In this episode, I sit down with Chris Marks, the Principal Outbound Product Manager at Parallels, to discuss the company's evolution beyond just running Windows on Mac. We dive into Parallels' remote application server (RAS) and desktop as a service (DAS) offerings, exploring how these solutions can benefit managed service providers and their clients.
We start by discussing Parallels' core product, which still enables running Windows on Mac, but has expanded to support a variety of operating systems and use cases. Chris explains that Parallels is now part of the Alludo group, which also owns other well-known software brands like WinZip, MindManager, and Corel.
The conversation then shifts to Parallels' remote application server (RAS) and desktop as a service (DaaS) offerings. RAS allows organizations to deliver virtualized applications and desktops to a wide range of devices, including mobile and web-based clients. It offers integration with various cloud providers and on-premises hypervisors, giving customers flexibility and choice. Meanwhile, DaaS is a cloud-hosted solution designed for simplicity, making it easier for organizations to transition to a hybrid work model without the need for extensive IT expertise.
Chris also discusses the security features of Parallels' solutions, including built-in multi-factor authentication options and the ability to integrate with external identity providers. He explains how Parallels' products can be white-labeled and customized for managed service providers, allowing them to offer tailored solutions to their clients. The conversation also covers the technical aspects of Parallels' multi-tenancy capabilities, site and theme management, and the role of the tenant broker for larger deployments.
Website: https://www.parallels.com/
Parallels on YouTube: https://www.youtube.com/@parallels
Website: https://www.itbusinesspodcast.com/
Host: Marvin Bee
Uncle Marv’s Amazon Store: https://amzn.to/3EiyKoZ
Become a monthly supporter: https://www.patreon.com/join/itbusinesspodcast?
One-Time Donation: https://www.buymeacoffee.com/unclemarv
Song: Upbeat & Fun Sports Rock Logo
Author: AlexanderRufire
License Code: 7X9F52DNML - Date: January 1st, 2024
[Uncle Marv]
Hello friends, Uncle Marv here with another episode of the IT Business Podcast, the show for IT professionals and managed service providers that helps you support your businesses, and we try to help you do it better, smarter, and faster. This is the podcast presented by NetAlly, and today's episode is sponsored by SuperOps, the all-in-one future ready RMM PSA tool that will help you supercharge your business. Let's see, we are back with part two.
I had a gentleman on a previous episode, Chris Marks, with Parallels, and I got so involved with asking him questions about remote work that we didn't get to talk about his company, so he is back to do that. Chris, the principal outbound product manager, Chris Martz. Chris, how are you?
[Chris Marks]
Great, thanks Marv, good to see you again.
[Uncle Marv]
Thank you for coming back and giving some time to your product, as we should. Now I did mention in the previous show that when most of us think of Parallels, we only think of it as running Windows on Mac, but Parallels is now so much more than that, so that's what we're going to talk about today. But why don't we start there and just let everybody know, has that changed?
Is that something that is still a big thing, running Windows on Macs?
[Chris Marks]
Yeah, running Windows on Mac, or Mac on Mac, or Linux on a Mac, or on a Chromebook. All those things still apply. If anything, the footprint of Parallels Desktop has grown relative to other products.
Some products delivering the same thing in recent times have gone out of the market, but Parallels Desktop still remains, still does a great job. Everything from developers who want to develop with multiple operating systems on their MacBook, through to gamers who want to use a MacBook, but also want to do some gaming on a Windows OS, and everything in between.
[Uncle Marv]
All right, that makes it seamless. All right, so before we get into the new stuff, let me go back. You had mentioned that Alludo is the parent company for Parallels, so I should probably let you explain that a little bit more, because most of us just think Parallels and didn't realize that there was a parent company involved.
Can you tell us a little bit about Alludo?
[Chris Marks]
Yeah, sure. Alludo is an organization that owns Parallels. So Parallels is one kind of pillar, but they also own WinZip.
Most of your listeners have probably heard of WinZip. Okay. That's the sister company of ours.
They also own MindManager, and they also own Corel. So those of you that come across it will maybe heard of Corel Draw, for example. So they own those four strings to the bow in addition to Parallels.
