El contenido no se encuentra disponible en el idioma seleccionado. Estamos trabajando continuamente para agregar más idiomas. Gracias por su apoyo.

Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive
Help Center/ Workspace/ Service Overview/ Related Concepts

Related Concepts

Updated on 2024-03-19 GMT+08:00

Desktop

A desktop is a virtual computer system that is installed with desktop agent software and can interact with desktop management components. Workspace hosts and manages all desktops in the data center in a unified manner. End users can log in to a desktop using soft clients (SCs), mobile terminals, and thin clients (TCs) to obtain PC-like desktop experience.

You can purchase a dedicated desktop for each end user so that they can exclusively use their own desktops.

Desktop Pool

A desktop pool is a collection of image desktops of the same specifications. It provides administrators with unified management and O&M capabilities for the next batch of desktops in a project. Desktop pools are classified into dynamic pools and static pools.

  • A dynamic pool is a desktop group of the M:N pool type. The binding relationship between a VM in the desktop pool and a VM user is not fixed. Each time a VM user logs in to the desktop pool through the client, Workspace randomly assigns an available VM to the user.
  • A static pool is a desktop group of the 1:1 pool type. Originally, the binding relationship between VMs in the desktop pool and VM users is not fixed. However, the binding relationship between a VM and a VM user is fixed after the VM user logs in to the VM for the first time. After that, the VM user will be assigned the same VM each time the user logs in to the desktop pool, and the VM will not be assigned to other users.

User

Users are classified into end users and administrators based on their permissions. An end user is a user who uses the desktop and has the permission for logging in to and using the desktop. An administrator is a tenant, that is, a user who assigns desktops to users who use desktops. The administrator has the permissions for purchasing desktops, deleting desktops, configuring policies, and managing users.

User Group

A user group is a collection of users. By assigning users to different groups, you can easily manage and control resource access. A user group can also have its own permissions and settings to control the behavior of its users.

Policy

Policies are classified into protocol policies and access policies.

A protocol policy is a set of security rules configured for desktops, including USB redirection, file redirection read/write permission, clipboard read/write permission, watermark, client automatic reconnection interval, and image display. A policy is used to control data transmission between user terminals and desktops and peripheral access permission.

An access policy is a group of rules configured for determining whether desktops are accessed from an Internet access address or Direct Connect access address.

Priority

The priority is the basis for Workspace to determine the execution sequence or weight of desktop policies. The priority is represented by a positive integer. A smaller value indicates a higher priority.

Software Client

A software client (SC) is a Workspace client installed on a local PC so that users can access desktops from the PC.

Thin Client

A thin client (TC) is a small-sized commercial PC that is designed based on the PC industry standard. It uses a professional embedded processor, small local flash memory, and simplified OS for desktop access. The TC sends the inputs of the mouse and keyboard to the background server for processing. Then the server returns the processing result to the monitor connected to the TC for display. The performance, peripheral interfaces, and operation GUIs of TCs vary depending on models, meeting requirements for common OA, security-sensitive OA, and high-performance graphics design.

Mobile Terminal

A mobile terminal is a Workspace client installed on a mobile device so that users can access the desktop through the mobile device. The mobile device is called a mobile terminal. Currently, only Android smart devices are supported.

AD Management Server

The Active Directory (AD) management server is the infrastructure component where the AD service is deployed. It provides a series of directory service functions that allow users to manage and access network resources in a unified manner. Workspace can connect to your own AD server to implement authentication and authorization of Workspace.

Region and AZ

A region and availability zone (AZ) identify the location of a data center. You can purchase desktops in a specific region or AZ.

Regions are determined based on geographical location and network latency. Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP, and Image Management Service (IMS), are shared within the same cloud region. Regions are classified as universal regions and dedicated regions. A universal region provides universal cloud services for common tenants. A dedicated region provides only services of the same type or provides services only for specific tenants.

An AZ contains one or more physical data centers. Each AZ has independent cooling, fire extinguishing, antimoisture, and electricity facilities. The computing, network, storage, and other resources in an AZ are logically divided into multiple clusters. AZs in a region are interconnected through high-speed optic fiber, so systems deployed across AZs can achieve higher availability.

Figure 1 shows the relationship between regions and AZs.

Figure 1 Regions and AZs

Huawei Cloud provides services in many regions around the world. Select a region and AZ as needed.

Project

Projects group and isolates resources (including compute, storage, and network resources) across physical regions. A default project is provided for each region, and subprojects can be created under each default project. Users can be granted permissions for accessing all resources in a specific project. If you need more refined access control, you can create subprojects under a default project and purchase resources in subprojects. Then you can assign required permissions for users to access only resources in specific subprojects.

Multi-factor Authentication

Multi-factor authentication (MFA) provides an additional layer of protection on top of the username and password. If you enable MFA, users need to enter the username and password as well as a verification code when logging in to a desktop.

Virtual MFA Device

A virtual MFA device generates 6-digit verification codes in compliance with the Time-based One-time Password Algorithm (TOTP). Virtual MFA devices used by Workspace are software-based applications that can run on mobile devices such as smartphones. Virtual MFA is one of the MFA modes.

Utilizamos cookies para mejorar nuestro sitio y tu experiencia. Al continuar navegando en nuestro sitio, tú aceptas nuestra política de cookies. Descubre más

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback