Sun Secure Global Desktop
Encyclopedia
Oracle Secure Global Desktop (SGD) software provides secure access to both published applications and published desktops running on Microsoft Windows
, Unix
, mainframe
and System i systems via a variety of clients ranging from fat PCs to thin clients such as Sun Ray
s.
) acquired IXI Limited
, a software company in Cambridge
, UK
, best known for its X.desktop
product. In 1994 it then bought Visionware, of Leeds
, UK, developers of XVision. In 1995 the development teams from IXI and Visionware were combined to form IXI Visionware, later the Client Integration Division of SCO.
A development team within this division began work in 1996 on a project codenamed Tarantella. The goal of this project was "any application, any client, anywhere": access to applications of any type (hosted on back-end server
s) from any client
device that supported a Java-enabled web browser
. The project codename stuck: it became the final product name. The first public release of Tarantella software was in November 1997. Later version 1.x releases supported more application types (such as Microsoft Windows applications) and client types (including Native Clients to remove the dependency on Java support), and added scalability and security features to better support larger enterprises and secure application access over the Internet.
The product was renamed Tarantella Enterprise II in late 1999, with a cut-down Tarantella Express product available on Linux
systems. This renaming was a simple rebrand of the then-current 1.x release: no version 2.x software was released.
In November 2000 version 3.0 of the product was released, including a major rewrite
of much server-side code in the Java language. The product was rebranded as Tarantella Enterprise 3, with releases for Linux and major UNIX systems. Further 3.x releases followed in subsequent years, adding more integration features in competition with similar software from Citrix
.
Sun Microsystems
acquired Tarantella, Inc. in July 2005. The product underwent massive development in the following years. As of February 2011, the current version is Oracle Secure Global Desktop 4.60.911. It is now a major part of Oracle's Virtual Desktop Infrastructure product (Sun VDI
).
A large range of client devices can connect to a Secure Global Desktop Server, including Microsoft Windows PCs, Solaris desktops, Apple Macintoshes, Linux PCs, thin clients such as those from Sun and Wyse
, and mobile devices. The client requires only a web browser
with a Java Runtime Environment installed.
A client device connects to the Secure Global Desktop Server either via a supported Java
-enabled browser or via Native Client software (this "native client" can be downloaded from a SGD installation's login page, i.e. instead of logging in and letting the Java applet handle the connection automatically for you, you could instead do it manually by downloading this "native client" from the SGD main login page, install it locally, and then launch it and connect via this). When you connect via a browser the first time as a client, the SGD client (the client-side of the aforementioned Java component) is downloaded so you can then SSL-encrypt your connection. The system officially supports Mozilla Firefox
, Internet Explorer
, and Safari
, but other browsers might work too for as long as they have access to a working Java
-plugin. The latest Java Runtime Environment is recommended but at least version 1.5 is required.
The Desktop Client connects to the Secure Global Desktop Server via the Adaptive Internet Protocol
(AIP). AIP is bandwidth- and latency-aware and can adjust compression and performance dynamically on links as diverse as a 56K modem or a 100Mb LAN
.
Session Resumability and Mobility is a feature allowing remote access to desktop applications from essentially any Java-enabled browser in the world. This makes it possible to run applications in one's office, then go to another location such as a customer site or one's home and transfer your existing desktop session to a computer there.
Centralisation is an important feature for organizations concerned with secure data being stored on remote devices such as notebook computers, and the associated risk for theft of the device and its data. Applications accessed via SGD run in the centralised server room, meaning that all data is backed up and secured via the normal datacenter practices of the organization. There is a potential for increased performance and effiiciency, since the actual computation is performed on larger systems with more resources; centralisation also makes resources considerably easier to manage.
Applications can be assigned to users or groups of users using the Object Manager which can automatically present new applications to users dynamically without them needing to log out. Profiles can be created to group similar types of users; these profiles control the applications that a logged-in user is allowed to use. When a new application or an upgrade to an existing application is required, an administrator can just push these changes out to the users. This simplifies Desktop SOE
migrations.
SGD's password-caching feature, authentication tokens, and ability to integrate with Active Directory
and LDAP
gives it the ability to easily set up single sign-on
to applications: a user logs into SGD once, and then can run applications without having to perform an additional login—even if there are usernames and passwords used for the different back-end applications.
