To provide mobile access to corporate applications, organizations often try to extend approaches like VDI designed for LAN-based environments. Or they incur the time and cost to rewrite applications natively or using web technologies like HTML5. The Framehawk Platform provides mobile access to both new and existing corporate applications, eliminates trade-offs for security, performance, and user experience, and allows organizations to choose their own development approach.
The Framehawk Platform gives you a strategic approach for all types of applications (existing non-web, web, and SaaS, newly developed web apps, and new native and hybrid apps) through a mobile-optimized protocol, a cloud-based platform, and optimized user experience capabilities.
Here’s why the Framehawk Platform is able to deliver for all of these scenarios:
Thick client Windows applications can be deployed in the Secure App Client Container using RDS or application virtualization techniques. No changes to the applications are required in order to “mobile-enable” them.
Web applications can be run in a browser of choice (e.g. IE9, Firefox 18, etc.) and will run with full functionality (e.g. Flash, Silverlight) independent of device.
The ability to select the browser of choice means that “write once, run anywhere” can actually be fully realized for HTML5 and other new web applications.
Framehawk’s architecture allows any application deployed in its container to co-exist with native applications running on the mobile device, but they will run completely segregated with no ability for interaction unless this is explicitly implemented.
Hybrid applications are also supported. A native application can leverage Framehawk’s SDK to access data and services in the secure server-side container and selectively bring data down to the mobile device.
By default, no data is ever on the mobile device, meaning that there is no risk of data leakage at the edge.
The secure container itself runs either in a Virtual Private Cloud with a B2B VPN / IPSEC connection to the data center or on a virtual appliance behind the firewall.
Framehawk also supports a comprehensive enterprise authentication (and SSO) model, allowing organizations to choose the appropriate level of authentication required, from simple PIN entry all the way to full enterprise credentials with two-factor authentication via a one-time password.
No changes whatsoever are required to the applications, meaning that deployment is rapid. Web applications can typically be deployed in a matter of minutes, thick applications in a few hours.
Framehawk’s patented LFP protocol ensures high-performance communication for the “long throw” between the mobile device and the secure container, irrespective of distance.
The application client or browser instance are actually running on high-powered server VMs and, if using the cloud, are going to be running in data centers with ultra-high speed connectivity to the Internet.
Applications behave the way that tablet users expect intuitively: touch is enabled, keyboards pop, and gestures such as pinch, zoom, and swipe all work on any application.
Additionally, the ability to use an offset mouse to drive applications with complex user interfaces is a major plus for user experience.
The standard cloud option for Framehawk deployment is multi-tenant, but single-tenant VPC deployment is also available.
On-premise deployments are made easy by Framehawk’s VMware virtual appliance.
Both cloud and virtual appliance options can scale based on the number of users and applications that need to be supported. The architecture has no theoretical constraints around the scale of an implementation.
A by-product of Framehawk’s architecture is that the security model has zero dependency on the device. With the applications actually running in the server-side secure container, the edge device can be any mobile device, whether corporate- or personal-owned.
Some of the key infrastructure software elements are:
MDM – Framehawk’s client has no dependencies on the device itself and so can co-exist with any MDM solution
MAM – Framehawk’s client is a native application that can be distributed and managed by a MAM solution
MIM – if a hybrid application is being developed, Framehawk’s client can be managed by a MIM solution (e.g. app wrapping). Any data brought locally to the device will be encrypted
VPN – There is no requirement for VPN on the mobile device to enable a Framehawk solution. If a VPN client is on the device for other purposes it will have no effect on Framehawk’s operation.
Email – if desired, corporate email can be supported directly and securely from Framehawk’s client (e.g. Outlook, Office365). If another approach is taken such as ActiveSync-based control of native email apps or Good for Enterprise, Framehawk’s client will co-exist.
Productivity apps – in the same vein, if desired, corporate productivity apps can be supported directly and securely from Framehawk’s client (e.g. Office, Office365). If another approach is taken such as QuickOffice, Documents To Go, Polaris Office, etc., Framehawk’s client will co-exist.
Existing approaches to mobilizing applications bring a number of compromises:
Companies often try traditional remote access solutions like VDI when attempting application mobilization. Unfortunately, while the security is strong and leverages existing applications, performance and user experience on mobile devices is poor, especially over unreliable cellular networks since it was designed to run over corporate networks.
If companies try get by with native tablet browsers, user experience is still a problem, as is security. In addition, many applications won’t run effectively because of browser compatibility problems.
Some enterprises look to redevelop native mobile applications for a particular device like the iPad. But that’s expensive to do for just one app – not to mention the whole corporate application portfolio. And while user experience can be great because it’s tuned for the device, data access can be slow, functionality deprecated, and all the while company data is being pulled onto the device where it is vulnerable.
If companies turn to HTML5 to rebuild an app on the web so it can run on tablets, too, they continue to have performance and security problems, while adding problems around compatibility and interfaces for different browser environments.
Framehawk lets you access new or existing applications from your choice of mobile devices, with an approach that avoids data leakage while delivering speed and a user experience optimized for tablets -- no compromises.