Understanding the Symantec Workspace Corporate Connection Broker
Symantec Workspace Corporate (SWC) has been designed to provide flexibility to accommodate different clinical workflow scenarios. Because SWC is used to build a user desktop while utilizing a customer's existing infrastructure, the type of desktop built will often be driven by equipment and technologies that are already in place. This document will serve as a guide to help you understand how the SWC Connection Broker works, so you can configure it correctly for your infrastructure.
You will need an understanding of the various modes of operation to make the most efficient use of a customer's existing infrastructure.
Understanding Workspace Corporate Shell Modes
Symantec provides the Workspace Corporate Shell. It should be noted that the SWC shell is not the Windows GINA replacement technology. That is a separate piece that will be discussed in a separate article. When you run the SWC Agent installation you will have a checkbox option of Shell Mode. This option determine whether or not the SWC Agent replaces the Windows Explorer Shell with Symantec Workspace Corporate Shell (PrivacyShell.exe). A user must have a SWC license for the machine to actually use the SWC Shell. If the user is not enrolled in the SWC system, they will always get the Windows Explorer Shell1.
1This may change in Symantec Workspace Corporate 6.2
Understanding RDP Mode
When installing the SWC Agent there will be a checkbox option to choose if you want to run SWC in RDP mode. When you select this option, you are determining if you want to run the target machine like a thin client. If you select RDP mode, the machine will make an RDP connection to a specific host or load balancer. The host or load balance is determined by the Network Application defined in the SWC Administrative Console. By default this is set up to connect to the SWC Server machine. When using SWC to connect to a Citrix server, or to a load balancer this must be changed to point to that Citrix server or load balancer.
If you do not choose to install RDP you will have a standard fat client type machine. There will be no RDP connection to any remote server. If this is the case there is no way to use SWC in a roaming mode.
Single SWC Server Configuration
Below is a diagram of the connection broker process that takes place in the simplest of SWC configurations. It should be noted that the client workstation in this example has been set to use RDP Mode and Shell Mode.
Something that is not depicted in this diagram, but that is important is the name of the SWC Management Console, which is hosting the RDP (Terminal Services) sessions in this case. This server name is listed as the command line entry in the Network application in SWC.
Load Balanced SWC Server Configuration
In this scenario, the Network application in SWC Admin is pointing the name of the Network Load Balancing (NLB) server farm. Once the machine has authenticated to the domain, the SWC Management machine sends the name of the Server Farm down to the client (Step 4) and the RDP connection is initiated with the Server Farm.
Once you have an understanding of how the Symantec Workspace Corporate Connection Broker works, and the key components of the connection broker, you will have an understanding of how SWC can work with existing environments. The next article will be how to broker connections in a Citrix XenApp environment.