Upload
ronald-wilson
View
219
Download
1
Tags:
Embed Size (px)
Citation preview
Microsoft RemoteFX: USB and Device Support
1
Nelly PorterGroup Program Manager
Remote Desktop VirtualizationMicrosoft Corporation
SESSION CODE: WSV309
Why RemoteFX USB Devices?High Level vs. Low Level RedirectionCore components What do you need to know to allow USB devices to be redirectedDemos!
2
Experience RemoteFX Devices
81%
3
The single largest security risk …
Close the experience gap between Local and Remote
4
RemoteFX meets RDP Goals
I want to be able to use devices I want, and have it just work
5
Why RemoteFX USB Devices?
AdvantagesNo client drivers necessaryWorks with any device
DisadvantagesOnly one session can use a USB device at a time
Best of the Two WorldsUse Both!
6
Where would you use RemoteFX USB Devices?
RemoteFX Audio DevicesE.g. USB speakers, USB headset, USB Microphone, USB Phone
7
RemoteFX HID DevicesE.g. Tablets, Media remotes, Joysticks, and many more
8
Printers and Scanners
Printers onlyEasyPrint or legacy redirections
Printers as multi-function device
RemoteFX USB Scanners only
RemoteFX USB9
Most Wanted RemoteFX DevicesPlace #2 and #3
10
It sees you when you are working, it knows when you come late...Fire over six meters, giving you coverage for over 113 square meters
11
Other Devices (isochronous and bulk transfer)E.g Office warfare ( Rocket Launcher with WebCam Combo)
StabilityDriver failures should NOT bring down the system
Driver failures are isolated to the VMApplications are transparent to redirected devicesIsochronous, layered drivers, with services or withoutIntegrate with PnP subsystem for device installs, driver load/unload
SecurityDriver failures should NOT compromise the system
Driver failures are isolated to the VMDriver interfaces should be validatedObey all USB “restriction” policies
Work for both KMDF and UMDF drivers
12
RemoteFX USB Devices Design Goals
Provided by:
Microsoft
IHV/ISV
RemoteFX USB HUB Filter
RemoteFXUSB Hub
RDP7.1 Client
RemoteFXRedirected Device
Proxy
USB Device Driver
User
Kernel
RemoteFX DevicesEnumeration
RemoteFX Generic USBDriver
USB HUB
SessionsNotifications
ServerClient 13
Architectural Block Diagram
Windows Kernel(I/O Mgr, PnP)
USB HUB2
Provided by:
Microsoft
IHV/ISV
14
USB DeviceDriver
1
Application
3
4User
Kernel
Win32 I/O API
Local USB Device Arrival
USB DeviceDriverWindows Kernel
(I/O Mgr, PnP)
RDP Client
RemoteFX USB Hub Filter
USB HUB
2
43
Provided by:
Microsoft
IHV/ISV
15
VMRDP Server
Remote FX Generic USB Driver
5
User
Kernel
1
RDP
6
USB Device Claimed by RDP Client
RemoteFX Device Proxy
RemoteFX USB HUB
7
USB DeviceDriver
9Provided by:
Microsoft
IHV/ISV
16
Application
10
VMRDP Server
11
User
Kernel
Device Claiming, VM side
Windows Kernel(I/O Mgr, PnP)
8
Win32 I/O API
USB Device DriverRemoteFXUSB Hub
Data Flow path similar to “claim device” In reverse order
Auto-reconnectNo changes until all attempts to restore connection exhausted
DisconnectAll devices removed
17
VMRDP Server
Device Removal
Device Removal and Cleanup
Provided by:
Microsoft
IHV/ISV
Server has to authenticate itselfEven when client and server both authenticated
Data returned from the device on the client or server is considered “not trusted”Additional validation is provided for subset of IOCTLs and URB interfaces, e.g.
All IDs returned from the device prior to be used on serverEvery URB packet request
Should meet USB 2.0 specification
18
Security Data Flow
Most Wanted RemoteFX DevicePlace #1 19
Heavy Investments in RDP with RemoteFX
20
Resources
www.microsoft.com/teched
Sessions On-Demand & Community Microsoft Certification & Training Resources
Resources for IT Professionals Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet http://microsoft.com/msdn
Learning
Complete an evaluation on CommNet and enter to win!
Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st
http://northamerica.msteched.com/registration
You can also register at the
North America 2011 kiosk located at registrationJoin us in Atlanta next year
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
JUNE 7-10, 2010 | NEW ORLEANS, LA