Horizon Architecture.
This chapter is one of a series that make up the VMware Workspace ONE and VMware Horizon Reference Architecture , a framework that provides guidance on the architecture, design considerations, and deployment of Workspace ONE and Horizon solutions. This chapter provides information about architecting VMware Horizon for vSphere and applies to both Horizon 8 and 7.
Introduction.
VMware Horizon ® is a platform for managing and delivering virtualized or hosted desktops and applications to end users. Horizon allows you to create and broker connections to Windows virtual desktops, Linux virtual desktops, Remote Desktop Server (RDS)–hosted applications and desktops, Linux-hosted applications, and Windows physical machines.
This chapter of the reference architecture covers the architecture and design considerations for Horizon for vSphere and applies to both Horizon 8 and 7. Horizon can be deployed on-premises or on other supported cloud platforms. This chapter covers the foundational and common architectural information for deploying Horizon and is applicable across all supported platforms. Separate chapters give the additional design considerations for Horizon on supported cloud platforms, including VMware Cloud on AWS , Azure VMware Solution , and Google Cloud VMware Engine .
Although Horizon Cloud delivers the same resources as Horizon, it uses a different architecture than is being discussed in this chapter and runs natively on Azure. The architecture of Horizon Cloud on Microsoft Azure is covered separately in Horizon Cloud on Microsoft Azure Architecture .
Table 1: Horizon Environment Setup Strategy.
A Horizon deployment was designed, deployed, and integrated with the VMware Workspace ONE® platform.
The environment was designed to be capable of scaling to 8,000 concurrent connections for users.
This strategy allowed the design, deployment, and integration to be validated and documented.
Architectural Overview.
The core components of Horizon include a VMware Horizon ® Client™ authenticating to a Connection Server, which brokers connections to virtual desktops and apps. The Horizon Client then forms a protocol session connection to a Horizon Agent running in a virtual desktop, RDSH server, or physical machine. The protocol session can also be configured to be tunneled via the Connection Server, although this is not generally recommended as it makes the ongoing session dependent on the Connection Server.
Figure 1: Horizon Core Components.
External access includes the use of VMware Unified Access Gateway™ to provide secure edge services. The Horizon Client authenticates to a Connection Server through the Unified Access Gateway. The Horizon Client then forms a protocol session connection, through the gateway service on the Unified Access Gateway, to a Horizon Agent running in a virtual desktop or RDSH server. This process is covered in more detail in External Access .
Figure 2: Horizon Core Components for External Access.
For more detail on how a Horizon connection is formed between the components, see Understand and Troubleshoot Horizon Connections .
Components.
The following figure shows the high-level logical architecture of the Horizon components with other Horizon components shown for illustrative purposes.
Figure 3: Horizon Logical Components.
The components and features of Horizon are described in the following table.
Table 2: Components of Horizon.
Should you adored this information as well as you would want to acquire details about
серверы под эмуляторы bluestack kindly pay a visit to the web page. The Horizon Connection Server securely brokers and connects users to the Horizon Agent that has been installed in the desktops and RDS Hosts.
The Connection Server authenticates users through Active Directory and directs the request to the appropriate and entitled resource.
The Horizon Agent is installed on the guest OS of target VM or system. This agent allows the machine to be managed by Connection Servers and allows a Horizon Client to form a protocol session to the machine.
Machines can be virtual desktops, Remote Desktop Session Hosts (RDS Host), physical desktops PCs.
The Horizon Client is installed on a client device to access a Horizon-managed system that has the Horizon Agent installed.
You can optionally use a web browser as an HTML client for devices on which installing client software is not possible.
Unified Access Gateway.
VMware Unified Access Gateway is a virtual appliance that enables secure remote access from an external network to a variety of internal resources, including Horizon-managed resources.
When providing access to internal resources, Unified Access Gateway can be deployed within the corporate DMZ or internal network and acts as a reverse proxy host for connections to your company’s resources. Unified Access Gateway directs authenticated requests to the appropriate resource and discards any unauthenticated requests. It also can perform the authentication itself, leveraging an additional layer of authentication when enabled.
(See Unified Access Gateway Architecture for design and implementation details.)
A web application that is part of the Connection Server, allowing administrators to configure the server, deploy and manage desktops, control user authentication, initiate and examine system and user events, carry out end-user support, and серверы под эмуляторы Nox perform analytical activities.
VMware Instant Clone Technology.
VMware technology that provides single-image management with automation capabilities. You can rapidly create automated pools or farms of instant-clone desktops or RDSH servers from a golden image VM.
The technology reduces storage costs and streamlines desktop management by enabling easy updating and patching of hundreds or thousands of images from the golden image VM.
See the Instant Clone Smart Provisioning section for more information.
Microsoft Windows Servers that provide published applications and серверы под эмуляторы session-based remote desktops to end users.
Server that delivers True SSO functionality by ensuring a user can single-sign-on to a Horizon resource when launched from Workspace ONE Access™, or through Unified Access Gateway, regardless of the authentication method.
See the True SSO section for more information.
Horizon Cloud Connector.
The Horizon Cloud Connector is required to use with Horizon subscription licenses, services and management features hosted in the Horizon Control Plane Services .
The Horizon Cloud Connector is a virtual appliance that connects a Connection Server in a pod with the Horizon Cloud Service.
You must have an active VMware Customer Connect account to purchase a Horizon license from
https://customerconnect.vmware.com/ .
The vSphere product family includes VMware ESXi™ and VMware vCenter Server ® , and it is designed for building and managing virtual infrastructures. The vCenter Server system provides key administrative and operational functions, such as provisioning, cloning, and VM management features, which are essential for VDI.
From a data center perspective, several components and servers must be deployed to create a functioning Horizon environment to deliver the desired services.
Figure 4: Horizon Logical Architecture.
In addition to the core components and features, other products can be used in a Horizon deployment to enhance and optimize the overall solution:
Workspace ONE Access – Provides enterprise single sign-on (SSO), securing and simplifying access to apps with the included identity provider or by integrating with existing identity providers. It provides application provisioning, a self-service catalog, conditional access controls, and SSO for SaaS, web, cloud, and native mobile applications.
