Enhancing User Experience with Display Protocol Support: CommandCTRL’s Innovative Integration with Dizzion Frame

Following a momentous announcement from the Frame team on their collaboration with Dizzion, we at Liquidware have been diligently developing innovative technologies to further enhance our support for Frame. The intersection of Frame’s solid technology with its dedicated team members is genuinely invigorating, and we are thrilled about the potential growth avenues this integration can explore.

In light of this development, we focused on two significant upgrades to bolster Frame’s integration into our help desk remediation solution, CommandCTRL™.

Firstly, we’ve introduced a mapping process that aligns the user’s authentication Universal Principal Name (UPN) to the Frame control plane, integrating this directly into our system. This innovation solves a pervasive problem encountered by many users utilizing non-domain joined Frame. Under regular circumstances, once users sign into the Windows session, the operating system, being non-domain joined, would default to a generic username such as ‘Frame’. Consequently, products that interact with Windows and its sessions would be overwhelmed by a sea of users called ‘Frame’ — a scenario that severely impedes the efficient execution of help desk tasks.

By overlaying the authenticated UPN on the system, we’ve created a method where you can search and filter by the user’s unique UPN. This system effectively cuts through the multitude of ‘Frame’ usernames, ensuring a precise and quick identification process for each user. This feature will prove particularly useful when troubleshooting a user’s issues.

Secondly, we’ve extended our support to include Frame’s remote display protocol within CommandCTRL. This addition augments our existing vast range of display protocol support that already includes RDP, PCoIP, Blast, and HDX. The incorporation of Frame support means that help desk administrators can now access fundamental protocol metrics that directly impact the user experience. This includes real-time, every 3-second updates on latency, bandwidth, and frames per second. These metrics are also available in our history mode, which provides a 10-second sample going back 30 days.

Another exciting feature within our remote display protocol support is ‘metric mirroring’. If you have the CommandCTRL agent installed on both the physical endpoint and in the hosted desktop, we will mirror the display protocol on the physical endpoint’s dashboard. This unique feature enables the comparison of end-user WiFi metrics side by side with the display protocol, eliminating the need to have both machines open side by side in browser tabs. This enhancement significantly improves the user experience when using CommandCTRL.

We’re eager to announce that the remote display protocol will be included in our next beta release, scheduled for about a month from now. Subsequently, it will become a permanent feature as part of the General Availability (GA) launch we plan to carry out in Q3.

At Liquidware, we remain committed to innovating and developing digital workspace management solutions that provide seamless experiences and superior support for our users. Stay tuned for more updates!

Experience Next-Level Process Identification: CommandCTRL Unveils Game-Changing ChatGPT Integration

Liquidware’s CommandCTRL is excited to announce the latest beta feature: ChatGPT integration for efficient process identification! With this powerful addition, users can easily determine the purpose and origin of unfamiliar processes consuming system resources. Say goodbye to manual searches and embrace the convenience of AI-assisted process identification.

It’s a common experience for users to encounter unknown processes while using Windows Task Manager or CommandCTRL’s enhanced Task Manager, which samples data every 3 seconds. Traditionally, the go-to solution has been to search the process name online to learn about its function and manufacture. However, we recognized the need for a faster and more intuitive method, leading us to integrate ChatGPT into CommandCTRL.

Here’s how to set up and use ChatGPT in CommandCTRL:

Sign up for an OpenAI account to obtain access to OpenAI API keys at https://platform.openai.com/overview. After signing up, set up a billing account for the API keys.

Log in to your CommandCTRL tenant and navigate to “Settings” on the left-hand side. Click on “Tenant and Site.” In the “Site” section, you’ll find “3rd Party APIs” and “OpenAI.” Enter your API key and Organization ID under “OpenAI.”

With OpenAI enabled, your CommandCTRL Task Manager’s “Processes” tab will display an OpenAI icon next to each process. Clicking this icon sends a query to ChatGPT, providing information about the selected process, including the manufacturer, description, and manufacturer’s website.

To minimize ChatGPT queries and reduce costs, CommandCTRL stores query results in a global cache for 90 days, accessible by all tenants. By enabling ChatGPT, you can take advantage of this crowdsourced cache to save on query costs.

As AI technology continues to evolve, we plan to incorporate more AI-driven features within CommandCTRL to help our customers work smarter, not harder. Stay tuned for further enhancements that will revolutionize the way you manage and remediate.

