F5 Friday: Simple, Scalable and Secure PCoIP for VMware Horizon View
#virtualization Making #VDI fast, secure and available.
Improving performance and scale is - or should be - a primary motivator for those deploying VDI as well as trying to manage the continued growth of BYOD. Forrester's David Johnson notes a convergence of trends that, on the surface, appear only tangentially related but as he points out are likely inter-related and driving desire and need for VDI solutions:
Survey question: What is your level of interest in being allowed to bring your own PC as your work PC of any type, desktop or laptop? (Employees who answered they would be willing to pay for some or all of the cost to get the device of their choice):
Source: Forrsights Workforce Employee Survey, Q4 2012, Q4 2011, Q4 2012. Sample size = 3284 (2012)
As Mr. Johnson goes on to note, changes in the market drivers for VDI are likely to increase demand and interest in VDI in the near future. And the most often searched for term (based on Google trends) with respect to VDI? VMware (Horizon) View.
PCoIP (PC-over-IP) is a protocol, developed by Teradici Corporation, that enables centralization of enterprise desktops as well as an excellent remote user experience. The PCoIP protocol is responsible for compression, encryption and encoding of computing data that is then transmitted across any IP network to VMware Horizon View clients.
The VMware Horizon View architecture employs the VMware Horizon View Security server for secure remote access to sessions over an unsecure WAN or Internet connection. Generally deployed within the organization's DMZ, the Security Server can be replaced with F5 BIG-IP Access Policy Manager (APM), an ICSA Labs-certified high-performance access and security solution offering unified global access to all allowed applications and network locations. Replacing the View Security Server with BIG-IP APM results in a simplified, more secure and highly scalable architecture because BIG-IP APM removes the one-to-one mapping dependency between View Security Servers and View Connection Servers.
Because BIG-IP is a platform, BIG-IP Local Traffic Manager (LTM) can be deployed with BIG-IP APM and provide intelligent traffic management and load balancing to View Connection Servers. Reducing the number of components required to be under management increases IT administrator productivity, critical for multi-site or multi-pod VMware Horizon View deployments.
Simplifying complex architectures is a key component to realizing greater operational efficiency. It also has a positive impact on performance and scalability. By eliminating tiers of components through a more consolidated, operationally consistent approach, organizations can improve efficiency, scale and performance while maintaining and even improving the security of the overall architecture.
Consolidation on an Extensible Platform Enables More Options
Additional benefits for end-users and administrators alike are realized through consolidated remote access of all applications and network resources via BIG-IP APM. BIG-IP APM supports a wide variety of applications and resource-types and can provide end-users with a single, consolidating view of their available corporate resources whether virtualized or not. This approach simplifies the end-user experience as well as the underlying architecture, reducing help desk calls and improving end-user productivity by eliminating the need to log in to multiple systems or search for desired resources.
Increased security at the application layer can be realized by deploying BIG-IP Advanced Firewall Manager (AFM) alongside BIG-IP LTM and APM. BIG-IP AFM is a scalable, application-aware stateful firewall solution designed to prevent attacks against the most popular protocols from penetrating the data center and impacting application performance and uptime.
Delegating responsibility for managing secure remote access via PCoIP in VMware Horizon View architectures to BIG-IP means a simplified, secure and more scalable architecture that also enables additional application services to be deployed as is needed.