Updated on 2024-03-15 GMT+08:00

Introduction

About Workspace Application Streaming

Workspace Application Streaming is an application streaming transmission service hosted on Huawei Cloud. You can run desktop applications on cloud servers and securely transmit the applications to devices through streams. End users can access the applications from multiple devices anywhere, implementing on-demand, secure, and low-cost access.

Working Principles

The administrator purchases a cloud server on the cloud platform management console, logs in to the cloud server, deploys applications, and publishes applications on the console. End users can use these applications on local desktops or Workspace desktops of terminals for office work.

Basic Concepts

  • User

    Users are classified into end users and administrators based on their permissions. An end user is a user who has the permission to use an application. An administrator is a tenant who assigns applications to end users. An administrator has the permissions to publish and delete applications, configure policies, and manage users.

  • Policy group

    A policy group is a set of security rules configured for Workspace Application Streaming, including file redirection read/write permission, clipboard read/write permission, session automatic reconnection interval, and image display. Policies are used to control data transmission between user terminals and Workspace Application Streaming.

  • Priority

    The priority is a basis for determining an execution sequence or an action weight of a policy by Workspace Application Streaming. The priority is represented by a positive integer. A smaller value indicates a higher priority.

  • AD management server

    The Active Directory (AD) management server is the infrastructure component where the AD service is deployed. It provides a series of directory service functions that allow users to manage and access network resources in a unified manner. Workspace Application Streaming can interconnect with your own AD server for authentication and authorization.

  • Region and AZ

    A region and availability zone (AZ) identify the location of a data center. You can publish applications in a specific region or AZ.

    Regions are determined based on geographical location and network latency. Public service resources, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same cloud region. Regions are either universal or dedicated. A universal region provides universal cloud services for common domains while a dedicated region provides services of the same type only or for specific domains.

    An AZ contains one or more physical data centers. Each AZ has independent cooling, fire extinguishing, moisture-proof, and electricity facilities. An AZ's compute, networking, storage, and other resources are logically divided into multiple clusters. AZs within a region are interconnected by high-speed optical fibers for building cross-AZ high-availability systems.

    Figure 1 shows the relationship between regions and AZs.

    Figure 1 Relationship between regions and AZs
  • Project

    A project can group and physically isolate compute, storage, and networking resources. A default project is provided for each region, and subprojects can be created under each default project. Users can be granted permissions to access all resources in a specific project. If you need more refined access control, create subprojects under a default project and purchase resources in subprojects. Then you can assign users the permissions required to access only the resources in the specific subprojects.

  • Software client

    A software client (SC) is a Workspace Application Streaming client installed on a local PC, from which users can access Workspace Application Streaming.

  • Thin client

    A thin client (TC) is a small-sized commercial PC that is designed based on the PC industry standard. It uses a professional embedded processor, small local flash memory, and simplified OS for accessing Workspace Application Streaming. The TC sends the inputs of the mouse device and keyboard to the background server for processing. Then the server returns the processing result to the monitor connected to the TC for display. The performance, peripheral interfaces, and operation GUIs of TCs vary depending on models, meeting requirements for general office work, security-sensitive office work, and high-performance graphics design.

  • Emergency mode

    The emergency mode is an emergency channel provided by Workspace Application Streaming. It allows users to log in to Workspace Application Streaming even when third-party authentication is not enabled, and the Workspace Application Streaming authentication module and AD server are normal, but the authentication module cannot connect to the AD server.