Desktop and App Virtualization Reimagined
Simplify the move to the mobile cloud era. Securely deliver and manage Windows or Linux desktops, applications, and online services to end users through a digital workspace across virtual data centers, virtual machines, and physical devices. Provide consistently great end-user experience across locations, media, and connections to improve workplace productivity.
VMware Horizon® 7 goes beyond VDI to provide end users with one place to securely access all their desktops, applications, and online services from any device, everywhere. With Horizon 7, IT organizations can take advantage of closed-loop management and automation, tight integration with the software-defined data center, and hybrid brokering to deliver and protect all the Windows or Linux and online resources users want, at the speed they expect, with the efficiency business demands.
Cloud Pod Architecture Improved Scale
Cloud Pod Architecture now scales to support 50,000 sessions across up to 10 sites, with 25 pods of infrastructure. Customers can aggregate multiple pods in either the same data center or different data centers and entitle users to a desktop in any location.
Organizations now benefit from an unprecedented ability to scale, with improved failover performance.
Smart Policies with Streamlined Access
Horizon 7 also introduces a robust suite of security and policyfocused capabilities that help customers improve their overall security posture, with a multilayered, defense-in-depth approach that goes from client endpoint to data center to the extended virtual infrastructure. Smart Policies delivers a real-time, policybased system with intelligent, contextual, role-based management that is seamlessly integrated:
- True SSO – Streamlines the end-to-end login experience. Users logging in and authenticating via VMware Identity Manager™ would previously be presented with a second login prompt to access their Windows desktop, using their AD credentials. True SSO seamlessly bypasses this secondary login request for users who have already authenticated via Identity Manager, using a short-lived Horizon virtual certificate, enabling a password-free Windows login that brings them immediately to their desktop, for a secure, simplified, and faster overall experience.
- Policy-managed client features – Contextually aware, finegrained control of client-side capabilities, for a more robust security posture with improved IT manageability. Now IT can selectively enable or disable features like clipboard redirection, USB, printing, and client drive redirection. Customers can now use policy to ensure that, for instance, a desktop login from a network location considered unsecure, results in disabling of security-sensitive features like cut/paste or USB drive access. Additionally, PCoIP Bandwidth Profile settings
allow IT to customize the user experience based on user context and location. All of this can be enforced based on role,
evaluated at login and logout, disconnect and reconnect, and at predetermined refresh intervals for consistent application of policy across the entirety of the user experience.
Adding to PCoIP, VMware now offers customers additional choice and flexibility with brand new Blast Extreme display technology, purpose built and optimized for the digital workspace. Built on industry-standard H.264 protocol, Blast Extreme supports the broadest range of client devices, billions of them, that are already H.264 capable. Customers can choose between Blast Extreme, PCoIP, and RDP based on their use cases and client device choices. Blast Extreme offers many inherent advantages over PCoIP in addition to client device support. These include the ability to leverage both TCP or UDP network transport, and lower CPU consumption for longer battery life on a range of devices.
Additionally, when combined with GPU-based hardware acceleration in the host, such as NVIDIA GRID, VMware has a complete solution that supports graphics performance end to end for the most visually intensive applications, in any use case.
Make the Move Today
Horizon 7 is available in the following editions:
- Horizon 7 Standard – Simple powerful VDI with great user experience
- Horizon 7 Advanced – Unified workspace for secure access to desktops and applications at lowest cost
- Horizon 7 Enterprise – Desktops and applications delivered with cloud automation and management
For more information, visit http://www.vmware.com/go/horizon7.
Q. What is VMware Horizon?
A. VMware Horizon® is a family of desktop and application virtualization solutions designed to deliver Windows and online services from any cloud. With Horizon, VMware extends the power of virtualization—from data centers to devices—to deliver desktops and applications with great user experience, closed-loop manageability, and hybrid-cloud ﬂexibility.
VMware Horizon is available for purchase through VMware Horizon 7 for virtual desktops and applications run from your data center, VMware Horizon® Air™ for virtual desktops and applications served up as a cloud-hosted service on-premises or from outside of your data center and VMware Horizon FLEX™ for containerized virtual desktops run locally.
VMware Horizon 7
Q. What is Horizon 7?
A. Horizon 7 allows IT to deliver virtual or RDSH hosted desktops and applications through a single platform to end users. These desktop and application services—including RDS hosted apps, packaged apps with VMware ThinApp®, SaaS apps, and even virtualized apps from Citrix—can all be accessed from one unified workspace to provide end users with all of the resources they want, at the speed they expect, with the efciency business demands. Horizon 7 is available in four editions:
- Horizon Standard – Simple, powerful VDI with great user experience
- Horizon Advanced – Cost-eﬀective delivery of desktops and applications through a unifed workspace
- Horizon Enterprise – Desktops and applications delivered with cloud automation and management
- Horizon Air Hybrid-Mode – Pair Horizon Air service with Horizon 7 cloud-managed infrastructure and desktops
Q. What are the key features of Horizon 7?
A. Horizon 7 allows organizations to extend the power of desktop and application virtualization to support workplace mobility while driving greater levels of operational efciency at lower costs.
Access to Horizon 7 cloud-managed desktops and infrastructure is available on a subscription basis through the Horizon Air Hybrid Mode service. Note that the features available in this subscription option are not the same as those available in Horizon 7 on-premises.
Key feature highlights include:
Desktops and Applications Delivered Through a Single Platform
Deliver virtual or published desktops and applications through a single platform to streamline management, easily entitle end users, and quickly deliver Windows or Linux desktops and applications to end users across devices and locations.
Horizon 7 supports a single platform for delivering hosted Windows applications and shared desktop sessions from Windows Server instances using Microsoft Remote Desktop Services (RDS), virtual desktops and ThinApp packaged applications.
Horizon 7 additionally supports both Windows as well as Linux-based desktops—including RHEL, Ubuntu, CentOS and NeoKylin operating systems.
Smart Policies with Streamlined Access
With Horizon 7, end users can simply and securely access desktops and applications (including RDS hosted apps, packaged ThinApps, SaaS apps and even virtualized apps from Citrix) through a unifed digital workspace. IT organizations can similarly secure desktops and apps based on even the most stringent regulations and streamline the
management of multiple identity sources like active directory and LDAP to efciently manage end user access.
End users can also use single sign-on (SSO) from VMware Identity Manager™ to sign in to VMware AirWatch Web Secure
Content Locker™ and to enroll their devices if they are also using VMware AirWatch Mobile Device Management™.
Horizon 7 supports the ability to:
- Deliver seamless and secure access that allows only authenticated trafc access to all end user computing services.
- Streamline identity management across identity sources and provide end users with contextual and customizable access to resources through a single unifed workspace.
- Support contextual, role based security for end users that maps policies based on user, device or location with ease.
- Simplify user access with True SSO for a single click, password-free login to Windows desktop services.
- Provide fast end user access and real-time validation with 2-factor, smart-card and bio-metric fngerprint authentication.
- Take advantage of FIPS 140-2 compliance to ensure that all cryptography meets common criteria standards.
Transformational User Experience
With Horizon 7, IT can deliver desktops and applications to end users through a digital workspace with Blast Performance to enable consistently great experiences across devices, locations, media, and connections. Horizon products now support customers with the ﬂexibility to choose between PCoIP or the brand new Blast Extreme protocol to ensure that end users have the best possible user experience at all times.
Applications that can be delivered and accessed through the unifed workspace include:
- XenApp 5.0 and later
- Microsoft RDS-hosted apps and desktops for Windows Server 2008 and later
- SaaS applications
- ThinApp 5.0 and later
- DaaS desktops and applications
Q. What is included in the three Horizon 7 Editions?
A. Horizon 7 Standard, Horizon 7 Advanced, and Horizon 7 Enterprise are bundled with the following components and capabilities (Table 1). Horizon 7 is also available as a subscription service through the VMware Horizon Air Hybrid-mode.
Q. What happened to Horizon View (formerly VMware View)?
A. VMware Horizon® View™ is still available as a standalone oﬀering in Horizon Standard Edition on a per concurrent connection basis at the same price as the former Horizon View Premier bundle. If you are looking for a simple and powerful desktop virtualization solution with a great user experience, consider Horizon Standard Edition. To leverage the best of Horizon and extend these benefts beyond VDI to provide end users with one place to securely access all their desktops and applications, purchase Horizon Advanced Edition. If you want to deliver desktops and applications with the beneft of cloud management, automation, and orchestration, choose Horizon Enterprise Edition.
Q. Is Horizon Enterprise Edition equivalent to the View Enterprise Edition?
A. No. Horizon Enterprise Edition is the most comprehensive solution in the Horizon portfolio. View Enterprise Edition reached its end of availability in 2013. Customers with VMware View Enterprise with current support and subscription (SnS) continue to receive support. These customers can also upgrade to any new Horizon edition.
Download a full VMware Horizon 7 FAQ
This document addresses the challenges associated with end-user computing workloads in a virtualized environment and suggests design considerations for managing them. It focuses on performance, capacity, and operational considerations of the storage subsystem because storage is the foundation of any virtual desktop infrastructure (VDI) implementation. Where possible, it offers multiple solutions to common design choices faced by IT architects tasked with designing and implementing a VMware Horizon storage strategy.
Typical Storage Considerations
Over the years, many end-user computing environments were designed, engineered, and built without proper consideration for specific storage requirements. Some were built on existing shared storage platform offerings.
Others simply had their storage capacity increased without an examination of throughput and performance.
These oversights prevented some VDI projects from delivering on the promises of virtualization.
For success in design, operation, and scale, IT must be at least as diligent in the initial discovery and design phases as in deployment and testing. It is essential to have a strong methodology and a plan to adapt or prefine certain elements when technology changes. This document aims to provide guidance for the nuances of storage.
Operating systems are designed without consideration for virtualization technologies or their storage subsystems. This applies to all versions of the Windows operating system, both desktop and server, which are designed to interact with a locally connected magnetic disk resource.
The operating system expects at least one local hard disk to be dedicated to each single instance, giving the OS complete control from the device driver upward with respect to the reading, writing, caching, arrangement, and optimization of the file system components on the disk. When installing the operating system into a virtual machine running on a hypervisor, particularly when running several virtual machines simultaneously on that hypervisor, the IT architect needs to be aware of factors that affect how the operating system works.
VMware Horizon Architecture
Figure 1 presents a logical overview of a validated VMware Horizon® 6 design. The design includes VMware Horizon with View, VMware Workspace™ Portal, and VMware Mirage™, along with the recommended supporting infrastructure. These components work in concert to aggregate identity, access, virtual desktops, applications, and image management in a complete architecture.
Capacity and Sizing Considerations
The primary storage considerations in an end-user computing infrastructure have two dimensions: performance and capacity, which are the focus of this paper.
Importance of IOPS
Input/Output Operations per Second (IOPS) is the performance measurement used to benchmark computer storage devices devices such as hard disk drives (HDD), solid-state drives (SSD), and storage area networks (SAN). Each disk type discussed in this document has a different IOPS performance statistic and should be evaluated independently.
When you consolidate multiple virtual machines and other user workloads on a hypervisor, you should understand the typical storage performance expected by a single operating system. This requires an understanding of the added contention for access to the storage subsystem that accompanies every subsequent guest operating system that you host on that hypervisor. Although IOPS cannot account for all performance requirements of a storage system, this measure is widely considered the single most important statistic. All the virtual assessment tools offered by VMware partners capture granular IOPS data, giving any IT architect the ability to optimize the storage accurately for end-user-computing workloads.
The Impact of Latency
Latency can definitely affect performance and in some cases might actually have a greater impact than IOPS. Even if your storage can deliver a million IOPS, it does not guarantee your end users an enjoyable virtual desktop or workspace experience.
