Desktop Recoverability and Security with NSX

Hi all,

In the wake of the many ongoing cyber attacks targeted at end users, i thought i’d put something together to help people make their environments more resilient and more recoverable.

Here is a lightboard version


New Horizon releases today!

No sooner are we into 2018 and VMware is already releasing new versions of some of it’s EUC products. Today sees new releases of the following:

Horizon 7.4 – new features

Session collaboration – allows up to 5 users to share their remote sessions. Works with client or HTML and works with high-end graphics.Works on Windows, Mac and Linux. This feature requires the Enterprise license. Blast is the protocol in use at the backend. Enabled at pool level or farm level for RDSH. Users can be invited from a system tray icon with the desktop. From here they can select from email, IM Skype for Business, or they can copy a link to send manually. Joining parties can join using HTML or the Horizon Client.

H264 High colour accuracy with 4:4:4 colourspace. Helps stop colour distortion. Particularly useful in high end graphics environments. Setting can be enabled by the end user in the client properties.

vPU support for RDSH

Cloud Pod Architecture enhancements – supports 1 way trust policies, supports mismatched version 7.x onwards

CART 4.7 new features

Linux instant clones for Ubuntu 14.04 and 16.04

Skype for Business support Update 3 – support for Mac client, integration with Sharepoint, Yammer, Word and Outlook, Call delegation, Call via X, Active speaker identification, Volume control from remote desktop, Response groups. Finally support for H264 hardware cameras.

Latest versions of Win 10 support

Blast enhancements including smartcard reconnection after network loss

Enhancements to RDSH including vGPU, reconnecting USB devices, improved launch times

High Sierra Mac support with other Mac experience enhancements

Linux experience enhancements including seemless window support

Chrome experience enhancements including multiple monitors and drag and drop

Unified Access Gateway 3.2 – actually GA 22/12/2017

Identity bridging – cross domain/realm support (users and web app can be in different domains) only requirement is domains need 2 way trusts.

Admin UI certificate support

Secondary Admin role. Monitoring role can view, collect logs and export settings.

Edit some network settings from the admin UI. IP address and IP allocation mode

User Environment Manager 9.3

Outlook OST can be stored on Writable volume without requirement for Group policy. Just configured in App Volumes and User Environment Manager.

Added support for Win 10 1709

UEM now sends logon event messages to the Horizon VMLM.

NB: this is not a complete list. See release notes of all products for full list of updates

Installation and Configuration of vCenter 6.5

For many years, almost everyone installed vCenter on Windows. This was mainly due to the increased scale of the Windows platform over the appliance. Nobody wanted to install the inferior appliance version unless it was in a lab. But over the last few years the gap has closed and now they are on par with each other. So when you take into account Windows and SQL licensing costs, and the single platform for support to fix in case of issues it’s a bit of a bit of a no brainer now to switch to the appliance version. You’ll be glad to hear that there is even a tool in the latest version to help you migrate over from Windows to appliance.

Continue reading “Installation and Configuration of vCenter 6.5”

Entering and exiting maintenance mode for an ESXi host that has Horizon instant clones

Some of you by now will have had chance to try out the new instant clones functionality in Horizon 7. It’s a great step forward in terms of the ‘just in time’ desktop and it’s ability to eliminate maintenance windows and speed up provisioning make it a great tool going forwards. Continue reading “Entering and exiting maintenance mode for an ESXi host that has Horizon instant clones”

VMware announce Verify 2FA

Up until now if you wanted two factor authentication with VMware you used a radius integration partner such as RSA or Swivel to name but two, but now you have a new option. VMware has now included it’s own 2FA within its Identity Manager product for free.

With Verify you can generate a token to be sent to your mobile device if you are online, and an app is available to generate tokens if you are offline. Currently it’s available on iOS and Android with Chrome app for Windows coming soon.

Here’s the VMware blog with a full summary and screenshots