[Uncle Marv]
Wow. When did they take over Corel?
[Chris Marks]
A long time ago. That was the first existence. So Alludo used to actually be called Corel, and they changed their name relatively recently, just under a couple of years ago, because having the parent company of Corel and one of the children companies called Corel was a little bit confusing.
So Alludo is designed to stand for all you do. So it's a company that deals with everything that you would want to do as an IT user.
[Uncle Marv]
Very nice anagram. All you do. Sounds fantastic.
And that's interesting. I mentioned before that a lot of my clients are lawyers, and they were big with WordPerfect back in the day. And that was a Corel product.
I don't even know if it still exists anymore because we moved them all to Word.
[Chris Marks]
It does still exist. Yeah.
[Uncle Marv]
All right. So tell us what is new with Parallels since we've evolved now from the software product that was just running Windows on Mac? What's new at Parallels?
Yeah.
[Chris Marks]
Yeah. Well, I mean, you mentioned 2X in the last episode, and that really is what is delivering most of the kind of new value. And that's a product now called Parallels RAS, Remote Application Server.
So that is delivering VDI server desktops virtualized to either a client or a remote browser. So Parallels RAS is going great guns there. Probably the biggest element and the biggest differential Parallels RAS has is choice.
So we natively integrate to a whole load of what we call providers. So that could be public cloud providers. It could be Microsoft AVD.
It could be on-prem, hypervisors, such as Scale or Nutanix and those kind of things. And it brings them all into one place. So it allows people to have disparate sets of data, different sets of applications, but deliver them all from a single console, from a single location.
And it's pretty unique from that point of view. Brand new is a product called Parallels DAS. And last time we spoke about, there's quite a significant skill shortage we're seeing.
People have been thrust into this hybrid work styles kind of way of working, where perhaps they weren't prepared. They maybe had IT admins who were used to updating software on desktop computers, but now everyone's all over the place. That's not a feasible model.
And they don't have what we would call EUC guys. There was no intention on them delivering remote apps. So what Parallels DAS does is it considers those organizations.
It considers the fact that you don't want to have to learn something new and complicated. You just want to be able to flex into this new way of working and deliver their apps and desktops securely. That is exactly what Parallels DAS does.
It's 100% hosted in the public cloud. It is designed for simplicity. And it's designed for scalability.
So from a customer's point of view, everything is run inside a customer's Microsoft Azure tenant. They just configure everything inside the Parallels DAS port. Very simple, very secure.
[Uncle Marv]
Okay, let's quickly take a step back because I want to make sure, while some of my listeners are very techie, very geeky, and into all of this, some of them are still, we get lost in the acronyms sometimes. So I want to make sure everybody understands. You mentioned EUC.
And as I understand EUC, we're talking end user computing, right?
[Chris Marks]
Yeah, I mean, if some of your listeners will Google it, they'll find that it also stands for electric unicycles. But here we're talking about end user computing. Okay, all right.
[Uncle Marv]
And then when we talk about the previous product 2X, most of us are going to remember that as kind of a thin client alternative to Citrix. You describe things that are not really thin client based. You're talking about actual apps being virtualized and stuff like that.
Is that something that came with 2X or is that something Parallels added on to 2X?
[Chris Marks]
So Parallels acquired 2X and then the business has grown from then on. But I mean, comparing it to the kind of thing that Citrix does is a fair comparison. If your listeners already know how Citrix works and delivers apps and desktops and those kind of things, Parallels RAS is going to be delivering them in a similar way.
[Uncle Marv]
Okay, I just wanted to get that clarity because I know that most of our listeners, even though they're managed service providers, a lot of us are still using Windows Terminal Server, RDS as we call it. So that's the mindset that we think of Citrix as a whole different world, much more complex than RDS. So Parallels kind of, I don't want to say they're as complicated as Citrix, but not the same as RDS, right?
[Chris Marks]
Yeah, so Parallels RAS is going to take RDS and give you a whole load more value at the top of that kind of stuff, and not just with RDS as well. So if you're a managed service provider and you want to deliver to a customer who might have a requirement to operate inside Azure, for example, but another customer has a requirement to operate on-prem or in your own data center, that kind of stuff, one Parallels RAS deployment can deal with all of those scenarios. So the whole thing is multi-tenanted.
