Manual Chapter :
About Windows Protected Workspace
Applies To:
Show Versions
BIG-IP APM
- 15.0.1, 15.0.0
About Windows Protected Workspace
The Windows Protected Workspace action configures a temporary Windows user workspace for a
session. This workspace contains temporary Desktop and My Documents folders. The protected
workspace control deletes the temporary workspace and all of the folder contents at the end of
the session.
The Windows Protected Workspace and the Windows Cache and Session Control
actions are not compatible and should not be used in the same session.
- Close Google Desktop Search
- Specifies whether to close Google Desktop Search before starting protected workspace.
- Allow user to temporarily switch from Protected Workspace
- Specifies whether a user can switch from the protected workspace. When set toEnabled, the action provides a link so that the user can temporarily switch from the protected workspace.
- Allow user to use printers
- Specifies whether a user can use printers.
- Allow write access to USB flash drives
- Specifies whether a user can write from the protected workspace to USB flash drives:
- Disableddoes not allow users to write to any USB flash drives from the protected workspace.
- All USB flash drivesallows a user to write to any USB flash drive from the protected workspace.
- Only IronKey Secure Flash Drivesallows a user to write only to specialized, highly secured flash drives created by IronKey, Inc., from the protected workspace.
- Allow user to burn CDs
- Specifies whether a user can burn CDs from within the protected workspace.
- Allow user to choose storage location
- Specifies whether a user can choose the storage location for protected workspace files:
- Enabledallows users to select a storage location.
- Disabledstores files in the user's Document and Settings directory.
- Enable persistent storage
- Specifies whether data is saved on the system after the Protected Workspace session is closed:
- Enabledallows users to save encrypted data from the Protected Workspace session on the local system after the session exits. The files are automatically decrypted and available in the next Protected Workspace session.
- Disabledprevents users from storing Protected Workspace data in persistent storage.
- Password protect new storage
- Specifies whether the protected workspace requires a password to access data in persistent storage.
- Enabledrequires the user to set a password to access persistent storage data.
- Disableduses the default encryption and decryption, which is based on the server group name and storage device volume serial number.
- Clean memory on exit from PWS
- Specifies whether, upon exit, Protected Workspace tries to clean up the system paging file and RAM to remedy information leaks.
- Enabledallows Protected Workspace to perform a cleanup. The cleanup procedure stresses the system and can considerably increase session cleaning time.
- Disabledallows Protected Workspace to skip the cleanup.
- Server group name
- Specifies a group name for the server. This name is arbitrary, but limits persistent storage to that group name. For example, if a user connects to a protected workspace on a server with group name GroupA, and persistent storage is enabled, the user data is available when reconnecting to a server with the group nameGroupA. However, if the user then connects to a server with persistent storage enabled, and the server group name GroupB, persistent data from the GroupAProtected Workspace session is not available in the new session, and a new persistent storage is defined
