Tarantella Enterprise 3

Software
A Technical Overview

A Tarantella White Paper

August 2001

Abstract
This white paper provides a technical overview of Tarantella Enterprise 3, version
3.11 software. It is intended for a technical audience who wish to gain a deeper
understanding of the architecture and features of the Tarantella Enterprise 3
server. It is published for guidance only and may be subject to change.

Contents
About Tarantella Enterprise 3 Software .................................. 3
The Architecture ................................................................. 5
Login process.................................................................................................................................5
Launching applications ................................................................................................................5
Printing
.................................................................................................................................6
Tarantella Enterprise 3 Architecture Diagram.........................................................................6

Key Features....................................................................... 8
Adaptive Internet Protocol (AIP)................................................................................................8
Arrays
.................................................................................................................................9
Administration and management tools .................................................................................10
Application connectivity ............................................................................................................11
Authentication..............................................................................................................................12
Client connectivity......................................................................................................................12
Client drive mapping..................................................................................................................12
Datastore
...............................................................................................................................13
Display Engine.............................................................................................................................13
Firewalls
...............................................................................................................................13
Intelligently cached Java classes ...........................................................................................14
Licensing
...............................................................................................................................14
Load balancing.............................................................................................................................15
Logging and billing.....................................................................................................................15
Native Client ...............................................................................................................................15
Printing
...............................................................................................................................15
Processes
...............................................................................................................................16
Protocol Engines .........................................................................................................................16
Security
...............................................................................................................................17
Server lockout .............................................................................................................................17
Session resumability..................................................................................................................17
Session shadowing.....................................................................................................................18
Webtop
...............................................................................................................................18

Supported Servers, Client Devices and Web Browsers . . . . . . . . . . . . . 19

Sales Offices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

About Tarantella Enterprise 3 Software

Tarantella Enterprise 3 software leverages existing IT investments, without the cost of reengineering. It provides a non-intrusive solution that allows IS departments to regain control of
their IT systems, and cut costs. It provides fast, secure access to Microsoft Windows, web-based,
Java, mainframe, AS/400, Linux, and UNIX systems and applications from client devices
anywhere. This proven solution centralizes management, reduces complexity, and scales to
accommodate rapid corporate change, technological advancement, and expanding remote access
needs.

Fig 1. Tarantella Enterprise 3 software delivers any application, to any user, anywhere

With Tarantella Enterprise 3 software, users access applications remotely from their client device
(anything from a thin client to a top-of-the-range PC). All users need is a web browser (such as
Microsoft Internet Explorer or Netscape Navigator), with Java technology enabled. This approach:

Eliminates the need to install additional software on the client device

Dramatically reduces the time to deliver applications

Extends the reach of the applications

Increases manageability

Centralizes management of users and applications.

The Tarantella Native Client is available for embedded devices and users who do not have a web
browser.
3

Tarantella Enterprise 3 software uses an innovative architecture that integrates diverse application
servers, and diverse client devices, with little or no disruption to the existing IT environment.
Applications continue to run untouched on existing servers. Client devices such as Microsoft
Windows PCs, UNIX or Linux workstations, Internet devices, and Network Computers, can all be
used.
A wide range of connection types is supported, and the Adaptive Internet Protocol (AIP) ensures
optimal performance over complex network routes with varying bandwidths. AIP employs
heuristics to determine the type of device and network connection in use, and dynamically adapts
to optimize performance.
Tarantella Enterprise 3 software acts as middleware, storing information about users and
applications centrally. To access their applications, users authenticate themselves to the Tarantella
Enterprise 3 server. The server checks its datastore of user and application information to
determine which applications each user is allowed to access. This set of applications is then
presented to them in the form of a webtop. At all times, Tarantella Enterprise 3 software
manages connections, user sessions, and security.
Tarantella Enterprise 3 software is designed as a modular, scalable, and flexible solution. It is
ideally suited for use by data centers of all types, including Application Service Providers (ASPs)
and other service providers that need to deploy a mix of applications to large numbers of users,
with a range of client devices, and varying connectivity types.

The Architecture
This section describes how Tarantella Enterprise 3 software works under the covers. It describes
the processes of logging in, launching applications, and printing, and includes an overview of the
key features. Further details can be found in the Key Features section and are shown in the
architecture diagram. Configuration details can be found in the online documentation on your
Tarantella Enterprise 3 server or on the Tarantella web site.