So you can then start to deliver loads more options to your customers, and you can also keep it simple because delivering applications from AVD inside Parallels RAS is pretty much exactly the same as delivering the application if it was on-prem.
[Uncle Marv]
Okay, and if we stick, let's stick with RAS for a second here before we go to DAS. RAS allows everything to be deployed to desktops, PCs, Macs, tablets, smartphones. Does that sound right?
That you're going to be delivering actual LOB applications through that?
[Chris Marks]
Yeah, so typically it's going to be virtualizing those applications in the same way that Citrix would. So from a client point of view, absolutely. We've got clients for mobile, Mac, Chromebook, web only.
So you might have a HTML5 browser, for example, wherever HTML5 browser exists, you can access your RAS deployed applications for sure, and obviously Windows and Mac too.
[Uncle Marv]
All right, so let's talk just one aspect of security because one of the things that we always have to consider is putting authentication on top of it, whether it's 2FA or anything like that. How does that work with Parallels?
[Chris Marks]
So you've got a number of options. So there are some security options built into the product. So if you pay for a RAS subscription and what you want to do is have a second factor.
So if you want to deliver a one-time password via SMS or via email, that can actually be built into the product without any third party involvement. So it's got an element of MFA built in. But what's also built in is the ability to deliver virtually any external MFA access you want, be that Azure or Google Authenticator, Microsoft Authenticator, Okta, any radius type service.
All of those things are supported out of the box. You just need to configure them with your external identity provider and you're good to go. Not only that, from a managed service provider point of view, you could have different levels of authentication for different organizations in the same implementation.
So I could have customer A using Google Authenticator. I could have customer B using, say, Microsoft Authenticator to do my authentication.
[Uncle Marv]
Okay, what about internal to each client? Do they all have to use the same one or can they use different features?
[Chris Marks]
No, so Raz has got this thing called themes. So themes on one side of the coin is used for branding. So I can white label something.
So let's say I've got two departments, I've got engineering and sales. Sales want a certain type of branding and a certain type of look and feel. Engineering have another one.
Those are two themes within one, what we call a site, which is a single deployment. Those two themes could have completely different MFA configurations. And in fact, they can have completely different single sign-on configurations as well if that's what you wanted them to have.
So think of contractors, for example. You might have internal employees using one method of authentication, but you want contractors to perhaps use something else.
[Uncle Marv]
Very interesting. All right, you mentioned white label and I want to get back to that because that sounds like something that would be very interesting to us as MSPs. But I want to go back and just make sure we tidy up with Raz.
So Raz is, in that sense, the traditional remote access VPN thing. And that's probably where most of us will venture into first. But you're talking about DAS now where we're talking about desktop as a service.
So explain that from your point of view in terms of how that's deployed, how end users access it, what does that really mean?
[Chris Marks]
Yeah, so if we take Raz as a complete toolkit, right? It's got all the switches and the buttons and the configuration that allows you to make it work in the way you want to work. It's got full integration with a whole load of external third parties.
That, although much simpler than Citrix, what we talked about earlier on, much simpler to deploy, still requires a level of end user compute expertise. DAS takes the assumption that the customer is not coming to this from an end user compute ambition. They don't want to get involved in end user computing.
They simply have an issue where they want to deploy their applications to their humans virtually. That's exactly what DAS does. There really is no configuration whatsoever other than a customer or a managed service provider setting up an Azure tenant that will set that Azure tenant, that will point that, refer to that from within DAS, configure the applications that they want to deploy and basically press go.
That is it. Those applications will then be deployed to those users logging in using that third party identity provider. Let's say Entra ID, for example.
Users would log in using Entra ID. That access DAS, and it is completely configuration free. It's all just tick boxes.
So it's not going to appeal necessarily to the kind of organization that wants that control and the detail, but it's going to appeal to the kind of company that says, I haven't got time, scale, energy for any of this. I just want this list of apps deployed to that list of users, please. That's where DAS fits.
[Uncle Marv]
Now, are they actually simply connecting to a desktop in the cloud and then that's what they get?