Here is a link to setup a beta tenant https://ccbeta.liquidware.com/. Corporate and personal email addresses are welcomed.

Liquidware Secures ISO 27001 Certification: A Testament to Our Commitment to Security and Compliance

Liquidware, the leader in digital workspace management solutions to the federal government and all major verticals, has recently achieved the prestigious ISO 27001 certification. This adds to our existing certifications in SOC2 Type II and GDPR compliance. We take great pride in this accomplishment, particularly as a sub-100-person company, and attribute our success to the dedication and hard work of our small IT team.

We understand that achieving and maintaining compliance can be challenging for a small team. To address this, we utilized a product designed to help us stay compliant. This tool connects to all our systems in read-only mode, scanning for any compliance issues. It has been instrumental in identifying compliance drift and creating tasks for our teams to address, allowing us to stay in line with compliance requirements in-between audits. This proactive approach prevents the last-minute scramble often experienced before manual audits.

Liquidware has always placed a high priority on compliance and security, as we provide digital workspace management solutions to the federal government and major verticals such as healthcare and finance. Our ISO 27001 certification not only helps ensure the security of our employees’ and customers’ information but also promotes the secure development of our products. Additionally, we maintain stringent controls on our business processes from the top down.

Liquidware’s ISO 27001 certification is a testament to our unwavering commitment to security and compliance. Our small but dedicated IT team has made this extraordinary achievement possible, with the help of a compliance tool that simplifies the process of staying compliant. As an ISV serving all major sectors, we will continue to uphold the highest standards of security and compliance to protect our employees, customers, and product development.

Reference links:

https://www.liquidware.com/company/media/liquidware-achieves-iso-27001-certification-demonstrating-unwavering-commitment-to-security-and-compliance
https://www.liquidware.com/security

Any Desktop, Any Broker, Anywhere: Future-proofing Your Windows Desktop Deployment with Liquidware

The world of Windows desktop deployment has become increasingly complex with so many options available in the market today. From traditional laptops and desktops, to virtual desktops deployed on-premises, or in the cloud using solutions like Amazon WorkSpaces, Amazon AppStream, Nutanix Frame, Citrix Virtual Apps, Microsoft AVD, or Microsoft CloudPC – there are numerous choices to make.

However, choosing a deployment method also means choosing a broker and deciding whether to deploy on-premises or in the cloud. This can lead to vendor lock-in where your users’ profiles might be tied to a specific deployment method, making it difficult to move to another option. Moreover, you may not be able to move your applications from one deployment method to another, and the user experience might not be consistent across different deployment methods.

To address these issues, Liquidware offers a “Switzerland” approach to Windows desktop deployment with its ProfileUnity™, FlexApp™, and Stratusphere™ UX products. With these solutions, you can abstract your user’s profile and application deployment from the underlying OS and platform, making it easier to switch deployment methods without affecting user experience.

ProfileUnity abstracts the user’s profile from the OS with any deployment method, whether physical, virtual, or cloud based. By using ProfileUnity, you can future-proof your deployment options by putting your users under management with your existing deployment method. ProfileUnity’s portability engine ensures that the user’s profile can be saved to any storage medium, including SMB and cloud storage, and restored to any OS, of any version, on any platform.

FlexApp abstracts application deployment from the OS and platform, allowing you to take advantage of fewer images and pools to manage. By abstracting your applications with FlexApp, you can easily move to any new deployment method while keeping the same application delivery model. This ensures that your users have access to the same applications, regardless of the deployment method.

Stratusphere UX helps you monitor user experience on your existing deployment method and ensures that users get the same, or better, experience when you switch to a new deployment method. It continuously monitors your user’s experience to make sure you don’t unknowingly decrease user satisfaction.

In conclusion, with the current state of acquisitions and the evolving end-user computing market, it is essential to future-proof your Windows desktop deployment options. By using Liquidware’s ProfileUnity, FlexApp, and Stratusphere UX products, you can abstract the user’s profile and application deployment from the OS and platform, making it easy to switch deployment methods without affecting user experience. With Liquidware’s solutions, you can ensure that your users have a consistent and seamless experience regardless of the deployment method you choose.

FlexApp’s Unspoken Features: What are They?