Login process
Elizabeth Blue starts her web browser and types the URL for the Tarantella Enterprise 3 server:
http://boston.indigo-insurance.com/tarantella. For additional security, she may use HTTPS to
secure the network traffic to and from the web server. To secure Tarantella traffic, the Tarantella
Security Pack must be installed, licensed and configured, this optional component also lets users
connect to the Tarantella Enterprise 3 server through a proxy server and/or firewall.
If this is the first time Elizabeth has accessed this version of Tarantella using this web browser,
some Java archive files are automatically downloaded and installed on her client device. This
causes a slight delay on first use, but improves access time in the future, since the files are not
downloaded again.
The Java archives contain a number of Java applets, each used for a particular function. The first
applet used, the framework applet, acts as a bootstrap. It makes the initial connection to the
Tarantella Enterprise 3 server, and maintains client-related state information throughout a users
session. A proxy applet is also downloaded. This applet determines which server is configured as
the proxy server so the traffic can be routed appropriately.
Once connected to the Tarantella Enterprise 3 server, a web page is displayed that contains the
Login applet. The Login applet presents Username and Password text boxes, into which Elizabeth
must type her authentication credentials. When she clicks Log In, these credentials are passed to
the Tarantella Enterprise 3 server, and checked against various authentication services using
configurable login authorities. A login authority might check the UNIX password database, for
example, or authenticate against a separate LDAP server or NT Domain.
The login authority also identifies which user in the Tarantella Enterprise 3 servers datastore
matches the credentials supplied. The information stored in the datastore for this user determines
the appearance and content of the users webtop.
Once authenticated, the Login applet page in the web browser is replaced with a new page
containing the Webtop applet, which lists the applications Elizabeth may access.

Launching applications
Elizabeth selects an application on her webtop. The webtop applet starts the appropriate Display
Engine, which sends a request to start the application. The request is passed through the
Tarantella Proxy Server process (or SSL Daemon, if secure connections are in use) to the JServer
and finally to the Protocol Engine Manager, which:

Starts an Execution Protocol Engine. This connects to the application server, logs in as the
appropriate user, sets some environment variables as needed, and then executes the
application. If Elizabeths password for the application server is not stored in the secure
password cache, she is prompted for the information.

Starts a Protocol Engine (a native binary that runs on the Tarantella server) appropriate to
the type of application: either an X Protocol Engine (used for all graphical applications,
such as X11 or Windows) or a Character Protocol Engine. This sends application display
updates to the Display Engine on the client device, and returns keystrokes and mouse
input from the Display Engine to the application. All network traffic between Display
Engines and Protocol Engines uses AIP.

If there is more than one Tarantella Enterprise 3 server in the array, load balancing will be used to
spread the Protocol Engines across the array. If multiple application servers can run the
application, then application instances will be balanced across the application server farm. Many
installations also make use of DNS round-robin or third-party hardware to balance the HTTP(S)
traffic coming into the Tarantella Enterprise 3 server array.

Printing
Many applications have the ability to print, and the most common printing requirement is for the
print output to be directed to the local printer. However, for mobile workers and hot-deskers,
local changes from day to day. When working from home, for example, workers will not want
their applications to print to the printer in the office.
If Elizabeth would like to print from the application to her local printer, she simply selects the
print option from the application. Tarantella Enterprise 3 software includes a printing subsystem to
provide follow-me-printing. The Tarantella Enterprise 3 printing subsystem presents itself to
applications as an LPD printer, receives print jobs over the network, and spools them to the
Tarantella Enterprise 3 server, which routes them to the correct client.
When the client receives the print job, it is printed on that device's default printer. This could be
directly attached or available over the local network. So printing at home or a remote office
becomes simple and fast, and with the Tarantella Security License installed, it becomes secure as
well.

Tarantella Enterprise 3 Architecture Diagram

The processes involved in logging in, launching applications, and printing are shown on the next
page.

