Parallels Secure Workspace vs. Apache Guacamole
How do Apache Guacamole and Parallels Secure Workspace compare?
Apache Guacamole and Parallels Secure Workspace offer a built-in RDP to HTML5 gateway, so it is no wonder these two solutions are often compared. In this blog post, I’ll examine what Guacamole is and how it compares to Parallels Secure Workspace.
Want to see how real users rate Parallels Secure Workspace and Apache Guacamole? Check our reviews on TrustRadius.
What is Apache Guacamole?
Apache Guacamole, a client-less remote desktop gateway, supports standard protocols like VNC, RDP, and SSH.
It is considered clientless because Guacamole delivers apps or desktops via HTML5 once installed on the back end. A free, open-source platform, Apache Guacamole is maintained by the Apache community.
Guacamole is a free, open-source tool with a nice fan base that includes individual users, businesses, and software companies. The latter groups may embed Guacamole in their products including VPNs and firewalls.
Does Parallels Secure Workspace rely on Guacamole?
For starters, I’ll be clear about this: Parallels Secure Workspace does not use (or build on or rely on) Apache Guacamole. The solution has its own proprietary HTML5 gateway. I frequently hear the false claim that Parallels Secure Workspace uses this open-source tool, and while this is true for several competitors in our space, it is certainly not true for our solution.
Is Parallels Secure Workspace an open-source tool like Guacamole?
No, Parallels Secure Workspace is not free nor is it an open-source tool. Rather, Parallels Secure Workspace is a commercial product. Accordingly, we provide support that includes detailed product documentation, technical support and training, commercial models for our channel partners, and more.
That’s the first big difference between Parallels Secure Workspace and the Apache product. Who will you call when you have a problem with Guacamole? What happens when security vulnerabilities are identified? And so on. Moreover, our product roadmap is very security and Zero Trust focused, with capabilities like MFA, SSL, context awareness, usage auditing, and more.
On the other hand, Apache Guacamole was hit by a severe vulnerability in July 2020. Since then, five other CVEs (Common Vulnerabilities and exposures) have been identified and reported fixed.
We have a broad channel ecosystem of certified engineers that extends globally. We also have a set of tested technology partnerships that extend and complement our perimeter.
The similarities and differences between Apache Guacamole and Parallels Secure Workspace
There are also some obvious (and less obvious) differences from the technology perspective. Parallels Secure Workspace was built with simplicity in mind. It is easy to deploy and work with for both Windows and Linux admins (the latter of which are often familiar with the open-source community and likely to be familiar with Guacamole)
Now, let’s take a deeper look into the architecture and features of both solutions:
What are the similarities between Apache Guacamole and Parallels Secure Workspace?
HTML5 gateway and protocols supported:
Guacamole supports SSH, VNC, and RDP. Parallels Secure Workspace supports RDP.
However, Parallels Secure Workspace also supports WebDAV and CiFS. Parallels Secure Workspace’s built-in reverse proxy supports web applications.
Similar features for published applications:
- HMTL5 access (browser-based)
- Virtual keyboard
- Virtual (PDF) printer
- Session sharing and session recording
- MFA TOTP built-in, including support for RADIUS
Identical restrictions for certain applications:
Neither Guacamole nor Parallels Secure Workspace were designed for graphic-intensive applications like 3D rendering, video, or running video/voice calls.
What are the differences between Parallels Secure Workspace and Apache Guacamole?
File Server Access
Parallels Secure Workspace includes access to file servers via WebDAV or CIFS via the files section. Parallels Secure Workspace files can be opened with associated published applications.
One can also share large and small files without the need to upload the file(s) elsewhere with Parallels Secure Workspace (e.g., into a third-party cloud like WeTransfer)
Built-in reverse proxy
Parallels Secure Workspace features a built-in reverse proxy that provides access to internal web applications without needing RDP or remote desktop services.
UX
Look at Parallels Secure Workspace’s intuitiveness and user-friendly look and feel, and you be the judge.
The front-end workspace is very intuitive. You can access files, various applications, and desktops easily.
Multi-monitor capabilities
The multi-monitor capabilities are better developed with multiple options available in Parallels Secure Workspace.
Smart card support (in-app usage)
Parallels Secure Workspace can support the use of smart cards (e.g., eID cards) within applications (e.g. reading an eID card’s info) with its RAH (Remote Application Helper).
The RAH is the only exception to the TML5-centric story. The RAH agent must be installed on the local computers (Windows, MacOS, or Linux). In-app usage is not supported by the free Apache tool.
Otherwise, you don’t need to install other plugins or clients to work with Parallels Secure Workspace!
Security and compliance
Parallels Secure Workspace offers exciting capabilities that make your data even more secure:
- Built-in Context Awareness capabilities based on location or IP address as context access can be turned off for a user (group), giving admins extra control and capabilities.
- Built-in usage audit and anomaly detection that can be connected to an SIEM.
- Single Sign-On (SSO) with SAML or OpenID Connect without sending passwords to the Parallels Secure Workspace appliance.
- Guacamole supports SSO but uses password caching — so I believe the Parallels Secure Workspace setup is more secure.
- SSL encryption is built-in.
- No local data.
Here’s an overview of the Zero Trust capabilities of Parallels Secure Workspace:
Architecture
There are also some key differences from an architecture perspective:
Parallels Secure Workspace is delivered as a virtual appliance for simplicity and speed of deployment. Apache Guacamole requires installing multiple services or multiple docker containers, which need to be linked.
Guacamole leverages an internal translation protocol (RDP Guacamole protocol HTML5), while Parallels Secure Workspace does not use an internal protocol, which makes Parallels Secure Workspace a better, more resource-optimized HTML5 gateway.
Parallels Secure Workspace can enable HA (High Availability), so in a multi-node deployment, it can fail over between nodes if issues arise.
Parallels Secure Workspace is a multi-tenancy solution right out of the box.
The architecture is simple and non-intrusive.
Parallels Secure Workspace vs Apache Guacamole
When comparing Apache Guacamole to Parallels Secure Workspace, we see a lot of similarities, but there are also many differences.
Based on my knowledge of Apache Guacamole —which might not be complete, and I don’t pretend to be a Guacamole expert —this blog post provides a deeper look into the elements our customers are most concerned with.
Interested in making the comparison yourself? Try Parallels Secure Workspace in your environment — download it now.