FlexApp technology is a popular tool used for application layering, virtualization and delivery. While some of its features are well-known, there are some that are overlooked and not talked about enough. In this blog post, we will explore some of the under-the-hood features of FlexApp and explain how they work.

AppData and HKCU Handling

One of the key features of FlexApp is its ability to handle AppData and HCKU. When an application writes into these areas, FlexApp has special handling for layering. This is because these paths are often used as part of the application’s normal install routine, or they may be written to by the packaging administrator during testing or setting default preferences. If these areas of the profile are captured into the layer and do not exist in the user’s profile, FlexApp will physically copy or write them into the user’s profile. This ensures that the user has the necessary read and write access to these areas of the profile going forward.

Corrective Profile Path Tattooing

Another important feature of FlexApp is corrective profile path tattooing. This refers to the practice of capturing the profile path of the packaging administrator and storing it in the layer. This can create issues when an application stores a path to a non-existent location in the HKCU’s registry. FlexApp will flag this kind of event during the packaging process so that on activation of the layer, the registry value that points to the non-existent path can be corrected and pointed to the user’s correct profile path.

Micro Isolation

Micro isolation is a feature of FlexApp that helps to handle conflicts between layers. While FlexApp is not a full-blown isolation technology like Microsoft App-V, it does have some light isolation between layers. This means that when a conflict occurs, each layer will be redirected back to its own version of files or registry. For example, if each layer has a different version of a DLL in a common location that would normally be a last virtual write wins scenario and could crash the application, FlexApp’s micro isolation feature will ensure that each layer has access to its own version of the DLL. Here is a quick demo of Micro Isolation visually that should help your understanding of the technology.

Session Isolation

Session isolation is a feature of FlexApp that allows for handling different applications for different users when working on multiuser systems like Citrix Virtual Apps or Microsoft AVD. This makes layering on multiuser systems extremely flexible. This feature has also been extended to on-boot applications, which I recently wrote about here.

In conclusion, FlexApp’s unspoken features are an important part of its overall functionality. These features ensure that the user has access to the necessary parts of the profile, prevent conflicts between layers, and make layering on multiuser systems more flexible. Understanding these features can help users get the most out of their FlexApp technology and improve the overall user experience.

How Stratusphere UX Login Breakdown Can Help Identify Login Bottlenecks

Login times are critical for end-users and management, and any delay can impact productivity and user experience. However, identifying the root cause of login slowdowns can be challenging, given the number of factors that can contribute to it. Is it the machine group policy, user group policy, user environment management software, application layering product, antivirus software, security software, or some login script? Stratusphere UX Login Breakdown can help you identify the culprit and take corrective, prompt action.

Before you begin fixing the issue, it’s best to establish a baseline of your environment’s capabilities. You can create a test environment by taking a machine that closely matches your users, removing any antivirus or security software, blocking inheritance on any group policies, disabling any user environment management software and any application layering technology. This baseline provides a goal to work towards and helps hold products or people accountable for causing too much overhead in login times.

Once you have established a baseline, you can start identifying the culprit. With Stratusphere UX Login Breakdown, you can break down the login process into its constituent parts and analyze which parts are taking the most time. For example, you can identify inefficient group policies and take corrective action. You can either clean up the group policy and test your logins again or move most of the group policy to a user environment management product, like ProfileUnity, that is more effective in processing time than group policy.

Similarly, you can identify inefficient user environment management software, which can cause delays by running the regedit.exe command repeatedly to import settings or user preferences. Stratusphere UX Login Breakdown can provide a per-process breakdown of the entire login, helping you identify and address these inefficiencies.

Application layering products can also contribute to login delays by blocking the login from the user while it activates layers or by consuming too many CPU resources during the login. Stratusphere UX Login Breakdown can provide visibility into how much CPU is being consumed during the login, enabling you to optimize resource allocation and speed up logins. ProfileUnity FlexApp can assign application layers on boot and speed up logins by removing contention during the login process.

Antivirus and security software can be challenging to optimize for login performance, given that they are inline to process open, file system R/W, and network R/W. With Stratusphere UX Login Breakdown, you can analyze how much overhead your antivirus and security software are adding to all processes duration times and how much CPU they are consuming during the login. Taking a Login Breakdown snapshot before and after removing antivirus and security software this gives you the proof of the overhead to consult with your antivirus and security teams.

