New ThinOX4PC and ThinMan: how they enable Smart Working with virtual desktops

2020-03-23T15:12:11+01:00March 20th, 2020|

Mobility, security, flexibility, ease of implementation and serviceability are all very important features when businesses look for solutions for their remote workforce and for supporting new work paradigms such as Roaming Workplace Nomad Work and Smart Working. VDI solutions coupled with solutions from Praim allow organizations to meet these challenges effectively, from end-to-end.

Praim’s ThinOX4PC solution allows turning any device into a streamlined, secure, and easily controlled thin client that can be managed in a single-pane-of-glass. Recently, Praim has brought about some great new functionality in ThinOX4PC and ThinMan Server that helps reduce much of the complexity of managing your remote workforce end-to-end.

Praim Empowers Smart Working and Simplifies Configuration

Praim is empowering the smart workforce by providing the flexibility and tools needed to simplify the configuration, management, and monitoring of remote thin clients. This includes a newly redesigned communication protocol for connecting ThinMan Server to remote endpoints. In addition, it also includes a new simplified approach for remote end-users to connect to various networks, including wireless networks and any domestic networks, to establish connectivity.

Let’s take a closer look at both aspects of Praim solutions moving forward.

Praim Web Socket Secure Protocol

Network connectivity and communication has historically been a challenging aspect of remote connectivity. On the one side the remote workforce must have the network connectivity required to reach the corporate service and to allow effective management, monitoring, and to ensure security. On the other side administrators are asked to guarantee security while providing users enough flexibility when moving or connecting from home. They cannot know each single environment from which the users will connect, thus they must provide users with easy tools and guidelines to ensure their operability. Having the right solution that helps to alleviate this challenge is the key to successfully empowering your remote workforce.

Praim introduced a new communication protocol that greatly simplifies the communication of Praim thin client solutions with ThinMan Server. New Praim products including ThinOX, Agile4PC, Agile4Pi, and ThinOX4PCcommunicate with ThinMan using a new protocol called Web Socket Secure, gaining freedom and configuration ease while preserving security.

New Praim ThinMan Server supports the new Web Sockets Secure protocol used in ThinOX4PC

The new protocol provides many new capabilities for communication between Praim endpoints and ThinMan Server. These new capabilities include:

  • Always-active connections to ThinMan
  • Greater status visibility
  • Flexibility of certificate choice
  • Less complex network configuration

Let’s see how each new capability is made possible by the Web Socket Secure protocol implemented with the new protocol.

Always-Active Connections to ThinMan and Greater Status Visibility

Using the new protocol, devices will maintain an always-active connection to ThinMan through the websocket channel of communication thus allowing much greater visibility into the status of the thin clients and their events.

Thanks to the capability of monitoring active, reachable clients, admins will be able to detect any issues with stability or connection failures to the thin client device.

Flexibility of Certificate Choice

Encryption over the web sockets layer is made possible using SSL certificates. Praim’s implementation of the secure web sockets communication from thin clients to the ThinMan Server allows using easily attainable SSL certificates from Let’s Encrypt as well as certificates that are originated from business’s own PKI infrastructure. This provides tremendous flexibility in choosing the certificates used for encrypting communication between thin clients and ThinMan.

Less Complex Network Configuration

Using ThinMan to manage thin clients for remote workers means communication from the end user thin clients back to the ThinMan Server. In previous Praim releases, communication from the likes of ThinOX4PC and Agile4PC meant ingress communication from ThinMan directly to the thin client devices.

Most business networks and remote sites are generally using Network Address Translation (NAT) which means end user devices are running on an internal, private IP address space. This requires configuring firewalls and other network devices in between to allow traffic from ThinMan Server to the thin client devices, resulting in many complex firewall rules, port forwarding, and other network configurations such as requiring the definition and use of VPN on the clients. This can result in significant management overhead if dealing with multiple remote sites and/or networks, especially whether aiming at a potential total mobility like working from home or anywhere else (a café, an airport, etc…).

