An Industry First! Integrated OAuth – Zero Trust Security for any Application via Liquidware FlexApp

FlexApp v6.8.6 recently became generally available and includes yet another industry first –optional integrated OAuth (Open Authorization). Now, virtually any Windows application can easily incorporate OAuth capabilities through FlexApp’s FlexApp One container format to achieve a Zero Trust application access policy.

Industries burdened with compliance, such as federal agencies, healthcare, and financial institutions, are poised to benefit from the new OAuth functionality in FlexApp. This includes organizations deploying Windows workspaces, such as Citrix CVAD and DaaS, VMware Horizon, Amazon Workspaces and AppStream, and Microsoft physical, AVD, Windows 365 desktops.

The new feature in FlexApp promotes a zero-trust framework, even in offline scenarios. By facilitating OAuth, FlexApp ensures that only validated users can access applications, aligning with an organization’s Zero Trust strategy. Even if applications inherently lack OAuth support, FlexApp ensures compliance by preventing deactivated or unauthorized accounts from accessing the applications. FlexApp’s OAuth capabilities are integrated with an organization’s Microsoft Entra ID (formerly Azure AD) instance.

As more organizations implement Zero Trust architecture, OAuth plays a critical role. The traditional “trust but verify” approach is no longer sufficient; instead, the Zero Trust motto of “never trust, always verify” is essential to modern security strategies, especially in virtual application environments. Liquidware FlexApp acknowledges this necessity and actively integrates Zero Trust principles.

OAuth is pivotal in FlexApp’s security, offering detailed, user-specific application entitlements that reinforce the Zero Trust model. This modern security standard ensures that applications are not merely secure but are also used by verified and authorized users. Key OAuth integration in FlexApp supports application security scenarios such as:

  • Entitlement of Apps per User or Group: FlexApp allows precise control over who can access each application, enabling administrators to assign application access at both individual and group levels. This granularity is not just about control but about maintaining a strict ‘least privilege’ approach, vital for Zero Trust.
  • Disabling Access: In a Zero Trust environment, the ability to revoke access is as important as granting it. If a user’s status changes, or if they no longer require access to a specific application, FlexApp enables immediate revocation of access rights, an essential aspect of maintaining a secure environment.
  • Reporting on Usage: Transparency and traceability are pillars of Zero Trust. FlexApp supports detailed reporting, allowing administrators to actively monitor application usage. This insight is critical for assessing security posture, ensuring compliance, and making informed decisions based on user behavior and activity patterns.
  • Validation Against Azure AD Users and Groups: FlexApp integrates with Azure Active Directory (Azure AD), allowing for the validation of user identities and group memberships. This capability ensures that only authenticated and authorized users can access applications, consistent with Zero Trust’s stringent requirements.

FlexApp takes these capabilities further, promoting a zero-trust framework even in offline scenarios. By facilitating OAuth, FlexApp ensures that only validated users can access the applications, aligning with the organization’s Zero Trust strategy. Even if applications inherently lack OAuth support, FlexApp ensures compliance by preventing deactivated or unauthorized accounts from accessing the applications.

The integration of these advanced OAuth functionalities in FlexApp doesn’t only fortify security; it’s fundamental for organizations aiming for a comprehensive Zero Trust strategy. This approach, especially when combined with Citrix, forms a layered defense strategy, reducing vulnerabilities and placing enterprises at the forefront of modern cybersecurity practices.

Embracing a Zero Trust architecture is not a mere enhancement; it’s a necessity in the face of evolving digital threats. Liquidware FlexApp’s alignment with Zero Trust, especially its advanced OAuth features, redefines application security in virtual environments. By trusting FlexApp for application layering and delivery, organizations are not just optimizing application management; they’re investing in a robust security future.

FlexApp One is so easy that you can download and try an app over a cup of coffee! We’ve packaged up a few apps for you to try including, VLC Media Player, Firefox, Slack, PowerBI Desktop, Microsoft Teams, and even 3D Pinball! Just click on this link to get started!

HUGE Innovations now GA in Liquidware FlexApp v6.8.6 – Nothing Compares to FlexApp!

In case you missed it this week, we unveiled FlexApp v6.8.6, a groundbreaking update that redefines application delivery and user experience in today’s hybrid and remote work environments.

Offline FlexApp: Uninterrupted Productivity Anytime, Anywhere

In today’s “work from anywhere” world, network connectivity can be unpredictable, especially for users on the go. With FlexApp Offline, we’ve expanded offline capabilities to traditional FlexApp packages, ensuring users can access their critical applications even when connectivity is limited. This feature is a game-changer for field workers, remote employees, and those operating in areas with unreliable internet access. While attached Windows applications could already go offline with the self-contained “FlexApp One” format, this capability has now been extended to traditional FlexApp packages.

OAuth Support: Fortifying Application Security with Zero Trust

Application security is paramount in today’s threat landscape, and FlexApp v6.8.6 empowers organizations to implement a robust Zero Trust framework. Our new OAuth support seamlessly integrates with Microsoft Entra ID (formerly Azure AD), enabling organizations to enforce granular access controls and secure applications against unauthorized user access. This feature aligns seamlessly with Zero Trust strategies, ensuring that only validated users can access applications, regardless of network connectivity.

