Skip to main content

Amazon WorkSpaces Secure Browser Documentation

General

Amazon WorkSpaces secure browser is a managed service that is designed to provide your employees and contractors access to your internal websites and software-as-a-service (SaaS) applications. Your end users can connect to WorkSpaces Web from desktop or tablet web browsers.

Getting Started

Once you have created a portal, you can share the portal URL with your users.

Compatibility

Devices

Users can connect to WorkSpaces secure browser from desktop, laptop, or thin client computers. WorkSpaces secure browser is designed to be accessed via a web client is supported by common web browsers.

Applications

WorkSpaces secure browser is designed to connect to internal or public SaaS web applications. 

Email

WorkSpaces secure browser is designed to support web interfaces for email.

Web-based collaboration and meeting tools

Customers have the option to optimize their instance type. All portals are designed to be on Regular instances, which is optimized for browsing static websites, but administrators can select Large instances to enable more memory intensive workloads, and XL instances for highly interactive websites.

Microphones and web cams

Users can to connect a mic or camera input during a session.

Security

Data Protection

During a WorkSpaces secure browser session, web content is designed to be streamed from WorkSpaces secure browser to the user in their local browser. Streaming is designed to prevent data from residing on remote devices and is designed to provide a barrier to attacks packaged in web content. At the end of the session, the instance is designed to be wiped, helping to protect sensitive corporate data. Throughout this process, data in transit is designed to be protected by encryption.

Security

WorkSpaces secure browser is an AWS service, so your content is designed to be handled in a secure environment. As a user of WorkSpaces secure browser, a part of the cloud is designed to be dedicated to your account and handles only your data. WorkSpaces secure browser enables you to apply enterprise browser policies and session controls over access to the clipboard, file transfer, and printer.

Caching prevention

WorkSpaces secure browser is designed to pixel stream web content to the browser, preventing data from residing on the local device or in the web browser.

Access restriction

WorkSpaces secure browser allows users to access their portal from anywhere and use IP access controls to filter which IP addresses may connect. When associated with your web portal, IP access settings are designed to detect the user IP before authentication to determine whether they are eligible to connect. Once connected, WorkSpaces secure browser is designed to monitor a user's IP address to help remain connected from a trusted network. If a user's IP changes, WorkSpaces secure browser is designed to detect and terminate the session.

Website access

You can use URL filtering to control which URLs users can access. You can use the console to create allow and deny lists of URLs.

User access, authentication, SSO

User access and authentication

WorkSpaces secure browser is designed to work with your existing systems and not add extra layers of user management. Portals are designed to support service provider initiated or identity provider initiated authentication flows.

Single sign on

You can support single sign on for websites that use the same provider you have configured for your web portal.

Monitoring

Service monitoring

You can monitor Amazon WorkSpaces secure browser metrics. You can also provide user access logging for session data and URL records.

Additional Information

For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see https://docs.aws.amazon.com/index.html. This additional information does not form part of the Documentation for purposes of the AWS Customer Agreement available at http://aws.amazon.com/agreement, or other agreement between you and AWS governing your use of AWS’s services.