Fig 2. The Tarantella Enterprise 3 architecture

Key Features
Adaptive Internet Protocol (AIP)
To deliver access to multiple types of client devices over a variety of network connections, an
adaptive protocol is needed. The Tarantella Adaptive Internet Protocol optimizes the
responsiveness of applications by using heuristic mechanisms to constantly monitor, measure and
adapt the ways in which data is transferred between applications and client devices.
Monitors are constantly sending feedback on the performance of the client device and the
network latency and bandwidth. This feedback dictates how much processing the Protocol Engine
will perform, and how many operations will be performed by the client device. To do this, the
Protocol Engine classifies the level of optimization required and makes adjustments automatically.
For example, AIP attempts to differentiate between "interactive" and "streaming" applications and
applies a different set of optimizations to each. For interactive applications, it tries to ensure that
echo and other responses are seen by the user as quickly as possible (which normally means
applying a much greater amount of optimization on the server side). AIP looks for keyboard and
mouse input to indicate that an application is interactive.
For UNIX or Microsoft Windows applications, the following parameters can be set on a perapplication basis:

Command compression
This attribute determines whether the Adaptive Internet Protocol compresses commands for
transmission. With some applications, compression incurs a greater overhead than transmitting
commands uncompressed. You should turn off compression for these applications. The default
is Adjust Dynamically, which allows the option to be turned on or off, according to the
network conditions.

Command execution
This attribute determines whether the Adaptive Internet Protocol always executes commands
in order, or optimizes commands for performance reasons. For some applications, for example
those that use animation, the order in which commands are executed is critical. The default is
to Adjust Dynamically based on network conditions.

Interlaced images
This attribute determines whether images are transmitted and displayed in a series of
interlaced passes, or in one pass from top to bottom. Interlacing is recommended for graphicsintensive applications, particularly over low-bandwidth connections. The default is Adjust
Dynamically, which allows the option to be to be turned on or off, according to the network
conditions.

Graphics acceleration
This attribute specifies whether acceleration is allowed. Acceleration optimizes graphics
rendering and improves performance, at the expense of smoothness and exactness. For
example, colors may not always be exact. If your application's display must always be exact,
you should disable acceleration.

Delayed updates
This attribute specifies whether delayed updates of the display are allowed. This accumulates
changes and can improve performance. If your application's display must always be exact, you
should disable delayed updates. We recommend you turn off delayed updates for animation.

In addition to these attributes for controlling AIP on a per-application basis, there is another
attribute that lets you limit the bandwidth used by each person.

Bandwidth limit
AIP uses all available bandwidth by default. This attribute specifies, for each user, the
maximum bandwidth that user may utilize between the client device and the Tarantella
Enterprise 3 server for X and Windows applications. You can choose from a range of bandwidth
restrictions from 2400bps to 10Mbps. Or you can choose None to specify no limit: the
person uses as much of the available bandwidth as possible. This gives the best application
usability for the speed of the network connection. You don't need to change this unless you
have particular bandwidth restrictions in normal use, we recommend you use None.

Arrays
Tarantella Enterprise 3 servers can be combined into an array to improve scalability and
availability while allowing a single point of administration and a single point of entry for users.
Array technology allows administrators to construct complex, geographically dispersed arrays that
service user application sessions intelligently.
A Tarantella Enterprise 3 server array contains a single primary server and up to 20 secondary
servers. Array members can run different Operating Systems and can be connected via LAN or
WAN. When connected via WAN, Intelligent Array Routing can be used to route clients to the
Tarantella Enterprise 3 server that is nearest (in network terms) to the application server they
want to access.
Administrators configure arrays using Array Manager, which enables the construction of arrays and
the configuration of array-wide and per-server settings from a single point. All array members
share the same information about the users, applications and structure of an organization, which
can be edited using Object Manager. Array information is mastered on the primary server.
Tarantella Enterprise 3 arrays enable:

Single-point administration of enterprise-level organizational information

Load balancing of emulator sessions between Tarantella Enterprise 3 servers
No single point of failure if more than one server in the array

Array members communicate using port 5427/tcp. Array information is replicated across this port
from the primary server to all secondary servers, using the Java Object Serialization Interface
(JOSI) protocol.

