Rooms User Guide

A Tehama Room provides an isolated set of tools and services so you can collaborate securely. Organizations work together using a shared room with access governed by a policy. As a Room owner or administrator, you can monitor and audit user actions they perform when accessing and using resources on the connected network. Actions you can audit include their sessions, use of access credentials, transferring files in and out of your systems, and much more. More information on the Room concept is available in the Introduction.

For more information on various scenarios regarding creating a Room see the Getting Started Guide.

The graphic that follows provides a display of the architecture of the isolation that Rooms provide in the scenario where a service buyer (customer) has two rooms in Tehama connected to their network.

PSM


Depending on what type of user (administrator, manager, staff) you are and organization you belong to, a Room can contain all or a subset of the following six tabs:

  • CONNECTION – Allows you to manage, view and test status of the connection and to view/configure your firewall rules
  • MEMBERS – Use to manage who has access to the room
  • CONFIGURE – Use to add and configure tools such as desktops to a Room, or control access to your assets in a secrets vault (read-write). Also use to view/upgrade/downgrade your room's configuration details.
  • WORK – The main tab for end users of the Room. Use to access the tools (desktops, file vault, secrets vault (read only) )) available in the Room
  • AUDIT – Use to view the activity stream for your Room, and also to view recordings of your Room's desktop sessions
  • POLICY – Use to view or accept the compliance policy that governs access to assets accessible from the Room

NOTE: Depending on the status of your room you may or may not see all of these tabs. For example, the Work and Audit tabs are only available after you successfully connect the gateway agent and provision your room.


Connection

The Connection tab gives you control over the connection for your room. It provides you with the Status, Firewall Rules and Connection Test sidebar items.

Status

The Status page provides three important capabilities.

The top of the page displays the Gateway Agent connection status showing you whether or not your room is currently connected.

Your room's connectivity depends on a Gateway Agent being installed for your room. The middle of the page provides you with a link to the Gateway Agent User Guide for information on setting up the Gateway Agent and connecting it to your room.

The bottom of the page displays a button with which to regenerate the Access Key for your room's Gateway Agent, if required. Again see the Gateway Agent User Guide for more information on managing this key.

Firewall Rules

The Firewall Rules page allows you to customize access to the room's Desktops from remote applications/services through the room's Gateway Agent.

Connection Test

The Connection Test page provides access to the Connection Test Tool. This tool allows you to test connections to specified targets through your room's Gateway Agent. See the Connection Test Tool User Guide for more details.


Members

The Members tab is used to request or approve who has access to the Room. It groups users by organization.

As the user organization you can:

  • Request that teams or members be granted access to the room. Request access for a team or member by clicking on the **PROPOSE** button in the top right corner of the page or by expanding your organization in the list and clicking the **+ PROPOSE** button. These requests will be approved by the connected organization if they did not choose the automatic approval method.
  • Remove (delete) your member's access.
    Removing (deleting) your member's access will delete the member's individual desktops and revoke their access to the room.

As the connected organization you can:

  • Add your own members to the room by expanding your organization in the list and clicking the ** + MEMBER** button, or by clicking the **ADD** button in the top right corner of the page and selecting **Member** from the drop-down.
  • If you own the room (are paying for it) you can invite another organization by using the **ADD** button and selecting **Organization** from the drop-down.
  • Approve or deny requests for access from other organizations you've invited by expanding that organization, selecting the proposed member or team and selecting the "check box"/"x" button found at the top left of the list of organizations.
  • Remove (delete) a user's access by clicking the trash can Delete User Icon icon.
    Removing (deleting) a user's access will delete the user's individual desktops and revoke their access to the room.
  • Reject a user' s access by clicking the Reject User Icon icon.
    Rejecting a user's access will revoke their access to the room and to their individual desktops, but does not delete the actual desktop instances nor removes them from the desktop configuration list under the Configure tab.

Configure

Note, only the connected organization has access to the Configure tab.

You can use the Configure tab to view/change your room's configuration details and to add/configure tools such as Desktops and the Secrets Vault.

Room name

Click on the room name in the breadcrumbs in order to make it editable. Save your change by selecting the checkmark or discard it by selecting the cross.

Note that the name field (the name of the Room) may only be modified by the billing organization's admin or the Tehama super user, and only if it has not been archived.

Note that the ability to change the room name is available from any tab in the room (only for the billing organization and only if the room has not been archived).

Details

Click the Details sidebar item to view your room's current configuration. Click on the upgrade/downgrade button to select a different room configuration.

Desktops

Click the Desktops sidebar item to view your room's current list of desktop configurations.

From here you can add new desktop configurations, view/edit existing desktop configurations or approve/reject proposed desktop configurations. See more information in the Configure Desktops section of the Desktops User Guide.

Secrets

From the Secrets sidebar item under the Configure tab, you can add/configure secrets as described in the Secrets User Guide.


Work

The work tab is the main interaction point for most daily users of Tehama. It provides you with links to the available tools for the Room to actually deliver the work you are doing in the Room.

My Desktops

The list of the desktops that you have been granted access to in the Room. The status icon for each desktop shows you whether the desktop is in use or not.

To use a desktop, click the Desktop name and you will be provided with login information you can use to access the desktop. See more information in the Work with Desktops section of the Desktops User Guide.

As the user organization, from here, you can request new desktop configurations. See more information in the Work with Desktops section of the Desktops User Guide.

Pending Desktops

Note, only the user organization sees the Pending Desktops sidebar item.

Here you see the list of requested (proposed) desktop configurations. Once a desktop configuration has been approved, it will move into the list of desktops under the My Desktops sidebar item.

You can also request new desktop configurations from here, the same as in the My Desktops sidebar item.

File Vault

The file vault tab is used to transfer files in and out of the desktops. Any files you upload to the file vault will be available in the z:\ drive of the desktops.

Secrets

From the Secrets sidebar item under the Work tab, you can view secrets as described in the Secrets User Guide.


Audit

Note, only the connected organization has access to the Audit tab.

The audit tab is used to access the auditing and monitoring capabilities of the room.

Activity Stream

The activity stream for a room shows all the activity that has taken place on or to the room since its creation.

See more information in the Activity Stream User Guide.

Session Recording

At this time this includes past and live recordings of all sessions. Remote session recordings securely capture activity related to the type of work and actions performed on assets in Tehama. While the virtual desktops are being used, they are also being recorded.

Note that live sessions and recorded live sessions are available to view on the desktop ONLY by those having appropriate permissions for the room (see Roles User Guide).

The following procedure describes how to view a live session:

To View Recorded Sessions

  1. In Tehama, click the ROOMS tab.
  2. Click the AUDIT tab. The display shows all the activity in that room.
  3. Locate the session to view. NOTE: Saved recordings are associated with an ID number.
  4. To display details about a session, click the Information Information icon.
  5. Use the Play Play icon to start viewing the recording.

To View Live Sessions

  1. In Tehama, click the ROOMS tab.
  2. Click the AUDIT tab. The display shows all the activity in that room.
  3. Open the workspace agent.
  4. Navigate to the Live Audit page.
  5. Select the session(s) from the list that appears.
  6. Optionally, you can also access the Live Sessions from the workspace agent on a desktop.

Policy

Rooms optionally support having a Policy associated with them. This is managed through the Policy tab.

If you are the organization connecting the Room you will be prompted to configure a Policy or have "no policy" that governs the use of the Room. More information on policies can be found in the Policy User Guide.

If you have been invited to the Room you will be prompted to accept the Policy if one is set before your first access. This will occur every time the Policy is changed.