Amazon WorkSpaces

Amazon WorkSpaces
Give users the freedom to work

anywhere, anytime, from any device
Javier Cristancho
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon WorkSpaces
Give USERS anywhere, anytime access to company data

and applications on their favorite device
AND
Help IT maintain data security, reduce complexity,

and improve user productivity
The way we work is changing
Business moves faster than ever
The importance of security keeps rising
Organizations are turning to the cloud
WorkSpaces transforms end user computing
Access resources Improve security

anywhere, on any device and control
Scale with the Increase user

changing workforce productivity
Enable Innovation Pay-as-you-go
Highly interactive cloud

desktops users love
What Customers Are Telling Us
Embrace Support contract Access for Data Security Agility

personal workers Mobile Workers
devices
Personal Computers On-Premises VDI

§ Manage inventory § Upfront investment
What’s not working? § Secure endpoints § Weeks to deploy
§ BYOD is complicated § Requires management
§ Data must be backed up § Servers must be secured
§ Expensive to scale § Expensive to scale
Improves Security
No sensitive
WorkSpace data Desktop stream
data on end
encrypted at rest encrypted in transit
users’ devices
Amazon WorkSpaces encrypts data and streams, and keeps information off devices
Plays Well With Existing Tools
Multifactor
Microsoft Active Certificate
Intranet Authentication SCCM
Directory Authority
(RADIUS)
Amazon WorkSpaces integrates easily with your on-premises tools and network
Pricing & Regions
Flexible Billing Options
Monthly Hourly
Best For Best For

§ Fulltime staff § Part-time staff
§ Simplifying your AWS bill § Optimizing your AWS bill
§ Instant access § Quick access
§ Running scheduled tasks § Running ad hoc tasks
https://aws.amazon.com/workspaces/pricing/
Global footprint
Northern Virginia WorkSpaces

X
Oregon X
GlovCloud (US-West) X
Montreal X
London X
Ireland X
Frankfurt X
Singapore X
Tokyo X
Sydney X
Seoul X
Sao Paolo X © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon WorkDocs
Secure content Global

store access
Integrates with Extensible SDK

existing IT
Secure, fully managed, file

storage with an extensible SDK
Ways you can use Amazon WorkDocs
+
Features
50 GB free tier for Amazon WorkSpaces users
Upgrade to 1 TB for $2 per user/month
Amazon WorkDocs Drive can be a default user storage solution
Compliance programs
Current
GDPR
DoD SRG
WorkSpaces Customers
Customers
Customer success story
Autodesk
Autodesk University is a series of conferences where

thousands of professionals from the architecture, design,
manufacturing, and media industries meet for learning and
skills development through classes, workshops, presentations,
and interactive galleries. Autodesk uses Amazon WorkSpaces
to run on-site training labs at its Autodesk University events.
Instead of renting physical hardware, Autodesk uses Amazon
WorkSpaces to host its virtual workstations on low-cost zero
clients, improving setup efficiency, reducing its carbon
footprint, and saving money.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Pfizer
“We use Amazon WorkSpaces to provide our contract

workforce with fast, secure access to a corporate desktop
running in the cloud. The old process of providing every
employee with a physical workstation was cumbersome and
expensive. With Amazon WorkSpaces, we are able to provide
a qualified environment for access to our business systems
that is highly automated and promotes self-service.”
—Bernard Dunne, Senior Director Business Technology, Pfizer
Yamaha
“Performance and stability is better than before,

and we were able to introduce the solution quickly. Best of
all, Amazon WorkSpaces did not require any upfront
investment, and we pay only for what we use. We are now
working to retire our on-premises VDI solution entirely.”
—Taku Harako, IT Technology Strategy Group, Yamaha
Cornell University
“We were able to use Amazon WorkSpaces to help us get a

new, Master’s level course up and running in less than three
weeks and provide students with access to industry-relevant
applications integrated into the course and labwork. With
this approach, students get real hands-on experience, using
real industry tools with Amazon WorkSpaces. They aren’t just
taking notes in class, but following me in real time. It gets rid
of traditional classroom barriers. With Amazon WorkSpaces,
students can study and work together on their projects
anywhere, on Macs, PCs, and tablets.”
—Jeff Christen, Instructor, Cornell University
IP-based access controls
Control Amazon WorkSpaces access
• Select IP addresses from which users can access
Amazon WorkSpaces
• Create groups of custom rules specifying which IP Amazon WorkSpaces
addresses users can access Amazon WorkSpaces from Client
Benefits Source IP Check

