The Framehawk Platform approaches the challenge of providing mobile access to enterprise applications with an innovative, new approach not previously possible.
The Framehawk Platform consists of several components working together to deliver secure mobile access to new and existing enterprise applications – without rewriting them. The solution can run in the Framehawk Cloud (a public cloud environment run and managed by Framehawk) or on-premise at a customer’s site behind their firewall.
Below is a diagram of the key components of the Framehawk solution and how they work together. This includes a:
The Framehawk Secure App Client Container is typically configured as virtualized servers that, depending on requirements, may be Linux servers, Windows Servers running Remote Desktop Services (RDS) (previously known as Windows Terminal Services),or an application virtualization environment.
In the cloud deployment model, a standard B2B VPN connection is established to access data behind the firewall. A number of options exist for this, including SSL gateway, IPSEC point-to-point (Services Cloud to Enterprise VPN) and IPSEC multipoint-to-point (each target server initiates an IPSEC VPN to the VPN gateway).
To prevent data leakage, all secured data is rendered as pixels on virtualized infrastructure in the Framehawk Platform. The Framehawk Encoder grabs only image content from portions of the virtualized application’s framebuffer.
This architecture introduces an active “fire break” between the public mobile networks and sensitive enterprise content because there is simply no means for the mobile device to access raw secure data. Data stays in the enterprise data center, locked down with your existing security.
The Framehawk Lightweight Framebuffer Protocol (LFP) is a patented new architecture that was developed by Framehawk’s engineers, inspired by their experiences working in spacecraft communications at NASA. The goal of LFP is 15,000-mile performant communication on latency-, loss-, and jitter-sensitive mobile carriers with devices with no specific chipset. This enables reliable, secure, high-performance communication between the mobile device and the secure container even on low-bandwidth networks such as 3G.
The Framehawk Client is a thin client that manages the secure bi-directional communication over LFP and also includes the elements required to provide a good mobile user experience for any of the applications. This includes:
Applications are enabled so that touch interface can be used instead of mouse clicks as required. Also supports options for right-clicks.
Enables mobile-style gestures such as pinch/zoom, swipe, etc., to be supported for all applications.
Supports fine-grained mouse control and allows even the smallest buttons, menu items, and widgets to be selected easily and accurately.
Keyboard pop, selection of relevant keyboard based on application (e.g. full desktop keyboard with function keys or standard browser keyboard).
Framehawk can quickly provide mobile access to existing applications that are inside your enterprise or SaaS applications provided by third parties. Either way, we enable employees to access and interact with these applications from their iPads and other mobile devices without rewriting them.
With Framehawk, your employees can access these familiar applications from whatever device they choose, while the data itself remains safely behind the firewall.