[Chris Marks]
Yeah, yeah. So it's a one-to-one relationship. So it's a little bit like Cloud PC, Microsoft Cloud PC, where you've got these individual, one user to one VM relationships.
I log in, do my work, and I log back out again. The fundamental difference between Parallels DAS and how Cloud PC is architected is Cloud PC assumes that that PC is available permanently. And when that user logs out, that VM still stays there and still is using resources.
DAS comes from a different angle. DAS by definition is a non-persistent. So as soon as that user logs out, that VM is destroyed.
And then when they log in again, it spins up a fresh VM for them to use the next time they log in. Obviously, we save their profile settings and those things that need to persist. But what we don't do is we keep that VM running.
So that provides a relatively low cost solution to an organization that wants that non-persistent architecture.
[Uncle Marv]
So the first question, I guess, is going to come to what you talked about in terms of resources. Most of the RDS or the RAS stuff, I'm imagining that clients are either creating an environment on-prem where there's, say, a terminal server or the personal PC of the user if they come into the office and they want to access their desk. That would be that type of infrastructure.
For the DAS, where would that infrastructure actually be? Would that all be cloud-based or is that something that we could still develop on-prem with those same functionalities?
[Chris Marks]
It's 100% in the public cloud. So architecturally, it is possible for us to deliver DAS on-prem. Today, DAS is a 100% cloud and 100% Microsoft Azure solution.
So the core management features are inside a DAS console. So the customer will connect to that DAS console and do that configuration. They create a golden image.
That golden image is stored in the customers or in the service providers if it's a service provider delivering this service. It's in their Azure tenant. We don't hold that golden image.
There is also a thing called a gateway service. That gateway service is also in the customer's tenant. And that is pretty unusual from a DAS point of view.
So what that means is the user logs in using their web browser into DAS. They see a list of applications. They open the application up.
The way that DAS works is the gateway is inside the same tenant as the desktop. So it's just going to navigate to that gateway. That gateway is going to make a decision and then it's going to, from in the same tenant, give me that application in a one-to-one VM-to-user kind of relationship.
How a lot of DAS services work is the gateway is owned by the vendor. So what happens is I request the application and it goes somewhere else. It might be somewhere else in the world to do that kind of negotiation.
It then has a hair-pinning effect where it then comes straight back to where I was before, before it then gets everything going. That's all avoided in Parallel Stats.
[Uncle Marv]
Okay. So that makes complete sense when you're talking about a client that's used to a 365 instance if you're using Entra. They're using, like I said, SharePoint, OneDrive.
When it comes to the third-party apps, let's say a third-party vendor application, and I'm thinking, this is the problem is with my law firms, I'm thinking on-prem servers, SQL-based sort of stuff. Can that be loaded into an Azure cloud server and deployed that same way?
[Chris Marks]
Is it possible? Yes. Is it?
What's the most cost-effective thing for that customer to do? That's an independent answer. Okay.
Because I'm not a big proponent of lifting and shifting resources as they stand from where they run into public cloud. That's not necessarily going to be a winner for the customer unless there's an inherent reason where they've got to get out of their data center. There's some impending event.
[Uncle Marv]
Well, I'm not even talking data center. I'm thinking for customers that have that stuff on their premise in their office and they've been told for years, you've got to get to the cloud and companies are in this mindset, well, we'll just lift your environment from on-premise into the cloud and you'll function exactly the same way.
[Chris Marks]
So is that possible? Yes. Is it a low cost option?
Perhaps not, but that's going to depend on the customer. It depends on what they're doing today. They may have preferential terms with their cloud provider, for example, in which case it then softens the blow a little bit from that point of view.
But is it technically possible? Absolutely, it's technically possible to go and run those same workloads in the public cloud, deliver the applications and then deploy them out of DAS. Absolutely, that is possible.
[Uncle Marv]
OK. So I know I asked a terrible question there. So let me ask if you have like a customer example of where DAS would actually be perfect for them.
Do you have one of those?
[Chris Marks]
Well, the primary example for DAS is going to be a simple use case. So let's say, let's take your RDS use case. It's a customer who's perhaps being used using RDS for a long time.