• Ensure that Amazon WorkSpaces are only accessed
from trusted networks
• Groups can be applied at the individual directory level
from the Amazon WorkSpaces console or through APIs
Limitations
• Cannot be enabled for the Web Access client
AWS Cloud
Certificate authentication
Benefits
Access control based on the client device type and
certificates
Managed device authentication
How does it work?

• Customers deploy device certificates to managed devices
• Amazon WorkSpaces service stores root certificate with
public key only
• Amazon WorkSpaces application makes authentication
request and the service returns a randomly generated
nonce along with root certificate
• App locates device cert chaining to root authority of the
certificate provided by the service
• App uses private key of the device certificate and signs
the nonce provided by the service and sends to service
along with public key
• The service validates if the nonce is signed by device
certificate and allows authentication to proceed
CloudWatch events on Amazon WorkSpaces access
Identify Amazon WorkSpaces access
• View, search, download, archive, analyze, and respond
to successful logins to your Amazon WorkSpaces
• Monitor client WAN IP addresses, operating system, Amazon WorkSpaces
Amazon WorkSpaces ID, and Directory ID information Client
for users’ logins to Amazon WorkSpaces
Benefits
• Learn when, where, and how your users log in to and Amazon WorkSpaces
Access Event (on Login
access their Amazon WorkSpaces
Success)
• Monitor client WAN IP addresses, operating system,
Amazon WorkSpaces ID, and Directory ID information
for users’ logins to WorkSpace
• Set up automated actions based on how a WorkSpace is
accessed
CloudWatch Events
Encryption
Encrypt Amazon WorkSpaces volumes
Data in transit and rest is encrypted using AES-256
bit encryption
Integrates with the AWS Key Management Service
(AWS KMS)
Use your AWS KMS keys to encrypt Amazon
WorkSpaces
Encrypt up to 500 Amazon WorkSpaces with a
single key
Can encrypt both root and user volume
No material performance impact
Pricing
Pay for AWS KMS keys and Amazon WorkSpaces –
no additional charge
Network Flow - Connecting From Public Internet
Network Flow - Connecting From On-Premises
Microsoft Licensing and BYOL on WorkSpaces
On August 1st, Microsoft announced new licensing changes for on-premises software
purchased under volume licensing. Microsoft is moving their licensing for virtual desktop
infrastructure (VDI) customers to a per-user model and away from its previous per-device
licensing model.
• After October 1, 2020 WorkSpaces BYOL customers will need the VDA E3 or E5 (per
user) for compliance with Microsoft’s new publicly stated terms.
• Or alternatively, customers may continue using or move to Windows license-included
WorkSpaces cloud desktops licensed through AWS, or WorkSpaces with Linux.
WorkSpaces customers may view this license change as an impetus for a shift. Instead of
paying for the base license by having to buy Windows per-device for BYOL, customers can
reduce their device costs by having more freedom to choose the best and least costly
device that meets their need: Windows CPS, Windows or Linux thin clients, Chromebooks,
iPads, Android tablets, and other devices.

Amazon WorkSpaces - Introduction

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Amazon WorkSpaces - Introduction

Încărcat de

Drepturi de autor:

Formate disponibile

Give users the freedom to work

Give USERS anywhere, anytime access to company data

Help IT maintain data security, reduce complexity,

Access resources Improve security

Scale with the Increase user

Enable Innovation Pay-as-you-go

Highly interactive cloud

Embrace Support contract Access for Data Security Agility

Personal Computers On-Premises VDI

Best For Best For

Northern Virginia WorkSpaces

Secure content Global

Integrates with Extensible SDK

Secure, fully managed, file

Autodesk University is a series of conferences where

“We use Amazon WorkSpaces to provide our contract

“Performance and stability is better than before,

“We were able to use Amazon WorkSpaces to help us get a

Benefits Source IP Check

How does it work?

S-ar putea să vă placă și