Welcome!

Virtualization Authors: Liz McMillan, Lori MacVittie, Elizabeth White, Michelle Drolet, Roger Strukhoff

Related Topics: Virtualization, SOA & WOA, Cloud Expo

Virtualization: Blog Feed Post

A ‘Horizon’ View from Above

Desktop and endpoint device management has long been a challenge for IT

Desktop and endpoint device management has long been a challenge for IT. People demand flexibility, multiple access options, and desktop customization, while business groups often require multiple desktop types based on business and/or technical requirements. This sour mash of devices can be a major management headache. Add in support for all the different desktop/laptop needs and desktop management can all but consume IT.

VMware User Computing
VMware Horizon View—part of VMware’s Horizon Suite of products—alleviates two major management headaches: location and standardization. To solve the location problem, virtual desktop infrastructure (VDI) deployments virtualize user desktops by delivering them to individual clients over the network from a central location. Those desktops are stored and run in the data center, rather than having individual desktop/laptop machines in the field running localized operating systems. This seamless virtualization goes undetected by users.

To solve the standardization problem, VMware enables business groups with specific desktop needs to be clustered together in the data center and managed as a unit. For example, when all the Windows machines need a new service pack, it can be installed to the master image in the data center, which is delivered to users the next morning when they log in. Because IT staff no longer have to visit each local system or push software installations down through remote tools, employees aren’t forced to reboot during the business day.

In addition to these location and standardization concerns, the user experience is consistently cited by organizations as critical to the success of virtual desktop deployments. Performance has to compare favorably to a conventional desktop while availability and security need to be even greater.

F5 offers a variety of solutions to help organizations maximize the success of these critical elements in their View desktop deployments. Together, F5 and VMware have thoroughly tested and documented the benefits of using F5 Application Delivery Networking (ADN)
solutions with VMware View to address the needs for secure access, a single namespace, load balancing, server health monitoring, and more.

Performance and Scalability
The larger the VMware Horizon View deployment, the more View Connection Servers are needed to handle the concurrent desktop connections. VMware Horizon View Optimized Secure Access & Traffic Management by F5 provides valuable load balancing and health monitoring, resulting in higher system availability and greater scalability—and ultimately, a better user experience. Additionally, an F5 iApps Template makes configuration straightforward, simplifying setup by providing the recommended settings and helping to prevent human error.

VMware View client connectivity utilizes multiple ports and protocols that must be directed at the same View Connection Server for a successful session. While PC over IP (PCoIP), the View desktop streaming protocol is UDP-based, SSL-encrypted TCP connections are utilized for authentication and USB tunneling. Save capacity on the View Connection Servers by offloading this encryption to an F5 BIG-IP.

Enhanced Security and Access Control
Ensuring secure remote access is critical to protecting corporate information and often required in certain regulatory situations. To route incoming Horizon View connections to the internal network, a PCoIP proxy is needed in an organization’s DMZ. BIG-IP Access Policy Manager (APM) fulfills this function in a secure and scalable way. Placing BIG-IP APM in the DMZ avoids the need to expose sensitive Windows servers.

image

Active Directory domain-joined servers, or View Connection Servers to the potentially risky DMZ. It also eliminates the requirement for VMware Security Gateway servers in the DMZ. The BIG-IP APM appliance proxies the PCoIP connection, passing it internally to any available Connection Server within the View pod, which then interprets the connection as a normal internal PCoIP session. This provides the scalability benefits of a BIG-IP appliance and gives BIG-IP APM and BIG-IP Local Traffic Manager (LTM) visibility into the PCoIP traffic, enabling more advanced access management decisions. A streamlined iApp Template is also included to ease deployment. This custom iApp presents fewer configuration options than the full iApp for View, which can be used if advanced functions are required. Either iApp yields a configuration that can be modified as needed to address specific business and technical requirements.

These new F5 solution options were developed in conjunction with VMware and is easy for organizations to deploy and support.

There are certainly advantages of deploying a virtualized desktop solution like VMware Horizon View throughout the enterprise. By deploying the F5 BIG-IP system alongside it, organizations can achieve higher security, availability, and scalability while improving the worker’s experience. In addition, new and optimized solutions reduce both the cost and deployment complexity to ensure a BIG-IP ADC becomes a standard View component.

ps

Related

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]


Read the original blog entry...

More Stories By Peter Silva

Peter Silva covers security for F5’s Technical Marketing Team. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Bringing the slightly theatrical and fairly technical together, he covers training, writing, speaking, along with overall product evangelism for F5’s security line. He's also produced over 200 F5 videos and recorded over 50 audio whitepapers. Prior to joining F5, he was the Business Development Manager with Pacific Wireless Communications. He’s also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others. He earned his B.S. from Marquette University, and is a certified instructor in the Wisconsin System of Vocational, Technical & Adult Education.