Finally, login scripts can spawn from various places, causing delays during login. With Stratusphere UX Login Breakdown, you can get the entire script duration and any process launched from that script. This visibility helps the script owner optimize the script and reduces resource consumption during the login, resulting in faster login times.

In conclusion, Stratusphere UX Login Breakdown is a powerful, non-invasive tool that can help you track down login bottlenecks with ease. With its ability to break down the login process into its constituent parts, you can identify the root cause of delays and take corrective, prompt action to improve login times, making your end-users and management happy.

Simplifying Disaster Recovery and Business Continuity with Microsoft FSLogix and ProfileUnity’s Portability

Using profile containers, like FSLogix or ProfileUnity’s ProfileDisk container, can present challenges when it comes to disaster recovery and business continuity. Issues such as localized corruption caused by network or storage outages, performing backups on large containers, replicating for DR, and setting up an active-active desktop deployment are just a few of the challenges organizations face.

This is where ProfileUnity’s portability comes into play. With its ability to compress user profiles into a smaller, more efficient backup format, ProfileUnity’s portability solves many of the issues associated with disaster recovery and business continuity. By targeting the file system and registry with surgical precision, the engine excludes large files like the Outlook cache that can be easily re-created from the cloud, making the archived copy of the profile much smaller and more manageable. In addition, the portability engine only writes out what has changed in the session, resulting in fewer files to manage and less network traffic to replicate.

Corruption recovery is also simplified with ProfileUnity’s portability. By removing the corrupt profile container and allowing the portability engine to restore and populate a new container with only what is needed for the user to continue working, organizations can quickly recover from localized corruption without the need for a full restore.

Backing up a large profile container can also be a challenge. ProfileUnity’s portability engine version of the user’s profile is typically between 100 – 1000 MB in size, making it much more practical to backup. In the event of container corruption, simply remove the corrupt container and have the user log in again. The portability engine will take care of re-populating the newly created container with the user’s preferences.

Replicating a large, monolithic file that is locked for 8-12 hours a day can also be impractical. However, ProfileUnity’s portability engine archives are stored in many small files that are not locked while the user is logged in, making replication options almost infinite and very cost-effective. Any SMB file-level replication technology, Azure blob replication, or even Amazon S3 replication can be used to replicate the archives.

For organizations looking to set up an active-active desktop, unique profile containers at each site that do not replicate would be used. The portability engine archives can then be replicated and, since the engine only writes out changes that occur within sessions, replication is fast and efficient.

Our team has been hard at work continuing to develop new features for our products, and we’re excited to announce that our next version of ProfileUnity will include a new template specifically designed to simplify disaster recovery and business continuity for Microsoft’s FSLogix profile container. With this template, our customers will be able to take advantage of out-of-the-box solutions that help ensure business continuity in the event of localized corruption, storage outages, and other common challenges. We believe that this new template will be a valuable addition to our product and will help our customers to better manage their FSLogix profile containers. The next version is due in April 2023.

In conclusion, using ProfileUnity’s portability on top of a profile container like Microsoft’s FSLogix or ProfileUnity’s ProfileDisk is an excellent way to simplify disaster recovery and business continuity. With its surgical precision and ability to compress user profiles into a more efficient format, ProfileUnity’s portability provides organizations with an effective recovery plan from container corruption, replication for DR or active-active desktop deployments.

Instant Application delivery with FlexApp 6.8.5 Cloaking

Instantly delivering applications to users can be a challenge, as even FlexApps can take some time to activate. For instance, it may take 14 seconds for 15 FlexApps to become available. This can cause users to log in to their desktops before the application shortcuts for all 15 apps are ready to use.

To address this issue, we’ve introduced FlexApps on boot. However, the current implementation of FlexApps on boot has a small drawback: all FlexApps on boot are visible to all users logging in to the RDS host or desktop pool. This necessitates creating multiple pools to segment applications that are layered on boot. While this reduces image management, it increases the number of pools to manage, even if they come from the same image.

But with ProfileUnity FlexApp 6.8.5, we have new technology that solves both image sprawl and pool sprawl. When you assign FlexApps on boot, you now have the option to cloak the FlexApps that a user is not entitled to at login. For instance, if you have two apps on boot, one for accounting and the other for marketing, both apps are layered into the OS on boot, so users don’t have to wait for layering to occur. During login, however, the marketing user won’t be able to see the accounting app, and vice versa.

