F5 Networks & Vmware Zugriffs- und Datenverkehrsmanagement – sicherer Zugriff und SSO für Horizon View Carsten Langerbein, Sr. Systems Engineer
© F5 Networks, Inc 2
How Many?
The average person carries 2.9 devices*
HOW MANY DEVICES DO YOU CARRY?
Companies Consolidating Devices People Accumulating Devices
© F5 Networks, Inc 3
VDI – The Reasons Why
Drivers for desktop/application virtualization, thin client, or blade PC technologies?
11%
10%
20%
21%
27%
43%
46%
51%
55%
55%
0%
14%
16%
21%
22%
23%
36%
38%
45%
48%
48%
53%
Q3 2012
Q3 2011
Supporting employees to work from anywhere Increasing manageability, patching
Lowering costs Providing flexible remote access
Disaster Recovery Better security
Improving compliance Reducing PC energy consumption
Supporting access for tablets BYOPC Programs
Enable Apple Mac computers
Base: 981 (2011) & (2012) North American and European IT decision-makers
Source: Enterprise and SMB Hardware Survey, North America and Europe, Q3 2011 & Q3 2012
© F5 Networks, Inc 4
Complexity Operational complexity of
traditional architecture
Performance Poorer than expected
performance
Security Multiple points of
access control
Mobility Lack of mobility between devices and applications
Reliability Unreliable user experience
Keys to a Successful VDI Deployment
Complexity Operational complexity of
traditional architecture
Performance Poorer than expected
performance
Change Desktop Deployment Management Policies
Need Low Priority
Costs Initial Capital
Barriers
Central Management Granular Control
Security Policy Driven
Access Control
Agility Disaster Recovery
BYOD Mobile Workforce
Cost Savings Efficient
Benefits
© F5 Networks, Inc 5
Horizon View Complete desktop and application virtualization
+ HORIZON SUITE
Intelligent Services Framework Secure • Fast • Available
Horizon View
VM VDI
Horizon Mirage
Horizon Workspace
Anywhere, any service, any device Intelligent Dynamic, agile, adaptive
Horizon Mirage Horizon Workspace Horizon View Centralized layered image
management for local deployment Multi-device workspace
for IT services Complete desktop and
application virtualization
Support for VMware validated solutions • Mobile Secure Desktop • Business Process Desktop • AlwaysOn Desktop • Branch Office Desktop
Intelligent traffic management and security • Local and global traffic management • Multi-site and multi-pod deployments • Access management and data center
firewall
Unique F5 solutions • Single Namespace • Username Persistence • Native PCoIP Proxy • CAC Support
© F5 Networks, Inc 6
Complex
User devices VMware Horizon View
Virtual desktops & apps
Fragmented application access and policy management
Load Balancer View Security Servers
Firewall View Connection Servers
User experience impacted by latency, lack of
persistence, poor reliability
Firewall
© F5 Networks, Inc 7
Simple
BIG-IP Access Policy Manager APM
TCP 443
UDP 4172
TCP/UDP 4172 TCP 80
Authentication Logging/Reporting
Desktops
Connection Servers
Internal
APM
SSL Decryption Authentication High Availability
PCoIP Proxy
DMZ
Logging/Reporting
TCP 80
Internal View Clients
External View Clients
VMware Horizon View
• Secure VDI • Advanced AAA & Endpoint security • Traffic management • Scalable –200,000 concurrent users • Offload/replace Security Server
INDUSTRY FIRST HARDENED SECURITY INCREASED SCALABILITY SIMPLIFY VIEW VDI
© F5 Networks, Inc 8
Consolidate
© F5 Networks, Inc 9
Easy iApp for VMware View
Configure network for VMware View automatically • Admin answers simple, goal-based questions • iApp for VMware View configures network based on Admin’s input
Benefits • Faster (minutes instead of days) • Reduces errors • Replicates to groups of servers easily
BIG-IP Are You Using VMware
View Security Servers?
© F5 Networks, Inc 10
Efficient
Desktop
Laptop
Smartphone
Tablet
© F5 Networks, Inc 11
Enabling
Scenario Functionality Value L2TP SSL and VPN, AAA functionality
Secure access to View servers over public networks. Replaces View Security Server and removes Windows from the DMZ.
Load balancing, policy and global traffic management
Scale View when multiple Connection Servers are required.
Global Load Balancing Route View traffic globally.
User Name Persistence Faster session login and restoration without re-opening applications.
SECURITY & FIPS COMPLIANCE
SYSTEM SCALABILITY
MULTIPLE DATA CENTERS
PERFORMANCE
© F5 Networks, Inc 12
Why F5 for View?
Increased Scalability
Increased Availability
Strengthened Security
Simpler Architecture to Manage
Engineered Specifically for View
Easier for End Users
© F5 Networks, Inc 14
Solution Citrix Superior alternative
Desktop Virtualization Citrix XenApp Citrix XenDesktop
View
Server Virtualization Citrix XenServer vSphere
Datacenter Virtualization CloudPlatform vCenter vCloud Director
Application Delivery Citrix NetScaler BIG-IP Local Traffic Manager (LTM)
Web App Firewall Citrix NetScaler App Firewall BIG-IP Application Security Manager (ASM)
SSL VPN Citrix NetScaler Gateway BIG-IP Access Policy Manager (APM)
Edge Delivery Citrix Cloud Bridge BIG-IP Edge Gateway
Datacenter HA NetScaler GSLB function BIG-IP Global Traffic Manager (GTM)
Web Application Acceleration NetScaler Web 2.0 Application Optimization
F5 AAM
Better Choice
Migration made easy No Problem if you are using another VDI vendor – F5 can help there as well
© F5 Networks, Inc 16
Load Balancing Citrix XenDesktop/XenApp
© F5 Networks, Inc 17
Replacing StoreFront/Web Interface Server
© F5 Networks, Inc 18
Microsoft RDP External Use Case--Challenge
• Typical environment where different types of clients, connecting from the Internet, want to access RDP resources located in the company's Intranet. Clearly, the clients have no direct connectivity to the RDP server themselves.
© F5 Networks, Inc 19
AAA server
RDP
Virtual desktops
VDI VDI VDI VDI
Hypervisor
• Near ubiquitous access to MS RDP • Increases remote user desktop access and
productivity • Supports newer MS RDP functions
Extend device availability to remote desktops Native Microsoft Remote Desktop (MS RDP) support
VDI VDI VDI
Linux
MacOS
Android
iOS
Windows
© F5 Networks, Inc 20
F5 BIG-IP is the Foundation for App Delivery
F5 makes VDI better
Proven choice for End User Computing
Market leader in Application Delivery
Optimize the User Experience Simplify Infrastructure
Unify Security & Access Control Strengthen Availability
Reduce Cost
Positioned to meet end users’ needs