Jiwa

NOTICE: The following post was partially redacted by an Administrator.
REASON: Disclosing private or confidential information.

Hi could you comment on the following query from a client.


From: REDACTED <REDACTED>
Sent: Thursday, 17 January 2019 1:49 PM
To: Tony Smith <REDACTED>
Cc: REDACTED <REDACTED>
Subject: Jiwa over a VPN

Good Afternoon Tony,
I wanted to follow up on a discussion we had in July last year about the possibility of Jiwa running over a VPN.

The current solution of logging into desktops is fraught with danger and we want to confirm that if the Jiwa client is installed on a remote PC that is connected via a VPN it would still function and update

There will, ofcourse be performance issues based on the connection but is it possible?>

Hi Tony,

If I am to understand the question correctly, you want to run a Remote Desktop Server and have users establish a VPN to the server from their local machine, and then run Jiwa in a remote desktop on the server?

If so, then of course it will work - the network layers between the RDP client and server are irrelevant to the Jiwa application.

I'm not sure why this is being asked - am I missing something?

Mike

Hi Mike,

I think it is that they do not want to use Remote desktop connections.
Can you connect to a network via VPN and then run Jiwa directly on your laptop / home PC etc.
Regards
Tony

tonys wrote:I think it is that they do not want to use Remote desktop connections.
Can you connect to a network via VPN and then run Jiwa directly on your laptop / home PC etc.

Yes. Performance will be directly related to the latency and bandwidth, however.

tonys wrote:The current solution of logging into desktops is fraught with danger

I should add that the ideal solution is to have a Remote Desktop Server (RDS) serving the Jiwa application as a Remote App only accessible from within a VPN connection.

This would give you the benefits of low latency (as the RDS server would be in close proximity to the SQL Server) and the security of the RDS server not being exposed to the public internet.

In this solution, the Jiwa application appears and behaves as a normal local application on their PC, but it is actually running remotely on the RDS server - The clients (users of the application) would need to establish a VPN connection and if you wished would also be required to authenticate with the domain controller which could be configured with Two Factor Authentication (TFA). TFA could be a FOB key or an authentication code on their mobile device, or an SMS code. In this scenario it would be advisable to use Windows Authentication for the login to the Jiwa application instead of the Username + password (Jiwa Authentication) to reduce the number of authentication steps and to allow restriction or removal of users at the active directory level.