Administration and management tools

Tarantella Enterprise 3 software provides two comprehensive graphical management tools
(implemented in Java technology) as well as multiple command line tools for the administration of
Tarantella Enterprise 3 servers. These tools have been designed for scalability and ease of use.
Only designated administrative users can run these tools.
Object Manager
Object Manager, which can be run from the webtop or command line, is a scalable, search-based
administration tool for managing users and applications throughout an organization. Property
sheets let administrators set up a users details, from their name and email address to how much
network bandwidth they can use for AIP. Similar property sheets allow configuration of
applications and application servers. Objects may be collected into organizational units to
reflect the structure of an organization.
Using simple drag-and-drop actions, administrators can configure users webtops and set up
application server load balancing.
With Object Manager, administrators can easily find out which users are currently running which
applications, and can shadow (see s e s s i o n s h a d o w i n g ) an application session and interact
with the application at the same time as the user.
Array Manager
Array Manager is an easy-to-use tool for setting up and managing Tarantella Enterprise 3 server
arrays. Like Object Manager, it can also be run from the command line.
Administrators can configure array-wide settings, such as the login page that all users see, the
license keys in use, and which mechanisms to use for user authentication (for example, a
separate LDAP server).
Administrators can also add and remove Tarantella Enterprise 3 servers from the array, promote
a secondary server to be the primary server, and configure settings for each server
independently. For example, if a server needs to be decommissioned temporarily (for example,
for an operating system upgrade) you can easily stop users logging in to their webtop on that
server.
Command line tools
Using the command line tools, an administrator can perform all Object Manager and Array
Manager functions (using batch scripting if desired), and more. For example, administrators can
query the log files, list currently spooled print jobs, or populate the application server password
cache.

10

Application connectivity
Tarantella Enterprise 3 software allows client devices to connect to server-based Microsoft
Windows, web, Linux, UNIX, mainframe (3270), and AS/400 (5250) applications.
Microsoft Windows applications
There are a number of ways to manage and deliver these applications with Tarantella
Enterprise 3 software. The recommended method is to use Microsoft Windows 2000 Server or
Microsoft Windows NT 4.0 Server, Terminal Server Edition, although other mechanisms can be
used to integrate with existing or legacy systems.
Microsoft Windows 2000 Server and Microsoft Windows NT 4.0 Server, Terminal Server Edition
make use of the Microsoft Remote Desktop Protocol (RDP) to display server-based applications
(RDP is fully integrated with Tarantella Enterprise 3 software). Administrators can create an
application object, configure it to use Windows Terminal Services, then add the application to
users webtops. This approach means that, for example, it takes only four steps to deliver three
Microsoft Windows applications to an unlimited number of users: one step for creating each
application object and one step to deploy them to the users.
The Tarantella Enterprise 3 server uses RDP directly, and provides a clean, drop-in solution
that does not disrupt the application servers. No additional software needs to be installed on
the application server, so new servers can be quickly added to a Tarantella Enterprise 3
environment as needed. Existing live servers can be accessed by the Tarantella Enterprise 3
server, so applications can be deployed to remote users without the addition of extra system
resources or incurring system downtime.
Note: For client drive mapping, a small software component must be installed on the Microsoft
Windows 2000 application server.
UNIX and Linux X Windows System applications
These applications can be delivered in two ways:
By default, Tarantella Enterprise 3 software uses an X Protocol Engine (a native binary that
runs on the Tarantella Enterprise 3 server) and an X Display Engine (based on Java
technology or included as part of a Native Client). This provides full Tarantella Enterprise 3
capabilities, such as session resumability, and adjusts for variable network bandwidths to
deliver optimal network performance.
If the client device has a local X server, the Tarantella Enterprise 3 software can be
instructed to route the X Windows protocol directly to this, bypassing the Tarantella
protocol and display engines. This can deliver improved performance in some
circumstances. Note that session resumability and low-bandwidth handling are not
available in this case.
UNIX and Linux character applications
These applications are delivered via a Character Protocol Engine (a native binary that runs on
the Tarantella Enterprise 3 server) and a Character Display Engine (based on Java technology
or included as part of a Native Client). The Character Protocol Engine supports a number of
common terminal types.

11

Mainframe applications via TN3270

TN3270 capabilities are delivered via the Tarantella Mainframe Connectivity Pack.
AS/400 (5250) applications
These applications are delivered via the Tarantella AS/400 Connectivity Pack.
Web applications
A web application is an application accessed by a URL that is protected by Basic HTTP
authentication. For example, this could be a link to a CGI script, servlet, or an HTML document.
To prevent users from being prompted for authentication each time they access the web
application, Tarantella uses its own web server plugin for authentication. The Tarantella
Authentication Daemon determines if a Tarantella Administrator has granted the user access
to this application and if so allows access to the application without the user being prompted.