With the same SGD infrastructure one can host an organisation's internal desktop applications, but also be able to access desktop applications remotely without the need for expensive VPN solutions. The Firewall Traversal Feature makes it possible to put an application server in an organisation's DMZ
with only port 443 (HTTPS
) accessible from the outside world. An SGD server can be accessed via HTTP or HTTPS.
SGD also integrates with the Sun Java System Portal Server
making it possible to deliver desktop applications via a Secure Portal using a Portlet
, including the ability to mail, calendar and other Portal features.
Sun Java System Identity Manager can also manage all user accounts and passwords via one webform, including integration of LDAP, Active Directory, Oracle
or other commercial or home-grown access control repositories.
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
, Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
, mainframe
Mainframe computer
Mainframes are powerful computers used primarily by corporate and governmental organizations for critical applications, bulk data processing such as census, industry and consumer statistics, enterprise resource planning, and financial transaction processing.The term originally referred to the...
and System i systems via a variety of clients ranging from fat PCs to thin clients such as Sun Ray
Sun Ray
The Sun Ray from Oracle is a stateless thin client solution aimed at corporate environments, originally introduced by Sun Microsystems in September 1999...
s.
History
In 1993 the Santa Cruz Operation (SCO, later Tarantella, Inc.Tarantella, Inc.
Santa Cruz Operation was a software company based in Santa Cruz, California which was best known for selling three Unix variants for Intel x86 processors: Xenix, SCO UNIX , and UnixWare. Eric Raymond, in his book The Art of Unix Programming, calls SCO the "first Unix company"...
) acquired IXI Limited
IXI Limited
IXI Limited was a Cambridge, UK-based software company founded in 1988. The company was the leading supplier of windowing software for Unix, supporting all the popular UNIX platforms of the time....
, a software company in Cambridge
Cambridge
The city of Cambridge is a university town and the administrative centre of the county of Cambridgeshire, England. It lies in East Anglia about north of London. Cambridge is at the heart of the high-technology centre known as Silicon Fen – a play on Silicon Valley and the fens surrounding the...
, UK
United Kingdom
The United Kingdom of Great Britain and Northern IrelandIn the United Kingdom and Dependencies, other languages have been officially recognised as legitimate autochthonous languages under the European Charter for Regional or Minority Languages...
, best known for its X.desktop
X.desktop
X.desktop was an early desktop environment graphical user interface built on the X Window System. It was developed and sold during the late 1980s and early 1990s by IXI Limited, a British software house based in Cambridge...
product. In 1994 it then bought Visionware, of Leeds
Leeds
Leeds is a city and metropolitan borough in West Yorkshire, England. In 2001 Leeds' main urban subdivision had a population of 443,247, while the entire city has a population of 798,800 , making it the 30th-most populous city in the European Union.Leeds is the cultural, financial and commercial...
, UK, developers of XVision. In 1995 the development teams from IXI and Visionware were combined to form IXI Visionware, later the Client Integration Division of SCO.
A development team within this division began work in 1996 on a project codenamed Tarantella. The goal of this project was "any application, any client, anywhere": access to applications of any type (hosted on back-end server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
s) from any client
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
device that supported a Java-enabled web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
. The project codename stuck: it became the final product name. The first public release of Tarantella software was in November 1997. Later version 1.x releases supported more application types (such as Microsoft Windows applications) and client types (including Native Clients to remove the dependency on Java support), and added scalability and security features to better support larger enterprises and secure application access over the Internet.
The product was renamed Tarantella Enterprise II in late 1999, with a cut-down Tarantella Express product available on Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
systems. This renaming was a simple rebrand of the then-current 1.x release: no version 2.x software was released.
In November 2000 version 3.0 of the product was released, including a major rewrite
Rewrite (programming)
A rewrite in computer programming is the act or result of re-implementing a large portion of existing functionality without re-use of its source code. When the rewrite is not using existing code at all, it is common to speak of a rewrite from scratch...
of much server-side code in the Java language. The product was rebranded as Tarantella Enterprise 3, with releases for Linux and major UNIX systems. Further 3.x releases followed in subsequent years, adding more integration features in competition with similar software from Citrix
Citrix Systems
Citrix Systems, Inc. is a multinational corporation founded in 1989, that provides server and desktop virtualization, networking, software-as-a-service , and cloud computing technologies, including Xen open source products....
.
