In this post we will look at VMware Horizon 7 for beginners and those who want a single source of summary information.
VMware Horizon 7 is one of the VDI products that enables IT departments to run virtual machine (VM) desktops and applications in the data center and remotely deliver these desktops and applications to employees as a managed service.
This computer-within-a-computer strategy enables multiple VMs to be run per physical server core.
For administrators desktop and application management can be simplified and automated. Admins can quickly create virtual desktops on demand based on location and profile, and securely deliver desktops as a service from a central location.
End users can access their personalized virtual desktops or remote applications from company laptops, their home PCs, thin client devices, macs, tablets, or smartphones.
Horizon 7 integrates with VMware Workspace ONE on a common identity framework to provide a single catalog for accessing Windows applications and desktops, as well as software-as-a-service (SaaS), web, cloud, and native mobile applications.
Horizon 7 (on-premises) is available in three editions:
- Horizon Standard - Simple, powerful VDI with great user experience
- Horizon Advanced - Cost-effective delivery of desktops and applications through a unified workspace
- Horizon Enterprise - Desktops and applications delivered with cloud automation and management
VMware Horizon 7 Architecture & Components
The following diagram shows the logical architecture and components of a typical Horizon 7 implementation.
End users start Horizon Client to log in to Horizon Connection Server. This server, which integrates with Windows Active Directory, provides access to remote desktops hosted on a VMware vSphere server, a physical PC, or a Microsoft RDS host. Horizon Client also provides access to published applications on a Microsoft RDS host.
Now let’s take a closer look at what the Horizon 7 components are.
Horizon Connection Server
Horizon 7 Connection Server manages sessions between users and their virtual desktops or published applications. It acts as a broker for client connections. Published applications are hosted on Microsoft Windows Remote Desktop Session Host (RDSH) virtual machines (VMs).
Horizon Connection Server authenticates users through Windows Active Directory and directs the request to the appropriate virtual machine, physical PC, or Microsoft RDS host. The Connection Server also includes the instant-clone engine, which provides single-image management with automation capabilities.
Unified Access Gateway
A Unified Access Gateway appliance is a default gateway for secure access to remote desktops and applications from outside the corporate firewall. So that users who are outside the corporate network can access their virtual desktops and published applications through the secure gateway rather than a VPN.
A Unified Access Gateway appliance resides within a network demilitarized zone (DMZ) and acts as a proxy host for connections inside a trusted network. It provides an additional layer of security by protecting virtual desktops, application hosts, and servers from the Internet.
A Unified Access Gateway appliance enhances security by layering device certification authentication on top of user authentication so access can be restricted only from known good devices and adding another layer of security on virtual desktop infrastructure.
VMware App Volumes
VMware App Volumes is a real-time Windows application delivery system that we can manage the application life-cycle. App Volumes software can optionally be used for capturing groups of applications that are virtually attached rather than natively installed on the virtual desktop or RDSH server.
App Volumes use application containers called AppStacks. AppStacks are virtual disks where applications are bundled in and delivered by attaching a standard VMDK file to a virtual machine.
You can centrally manage the applications with the App Volumes Manager, a Web-based interface that is integrated with Active Directory (AD) and vSphere.
Administrators can assign, update, or remove applications at the next user login or in real time and there is no need to modify the desktops or individual applications.
VMware User Environment Manager
VMware User Environment Manager provides profile and policy management for virtual, physical, and cloud-based Windows desktop environments.
Unlike traditional application profile management solutions, User Environment Manager does not manage the entire profile. Instead, it captures only settings the administrator specifies. This approach reduces login and logout time because less data needs to be loaded. The settings can be dynamically applied when a user launches an application, making thelogin process more asynchronous. User data can be managed through folder redirection
With User Environment Manager, user-specific Windows desktop and application settings that can be applied in the context of the client device, location, or other conditions can be configured. Policies are enforced when users log in, launch an app, reconnect, orwhen some other triggering event occurs.
Horizon Agent service can be installed on all virtual machines, physical systems, and Microsoft RDS hosts that you use as sources for remote desktops and applications.
On virtual machines, this agent communicates with Horizon Client to provide features such as connection monitoring, virtual printing, Horizon Persona Management, and access to locally connected USB devices.
You can install the agent with an option for single sign-on. With single sign-on, users are prompted to log in only when they connect to Horizon Connection Server and are not prompted a second time to connect to a remote desktop or application.
VMware Horizon Client is a software that provides to end users to access their virtual desktops and published applications from any devices. Users also can connect to a Connection Server, a Unified Access Gateway, or a security server.
After the connect, users select from a list of remote desktops and applications that they are authorized to use. Authorization can require Active Directory credentials, a UPN, a smart card PIN, or an RSA SecurID or other two-factor authentication token.
Users can download from app stores or from VMware to install on iOS, Android, Chromebook, Windows, macOS, or Linux clients, or open a browser and enter the server URL to use the HTML Access web client.
Horizon Administrator is a classic web-based application taht allows administrators to configure Horizon Connection Server, deploy and manage remote desktops and applications, control user authentication, and troubleshoot end user issues.
When you install a Connection Server instance, the Horizon Administrator application is also installed. This application allows administrators to manage Connection Server instances from anywhere without having to install an application on their local computer.
A master image (VM) of a virtual desktop or RDSH server contains the operating system and, optionally, any applications that are best deployed as natively installed applications. The virtual desktop can contain either a Windows or a Linux operating system.
Instant Clone Technology
Instant Clone Technology is preferred for cloning desktops and RDSH servers. Instant clones require less storage space. Also, when the user logs off, the desktop is deleted, and a new desktop is created using the latest image based on the instant clone repository. So, it is a cost-effective solution for manage and update.
View Composer is an older cloning technology from VMware. With View Composer we can create and manage pools of linked clone desktops. It is an optional component, not reqiured for instant clones.
RDSH Server Farms and Virtual Desktop Pools
RDSH server farms and virtual desktop pools are created from the master image. The Horizon Agent software on the VMs communicates with the Horizon 7 servers and the clients to determine which applications and desktops to provide to which groups of users.
This was the overview of VMware Horizon 7. Thanks for reading.