They are looking at this cloud migration. They don't want this management or the complexity of maintaining RDS. They don't want the RDS cows.
They don't want to start renewing those because those are not an insignificant amount of money. They just want to say, well, hang on, there's got to be a better way of doing it. So when they're re-architecting everything for the cloud or even lifting and shifting, if that's their decision to do, DAS would replace RDS in that example.
So DAS would then be used instead of that. The other example is a customer who's used to having maybe fat clients everywhere and they've been thrust into this hybrid way of working. I don't want to necessarily let my data roam with the user, but I also don't want to get involved in learning a whole load of new ways of doing stuff.
So what DAS does, it just simplifies the entire process.
[Uncle Marv]
OK. Now, going back to the situation where you said when a customer logs out, their VPN is destroyed or the VM is destroyed. I'm assuming that there's a data repository somewhere that the profile is saved.
Yeah. When it comes to data for the customer, and I apologize if I'm thinking very simplistic for a user, they're used to seeing a My Documents folder, you know, a My Pictures folder. They're used to seeing, you know, their drives, shared drive letters and stuff like that.
That probably needs to be maintained and persistent somewhere. Is that in a storage bucket or how is that done?
[Chris Marks]
Yeah. So currently the way it does works is integrates with Microsoft FSLogix, OK? So and what that's going to do is that's going to save those personal settings.
So when a user connects, they could access printers, for example, or they could access drives. When they disconnect to reconnect, it re-initiates that whole process. If they're trying to access folders that are inside that FSLogix profile, that profile is stored and saved within their tenant and it called upon the next time they log in.
So the VM is brand new, but the user's identity is not. It just gets reconnected to a brand new VM and they work just like they did before.
[Uncle Marv]
OK. And then one last logistical question. If somebody is working, say, from home and they've got a printer multifunction scanner and they want to scan, is the virtual machine truly like a virtual desktop where they don't have direct access to the drives and stuff there?
Or is it kind of like a VPN where they can upload a scanned image to a drive and that sort of thing?
[Chris Marks]
Yeah, so they could start copying data into DAS, but to be honest, the more complex the scenario gets, the more likely you are to use RAS, not DAS. OK. Because RAS can cope with all of that complexity.
It can cope with dealing with what happens if my user changes the default printer, for example, while the session is still open. What's going to happen? Well, RAS is going to update that automatically.
DAS, because it's designed for simplicity, is designed for a much simpler set of use cases. So the more complex the use case gets, it's much more likely we're going to be having a Parallels RAS conversation than a Parallels DAS conversation.
[Uncle Marv]
All right. Well, I guess I'll be dealing with RAS when it comes time.
[Chris Marks]
That is the majority of the conversation that we have, right?
[Uncle Marv]
Yeah, it is. It is. I just try to understand because I know, I know my listeners, some of them just, you know, when you say simple, they try to cram everything they can into simple and that's just not possible.
So now let's go back to this white label option. So a question I was going to ask you is, in the past, you know, solution providers have always just told clients, just go buy your own copy of Parallels. You make it sound as though we can now, you know, partner with Parallels, resell this, bring this as part of our MSP stack.
How does, is that, is it truly an MSP partner program?
[Chris Marks]
Yeah, for sure. For sure. We've got hundreds of MSPs doing this today.
So we have a full software provider license, a SPLAR license.
[Uncle Marv]
Okay.
[Chris Marks]
So Parallels, and this all applies to Parallels RAS, right? So Parallels RAS licensing is extremely simple. There is one licensing SKU and it's per concurrent user.
So from a SPLAR point of view, it is also per concurrent user. The big difference is the managed service provider is obviously looking at all of their customers added together. So the customer would be the net consumer.
They would spread their SPLAR license across all of their customers. Let's say they had 100 customers. Each of those 100 customers is using 100 licenses.
They would all be pulled together. Now, because Parallels RAS is a concurrent user license, this presents some commercial opportunity for a managed service provider. For example, if that managed service provider is selling their services to the customer as a named user, because if they work out their customer profiles right, they could end up actually reselling the same concurrent user subscription to multiple end users because not all of their users are going to be logged on at once.