Sun Microsystems
Sun Microsystems
Sun Microsystems, Inc. was a company that sold :computers, computer components, :computer software, and :information technology services. Sun was founded on February 24, 1982...
acquired Tarantella, Inc. in July 2005. The product underwent massive development in the following years. As of February 2011, the current version is Oracle Secure Global Desktop 4.60.911. It is now a major part of Oracle's Virtual Desktop Infrastructure product (Sun VDI
Sun VDI
Oracle VDI software is a connection broker that provides desktop virtualization to replace personal computers with virtual machines on a server. Users can access these VMs though any RDP client, or through the web via Sun Secure Global Desktop .Oracle Corporation released Oracle VDI 3.2.2 on...
).
Overview
SGD is considered a competitor to Citrix's products for remote application delivery.A large range of client devices can connect to a Secure Global Desktop Server, including Microsoft Windows PCs, Solaris desktops, Apple Macintoshes, Linux PCs, thin clients such as those from Sun and Wyse
Wyse
Wyse Technology is an American company that is a leading manufacturer in Cloud Client Computing. Products include thin client hardware and software as well as desktop virtualization. Other products include cloud software-supporting desktop computers, laptops, and mobile devices...
, and mobile devices. The client requires only a web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
with a Java Runtime Environment installed.
A client device connects to the Secure Global Desktop Server either via a supported Java
Java (Sun)
Java refers to several computer software products and specifications from Sun Microsystems, a subsidiary of Oracle Corporation, that together provide a system for developing application software and deploying it in a cross-platform environment...
-enabled browser or via Native Client software (this "native client" can be downloaded from a SGD installation's login page, i.e. instead of logging in and letting the Java applet handle the connection automatically for you, you could instead do it manually by downloading this "native client" from the SGD main login page, install it locally, and then launch it and connect via this). When you connect via a browser the first time as a client, the SGD client (the client-side of the aforementioned Java component) is downloaded so you can then SSL-encrypt your connection. The system officially supports Mozilla Firefox
Mozilla Firefox
Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. , Firefox is the second most widely used browser, with approximately 25% of worldwide usage share of web browsers...
, Internet Explorer
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
, and Safari
Safari (web browser)
Safari is a web browser developed by Apple Inc. and included with the Mac OS X and iOS operating systems. First released as a public beta on January 7, 2003 on the company's Mac OS X operating system, it became Apple's default browser beginning with Mac OS X v10.3 "Panther". Safari is also the...
, but other browsers might work too for as long as they have access to a working Java
Java (Sun)
Java refers to several computer software products and specifications from Sun Microsystems, a subsidiary of Oracle Corporation, that together provide a system for developing application software and deploying it in a cross-platform environment...
-plugin. The latest Java Runtime Environment is recommended but at least version 1.5 is required.
The Desktop Client connects to the Secure Global Desktop Server via the Adaptive Internet Protocol
Adaptive Internet Protocol
Adaptive Internet Protocol is a multi-channel protocol that allows an application running on any of multiple platforms to be displayed on any of a wide range of client systems...
(AIP). AIP is bandwidth- and latency-aware and can adjust compression and performance dynamically on links as diverse as a 56K modem or a 100Mb LAN
Local area network
A local area network is a computer network that interconnects computers in a limited area such as a home, school, computer laboratory, or office building...
.
Session Resumability and Mobility is a feature allowing remote access to desktop applications from essentially any Java-enabled browser in the world. This makes it possible to run applications in one's office, then go to another location such as a customer site or one's home and transfer your existing desktop session to a computer there.
Centralisation is an important feature for organizations concerned with secure data being stored on remote devices such as notebook computers, and the associated risk for theft of the device and its data. Applications accessed via SGD run in the centralised server room, meaning that all data is backed up and secured via the normal datacenter practices of the organization. There is a potential for increased performance and effiiciency, since the actual computation is performed on larger systems with more resources; centralisation also makes resources considerably easier to manage.
Applications can be assigned to users or groups of users using the Object Manager which can automatically present new applications to users dynamically without them needing to log out. Profiles can be created to group similar types of users; these profiles control the applications that a logged-in user is allowed to use. When a new application or an upgrade to an existing application is required, an administrator can just push these changes out to the users. This simplifies Desktop SOE
Standard Operating Environment
A Standard Operating Environment is an IT industry term used to describe a standard implementation of an operating system and its associated software...
migrations.
