March 25, 2020

Working from Home Using VMware Horizon On-Premises Solution – In COVID-19 Situation

Due to the recent COVID-19 coronavirus outbreak, many organizations came with working from home strategies for their employees. There are organizations will have a strict corporate policy, hardware or the data of employee’s computer cannot leave the company premises. We have done many design and deployments of VDI solutions and for setting up a full VDI solution involves many stages such as new hardware, network, installing all the VDI software components, creating virtual desktop images, setting up applications, deploying virtual images.

To complete the full VDI deployment will take 2-3-week time and on current situation COVID-19, an organization cannot wait for so long for setting up a solution to support the business continuity.

Understanding the importance of business continuity and current situation VMware provides this solution which will address the challenge, where the users are tied to their on-premises desktop systems. This solution will help the organization to continue business by providing secure remote access to employee’s office desktops to work remotely. This solution can deploy very quickly with minimal hardware requirements and user impact.

This solution required less CAPEX since company will be using existing hardware and windows licenses, also no additional OPEX required because the organizations already managing all the hardware, OS and Applications.

VMware Horizon On-Premises Solution Design

This solution has three components which is required to complete the deployment.

Connection Server

One of the main components of the solution is Connection server and it provides entitlement and connectivity for users to the desktop system. Connection servers can be installed on a supported Windows server operating system on the physical server, or a Virtual machine. Connection server manages sessions between users and their virtual desktops or published applications.

UAG (Unified Access Gateway)

UAG is an addon component of Horizon Solution and available as virtual appliance and can be deployed easily without any additional license and cost. UAG is one of the efficient security measures for Horizon VDI solution. UAG will allow the users from outside the corporate network to access their virtual desktops through the secure gateway rather than a VPN. UAG supports FIPS and for authentication you use smart card, certificates, SAML, Passthrough, RADIUS and RSA SecurID.

Horizon Agent

Horizon agent is a software which will be installed on the desktop machines to communicate with connection server. This agent will help to provide continues connection to desktop machines and determine the groups of users are entitled for their desktops.

Solution Overview

To setup Horizon VDI solution in your environment, you should have an active directory domain and physical desktop machines, all the desktop machines which we need to be published through horizon should be part of domain.

As part of the Horizon VDI solution, you need to deploy and configure VMware Horizon Connection Server and VMware Unified access gateway. Once these components are deployed, you must install the VMware Horizon Agent on all the desktop machines and map them to the connection server while installing. Once desktop machines are visible on your connection server, you will be able to entitle the desktop to respective users as per the organization requirements.

There are two options available for end-user to access your physical desktop through Horizon VDI, User can install and access desktops through Horizon client which will support PCoIP, VMware Blast and RDP display protocol or user can access VDI using any web browser with help of HTML5 with VMware Blast protocol.

UAG will be deployed in DMZ zone and Connection Server in your internal network you can specify which users can use their desktop machines. Once a user authenticates through the UAG and connection server and is associated with the physical machine, a connection will be made directly from the physical machine through UAG to the horizon VDI client on the end-user device.

The main advantage of using Horizon with physical machines is the security that the VMware Unified Access Gateway (UAG). UAG will only allow the traffic through to the internal network and the physical machine only after successful authentication.

Advantages of this Solution

  • Manageability
  • Business Continuity
  • Flexibility to use exiting hardware
  • Accessibility by bring-your-own-device
  • More Security for Organization Data
  • No Additional Hardware Cost
  • No Additional Operation Management Cost
  • No Additional Windows License Required for Desktops

Citrus Offerings

Horizon VDI On-premises with Your Hardware

  • We will design and deploy this solution with your existing hardware in a Single Day

Horizon VDI On-premises with Our Hardware

  • If your Organization doesn’t have enough hardware to deploy this solution, we will ship our preconfigured hardware to your location, stack it and configure with existing infrastructure
Technical Blog Post
About user

Leave a Reply

Your email address will not be published. Required fields are marked *