There's actually commercial opportunity for a managed service provider there. And the architecture is multi-tenant. So we could have completely separate infrastructure for customers, or if they're smaller customers, you could just have a theme per customer.
And that theme, as we've already established, can have completely different security authentication mechanisms.
[Uncle Marv]
Right. And the white label aspect, you're talking about we can brand it either for the MSP or we can brand it for the customer, however it works for them.
[Chris Marks]
Yeah, you can brand it however you want, change the logo, change the color scheme, change all of that stuff, change the look and feel simply by just adding a URL. And you could have hundreds of these themes inside a single site. And you can have multiple sites in what's called a farm, which is the kind of unit of installation.
Okay. So I might have a hundred different small customers inside one site. If I've got larger customers and I'm dealing with more complicated networking requirements and that kind of stuff, I can install what's called a tenant broker.
And that makes it truly multi-tenant. And that means you'd have separate infrastructure for each customer.
[Uncle Marv]
So the sites would be the same infrastructure, but you could have multiple clients under a site.
[Chris Marks]
You could have multiple customers each using a theme. So you'd have theme one, theme two, theme three, theme four. They could all ultimately be accessing the same or different resources.
You point them to things called host pools. So theme one would access host pool one in theory, theme two could access host pool two and so on and so on. So they could have dedicated infrastructure, but that's not necessary.
You could be an ISV, for example, who just wants the user to open an application. You don't mind that there's two different customers on the same host, for example. That might not be an issue to you.
However, as a managed service provider, it is an issue to you. You want to separate that. So you could, you can point a theme at a particular host pool or you can have multiple themes all pointing to the same host pool or mix and match them depending on what your requirements.
[Uncle Marv]
Okay. But in a more traditional sense, most of us would just do a new site for a new customer and then do themes underneath that for different departments.
[Chris Marks]
That is also possible. Yes.
[Uncle Marv]
Sounds like there's a lot of options here. Yeah. Pretty interesting.
And then when you talk about sites versus the tenant broker. Yes. The tenant broker is from that standpoint, completely separate architecture.
You're talking in the cloud, right?
[Chris Marks]
Not necessarily. No. So you can deploy tenant broker wherever you want.
You can deploy in the cloud if you want to. We can deploy that on-prem. Organizations deploying tenant brokers tend to be larger MSPs who've got multiple larger customers where you've got other reasons to segregate other roles.
For kind of normal sized MSPs or smaller MSPs, most of them work perfectly happily using themes. Just segregate users that way.
[Uncle Marv]
All right.
[Chris Marks]
The choice is theirs. I mean, the other thing we can also do is not just about white labeling the user portal and all this kind of stuff. We can even alter how the Windows client installer looks.
So you could add your own MSP logo to the MSI file that installs a client. And that's all in the GUI. There's no kind of coding needed.
You just put a different logo on, put your logo on. When a customer has the onboarding process, they will launch that client and it will be your logo that appears, not ours, when it installs that client.
[Uncle Marv]
All right. So I just had a ton more questions pop up. I don't want to keep dumping them on you.
But let me ask this question. If one of the listeners or a new MSP were to sign up, do they get an account manager or access to a support group to kind of walk us through all these different options and maybe guide us through the first setup? Make sure we did it right.
[Chris Marks]
Yeah, of course. Of course. We've got MSP aligned individuals around the world.
We've got partner portal. Inside that partner portal for any partner, not just MSPs, but for any partner, there is a full set of training resources and certification, which is provided free of charge. There's onboarding resources.
There are individuals similar to me that would help them with that first process and get them up and running. Their hands will be held. They can run to a full proof of concept if they wanted to do it.
To be honest, to get a proof of concept up and running is a job that will take an afternoon. It is extremely simple to implement and get these things like themes that I've just been talking about. Within a single afternoon, you could have the product installed, test a couple of these themes out, have one looking at Google Authenticator, one looking at Microsoft Authenticator before the end of the working day easily.
[Uncle Marv]
All right. Very nice. Let's see.
