Desktop and Application Streaming

Category: Security, Identity, & Compliance

Enabling Federation with SimpleSAMLphp and Amazon AppStream 2.0

SimpleSAMLphp is an open-source project written in native PHP that deals with authentication for SAML 2.0 as a Service Provider and as an Identity Provider. You can use single sign-on with Amazon AppStream 2.0 with many identity services that are compliant with Security Assertion Markup Language 2.0 (SAML 2.0). This post explains how to configure federated user […]

Read More

Anomaly Detection in Amazon WorkSpaces

Amazon WorkSpaces is a fully managed, secure Desktop-as-a-Service (DaaS) solution that runs on AWS. Our customers have been deploying WorkSpaces to provide scalable end user computing to their users regardless of work location. Since the launch of WSP, additional capabilities such as USB and smart card support have enabled additional workloads to benefit from moving […]

Read More

Use Session Tags to Simplify AppStream 2.0 Permissions

Customers use Amazon AppStream 2.0 to centrally manage applications and stream them to their end users. Organizations have multiple stacks associated with different fleets to separate workloads based on underlying resources, applications, or different user permissions. In this blog post I show you how to use session tags in the SAML assertion to be used […]

Read More

DXC Technology creates DevSecOps and CI/CD for mainframe and Java using Amazon AppStream 2.0

DXC Technology is a global IT service leader providing end-to-end IT services on digital transformation to businesses and governments.  DXC is active in the areas of mainframe technology transformation to help customer move to Agile and DevSecOps practices using the cloud. DXC created an in-house DevSecOps platform at a global insurer for IBM Z series mainframe development. […]

Read More

Network Separation and Data Sanitization using Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon Macie

Data security and privacy are the top priorities of most organizations. Most of the data leakage happens not at the data center, but outside it. Most common reasons of data theft are unpatched desktops, malware attacks, and accidental data sharing. Network separation is a common way to secure desktop environments. Most organizations achieve this by […]

Read More

Integrating Microsoft Azure MFA Server with Amazon WorkSpaces

Important note: Microsoft Azure MFA Server has been a popular Multi-Factor Authentication(MFA) solution. If you are still using Azure MFA Server, this blog post provides instructions on integrating it with WorkSpaces. As of July 1, 2019, Microsoft no longer offers MFA Server for new deployments. Azure Multi-Factor Authentication customers must deploy a Network Policy Server […]

Read More

Integrating Okta MFA with Amazon WorkSpaces

Amazon WorkSpaces is a managed, secure cloud desktop service. You can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe. Multifactor authentication (MFA) is a security system that requires more than one method of authentication from […]

Read More

Learn how Vanguard built a secure sandbox system with AppStream 2.0 and AWS

Our colleagues at This Is My Architecture recorded a video with Yoni from Vanguard that explains how his team built a secure sandbox system that allows internal users to experiment with AWS in a safe, isolated environment. You’ll see how they used AppStream 2.0 to provide jumpbox-like functionality from the browser, Lambda to automate operations, IAM plus […]

Read More