deviceTRUST consists of two main components when installing on end-user computing environments, the deviceTRUST Host and the deviceTRUST Client. Both deviceTRUST components can be installed and configured within minutes and can be fully integrated with existing deployment processes and management tools. No additional infrastructure (e.g. a database or a web server) is required for deviceTRUST to be installed in your environment.
Solutions are provided by deviceTRUST for both traditional and modern Operating Systems (OS). On a traditional OS such as Microsoft Windows, an extensibility framework is available that enables deviceTRUST to send user and device context within the communication channel between the clients and the Remote Desktop Services host. deviceTRUST also provides a solution for more modern OS’s, such as Apple iOS, which offer no extensibility framework.
This component needs to be installed on the remote host that delivers the published applications or desktops (Session Host or VDI) to the users. The following technologies are supported by deviceTRUST: Citrix XenApp, Citrix XenDesktop, VMWare Horizon View, Microsoft Remote Desktop Services (Session Host or VDI) or Amazon AWS WorkSpaces.
This component needs to be installed on the remote device which will be used to connect to the remote host delivering the published applications and desktops. It is not required to have deviceTRUST client installed onto all of your remote devices but recommended to get the full range of context information about the remote device and its user into the users’ virtual session.
In the absence of the deviceTRUST client on the remote device, deviceTRUST delivers the HOST_* properties into the users’ virtual session. The deviceTRUST Property Matrix document for EUC explains in detail which HOST_* and DEVICE_* properties are available on which remote device OS platform.
Architecture - Microsoft Windows Remoting Clients
The following diagram details the deviceTRUST architecture when the remote client is installed on a Windows OS, with deviceTRUST sending the user and device context information within the communication channel offered by the remoting protocol. Policy is made available to the deviceTRUST Host using existing Microsoft Active Directory Group Policy Management. All operations performed by the deviceTRUST Host are written to the Microsoft Windows Event Log.
Architecture - Apple iOS Remoting Clients
The following diagram details the deviceTRUST architecture when the remote client is installed on an Apple iOS device. In this scenario, the remoting protocol does not provide an extensible communications channel, therefore the deviceTRUST Host and Client communicate with each other using an external deviceTRUST Service. As with the previous diagram, policy is made available with Microsoft Active Directory Group Policy Management and all activity is written to the Microsoft Windows Event Log.