Security and Monitoring
Parallels® Remote Application Server (RAS) offers a wide range of features and tools to help organizations monitor and secure applications and data within on-premises, hybrid, and public cloud deployments. Security and monitoring are particularly important when deploying an application and desktop delivery solution in government, finance, and health sector environments, where data protection is an essential—and often regulated—requirement.
By delivering server-based desktops and applications from a central location, IT can easily back up endpoints, deploy and maintain security, and meet compliance regulations. Parallels RAS adds to the security advantages of centrally managed published resources with extra layers of protection. It helps organizations protect their assets with strict system hardening and a lockdown of data access.
A second-level authentication is enabled in Parallels RAS to provide a high level of protection with different types of security tokens for multifactor authentication. Users are required to authenticate through two successive stages to access the virtual workspace. The second level of authentication can be provided by Azure MFA, Duo, FortiAuthenticator, TekRADIUS, RADIUS, DeepNet, or a SafeNet server.
Smart Card Authentication
Parallels RAS provides an easy-to-use smart card authentication on a server-client connection, allowing organizations to authenticate users access by smart card on published applications and desktops.
The Parallels RAS Client Manager module allows administrators to convert Windows devices running Windows 7, 8, 8.1, and 10 into a secure Kiosk-like mode without replacing the operating system. The Kiosk Mode option limits users from changing system settings or installing new applications, providing the administrator with a higher level of control over connected devices.
Parallels RAS Secure Client Gateway encrypts with SSL or FIPS 140-2 protocol the users' connections to the farm, helping organizations adhere to data compliance policies such as PCI DSS, HIPAA, and GDPR.
Granular filtering rules can be created to restrict users' access to the farm, adding another layer of data protection. IT staff can define several filtering rules to decide who can access a published resource based on user, IP address, MAC address, and gateway.
Parallels RAS supports data segregation in a multi-tenancy environment by allowing the creation of an unlimited number of independent sites inside the same farm. No applications, desktops, and data can be shared between sites, ensuring data protection. Multiple sites can be managed from the same instance of the Parallels RAS Console, streamlining the management of a multi-tenancy environment.
Organizations can avoid any unwanted data leakage from published applications by disabling paste and copy on the clipboard, reducing the risk that sensitive data such as credit card details or patient records can be stolen.
A client policy is a set of rules defined by the administrator to manage, control, and restrict the settings options available to users. The Parallels RAS Console provides IT administrators the ability to set the client policy from within.
Monitoring server, desktop, and application performance is critical to provide users with a seamless and productive UX. The Parallels RAS reporting engine transforms raw data into instant, visual, and intuitive reports, proving IT with an overview of their infrastructure at any time. Unlike other solutions, this feature is available with a standard license and does not entail any additional license cost.Read More
The Parallels RAS Reporting Engine relies on Microsoft SQL Express or full edition (SSRS), enabling real-time reporting about the farm activities. By extracting raw data from the SQL database, Parallels RAS Reporting Engine creates detailed reports about the server usage, what devices are used, what applications are accessed, and more. By scanning these reports, organizations can enhance the performance of Parallels RAS and Windows server components.
The Parallels RAS Reporting Engine provides IT with insight about users, Active Directory (AD) groups, devices, servers, and applications activities.
Receive real-time information about the users connected to the Parallels RAS installation, the sessions activity, the devices connected, and the client OSes used. With this information, IT administrators can adjust the servers and devices availability to match the traffic requirements on the farm.
Users' activity can be also monitored at AD group level, providing insight into the group dynamics. By checking the group activity, IT admins can adjust the settings of the Parallels RAS installation to meet the different groups' requirements.
The devices report provides IT administrators with information on all the devices used on the Parallels RAS installation. IT administrators can plan for future expansion or development based on this report—for example, purchase the most commonly used device for future expansion.
Servers activity running on RD Session Host and VDI are monitored in this group of reports. Organizations can discover and remove bottlenecks by evaluating server sessions activity and reallocating the hardware resources.
Published applications usage on the Parallels RAS installation is monitored in this group of reports. IT administrators can track which applications are most commonly used, forecast the license consummation, or remove unused applications to save up hardware resources.