Authentication
Tarantella Enterprise 3 software can authenticate users in many different ways, using configurable
login authorities. Each login authority can check user credentials (e.g. username and password)
against an authentication service, and can identify a corresponding user in the Tarantella datastore
that determines the appearance and content of the users webtop. The login authorities are
arranged in a chain, so that if one fails to authenticate the user, the next is tried.
Tarantella Enterprise 3 software can authenticate against LDAP directories (including Microsoft
Active Directory, Netscape/iPlanet Directory Server and Novell NDS), Windows NT/Windows
2000 domains, and UNIX user databases (including NIS), allowing organizations to integrate
Tarantella software seamlessly with their existing IT infrastructure.
In addition, Tarantella Enterprise 3 software allows anonymous access, if desired. Users can log in
without supplying a username or password and be given access to certain applications.

Client connectivity
Tarantella Enterprise 3 software supports access from client devices using Microsoft Internet
Explorer or Netscape Navigator web browsers (with Java technology enabled), without requiring
additional software to be installed on those devices.
A Tarantella Native Client is also available for some client devices, giving application access using
native software rather than Java technology.

Client drive mapping

Users logging in to Tarantella using a web browser or Tarantella Native Client on a Microsoft
Windows client device can access their local client's drives from Microsoft Windows 2000
applications. For example, users can work on documents using applications displayed through
Tarantella, and save the results to their own floppy drive or hard drive.
The Tarantella Enhancement Module must be installed on each Windows 2000 application server
for which you want to provide client drive mapping support.
Tarantella Administrators can configure which users have access to which drives, and which drive
letters to use on the application server. Configuration details for this feature can be found in the
online documentation.
12

Datastore
The Tarantella datastore is the sum of all the information used by the various components of
Tarantella. The datastore includes:

Information about hosts and users on the network

Tarantella session information (users logged in, applications running)
Organizational information

This information can be manipulated with Object Manager, Array Manager or from the command
line, and is accessible array-wide.
Each object in the datastore has a unique TFN (Tarantella Federated Naming) name. TFN names
include a component identifying the source of the information, called the namespace. TFN names
commonly have the following form:
.../namespace/name-within-namespace
The ... indicates the "root" of TFN. Each namespace may use a different naming scheme. The
namespace part of the TFN name acts as a "gateway" to that naming scheme. The following
namespaces are commonly used with Tarantella Enterprise 3 software:
Namespace

Example

Description

ENS

.../_ens/o=Indigo
Insurance/ou=Marketing/cn=Cust-o-Dat

The ENS namespace, containing objects with

Tarantella-specific behavior

LDAP

.../_ldap/cn=Cust-o-Dat,ou=Marketing,o=Indigo
Insurance

Objects in an LDAP server

DNS

.../_dns/verona.indigo-insurance.com

Hosts on the network

Display Engine
Display Engines render the application display to the client device and send mouse and keyboard
input from the client device to the application via an appropriate Protocol Engine. A Display
Engine is a thin Java applet (or part of a native client) that is invoked when a user requests access
to an application. It requests that the Protocol Engine Manager start the appropriate Protocol
Engine. The Protocol Engine and Display Engine then talk directly, independently of other parts of
the Tarantella server.
Tarantella Enterprise 3 software uses one display engine per application for each user. For
example, an instance of a Character Display Engine is started when a character application is
requested.

Firewalls
Tarantella Enterprise 3 servers are typically installed in a corporate enterprise or ASP environment.
The clients may reside at remote sites out of the control of the organization that controls the
Tarantella Enterprise 3 server. Clients may be routed through firewalls and/or proxy servers when
accessing Tarantella Enterprise 3 servers over the Internet. Corporate security policies at the client
site may only allow traffic to or from a specific port.
Tarantella Enterprise 3 software provides firewall traversal by allowing all communication to the
Tarantella Enterprise 3 server over a single port, usually 443/tcp. Proxy server traversal is also
supported for clients who are routed through a proxy server to the Tarantella Enterprise 3 server.
Details can be found in the Firewall white paper at
h t t p : / / w w w . t a r a n t e l l a . c o m / w h i t e p a p e r s.
s
13