FlexApp One Memory Caching: Boosting Performance for Demanding Applications

Large, memory-intensive applications can strain system resources and impact user experience. FlexApp One Memory Caching leverages session memory to boost the performance of these applications, significantly reducing load times and enhancing user productivity. This feature is particularly valuable for organizations that rely on resource-intensive applications in their daily operations.

FlexApp Automated Packaging 1.5 – Further Streamlining Application Packaging at Scale

FlexApp Automated Packaging is the industry’s only fully automated application packaging system, and now it’s even better with version 1.5. This update includes support for FlexApp One packages, enhanced compatibility, auto-optimized capture machines, and continuous packaging capabilities. FlexApp Automated Packaging is ideal for organizations that manage large application portfolios, enabling them to automate the packaging process and ensure that applications are always up to date.

Setting the Standard for Enterprise Efficiency and Performance

FlexApp v6.8.6 delivers an unmatched level of application management, delivery, and user experience optimization. With features like offline FlexApp, OAuth support, FlexApp One memory caching, and FlexApp Automated Packaging 1.5, we’re setting a new standard for enterprise efficiency and performance.

Experience the Future of Digital Workspace Management

Learn more about FlexApp v6.8.6 and how it can transform your digital workspace, visit our website today. FlexApp is the most innovative application delivery solution for Windows and in use by numerous mid-size to very large enterprises today. The solution supports Citrix, Microsoft AVD, Windows 365, VMware Horizon, and any Windows platform, including physical PCs and Laptops. What are you waiting for!? FlexApp One packages are so easy you can try them over a cup of coffee here by downloading a sample app and double-clicking on it!

E2EVC a unique EUC Community Event

E2EVC is now in its 20th year having started in 2003. It is a unique event bringing together independent consultants, customers, partners, vendors, and even competitors. The E2EVC community is the most talented community within the EUC industry.
The latest event took place in Rome from November 3-5. My journey started in Dublin on the afternoon of the November2; the flight was fairly uneventful apart from the last 20 minutes, this was due to the extreme turbulence we encountered.

After a quick taxi ride and after dropping my bags in my room, I joined the pre-event networking event. It was great to be among my peers again and see people whom I’ve not seen since the pandemic.

Day 1

I started the day with a quick review of my slides as I was presenting two sessions – the Liquidware sponsor session and a community session with Gerjon Kunst on the impact of AI on EUC.

I headed down to watch the intro session from Alex Cooper, the founder of E2EVC who, as usual, was dressed to suit the city – he was supposed to be Michael Corleone but looked more like a member of the Peaky Blinders.

Last time I checked E2E has never been in Birmingham!

The morning continued with sponsor sessions, starting with Eugene Kaleyev talking about the latest ControlUp release and how the platform is moving towards a SaaS model. Next up was Chris Marks from Parallels, with some very impressive PowerPoint skills, who walked through the latest Parallels release. After this Helge Klein took us through the latest developments in UberAgent. After Helge was Thomas Poppelgaard, who talked about the latest innovations in GPUs including the latest Nvidia release, Lovelace. Thomas also talked about how GPUs are been utilized for AI, in some the use cases (Midjourney, ChatGPT, Copilot) were mentioned, he also highlighted some of the risks of generative AI – risks such as data privacy, security, IP rights, Biases, and ethical implications. Following Thomas was the session from AWS where Matt Olson and Paolo Maggi talked through how AWS operate a global DaaS infrastructure.

I then took some time to further review my slides and then it was time for my first session!
In my presentation, I briefly showed the 4 solutions from Liquidware – which are ProfileUnity™ that delivers superior full-featured User Environment Management, FlexApp ™ delivers advanced application portability, integrated with UEM and is easy to manage, and Stratusphere™ UX that offers sophisticated digital experience monitoring and diagnostics to support the complete lifecycle of digital workspaces.

As I was limited to 15 mins, I moved on the explain the 4 key innovations of our new SaaS real-time remediation solution, CommandCTRL™.

These 4 key innovations are ChatGPT integration for Process Identification, that allows us to use ChatGPT to determine the name, location and description of a process without the need for a lengthy Google search, giving you the information immediately so you can determine whether the process is valid or rogue . Our DVR playback mode Captures up to 7-days history so admins can see exactly what occurred in the environment at specific dates and times. This is incredibly helpful in the troubleshooting process and dramatically reduces the time to resolution. One of our other key innovations is CommandCTRL Switch which enables administrators to seamlessly switch and navigate between two distinct desktop environments: the local desktop and the cloud-based desktop to identify areas of concern, and diagnose performance-related issues. Finally we have Protocol Mirroring which gives the user the ability to view the metrics for the local endpoint and overlay the display metrics from the cloud desktop on the same screen. This aids the troubleshooting process by providing end-to-end visibility.

