Call Us: 0330 180 0000

Security-Focussed

Operating to ITIL best framework practices

Accredited to global ISO standards

24/7 service desk from our secure facilities

Secure Telephony as a Service (STaaS) was developed to allow compute, communication and collaboration capabilities, including applications such as WhatsApp and Wickr, to be utilised and operated remotely from highly secure zones where traditional workstations and/or mobile communications devices are not permitted.

Users access STaaS via a “Zero” client terminal. Zero clients are secure hardware devices that have no Operating System installed. Users connect a screen, keyboard, mouse and headset (optional) to the zero client as if it were a traditional PC. The zero client then utilises a highly secure network protocolcalled PC over IP (PCoIP), to connect over a network back to a virtual windows desktop hosted within the Prolinx Secure Data Centre facility.

The PCoIP protocol presents a full Windows desktop to the Zero client as such the user experience is that of being sat in front of a dedicated windows workstation.

No user data is passed over the connection only screen pixel updates, mouse movements and keyboard strokes. The hard disk storage areas for the virtual desk remain within the Prolinx data centre.

Benefits

  • No OS to patch, resulting in a very low attack surface
  • No data-at-rest stored on the device – all data retained within Prolinx Data Centre
  • Network connectivity option via Fibre for operation in sensitive locations
  • TEMPEST enclosure options for operation in sensitive locations
  • 2FA authentication options including USB token or smart card containing X509 user certificate
  • Supports user mobility with the virtual desktop being able to be accessed from multiple locations
  • Supports Android emulation and mobile phone integration giving access to Play Store applications and Text based services

Features

Network connectivity between Zero client and VDI desktop utilises the PCoIP protocol, with end-to-end AES-256 encryption enforced for all sessions. Client sessions are initially (2FA) authenticated by a dedicated VMware Unified Access Gateway (UAG) appliance acting as a proxy at the Prolinx Data Centre border. Once authenticated by the UAG, each client session is connected to the users dedicated VDI session by a connection broker. At this point and further Active Directory (AD) user authentication is performed before the user is either logged-on to a new desktop session or reconnected to their existing session such that they continue from where they left off. All components are sat behind firewall appliances and sit on dedicated network segments. The VDI desktop pool is fully managed by Prolinx, including patching, monitoring, security and core application.

Make An Enquiry

We use cookies on this site to improve user experience. By clicking “ACCEPT” or accessing our site you consent to the use of cookies unless you have disabled them.

Accept
Details