SoftGrid FAQ

Technical confirmation, responses, and answers based on the Frequently Asked Questions in the field.

Softrid External: Can applications be deployed outside the corporate network

Softrid External: Can applications be deployed outside the corporate network

  • Comments 2
  • Likes

The simple answer is Yes; as long as the end point machines have the SoftGrid client installed.

The longer answer is that this opens a minefield of questions; fortunately, we have the answers. Here are some common questions:-

  • Can we establish a level of trust with unknown machines?
  • Can we differentiate between a corporate laptop, customer site, home machine, or kiosk? 
  • Can we restrict access to our domain only, or a customer domain?
  • Can we allow for access to a specific subset of SoftGrid applications based on user and location? 
  • How can we stop application layer attacks, buffer overflows, worms?
  • Do we need two factor authentication in order to securely log a user in, are there alternatives?
  • Are users leaving important data/documents behind in the browser cache, temp file directory, or other locations on the hard drive on non-corporate assets?

SoftGrid requires some assistance to answer these questions, the Intelligent Application Gateway (IAG) http://www.microsoft.com/forefront/edgesecurity/iag/default.mspx

IAG’s killer features for SoftGrid are the End Point Engine and Application Layer Firewalling/Intelligence.  Combine these and you can do pre-authentication security screening, determine level of trust, provision access to SoftGrid resources allowing only predefined valid calls, and delete user footprints post session.  And all this is done over SSL.

Using IAG also gives you the ability to answer some more fundamental questions:-

  • If the machine is a Kiosk should we just give the user a Terminal Services session instead?
  • If the machine is not a corporate machine, but is on our network, should we use SoftGrid?
  • If the machine is at a partner
  • If the machine is mobile (3G connection, high latency) should we stop SoftGrid updates to the cache?
  • If the machine is a corporate laptop at home should we give them full access to the network?

Once you know how you're going to provide the corporate services to any end point, IAG and SoftGrid can provide the technological solution.

Comments
  • Have fun with this one - setup Hamachi on 2 machines - one for the SGVAS and one for the SG Client.  You can use the Hamachi IP as the SG Host name in the SG Client.  VPN goodness for SG.

  • Do you have any information about the IAG setup, as softgrid is not at default application in IAG ?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment