VDI Architecture: Behind the Scenes of VDI 2.0 Client Architecture

Author: Puneet Chawla

Publish on: Oct 13, 2016 2:38:05 PM

This is the fourth article in our series on the big picture of VDI and VDI 2.0. Over the last 4 years we’ve built the industry’s first cloud-native VDI 2.0 solution that enables customers to do VDI or access any type of application from a single springboard. If you’re wondering about how Workspot might work for you, here’s your chance to learn about the different deployment topologies. You’ll also learn about the unique architecture behind the Workspot client.

Read the transcript below, or watch the full video featuring CTO Puneet Chawla here.

Various VDI deployment topologies used by Workspot customers


Workspot is built using a cloud plane and data plane decoupling. Our client decouples the control and configuration from the data center. As a result, it can have customers running different data centers in different parts of the world. Customers with different data centers can be managed using a single cloud plane.

  • Small customers can completely leverage public clouds like AWS and Azure.
  • Managed Service Providers enable customers in different parts of the world to access different resources.
  • Large customers can have multiple datacenters and can use different infrastructure and hypervisor stacks at the same time

Let me give you a concrete example

A customer is able to leverage a Cisco ASA in the DMZ running vSphere on HPE and EMC storage to do VDI. This customer runs Workspot client to access VDI, and the same customer can have published apps running using a different VPN on a Scale Computing or Nutanix AHV cluster at a second site.

So the ability to think about multi-site, multi-geo, highly elastic deplyments with failover and disaster recovery scenarios becomes fairly easy as you go cloud-native. A single multi-tenant service that is deployed across multiple availability zones in the cloud provides infinite scalability and high availability to our customers.

A unified workspace encapsulates all these services, data centers and handles various platform idiosyncrasies with a single client for the end users.

Now, let’s deep dive and look at the architecture that runs the Workspot Client.

How the Workspot client is architected

The Workspot client architecture was designed to provide a beautiful, elegant and simple user experience.

It is a single springboard for all kinds of assets in the organization. Users can login to Workspot Client to access VDI, published apps or even web apps.

The simple interface is possible thanks to the VDI architecture’s unified components. Our client runs across various platforms and shares a lot of common code base. A universal app-level L4 VPN enables customers to connect to their applications whether they are behind a firewall or running in the cloud without even knowing where the application is running. Support for Cisco, Pulse Secure, F5, Microsoft RDS Gateway and Fortinet comes out of the box. We also enable customers to leverage their existing Netscaler legacy investments. 


We have embedded a secure browser in the client so that customers can access web applications in high fidelity using local compute. The browser allows users to access SharePoint, SAP or SaaS services like Salesforce or WorkDay using a single click. There is no need to publish a browser for every web-app anymore. It's securely delivered on every platform using the Workspot client. The browser is based on open source Chromium project and provides full on-disk AES 256 encryption, clipboard and printing policy controls and every URL auditability for the CISO team. 

We have an embedded RemoteFX/RDP 10.2 client in Workspot. We leverage RDP 10, which provides high performance H.264 decoding on the client. With modern client hardware and servers with GPUs, there is very little CPU usage on both the ends for high graphics performance. Offloading encoding and decoding from CPU also provides higher server scalability and lowers overall TCO.  AVC 444 mode in the latest RDP implementation provides magical text clarity and high frame throughput of up to 50 fps on standard hardware. We have an embedded file repository engine that enables our customers to bring down files from the enterprise to the client and even access them offline in an encrypted enclave. This enhances the mobile VDI use-case, where a full desktop is not always desirable on a small form-factor.

Workspot’s unified workspace is a next generation client that is not restricted to remote protocol and Windows resources. It is a unified workspace for all kinds of resources, including direct web apps and files with a touch friendly client user-experience.

In addition, we have a context agent on the client, that collects a lot of fine-grained data for security and performance teams. It sends this data back to our cloud plane where analytics and insights are generated using our big data pipeline. Data like which users copied text into clipboard is captured and available for the first time in the industry. The data augments the security of the overall solution and provides the IT team confidence and tools to embrace the "BYOD" trend. 

In summary, Workspot is able to provide an elegant and simple user experience because of all the components that we have built over the last 4 years.

We have the ability to do VDI or any kind of application from a single springboard managed from a simple cloud-native management plane and that is an industry first.


If you would like to learn more about Workspot, download our Solution Brief now!

New Call-to-action 


Subscribe To Our Blog

Recent Posts