10-4 Agent design issues
Designing an agent to provide Remote Application Termination requires consideration of a number of issues in
order to minimize data loss and determine when a last-resort shutdown of a disconnected desktop session is
required. Listed below are several topics to consider when designing application control agents for your
environment. The topics are not exhaustive—use them as a starting point for a more complete design that meets
your business requirements.
Desktop session logout
Situation—In some circumstances, loss of a primary user connection should trigger a full shutdown of all
•
applications and force a logout of the desktop session (perhaps after a specified time limit for reconnection
has expired). This action would drop all connections to the remote session.
Benefit—Implementing a full desktop session shutdown/logout ensures that all connection activity ceases
•
immediately and ensure that applications are prevented from further unattended actions. Shutdown of a
remote session frees the workstation for connection by other users. This approach is the most absolute and
secure solution for desktop session management. Agent relies upon Windows logout routines to terminate
environment—simple in design and result.
Issue—Forcing a desktop session shutdown/logout can result in data loss for any open applications on the
•
desktop session. Forcing session logouts can result in application alert prompts requiring user interaction to
save altered data. These prompts can delay or halt an interactive logout. Session termination also destroys
memory of window placement on the desktop, and requires user intervention at restart.
Selective environment shutdown
Situation—Partial shutdown of an environment only terminates specific applications of interest. It does not
•
implement a full desktop session logout. It selectively protects only the most critical applications requiring
oversight and control.
Benefit—Preserves the active desktop session for connection at a later time. Selectively terminates the
•
applications of interest. Preserves data not governed by an automated shutdown policy. Supports session
recovery with an arbitrary connection time. If done in layers (giving some applications more time to live than
others), then a gradual "soft landing" shutdown can occur that ultimately results in a full logout. Idle
resources over a specific amount of time can be returned to a remote server pool.
Issue—Potentially more complicated to implement. Can require coordination of multiple agents to handle
•
layered shutdown. May still result in data loss for specific applications. May also require a master
semaphore to halt/terminate multiple agents if the user reconnects and wants to stop the shutdown process.
Wrapping applications of interest
Situation—Agents can be launched that supervise only specific applications in a given environment. Tying
•
agents to specific applications is a selective safety net for every user.
Benefit—Application-specific agents can be implemented as plug-ins or support utilities for a given
•
application. In the future, certain software providers may provide custom interfaces for safe shutdown
messages from an agent or the operating system. Custom agents can be independently maintained and tied
to specific application releases for greater support flexibility. Independent agent design supports unit testing
and decouples environmental dependencies.
Issue—Users need specific recourse to disarm an agent if they reconnect. Applications may not interact well
•
with a dedicated agent (and only shutdown due to a global shutdown request). Dedicated agents could
possibly be compromised.
Remote Application Termination 173