• Zero Trust Desktop
  • VPN embedded Windows VPS with
  • both web desktop and smart card restricted access

The capability of web desktop available in unsafe security environments
(Zero Trust model)
combined with the data and resources high protection by smart cards

This VPS is aimed at commercial agents, freelancers or startup administrators who need to access their virtual desktop even from non-owned devices without sacrificing data security.

All VPS features are based on Microsoft technologies so the PC client configuration does not require third-party software.

In purchase form buyers can opt to use no smart cards if that security grade is not needed.

Furthermore, on purchase form, buyers can opt to equip the VPS with a data partition which can be encrypted by BitLocker via smart card to exponentially increase data protection grade.

Once the VPS has been created, multiple client PCs can be configured by a VPS specific script which can be downloaded from the Customer Area.

The client configuration allows smart card to be used to access to embedded VPN login, network shares, remote desktop (thru RDP NLA protocol) and encrypted documents in the data partition if present.

Finally, the IP address of the VPS is shielded by NAT technology in order to prevent unwanted connections due to incorrect firewall configuration.

Price includes both on site daily backup and backup located on disaster recovery located in another European country. Backups are kept for 7 days.

Show more   >

Features
Zero trust virtual desktop
web access to VPS desktop from any browser web of any device kind. Web desktop provided by Microsoft Remote Desktop web client to provide both maximum performances and low Internet traffic
Embedded VPN
VPN protected resource access by Microsoft SSTP protocol which is natively suppported by every Windows PC client (no third-party VPN software needed)
Remote desktop login by smart card
dual desktop login mode: by smart card o by username/password
Dual VPN authentication
VPN login only by smart card or, optionally, by dual mode username/password and smart card
Smart card as optional feature
user can choose to use or not no smart card login on buy
Virtual smart card (TPM as smart card)
VPS smart card login support Microsoft Virtual Smart Card too. MSVC is available on genuine Windows 11 PCs and control panel certificate wizard instruct end users how to enable it (1)
Yubico devices
Yubico YubiKey both 5 and 5C series are natively supported by VPS
PKCS#11 smart card
smart card VPS login can be performed by every smart card or usb token having its own PKCS#11 middleware (driver) (2)
BitLocker
data partition can be enciphered by Microsoft BitLocker using the smart card (3)
Graphical access to the VPS console
graphical access to the VPS console featured by control panel even on network adapter misconfiguration
Virtual private cloud
VPS connections are protected by NAT (4)
Unauthorized access lockdown policy
preconfigured lockdown access policy against brute force attacks (5)
Resources
hardware resources are always dedicated with hardware ECC RAM
Backup
daily backup stored on-site and kept for 7 days
Disaster recovery
daily backup, kept for 7 days, on second data center located in another european country
Monitoring
VPS monitoring against o.s. crushes, overloads, low storage space, etc. as optional service (6)
Managing
power on, power off, shutdown, graphical console login and change Administrator password by control panel
Root of Trust
set of wizards inside Customer Area to handle smart card and to enroll certificates in a Public Key Infrastructure managed by Made Network
Client configuration
automatic PC client setup by downloadable configuration script from Customer Area
  • (1) Windows 11 PC owners can use built-in TPM as smart card instead the physical smart card
  • (2) To install custom smart card middleware on VPS you have to login in console by control panel and download the related installer from Internet. Then to test the right installation open VPN tunnel and try to log on VPS desktop by Remote Desktop connection application. Warning! If you plan to use a PKCS#11 smart card released by another CA keep in mind the usage related agreenment may cointains some restrictions. Made Network declines all responsibility about user violations related to smart card usage
  • (3) Protecting BitLocker key by a smart card let you to reach the maximum security grade. But keep in mind you can unlock smart card protected BitLocker partition only thru Remote Desktop connection application
  • (4) VPS has no public IP so both web desktop connection and VPN tunnel use specific ports of specific IP listed for each VPS in the Customer Area. This way well protects VPS resources and installed/exposed services
  • (5) Windows temporary locks (disable) access to users who tried to insert wrong password many times. By the way you can unlock (re-enable) Administrator user setting a new fresh password thru the related feature in the Customer Area
  • (6) Chargeable service
Pricing

Zero Trust Desktop

  • Newsletter

  • Subscribe to our newsletter to receive updates, personalized offers, server auctions and so on.
Made Network S.r.l. Via Macanno, 38/N 47923 Rimini (RN) - Italy Subscribed and paid-up share capital € 20.000 REA: RN-315382 VAT no. IT03893580401 PEC
Our Data Protection Officer is lawyer Massimo Bruno available at