In this blog post, we are going to focus on RD Gateway (Remote Desktop Gateway). We’ll explain what it is, and how it‘s different from Awingu.”>
What is Remote Desktop Gateway?
Remote Desktop Gateway (RD Gateway in short) is a component of Windows Server and RDS. It is a role that can be activated, in the same way as an RD Session Host or RD license manager. The RD Gateway enables end-users to launch the RDP client from a browser. End-users can browse a launcher webpage (not calling it a “workspace” via their browser; from there, a .rdp file is downloaded to the device where the RDP client will be launched.
RD Gateway is typically set up over port 443 (with SSL) and transports the RDP protocol in HTTPS (opposite to a simple deployment without RD Gateway, where there is no https encapsulation.
The following high-level picture illustrates the principles of the setup:
The biggest benefits of RD Gateway are that port 3389 does not need to be used for external access and that the user is provided a list of applications/desktops he can access. Using the default RDP 3389 port for external access is a magnet for hackers and really easy to breach (password injection, brute force, …). With the use of RD Gateway, a web application is put in front of the vulnerable RDSHs. Port 443 is used and the RDP stream from the RDSH is encapsulated in HTTPS. Web applications are more difficult to breach than old-school 3389 deployments; more difficult, but obviously far from impossible.
Even if users launch their apps/desktops via the browser, running the sessions themselves still requires usage of the RDP client on the device. One of the main downsides is that there is still an end-to-end RDP connection from the endpoint to the RDSH (even if the first leg is encapsulated in https). It means that if the endpoint is compromised, the risk to get the exposure on the backend is very real.
Awingu vs. RD Gateway
Awingu really is a different product than RD Gateway. Our unified workspace offers secure remote access to RDP-based applications or desktops, to file servers, and to web applications. That remote access is offered in the form of a browser-based workspace, where all services are available (translated to HTML5) from within the browser. From there, Awingu offers a rich turnkey solution with a focus on UX and security.
Let’s start with the similarities:
- Awingu has a browser based workspace (so does RD Gateway with its web launcher);
- Awingu is available over port 443 (so does RD Gateway);
- Awingu is installed on a Virtual Machine, typically in the same datacenter as the RDSH back-end (however, Awingu is delivered as a virtual appliance, not a Windows Server role like RD Gateway)
That’s it … so let’s have a look at some of ways how Awingu is different.
- Awingu does not use the RDP protocol as such towards the client. A 100% HTML5 experience is given where RemoteApps (or desktops) are made available fully in the browser. There is no dependence on the RDP client (or other clients for that matter). For avoidance of doubt: Awingu does not use the RD Gateway. It connects directly with the RDSH (using RDP as the a protocol);
- As a workspace aggregator, Awingu can also provide access to file servers (WebDAV or CIFS) and to web applications (via the built-in Awingu Reverse Proxy);
- The Awingu workspace is built with ease-of-use in mind, for the admin, and for the user. It’s supported by capabilities such, as for example:
- Rich multi-monitor working
- Session sharing
- File sharing (similar-ish to wetransfer
- Virtual printing (a PDF printer engine)
- As a turnkey security solution, Awingu is built on Zero Trust principles with lots of built-in capabilities:
- MFA (Multi-Factor Authentication)
- SSL encryption
- Granular usage controls
- Context awareness
- Usage auditing and anomaly detection
- Session Recording
- Rich SSO (Single Sign-On) capabilities – that do not rely on password vaulting – with external Identity providers such as Azure AD, Okta and ForgeRock;
About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.