) and virtual apps.

Remote Desktop Services is an established Microsoft technology that has existed since the late 1990s, back when it was known as Terminal Services. RDS is a thin-client architecture, which, in a nutshell, means that the end user’s computer functions as an input device and the actual computing session is hosted by a network server to which that computer is connected. At the risk of oversimplification, you can think of it like a monitor and keyboard attached to a PC located miles and miles away.

The great thing about RDS is that all the heavy lifting is done by the server. Because the remote client is more or less an interactive window onto that server-hosted computing session, it doesn’t have to be an expensive, cutting-edge powerhouse. Lower-spec’d machines can save IT departments a lot of money on procurement. Plus, they minimize some of the financial toll of user-caused damage.

Remote Desktop Services also gives organizations more curation and control over the computing session itself, as nothing is stored on the user’s computer. That allows for more consistency and ease of configuration. And, finally, RDS can deliver a Windows desktop environment to any machine that supports the Remote Desktop Protocol (RDP), including iOS and Android mobile devices. In this day and age, when device agnosticism is more important than ever, that can be a huge advantage.

What are the downsides to Remote Desktop Services?

Organizations typically encounter two important hurdles when it comes to Remote Desktop Services 

  • Security: As RDS relies on RDP, that protocol has to be exposed to the Internet (via ports 3389, 3387 and 3392) whenever remote users need access—which is 24-7 in most cases. This leaves servers with RDP enabled vulnerable to brute-force attacks. Malicious actors will make repeated RDS login attempts using passwords that are weak or based on known dictionary values.
  • Complexity: Remote Desktop Services require infrastructure and administration. That involves tasks like setting up RD gateway servers, creating special RD roles, fine-tuning the deployment types and properties, and then configuring the provisioning for each user who needs to be supported with RDS. And, of course, all of these will need to be monitored and updated on an ongoing basis.

Faced with these considerations, many organizations pause and ask themselves if every remote user really needs a complete desktop environment as part of their digital workspace.

That’s where application virtualization comes in. Virtual apps offer a more streamlined supplement or alternative to the traditional RDS implementation, enabling organizations to provide their remote users with Windows applications that don’t necessarily require a Windows desktop too.

Cameyo simplifies and secures remote productivity

Cameyo is ideal for organizations that want to strike this balance and provide their off-network workforce with a more tailored digital workspace experience, with some users supported by remote desktop applications while others are able to access full Remote Desktop Services. This is because our Virtual App Delivery (VAD) platform is built on the robust, proven functionality of RDS, yet it eliminates the sticking points of security and complexity in two important ways.

To begin with, Cameyo’s Virtual App Delivery includes our proprietary Port Shield technology. Instead of keeping a known list of RDP-specific ports open all the time, Cameyo Port Shield opens and closes them dynamically to establish SSL-encrypted connections between clients and the server. It performs this whitelisting and blocking of RDP traffic at the Windows firewall level and in real time based on authenticated users. This minimizes the attack surface without resorting to VPNs or asking users or admins to jump through additional hoops.

Similarly, Cameyo’s ease of use makes provisioning and productivity much more straightforward. On the backend, admins can quickly restrict or allow access to individual Windows applications on a per-group or per-user basis. And users don’t need to fire up an entire RDS session to use that remote desktop application. With Cameyo, they can simply click on a link that enables them to start working with their standard Windows application in a browser window—no matter where they are or what device they’re on. 

Right-sizing your digital workspace

At one time, Remote Desktop Services was the go-to method to get Windows applications in the hands of off-network users. The advent and maturity of application virtualization has changed that. Cameyo makes it possible for organizations to equip their remote users with the apps they need—including legacy Windows software—without also having to provision a full Remote Desktop Services session and all that entails. 

Best of all, it doesn’t take weeks to see if Cameyo’s Virtual App Delivery platform will round out your RDS implementation and help you create secure, user-optimized digital workspaces. Sign up for your free trial of Cameyo today and you can be publishing Windows applications to your remote workers within a matter of minutes.