Fig 3. Clients accessing Tarantella Enterprise 3 through a firewall

Intelligently cached Java classes

When users access applications from a client running a Java Virtual Machine, Tarantella Enterprise
3 software detects the client type and deploys a Java class file archive suitable for the client,
rather than deploying each class file separately. This optimizes performance of login and
application launching on all network connections. Tarantella Enterprise 3 software deploys
archived Java classes on the first occasion that a client device connects to a Tarantella Enterprise
3 server. Key portions of the Tarantella Enterprise 3 client, including the login applet and Display
Engines, are then cached on the client device. These components do not need to be re-deployed
at each subsequent connection, which is of particular benefit on slower network connections.
The cached Java classes are self-updating. When Java classes are updated at the server they are
automatically re-deployed and cached the next time the client device connects.

Licensing
Tarantella software uses concurrent-user, component-based licensing. Each component is licensed
for a number of users, and usage information is tracked over time. Administrators can obtain and
install license keys to increase the number of users licensed for particular components.
To license Tarantella software, administrators must first install an activation license key for either
Tarantella Enterprise 3 or Tarantella Enterprise 3 Starter for Linux software. Activation license keys
determine the particular rights and restrictions of each product; for example, the Tarantella
Enterprise 3 Starter for Linux product may only be installed on Intel platforms. Other license keys
may be installed after the activation license key.
Users installing Tarantella software without a license key may evaluate the software for a period of
30 days from installation. During the evaluation period, there are no restrictions on the number of
users that may log in or the types of application they may use. After the evaluation period, users
may not log in to Tarantella or start applications. The number of days remaining in the evaluation
period is displayed to all users when they log in to Tarantella.
License keys for the core Tarantella software and the Tarantella Security Pack are enforced by
software. This means that once the license limits are reached for these components, additional
users may not log in.
14

Load balancing
Tarantella Enterprise 3 software includes load balancing at both tier 2 and tier 3 in the three-tier
architecture. When users start an application, the Tarantella Enterprise 3 server (tier 2) chooses a
server in the array to manage the application session, based on criteria configured by the
administrator: none (uses the array member the user logged into); least CPU usage (load is
measured across all array members continuously); fewest emulator sessions (number of
applications being hosted on the particular Tarantella server).
For application server (tier 3) load balancing, an administrator configures a set of application
servers that can run each application. At application start-up, the Tarantella Enterprise 3 server
chooses the application server running the fewest application sessions.
Webtop sessions (tier 1) can be spread across arrays by using standard techniques such as roundrobin DNS.

Logging and billing

Tarantella Enterprise 3 software provides array-wide billing utilities and log files. Server, user and
session information is collated and output in CSV format, compatible with most third-party
accounting and billing systems. A range of information, including application start and stop times
and application server information, is made available for billing and log analysis products.
For more information on logging and billing see the white paper on the Tarantella web site.

Native Client
Each Native Client is targeted to a particular client device and is installed on that device. Users
can run the Native Client instead of a web browser to access their webtop. This is appropriate for
specialized devices or in cases where browser installation is not desired or possible. Native
Clients are available for Microsoft Windows, SPARC Solaris, Linux on Intel and HP-UX. They allow
both standard and secure (with the Tarantella Security License) connections.
The Native Client is included with the Tarantella Enterprise 3 core software and can be installed
from http://<yourservername>/tarantella/cgi-bin/install.cgi.

Printing
When a user prints from an application displayed through Tarantella, a print job is created on the
application server in the standard way. This is passed to the Tarantella server through either an
LPD interface or (for Microsoft Windows 2000 application servers using Windows Terminal
Services) an RDP interface.
The print job is spooled on the Tarantella server, and the client device is notified of a print job.
The users webtop contains a Print Display Engine, which requests the print job. A Print Protocol
Engine starts, which forwards the print job using AIP to the Print Display Engine. This then sends
the print job to the client devices default printer.
With Microsoft Windows 2000 application servers using Windows Terminal Services, a printer is
automatically configured that uses the client devices printer driver and sends print jobs to the
Tarantella servers print queue. For other platforms, administrators must manually configure a
printer to forward print jobs to the LPD printer on the Tarantella server.

