Run Skype for Business As a Secure Virtual App—With a Great User Experience
Total Page:16
File Type:pdf, Size:1020Kb
White Paper Run Skype for Business as a Secure Virtual App—with a Great User Experience Run Skype for Business as a Secure Virtual App —with a Great User Experience Improve security and manageability while avoiding the performance problems of traditional virtual installations. Deliver secure, high-performance unified Virtualizing Skype for secure unified communications for your organization with communications Citrix XenApp or XenDesktop, optimized for Skype for Business—the only Microsoft- It’s easy to understand why so many endorsed solution for delivering Skype for organizations are moving to Skype for Business in a virtual environment. Business—already the third most-used PBX in the U.S. The platform lets you simplify Skype for Business is quickly gaining your infrastructure while supporting the widespread adoption as companies replace full spectrum of communications, including traditional PBX systems with the Microsoft calling, instant messaging (IM), conferencing, unified communications platform. It’s an easy video and desktop sharing. It’s also included decision to make—the shift to Skype for calls, in the Microsoft Office 365 suite, making the messaging, online meetings and video can yield decision even easier to make. Of course, as dramatic cost savings in both hardware and with any business technology, the way you management. Running Skype as a virtualized implement Skype makes a big difference— app can take these benefits even further especially when it comes to security and by allowing IT to use a single standardized performance. version to support people on every platform in the organization. More importantly, With a traditional local installation of virtualization eliminates the security risks Skype, chat and video logs, transferred files associated with logs and other files stored and other content is stored on the user’s locally on users’ devices. On the other hand, endpoint, whether a laptop, smartphone or traditional virtualization delivery methods can tablet. If the device is left behind in a taxi, also significantly degrade performance for stolen or otherwise lost, so is all that data, Skype, and a frustrating user experience can exposing potentially sensitive company and undermine adoption. IT needs a way to deliver customer information to risk. Malware poses Skype as a virtual app with performance at a more active threat, including T9000, a least as good as a traditional PBX. backdoor developed specifically to target Skype users. T9000 allows attackers to Citrix XenApp and XenDesktop with the capture encrypted data such as logs and files, HDX RealTime Optimization Pack for Skype and take screenshots of specific applications, for Business let organizations leverage and even detect and evade numerous security the full benefits of Skype in a virtual products that may be installed on the device. environment, including efficient single-image The heavy usage of IM in business today management and support, the inherent makes exposure to T9000 and other malware security of centralization and a reliable high- a constant threat. performance user experience. Developed in close collaboration between Citrix and Microsoft, the optimization pack delivers the security and optimal user experience business needs. Citrix.com 1 Virtualization makes Skype secure and overall painful experience. People won’t simple to manage put up with this for long before switching to their personal smartphones or other Fortunately, there’s a simple way to avoid alternatives, driving down Skype adoption these risks to locally stored Skype data: and undermining its benefits. don’t store Skype data locally. Instead, as Scalability is another concern. In many many businesses are already doing, you can implementations, the use of Skype began use Citrix XenApp or XenDesktop software as a replacement for another IM platform to deliver Skype virtually. This way, the such as AOL Instant Messenger, and only Skype client and associated data are kept later evolved into a full PBX replacement in the datacenter and never exposed to risk for unified communications. The addition of on the device itself. A lost device would audio and video naturally increases compute not compromise company or customer requirements, requiring additional servers information, and a T9000 infection would find at the datacenter and driving up IT costs. nothing to steal. For the user, the experience does not change—they still click a Skype for How Citrix delivers the best results for Business icon to launch the app just as they Skype for Business would in the native interface, even though it’s now running virtually in the datacenter. Performance and scalability for virtual delivery The benefits of virtualization go beyond security. IT can manage a single version of Recognizing the advantages of delivering Skype for Business client to support all users, Skype virtually, Citrix and Microsoft have regardless of the device—Windows, Mac, worked together to ensure that these Linux or thin clients. A consistent experience implementations realize the full benefits of across every device people use, including the improved security and manageability without same familiar interface and login procedure, sacrificing performance.Citrix HDX RealTime minimizes user training and cuts down on Optimization Pack for Skype for Business, helpdesk calls that can cost IT an average of the only Microsoft-endorsed solution for $70 each. Centralization of the app greatly delivering Skype for Business in a virtual simplifies management and makes it easier to environment, ensures local-like quality for apply patches and updates. audio and video with smooth call quality and maximum server scalability. Potential pitfalls with traditional virtualization methods Unlike other virtualization deployments, the unique Citrix architecture and RealTime With most virtualization vendors, the Optimization Pack avoid the “tromboning” improved security and manageability of or “hairpinning” effects described above. Skype for Business comes at the cost of The authentication, signaling and control performance. The typical virtual architecture processes of the virtualized Skype client often involves “tromboning” or “hairpinning,” run in the datacenter, while media traffic colorful descriptions of Skype traffic from one is decoupled and rendered locally on the party traveling to a datacenter far out of its endpoint. In the example cited earlier, the way en route to the receiving party. Consider users in Boston and San Diego would establish a call between a user in Boston whose virtual their connections to the virtual Skype client Skype app is hosted in a Washington, D.C. in Washington and Dallas datacenters datacenter, and another user in San Diego respectively; once the connection had been whose virtual Skype app is hosted in Dallas. made, subsequent audio-video media traffic The packets for each party will travel first would travel directly between the users’ to that user’s datacenter, and then to the devices located in Boston and San Diego other user’s datacenter, and only then to the on a secure channel, intelligently bypassing receiving party. A few dropped packets for a the datacenters. Call logs, chat archives, text chat probably won’t be noticed, but for a connection availability and other content voice or video call, a less-than-ideal network would be maintained at the datacenter, and connection will lead to obvious stuttering, nothing would live at the endpoint. delays, freeze frames, buffering and an Citrix.com | White Paper | Run Skype for Business as a Secure Virtual App—with a Great User Experience 2 A related consequence of this architecture is traffic to an alternate circuit. With NetScaler that because no CPU and memory resources SD-WAN, multiple connections of different are spent rendering media traffic, higher types—MPLS, Ethernet, DSL or wireless— user density per XenApp server is possible, act simultaneously as ma single virtual reducing the number of servers required at connection, so that the failure of any one the datacenter. In this way, the Citrix delivers physical connection won’t disrupt the session. both high-definition call quality for users This built-in fault tolerance protects users and a cost-effective secure platform for the from dropped calls or service failures. Virtual organization. No wonder Brad Anderson, WAN connectivity is especially valuable for corporate vice president at Microsoft, says: supporting branch sites, which tend to face “Skype for Business on Citrix VDI—it’s the more challenging network conditions and ONLY way to use Skype and VDI together.” bandwidth limitations. A consistent, high-quality user experience Flexible Deployment Options to Meet Your Business Needs The best part about virtualizing Skype for Business with Citrix is that the user Citrix offers a variety of ways to securely experience remains exactly the same. Once deploy digital workspace solutions like people login to their virtual environment, XenApp and XenDesktop, to meet your unique they see a regular Skype for Business icon needs. Deploy through Citrix Cloud, in a just as if it were locally installed. Users cloud of your choice, fully on-premises, in continue to use Skype accessories and the a hybrid of both or with a service provider. same user interface to make audio, video and You choose how and where to manage your text calls as they would on a locally installed apps, desktops and data. Subscribe to the client. IT can use XenApp or XenDesktop XenApp Service and XenDesktop Service to deliver, manage