With the new architecture of how Praim ThinOX4PC, Agile4PC, Smart Identity and others connects back to ThinMan Server, only outbound TCP port 443 is required. This port is generally open on any network for generic Internet connectivity. Of course, the port number can be changed for special administration requirements.

This means the Praim ThinOX4PC with Agile4PC solution can be deployed to allow remote workers to literally work from anywhere. The only connectivity needed is an Internet connection and the ThinMan Server IP to be available for connection on the Internet. It empowers your remote workforce to embrace the flexibility of cloud in being able to work from anywhere securely and have the support needed from IT staff.

There are in fact many very interesting use cases the new solution will open for your business, including the following:

  • Teleworking – your remote workforce are empowered to work from anywhere as long as they have a connection to the Internet and can connect to the ThinMan Server using port 443 outbound.
  • Service provider – If your business is a service provider, you will be able to manage multiple groups of client systems all from a single-pane-of-glass interface.
  • Easier management of mobile devices – Devices such as laptops are generally moving between many different networks and physical locations. The new communication protocol empowers this mobility without the network configuration complexity, with no pain for IT admins and end-users.
  • Greatly simplified remote access – remote access and communicating with internal services on your corporate network is traditionally accomplished with a VPN connection. Using the new secure communication protocol with Praim ThinOX4PC and Agile4PC, communication with your internal corporate network is made easy with the secure, encrypted always-active tunnel with your ThinMan Server.

Easy WiFi Configuration for End Users

What about configuring the end user thin client with the network connectivity needed, including wireless networks, so connectivity can be established to ThinMan Server? The new release of Praim ThinOX4PC coupled with ThinMan Server allows the end user to access an easy-to-use WiFi Configurator that provides the ability to choose the WiFi network for connectivity to the Internet and by extension, ThinMan Server located in the cloud.

This provides the flexibility for the remote worker to connect to a home WiFi connection, a public WiFi location, or other wireless network for connectivity back to the ThinMan Server.  IT admins have granular control over the WiFi configurator as it can be restricted to specific users or device profiles that are able or qualified to connect to custom wireless networks. Users can be empowered with the same control of admins (Advanced Settings) or limited to a simplified configurator ensuring a natural user experience (default).

Of course, first, you must ensure that the wireless interfaced on your client is enabled for being used.

Managing networks and the wireless settings as IT admin in ThinOX4PC

Then, enabling the WiFi configurator is easily done in the ThinOX4PC configuration settings.

Enabling WiFi settings to enable end-users to the simplified WiFi configurator

The wireless settings are accessible from the settings or from the icon on the bottom-right corner of the bar.

Access the Wireless network configurator

With the “Scan” utility, you can scan for available wireless networks to make a connection to the Internet.

Using the new wireless configurator, end users with their Praim ThinOX4PC-enabled thin clients have access to and can connect to commodity wireless Internet connections, whether at home or using public WiFi.  Just select the chosen network and “Connect” to set the authentication parameters.

Connect to the selected Wireless network by setting the required user credentials

Configured connections are marked with a green light. Configurations can be modified or removed with the “Edit” and “Forget” utilities, respectively. While connected to a wireless network, the active connection is highlighted.

Available, active and configured wireless networks

Wrapping Up

Praim helps to take your business into the cloud age of allowing workers to have access to business resources from anywhere and allow IT staff to effectively and securely manage, monitor, and assist remote workers without challenging network configurations.

With the new secure Web Socket connectivity protocol built into forthcoming Praim products as well as the new WiFi configurator for ThinOX4PC, Praim is providing the tools baked into the platform to allow seamless connectivity. The only thing the end point needs is connectivity to the Internet on TCP port 443. This also allows tremendous flexibility in where the ThinMan Server is located and makes cloud data centers a great option for thin client infrastructure. With this combination of solutions, ThinMan and ThinOX4PC, any device is turned into a thin client and any location is a perfect working place to connect to their own corporate virtual desktop for smart and nomad workers.