15

Processes
Tarantella Proxy Server (ttaauxserv) process
The Tarantella Proxy Server is the controlling parent process. It sends launch requests to the
Protocol Engine Manager and passes all other requests to the JServer. It communicates with the
client on port 3144 and with the JServer on port 5427. It will restart the JServer and Protocol
Engine Manager if they exit unexpectedly.
Protocol Engine Manager (ttaauxserv) process
The Protocol Engine Manager communicates on a dynamically allocated port. It hands off AIP
connections to Protocol Engines and executes UNIX logins. It communicates with the JServer to:
Access the password cache
Receive UNIX login requests
Notify the JServer when emulator sessions change state
JServer (jre) process
The JServer is a Java technology application. It is the decision-making process that maintains the
configuration and database, and interfaces to JNDI. The JServer process handles webtop
construction, application launch and resumption, load balancing, session management, array
replication and authentication. It connects to the Protocol Engine Manager to launch applications
and verify UNIX passwords. It is event-based and propagates important events across the array.
JServers on different array members communicate on port 5427/tcp.
JNDI
JNDI is the API used to store and interrogate data. It is the interface to the naming system used by
the Tarantella software, and provides uniform access to diverse data, allowing operations such as
searching, creation, deletion, modification and event modification.
ASAD
ASAD is the datastore protocol used by the JServer. Most communication with the JServer uses
ASAD. (The Native Client uses a form of AIP, understood by the JServer, designed for ASAD-type
requests.) ASAD is used:

By the client (downloading the webtop and launching applications)

In peer-to-peer connections (including replication)

By administration tools (GUI and command line)

Protocol Engines
The Protocol Engines, which run on the Tarantella Enterprise 3 server, provide the emulation
necessary to view and interact with applications. A Protocol Engine acts as a client to the
application on the application server, and communicates using the application server's native
protocol. It translates this native protocol into Adaptive Internet Protocol for transmission to the
client device.. Protocol Engines are implemented as native binaries to ensure optimal performance
on the server.

16

Graphical applications such as X11, Microsoft Windows, 3270 graphical and 5250 use the X
Protocol Engine. Character applications use the Character Protocol Engine. The Print Protocol
Engine is used for printing and the Client Drive Mapping Protocol Engine is used when client drive
mapping is used.
Tarantella Enterprise 3 software uses one protocol engine for each application type for each user.
However, a single protocol engine instance will handle multiple sessions for a particular user.
Protocol Engines are invoked on demand.

Security
The Tarantella Security License can be installed on the base product to provide a high level of
security through data encryption (using SSLv3) and host validation (using X.509 server
certificates). It also provides the ability to traverse firewalls without opening additional ports and
to route client traffic through a proxy server.
Administrators can configure the type of connection each user receives, based on the client
device and Tarantella Enterprise 3 server theyre using. For example, a user can be given a secure
connection whenever they connect from a client device outside the firewall, and a standard
connection when connecting from inside the firewall.
We recommend that you use a secure (HTTPS) web server on all Tarantella hosts. This ensures that
all web pages users see, and the sensitive connection information the client downloads, are
encrypted. Using a secure web server does not encrypt Tarantella-related information, such as key
presses, display updates or login information, so you must license the Tarantella Security Pack for
this level of security. A combination of the Tarantella Security Pack and HTTPS is recommended.

Server lockout
Tarantella Enterprise 3 software allows administrators to decommission Tarantella servers within
an array for maintenance, upgrades, etc. without affecting users. This stops new users from logging
in to a particular server, without affecting existing users, and redirects new users to other array
members.

Session r e s u m a b i l i t y
Session resumability lets users resume an interrupted session, on any client device, at a later time.
For example, Bill Orange, currently running an application at the office, turns off his PC and goes
home. The application continues running. When Bill arrives home, he can log back in to Tarantella
and resume the application, as if he was still at his desk in the office. While Bill travels home, the
application continues running. He could start a lengthy calculation in the office, then pick up the
results when he logs in from home.
Session resumability is also useful for applications that take a long time to start, or for those that
require the user to take a large number of steps after start-up (for example, to walk through a
complicated menu system). Also, if a modem connection is interrupted, the server must be able to
recreate the state associated with the client when it reconnects. Session resumability allows this.
Administrators can configure session resumability per-application.

17

Session shadowing
Session shadowing allows administrators to view and interact with a user's Tarantella application
sessions simultaneously with the user. Help-desk staff can take over a user's application session
and get them out of trouble or otherwise assist.

