Skip to main content

Reference articleGlossary

  • Updated

Glossary

Activity Stream

The Activity Stream for an Enclave or Organization shows all the activity that has taken place on or to the Enclave or organization since its creation. Examples of activity include (but is not limited to) the addition of members to an Organization or Enclave, the creation of a Desktop within in an Enclave etc.

App Vault

A tool/service available in each Enclave that provides way to securely transfer application installation files to the Enclave's desktops.

Application (Desktop Application)

An application installed on a Desktop.

Asset

An Asset is a resource or service in your private infrastructure (internal network, cloud, ...) or publicly available applications and services in the cloud that you want to access from the Enclave. You store the list of assets in an encrypted secrets vault.

Tehama Client

The Tehama Client is a desktop application that lives on the computer from which you connect to your virtual Tehama Desktop sessions. Its purpose is to launch and host these sessions. See the Tehama Client Overview for more information. 


Windows App / Remote Desktop Application

Both are desktop applications that live on the computer from which you connect using either one to your Tehama Azure Desktop sessions. Their purpose is to launch and host these sessions. See the Microsoft documentation “What is Windows App?” for more information.
(The Windows App / Remote Desktop Application uses Microsoft RDP technology)

Tehama Desktop

A shared or individual virtual desktop computer hosted in a Enclave. From the Desktop, the user can access the configured assets. All work performed using the Desktop is audited. Desktops are instances of Desktop Templates.

Desktop Template

A pattern, or plan of a Desktop that is used to generate Desktops for one or more users of an Enclave.

DNS Filtering

DNS Filtering is a process that uses the Domain Name System (DNS) to allow website access, by their domain name. Tehama's DNS Filtering feature provides this capability as an extra layer of security on top of the Firewall Rules that are set up for each Enclave. See the DNS Filtering guide for more information about DNS Filtering in Tehama.

File Vault

A tool/service available in each Enclave that provides an audited/secure file transfer service. It is used to transfer data onto a secure Desktop.

Firewall Rules

A tool/service available in each Enclave that provides the ability to customize access to remote applications/services from the Enclave's Desktops. This access is managed through the Enclave's infrastructure. See the Firewall Rules User Guide for more information.

Multi-Path Enclave

A Multi-Path Room is a Room with 'Network Access' set to 'Multi-Path'. It provides the Room access to both the cloud and to private networks where connected through VPN IPSec connections (Multi-Path Room Connections). Note that when there are no VPN connections, the Room behaves like an 'Internet-Only' Room. See the Multi-Path Room Connectivity User Guide for more information.

Multi-Path Enclave Connection

A Multi-Path Enclave Connection is an IPSec VPN connection between a Multi-Path Enclave and a private network. See both Multi-Path Enclave Connectivity User Guide and the Multi-Path Enclave - Add Manage Connections for more information.   

Standard Enclave

A Standard Enclave is a basic Tehama Enclave. It can have 'Network Access' set to 'Multi-Path'

Service-provider Enclave

A Service-provider Enclave is a special type of Standard Enclave, where the responsibilities in the Enclave are divided between two organizations - the owner organization, that pays for the Enclave and has control over what services/tools are provisioned in it, and the access/connected-to organization, that controls which other organizations and which members have access and what assets are accessible through the Enclave. See Choose an Enclave type for more information on the types of Tehama Enclaves.

Org Manager

A Member of an Organization with elevated privileges. In addition to using the services available to 'Staff Members', Org Managers are also able to create policies, create and delete team member accounts and create additional Desktops. There may be many Org Managers in an Organization.

Enclave Manager

A Member of an Organization with elevated privileges. In addition to using the services available to 'Staff Members', Enclave Managers are also able to create policies, create and delete team member accounts and create additional Desktops in Enclaves in which they are members. There may be many Enclave Managers in an Organization.

Member

A User within an Organization. Has access, on request and approval, to Enclaves in which that Organization participates. May belong to a Team.

Org Admin

A Member of an Organization with super-elevated privileges within the Organization. There may only be one Org Admin in an Organization.

Organization

An Organization is a key concept in Tehama. Organizations can host Enclaves or be invited to use an Enclave. Organizations also have a set of Members (Users). See Organization User Guide for more details.

Tehama Admin

A Tehama Support Team member with super-user privileges in Tehama.

Policy (Condition of Use for Enclaves)

A Tehama policy, sometimes referred to as an "access policy" or a "compliance policy", describes the "conditions of use" that an organization and its users need to meet to gain access to an Enclave and any assets contained within it.. Policies are owned by an Organization. When an Organization invites another Organization to access an Enclave, it specifies one Policy under which that access is authorized. Different access policies may be specified for each Organization invited to an Enclave. See Policies (Conditions of Use for Enclaves) User Guide for more details.

Enclave

An Enclave is the key and most important concept in Tehama. An Enclave is a connected hosted extension of an Organization's IT infrastructure that provides a fully audited and controlled space that hosts a set of tools, services and/or applications for use by one or more other Organizations. Access is optionally governed by a Policy specified for each Organization invited to use the Enclave. In short, an Enclave is a secure Platform for the acquisition and delivery of Software Development and IT Management Services between Organizations. For more information see the Enclaves User Guide.

Enclave Owner Organization

The Organization that is paying for the Enclave. Note that this isn't necessarily the organization that is connected to by the Enclave (the Enclave Connected Organization). The organization that owns the Enclave always approves the addition of Desktops in the Enclave.

Enclave Connected Organization

The Organization that has connected the Enclave. Note that this isn't necessarily the organization that is paying for the Enclave (the Enclave Owner Organization). The organization that has connected the Enclave always approves access for individuals or teams to be added to the Enclave.

Secrets Vault

The secrets vault is used to provide secure storage of access credentials, secrets and firewall rules. Each Enclave has its own secrets vault repository providing single tenant secure storage for details of Assets for that Organization's connected environment. See Secrets Vault User Guide for more details.

Service Provider

A company that uses a secure access method to present services to recipients (consumers).

Service Recipient

Also known as a consumer, a service recipient is an organization that requires and pays for services.

Staff Member

A Member of an Organization with basic privileges. There may be many Staff Members in an Organization.

Team

A list of Members from an Organization. Convenient for adding or requesting access for groups of people to Enclaves.

Tool

A service (web application, API service, ...) that is hosted in an Enclave. Examples include the File Vault and Secrets Vault but also includes the video recording and auditing services.

Users

See member.

Related articles