8. Strengths
No footprint on device
Works on most common browsers
(IE, Safari, Chrome, Firefox)
Files are rendered remotely in full fidelity*
Multiple paths in - SharePoint, Office 365 and Windows Live
Weaknesses
Much less functionality compared to native apps
Fidelity loss in edit mode
Requires SharePoint access in managed
environments.
*except, OneNote and OWA. They do not use remote rendering
10. Worker Processes
Functionality
Word Viewing [or PowerPoint] Service Highly sandboxed
6 Workers processes
Application Converts document or
Functionality presentation to series
of images or XAML
Services conversion
Temporarily stores
Application requests for
output locally on disk
Manager documents
Creates and manages Web Application
workers
Stores output to Web
Apps Cache Proxy Group
Home
Sites Functionality
Word Viewing Provides
[or PowerPoint]
G location of
Service service
Application applications in
5 Proxy farm.
4
3
7
Functionality - ASPX
Provides HTML
WordViewer.aspx Checks cache for
Layouts renditions
(& handlers)
Request renditions
2 from service app.
8 Functionality - Cache
Office Web Apps Cache
Stores rendered
documents
1
11. 3 Web Application
Functionality
Home Provides HTML
Sites Translates .DOCX
Layouts and .ONE files to
OneNote.aspx /
lightweight HTML / JS
WordEditor.aspx Caches updates on
2 server
OneNote only – auto
saves notebook
1
12. Excel Calculation Service Proxy Group
Functionality Functionality
Manages editing Excel Provides
Excel
Calculation
sessions G
Calculation
location of
Autosaves workbook service
Service Service applications in
Responsible for re-
calc
Proxy farm.
Connects to external Web Application
data sources (if
applicable)
Home
Sites
3 2
4
6
Functionality - EWA
Provides HTML
Layouts Excel Web Load-balances
sessions between
Access (EWA)
Excel Calculation
Services
Dispatches requests
to the ECS
5
1
13. Strengths
Offline capability
Tailored to device UI and usage
Weaknesses
Self-Provisioning via App Store & Android Market
May not have access to central and secure storage
User needs to apply updates
Files may be cached or saved to the device.
15. Strengths
No footprint on device
Manageable configuration
Citrix ica clients available for most common device types
Uses remote resources to render and compute
Enables core platform deficiencies, such as printing
Weaknesses
User experience
Hard to get and keep running
Multiple points of failure.
20. Control file traffic to
trusted devices & users
How to define and enforce what “trusted”
means?
Can you enforce enough configuration?
How good is device crypto?
How are untrusted devices connecting to
network resources?
24. Limiting Access to Data and Network Resources
The Traditional Management
vs. Consumerization Tug of
War
Rights Management
Reduce what untrusted devices can see and connect
to
Limit the amount of data kept on devices
(for example, mailbox sizes)
Allow doc reading, but not editing or local saving on
untrusted devices
Keep data central with secure remote access
27. Identity-based protection
Controls access to information across the information
lifecycle
Authorized access based on trusted identity
Secures transmission and storage of sensitive information
Embeds digital usage policies (print, view, edit, expiration
etc. ) in to the content to help prevent misuse after delivery
28. View Protected attachments in OWA
IRM in Exchange Active Sync
Enhanced collaboration using Microsoft Federation
Gateway
Cross Premises IRM support for Exchange Online
Transport Protection Rule
Outlook Protection Rule
Journal Report Decryption
Transport Pipeline Decryption
IRM in OWA
Exchange
Protected Voice Message
Exchange
2010 SP1
2010 RTM
Exchange
2007
29. Keep Everything in the Data Center
Deliver Cloud Services
Remote Desktop Solutions
Host data in your private cloud
You don’t need to say “no”, but you will need to ask for
resources
The end user experience may not be ideal, but both
parties get what they want
32. There is no one-size fits all solution here
Security is a sliding scale; lock down as needed
To be “policy-managed” is not a checkbox; it varies
dramatically from vendor to vendor
You can limit access to documents without completely cutting
unmanageable devices off
You can give people access to restricted resources, but it
can be expensive
This is a catalyst to get more resources and cement IT as
thought leaders in your organization!