In addition, we offer predictive block caching. FlexApps are typically streamed over the network, but it’s sometimes better to run the app from our block cache to speed up the user experience. However, downloading all the needed blocks can take time. With predictive block caching, we know what blocks are needed to achieve near-native speeds, eliminating the need to download all blocks while the user waits.

To summarize, we remove activation times (FlexApps on boot), launch times (block caching), download times (predictive block caching), reduce image management (using FlexApps), and reduce pools (FlexApps on boot with cloaking).

To accomplish this, first set up ProfileUnity as a Service. then enable the “Enable Cloaking for on-boot FlexApps” checkbox in ProfileUnity FlexApp 6.8.5 when assigning FlexApps on boot. Then, in the normal login configuration, assign the relevant on-boot FlexApps to the appropriate users. This will ensure that users only have access to the applications they need, while reducing image sprawl and pool sprawl.

Overall, this approach simplifies application delivery and management while improving the user experience. Users can log in quickly and seamlessly access the applications they need, without being burdened by unnecessary apps or activation times.

ProfileUnity with FlexApp 6.8.5, Best Practices out of the box!

Capturing applications with FlexApp can sometimes be challenging, and there are a few best practices that are critical to success. However, these steps can be time-consuming, and it’s easy to overlook important details. In some cases, this can lead to an unsuccessful deployment.

To simplify the process and ensure best practices are followed, ProfileUnity FlexApp 6.8.5 now includes out-of-the-box tools and features to help streamline the application capture best practices.

First, FlexApp now includes a built-in runtime installer, which allows you to easily install all the necessary .NET and C++ runtimes on the packaging OS. This eliminates the need to track down individual runtimes from Microsoft, saving time and reducing complexity.

Second, FlexApp also includes a custom optimizer tool specifically designed for capture. This tool ensures that the capture OS is optimized for the capture process, with minimal extraneous activity or noise. This is especially important since you may not have access to VMware’s or Citrix’s optimizer tools, and different optimizer settings are required for capture OS versus end user images.

Finally, FlexApp automatically performs rollbacks in between captures to prevent cross-contamination between applications. This ensures that each application is captured in a separate layer, without interfering with other applications layers.

By incorporating these best practices out-of-the-box, ProfileUnity FlexApp 6.8.5 simplifies the application capture process, reducing the risk of errors and ensuring a successful deployment. With these tools and features, you can capture applications quickly and easily, and deliver them to users with confidence.

More cloud! ProfileUnity with FlexApp 6.8.5 adds SAML and Azure Active Directory group support

ProfileUnity has added support for SAML and Azure Active Directory groups, offering greater cloud functionality to its users.

With console support for SAML, users can now access their ProfileUnity console using a cloud Identity Provider (IDP). This approach offers numerous benefits, including:

  • Two-factor authentication: Depending on the IDP configuration, users can use an authentication application on their phone, receive an SMS message, or even use a physical token for added security.
  • Centralized auditing: By centralizing all ProfileUnity console access to an IDP, IT teams gain access to full audit trails for login attempts. This allows for easy auditing without needing direct access to the ProfileUnity console.

By integrating SAML support, ProfileUnity has made it easier for users to leverage SSO to login the ProfileUnity console even more securely, and IT teams to manage and monitor those access attempts.

ProfileUnity has also recently released an update that introduces support for Azure Active Directory groups. This new feature enables the context-aware filtering system to make decisions based on a user’s Azure Active Directory group membership, making it particularly beneficial for users who work on an operating system that is not typically joined to an NT Domain or does not have a consistent connection to the corporate network.

One of the best aspects of this update is that it requires no changes to the client-side or user experience for the ProfileUnity client to query Azure Active Directory group membership. To get started, simply set up the console with the necessary Azure Active Directory access required to perform group queries.

With Azure Active Directory group support, ProfileUnity users can now take advantage of enhanced filtering capabilities, making it easier to manage. This upgrade provides greater flexibility and convenience for businesses looking to maintain secure and efficient IT operations while using Azure Active Directory.

Once the console has access to perform your Azure Active Directory Group queries the filter system will show Azure Active Directory groups.

Once you have setup your Azure Active Directory Group filter and tied it to a module, like shortcuts, FlexApp,.etc., the system will take care of enabling the client access to query your Azure Active Directory Groups.