Desktop Recoverability and Security with NSX

Hi all,

In the wake of the many ongoing cyber attacks targeted at end users, i thought i’d put something together to help people make their environments more resilient and more recoverable.

Here is a lightboard version


New Horizon releases today!

No sooner are we into 2018 and VMware is already releasing new versions of some of it’s EUC products. Today sees new releases of the following:

Horizon 7.4 – new features

Session collaboration – allows up to 5 users to share their remote sessions. Works with client or HTML and works with high-end graphics.Works on Windows, Mac and Linux. This feature requires the Enterprise license. Blast is the protocol in use at the backend. Enabled at pool level or farm level for RDSH. Users can be invited from a system tray icon with the desktop. From here they can select from email, IM Skype for Business, or they can copy a link to send manually. Joining parties can join using HTML or the Horizon Client.

H264 High colour accuracy with 4:4:4 colourspace. Helps stop colour distortion. Particularly useful in high end graphics environments. Setting can be enabled by the end user in the client properties.

vPU support for RDSH

Cloud Pod Architecture enhancements – supports 1 way trust policies, supports mismatched version 7.x onwards

CART 4.7 new features

Linux instant clones for Ubuntu 14.04 and 16.04

Skype for Business support Update 3 – support for Mac client, integration with Sharepoint, Yammer, Word and Outlook, Call delegation, Call via X, Active speaker identification, Volume control from remote desktop, Response groups. Finally support for H264 hardware cameras.

Latest versions of Win 10 support

Blast enhancements including smartcard reconnection after network loss

Enhancements to RDSH including vGPU, reconnecting USB devices, improved launch times

High Sierra Mac support with other Mac experience enhancements

Linux experience enhancements including seemless window support

Chrome experience enhancements including multiple monitors and drag and drop

Unified Access Gateway 3.2 – actually GA 22/12/2017

Identity bridging – cross domain/realm support (users and web app can be in different domains) only requirement is domains need 2 way trusts.

Admin UI certificate support

Secondary Admin role. Monitoring role can view, collect logs and export settings.

Edit some network settings from the admin UI. IP address and IP allocation mode

User Environment Manager 9.3

Outlook OST can be stored on Writable volume without requirement for Group policy. Just configured in App Volumes and User Environment Manager.

Added support for Win 10 1709

UEM now sends logon event messages to the Horizon VMLM.

NB: this is not a complete list. See release notes of all products for full list of updates

App Volumes 2.13

Last week saw the release of the latest App Volumes instalment. Here are the main two features included in the release

Computer and User assigned app stacks

So for a while now you’ve been able to use computer OR user assigned app stacks. People have mainly used computer stacks for RDSH and user stacks for virtual desktops but this release sees you now able to use both. What’s the big deal? Well, those of you with App Volumes experience will know that the more app stacks you assign the slower the login can become for the user. The same can be said for larger app stacks too.

The ability to assign some app stacks to computers could make a big difference. The ‘core’ app stacks which may include large apps like office can now be attached at computer boot rather than login, leaving just user specific apps at login. This should help speed things up!

One word of warning though. If you do use computer and user app stacks you cannot currently use a writable volume.

App stack limits

You now have the ability to set a maximum number of attachments to an app stack. This may be useful in cases where perhaps you have a limited number of licenses for an application.

Remember though that if you have multiple apps in a stack the limit will apply to all of them. Also, if you go over the limit the user will not receive any notification. Instead the stack just won’t be mounted


Installation and Configuration of vCenter 6.5

For many years, almost everyone installed vCenter on Windows. This was mainly due to the increased scale of the Windows platform over the appliance. Nobody wanted to install the inferior appliance version unless it was in a lab. But over the last few years the gap has closed and now they are on par with each other. So when you take into account Windows and SQL licensing costs, and the single platform for support to fix in case of issues it’s a bit of a bit of a no brainer now to switch to the appliance version. You’ll be glad to hear that there is even a tool in the latest version to help you migrate over from Windows to appliance.

Continue reading “Installation and Configuration of vCenter 6.5”


Horizon 7.1 – What’s new?

In case you’ve missed it, this week, VMware announced the imminent release of Horizon 7.1. Here’s a really quick rundown of what’s going to be in the 7.1 release.

Continue reading “Horizon 7.1 – What’s new?”


Entering and exiting maintenance mode for an ESXi host that has Horizon instant clones

Some of you by now will have had chance to try out the new instant clones functionality in Horizon 7. It’s a great step forward in terms of the ‘just in time’ desktop and it’s ability to eliminate maintenance windows and speed up provisioning make it a great tool going forwards. Continue reading “Entering and exiting maintenance mode for an ESXi host that has Horizon instant clones”


Upgrading to ESXi 6.5 from the command line

When rebuilding ESXi hosts, people tend to just go for the easiest option which is to wipe the disk array and completely reinstall the operating system. However, doing an in place upgrade from the command line is really simple. Here’s how it’s done: Continue reading “Upgrading to ESXi 6.5 from the command line”