I found the partner page on parallels.com. There's a program guide that I will make available to listeners. There is an email, partnersatAlludo.com if you have questions. I'll put that in the show notes. A lot of other stuff here on Parallels. That company has definitely come a long way.
Yeah, yeah, it has. All right. Chris, I know that I rushed us through some other stuff.
I wanted to make sure we got everything in. Is there anything in particular that you wanted to leave as a lasting note to the listeners?
[Chris Marks]
No, just, well, I guess, yes. I guess, yes. And it's not necessarily a Parallels thing.
Always, always, always, think about plan B. This is where the choice message comes from, right? Always think what happens, what am I going to do and how am I going to act if plan A doesn't come off or it changes in the future?
How can I flex? And that's exactly what things like Parallels RAS, Parallels DAS, Parallels Browser Isolation, which is secure browsing from the public cloud that we haven't even touched upon yet. All of those things are built for choice to allow you to deliver applications in the way you want to deliver them.
[Uncle Marv]
All right. Well, since you brought up browser isolation, can you talk about that real quick? I don't want to just end off on the fact that we didn't talk about it.
[Chris Marks]
Yeah, well, Parallels Browser Isolation pays attention to the fact a lot of companies are switching from installed client apps to SaaS. The challenge with SaaS delivered or any web browser application is the data is still loaded inside that browser tab. The data is still on that endpoint.
Infiltration of that laptop could still happen. Data security is still a problem. Parallels Browser Isolation is completely cloud native.
It's designed with secure Kubernetes containers to deliver a browser in the public cloud. Two advantages of doing that. So one advantage is if I've got a third party IDP like Okta or Entra or any of those things, I can configure those things to only accept connections from the Parallels Browser Isolation IP.
And that achieves a massive amount straight off the bat. It means no one can gain direct access to even my authentication mechanism, let alone my applications. They must go through this secure browser in order to do so.
The other thing is once I am in Parallels Browser Isolation, you can configure it in a whole number of ways to only access the URLs once you've authenticated, only access the URLs that you give them permission to access. So that locks them down to your SaaS app specifically without them navigating elsewhere or without navigating to other kind of routes and methods without someone who might have infiltrated that web browser, someone that's got a laptop full of malware. It removes all of those security risks from gaining access to my SaaS data.
[Uncle Marv]
Steven Cohen So it sounds like everything is air-gapped in that sense.
[Chris Marks]
Neil Milliken Pretty much, pretty much. Steven Cohen All right. Neil Milliken But again, it's about choice, right?
Not very many companies are 100% using SaaS. Some are, but not very many are. So this is where the combination of Parallels Browser Isolation with some of the other solutions we've got really helps deliver this single solution to the customer.
[Uncle Marv]
Steven Cohen All right. And now this Browser Isolation, this requires no agent or installer, right? This is all based on the browser?
Neil Milliken Correct.
[Chris Marks]
It's basically delivering a Chromium browser embedded inside that user's browser tab. So from a normal human's point of view, it looks just like another browser tab, but it's actually completely virtualized and it's brokered into the public cloud.
[Uncle Marv]
Steven Cohen Nice. All right. Another thing to think about when deploying these to customers.
So a lot of good stuff. Chris, thank you very much for taking the time. This gives us a lot to think about.
So I appreciate that. Chris Bounds Yeah, for sure. Well, I'll talk to you afterwards and we'll talk about getting in touch somebody at Parallels to help me.
I've got one client in particular that I'm thinking this would be good for about 150 users in multiple locations. And I'm dealing with a one user in Ecuador that's having fun. So we'll talk about that offline.
But there you go, folks. Chris Marks with Parallels, the principal outbound product manager and the parent company Alludo, which basically means all you do. So very nice there, Chris.
Thank you very much. Listeners, that's going to do it. Thank you very much for your time.
I appreciate you guys listening to the show. Obviously, you can head over to itbusinesspodcast.com. And if this is your first time listening, find us in your preferential pod catcher.
So you'll be alerted whenever we get shows published. You can also check us out weekly, Wednesdays at 8 p.m. Eastern on any of your favorite social media platforms, LinkedIn, YouTube, or the Facebook where we do our live show. And as always, I appreciate it.
We'll have another episode soon. And until then, Holla!