I then did a full walk though of CommandCTRL . You can watch a video of my full walk-through here

After lunch, I took some time to prepare for my community session with Gerjon Kunst, which was focused on the impact of AI on EUC.

In our session, we covered the history of AI, it did not just appear in 2023, the origin of AI goes back to the Turing test in the 1950s. Gerjon continued with the big players in this space: Google, OpenAI, Microsoft, Nvidia, Tesla and IBM and where to start with AI (ChatGPT, Midjourney, Dall-E, Business Application Integration and Microsoft-based options). We continued with use cases in VDI: Intelligent Assistance (proactive questions, seamless customer interactions, interactive VR-based training simulations and emotionally intelligent chatbots), predictive intelligence (predictive maintenance, smart resource allocation, adaptive interfaces, predictive content, instant actionable insights, automated dynamic reporting), collaboration/communications (real-time language translation, transcripts, AI-optimized virtual meetings), security/compliance (real-time compliance, intent-based detections, behavioural biometrics) and wellness/productivity enhancements (ai-enabled ergonomic suggestions, cognitive well-being monitoring).

The next topic from Gerjon was how to start the journey of AI showing the possibilities of AI (Team integrations, building your own bot). I continued with Responsible AI based on the principles of inclusiveness, fairness, transparency, accountability, reliability/safety and privacy/security, followed by downsides of AI and AI regulations (which are currently being discussed in the US and EU governments).

It was great to present with Gerjon and I feel we gave a good account of where AI currently is but because it is developing so rapidly, it is hard to predict where it will go next. We have already decided to do the session again next November and to review the developments over the year.

The final session of the day was What’s New in Citrix by Christian Schwendemann. The first topic was bringing cloud innovations to on-premises: these included universal subscription, web studio on-premises, Autoscale on-premises (power management, dynamic provisioning, vertical load balancing), Hybrid Citrix Director (both Cloud and on-prem from one console). Christian further discussed  Secure Private Access for On-Premises, new Citrix Workspace User Interface, Custom Domain to Citrix Workspace, Citrix HDX Plus for Windows365 and EDT Lossy on Citrix Gateway Service. The topic was Director and monitor enhancements, followed by MFS Synthetic Monitoring Probes. Christian continued with the Local Host Cache Dashboard and configured Sync Failure alerts. Citrix Analytics for Performance was the next topic Christian discussed, followed by Session Recording Events in Citrix Analytics and Session Recording in Citrix Director. Also, VDA Clipboard Activity is now available in Citrix Analytics.

The evening finished with dinner in a nearby restaurant and then the conversation continued in the hotel bar.

Day 2

My day started with Jack Madden’s session What is VMware Anywhere Workspace and What Does it Have to do With Horizon? In the session, Jack went through the components of the Anywhere Workspace Platform (Virtual Apps/Desktops, Unified Endpoint Management, Digital Employee Experience including Platform Services). Of most interest was Jack going through VMware’s approach to DEX. In this section he covered Deliver, Measure, Analyse, and Remediate, including an overview of the DEX solution overview (Workspace ONE Intelligent Hub, Workspace ONE Intelligence Experience Management, Employee Sentiment, Guided Root Cause Analysis, Workspace ONE Intelligence for Horizon, Digital Employee Experience for Horizon, Workspace ONE Assist for Horizon). It was interesting to hear how another vendor approaches DEX. I recently talked with Jack’s former colleague Gabe Knuth on a podcast episode about DEX and how it is defined from his perspective.

Following this, I went to support my colleagues Andreas Van Wingerden and Berry Haveman in their session “”Unleashing the Dynamic Duo: Intune and Liquidware Supercharge Cloud-based Workspaces”. In their session Andreas started by laying out Liquidware’s modular approach to the digital workspace which starts at the delivery platform, we are agnostic so can support any platform, and covered the following layers – operating system, security context, applications, user environment, and experience monitoring. Berry then continued with a look at the main challenges and how ProfileUnity can overcome these challenges. He then talked about out latest FlexApp release 6.8.6 and the new features that are available in the release notes.

After lunch, I headed into Rome to experience some of its history and charm. The evening was spent at a steak house with some community friends before returning to hotel where the tech conversation continued including a deep look at AI and how it will be implemented within EUC.

Day 3

The next, and final, morning brought a surprise because Christian Schwendemann asked Gerjon and me to take part in a session on offline AI along with Thomas Poppelgaard.

In the session we looked at how you can get set with running an offline AI which, unsurprisingly, requires a decent GPU! We looked at some open source models, why you would run an offline model, and the advantages and disadvantages of running offline.

E2EVC finished, as always, with Geekspeak. It is open forum where everyone, who is left, talks about the weekend sessions and the state of the EUC industry. It really is a great experience because you get uncensored insights from people across the industry.

Finally, after some pizza, it was time to head to the airport and home to Dublin. E2EVC, as always, was an amazing experience and a fantastic way to see the current state of the industry, but also have deep technical conversations in a relaxed atmosphere.

AI was obviously a major topic during the event and there were 4 sessions related to AI during E2E, I fully expect that to increase in 2024.

I am already looking forward to the next event and also the development of AI within EUC.