SGD's password-caching feature, authentication tokens, and ability to integrate with Active Directory
Active Directory
Active Directory is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems. Server computers on which Active Directory is running are called domain controllers....
and LDAP
Lightweight Directory Access Protocol
The Lightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network...
gives it the ability to easily set up single sign-on
Single sign-on
Single sign-on is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them...
to applications: a user logs into SGD once, and then can run applications without having to perform an additional login—even if there are usernames and passwords used for the different back-end applications.
With the same SGD infrastructure one can host an organisation's internal desktop applications, but also be able to access desktop applications remotely without the need for expensive VPN solutions. The Firewall Traversal Feature makes it possible to put an application server in an organisation's DMZ
Demilitarized zone (computing)
In computer security, a DMZ is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet...
with only port 443 (HTTPS
Https
Hypertext Transfer Protocol Secure is a combination of the Hypertext Transfer Protocol with SSL/TLS protocol to provide encrypted communication and secure identification of a network web server...
) accessible from the outside world. An SGD server can be accessed via HTTP or HTTPS.
SGD also integrates with the Sun Java System Portal Server
Sun Java System Portal Server
The Sun Java System Portal Server is a component of the Sun Java Platform, Enterprise Edition, a software system that supports a wide range of enterprise computing needs....
making it possible to deliver desktop applications via a Secure Portal using a Portlet
Portlet
Portlets are pluggable user interface software components that are managed and displayed in a web portal. Portlets produce fragments of markup code that are aggregated into a portal. Typically, following the desktop metaphor, a portal page is displayed as a collection of non-overlapping portlet...
, including the ability to mail, calendar and other Portal features.
Sun Java System Identity Manager can also manage all user accounts and passwords via one webform, including integration of LDAP, Active Directory, Oracle
Oracle database
The Oracle Database is an object-relational database management system produced and marketed by Oracle Corporation....
or other commercial or home-grown access control repositories.
Latest features
- SGD integration into the GNOMEGNOMEGNOME is a desktop environment and graphical user interface that runs on top of a computer operating system. It is composed entirely of free and open source software...
Launch Menu and Windows clients' Start MenuStart menuThe Start Menu and Start Button are user interface elements used in the later versions of the Microsoft Windows operating systems and in some X window managers...
; clients can connect to an SGD server when they log into their client automatically, without the need to open up a browser. Desktop icons can be created to start applications via SGD without the user being aware of SGD's presence.
- Significantly improved bandwidth utilization and screen rendering, making it considerably faster than the previous version. The screen rendering engine has been rewritten from scratch to be made more bandwidth aware and efficient and also to increase rendering performance of the desktop applications. Sun reports 30% faster screen rendering and 80% improvement of bandwidth efficiency.
- LDAP and Active Directory supported as login authority sources
- Seamless Windows support
- Support for Client Drive Mapping and Local Printer Mapping
- Support for serial port forwarding
- Oracle Secure Global Desktop Software runs on Solaris 10 (SPARCSPARCSPARC is a RISC instruction set architecture developed by Sun Microsystems and introduced in mid-1987....
and x86), Solaris 9 and 8 (SPARC only), Red Hat Enterprise LinuxRed Hat Enterprise LinuxRed Hat Enterprise Linux is a Linux-based operating system developed by Red Hat and targeted toward the commercial market. Red Hat Enterprise Linux is released in server versions for x86, x86-64, Itanium, PowerPC and IBM System z, and desktop versions for x86 and x86-64...
4 and 5(x86 32-bit), FedoraFedora (operating system)Fedora is a RPM-based, general purpose collection of software, including an operating system based on the Linux kernel, developed by the community-supported Fedora Project and sponsored by Red Hat...
Core 6 (x86 32-bit), SUSE Linux Enterprise ServerSUSE Linux Enterprise ServerSUSE Linux Enterprise Server is a Linux distribution supplied by SUSE and targeted at the business market. It is targeted for servers, mainframes, and workstations but can be installed on desktop computers for testing as well. New major versions are released at an interval of 3-4 years, while...
9 and 10 (x86 32-bit)
- The November 2007 release of version 4.4 most notably introduced a web-based Management Console that replaced the Java-based Object Manager and Array Manager tools that were first introduced in version 3.0.
Sun
- Secure Global Desktop Product Page and the list of requirements for 4.4
- Note: Always check the Release Notes for an accurate list of requirements.
- Live US demo site (Requires Java enabled browser)