Webtop
Users interact with applications and documents
on the network using the web equivalent of a
desktop the webtop. Tarantella Enterprise 3
gathers all objects (applications, documents, etc.)
associated with a user and dynamically creates a
page to represent this information.
The browser-based Tarantella Enterprise 3
webtop is built of standard HTML and Java
components. When the user clicks one of the
icons, requests are issued to invoke applications
or view documents. Any application web-enabled
by Tarantella Enterprise 3 software can be started
by users in this way. Tarantella Enterprise 3
software also allows local applications, for
example, Windows front-ends to client/server
applications, to be launched in this way, and so
presents a consistent entry point to a l l
information. The webtop can be displayed within
the browser, as a separate window, or even as a full screen.

Webtop

The browser-based webtop is fully customizable. Tarantella Enterprise 3 software provides HTML
templates, or themes for the layout and presentation of the webtop. These themes can be
applied to users or organizational units, and make it easy to create webtops with the corporate
styling, or even, for example, departmental styling. The Java applets that constitute the browserbased webtop have interfaces that can be used to develop sophisticated HTML-based solutions,
such as workflow or hierarchical webtops.
Note that the Native Clients do not use HTML or Java and are not fully customizable.

18

Supported Servers, Client Devices and Web Browsers

Refer to h t t p : / / w w w . t a r a n t e l l a . c o m for updated information.
Tarantella Enterprise 3
requires one of these UNIX
or Linux servers

Server requirements

Sun SPARC Solaris 2.6+

IBM AIX 4.3+

UnixWare 7.1.1+

HP-UX 10.20+

Caldera OpenServer Release 5.0.5+

Compaq Tru64 UNIX 4.0D+

TurboLinux 6.0+

Caldera OpenLinux eServer 2.3+

SuSE Linux 6.3+

Red Hat Linux 6.2+

120MB free disk space, plus another 100MB at

install time

Minimum 128MB RAM (256MB recommended)

100MHz CPU
This is in addition to what is required for normal operation
of the host.
Server requirements per
user

5MB RAM for each user

5MHz for each user

Server requirements per

application

Each X application, 1.5MB per user

Each X application, displayed using Client Window

Management, 2.5MB per user

Windows session, 1.7MB per user

Character applications, 0.9MB per user

3270 or 5250 applications, 1.5MB per user

Client devices must support TCP/IP

PC clients: Intel 486 with 16MB RAM minimum,

supported with Native Client. Pentium processor or
above, with 32MB RAM recommended

Supported client devices,

web browsers, Native
Clients

Network transport

UNIX clients should be of comparable performance and

memory
A complete list of clients and supported clients is at:
www.tarantella.com/products/e3/e3clients.ht
ml
TCP/IP
19

Sales Offices
US & Worldwide HQ
Tarantella, Inc.
425 Encinal Street
Santa Cruz
CA 95060
United States of America
Tel: +1 831 427 7222
Fax: +1 831 457 5400

European HQ
Tarantella Ltd
7 Britannia Court, The Green
West Drayton
UB7 7PN
United Kingdom
Tel: + 44 1895 456100
Fax: +44 1895 456112

Pacific Rim HQ
Tarantella KK
Nakamura Building
2-24-3 Ohashi, Meguro-ku
Tokyo 153-0044
Japan
Tel: +81 3 5431 0200
Fax: +81 3 5431 0201

Toll Free Sales Info

Tel: +1 888 831 9700

FreePhone Sales Info

UK: 0800 0390134
France: 0800 913184
Germany: 0800 1802450
Italy: 0800 781920

Sales Info
Tel: +81 3 5431 0200

www.tarantella.com
sales@tarantella.com

www.tarantella.com
sales@tarantella.com

www.tarantella.co.jp
japansales@tarantella.co
m

Tarantella, Tarantella Enterprise 3, and the Tarantella logo are trademarks or registered trademarks of Tarantella, Inc. in the USA and other
countries. Java is a trademark or registered trademark of Sun Microsystems, Inc. in the USA and other countries. All other brand and product
names are or may be trademarks of, and are used to identify products or services of, their respective owners. This document is provided "as is"
and may include technical inaccuracies or typographical errors. Tarantella, Inc. reserves the right to add, delete, change or modify this document
at any time without notice. This document is for information only, no express or implied representations or warranties are given in this
document. Copyright 2001 Tarantella, Inc. All Rights Reserved. techarchwp-3.11.doc August 2001

20