When assessing latency, always look up and down the storage stack to get a clear understanding of where latency can build up. It is always good to start at the top layer of the storage stack, where the application is running in the guest operating system, to find the total amount of latency that the application is seeing. Virtualdisk latency is one of the key metrics that influences good or bad user experience.
Download out the full VMware Horizon 6 Storage Considerations technical white paper.
As interest in virtual desktop infrastructure continues to accelerate, so do the needs for improved assessment, planning, and deployment methodologies and tools. The historical methodology for determining deployment parameters, (that is the impact of VDI on network, storage, and compute resources) typically failed to truly assess the impact of the workload that would eventually end up being generated by the desktop virtual machine once it went into production. The reason for this gap was simple: There were few, if any, workloads that accurately represented what a user actually did during their workday, that is, the applications they used, the frequency of use, and the “intensity” of use. So professional services organizations typically estimated network and storage impacts based on their experience, and then architected or modified an environment based on those estimates. The problem, of course, is that such qualitative assessments can underestimate the impact of a deployment and result in storage contention or network bottlenecks, or overestimate the impact and result in excess costs.
The purpose of this paper is to introduce a desktop workload tool that generates a realistic, adjustable
workload with various applications in the desktop virtual machine. The results gathered (regarding CPU usage, memory utilization, storage, and network) can then be analyzed to identify appropriateness / readiness of a given environment to run virtual desktops. This tool, called the Desktop Reference Architecture Workload Code (RAWC), has been used in numerous studies to simulate application workloads for various user types. It can be configured to simulate light, medium, or heavy user characteristics, including the types of applications used in a typical Windows desktop environment.
RAWC can be used to evaluate server and storage performance, validate configurations, and perform scalability studies and proof of concepts.
The RAWC workload runs on a Windows 7 or XP guest operating system and is executed on each desktop virtual machine on one or more ESX hosts. The RAWC workload has a set of functions that performs operations on common desktop applications including Microsoft Office, Adobe Reader, McAfee Virus Scan, Windows Media Player, Java, and 7-Zip. The applications are called randomly and perform operations that mimic those of a typical desktop user, including open, save, close, minimize and maximize windows, view an html page, insert text, insert random words and numbers, conduct a slideshow, view a video, run a virus scan, send and receive email, and compress files.
The RAWC workload uses a configuration file that is created via the RAWC GUI and writes application open/close times and any errors to log files in a shared network folder. Various test variables can be configured via the RAWC GUI, including a start delay for creating ‘boot storms,’ and density (delay between application operations) resulting in applications under test to be run together faster, number of emails created and sent, and typing speed.
The combination of applications and test variables that are configured can either increase or decrease the
workload on virtual machines and VMware ESX server(s). The goal of doing this is to evaluate how many virtual machines per solution can be run.
In addition to running native applications, RAWC can also run VMware® ThinApp™ applications hosted on either a local or remote site.
RAWC supports the use of Active Directory Groups. Large-scale deployment evaluations will find this feature extremely valuable. Based on the virtual machine’s Active Directory Group membership, a workload can be configured specifically for that Group via the RAWC GUI. This allows virtual machines to run varying workloads to simulate a more realistic large-scale work environment.
The RAWC Architecture was designed with the following in mind:
- Simplicity – Minimal number of components and software packages to install.
- Ease of use – GUI used to configure workloads, create log folders and launch and cleanup configuration files.
- Scalability – Unlimited number of virtual machines under test.
- Active Directory aware – Able to determine Group membership and locate the correct configuration file for the test.
- Policy based workload – Configure realistic workloads based on Group membership for large scale enterprise testing.
The components of the RAWC Architecture include the following:
- Session Launcher Virtual Machine(s): One or more session launcher virtual machines must be set up to support the launching of desktop sessions. Each session launcher virtual machine can support up to 20 sessions.
- Target Desktop Virtual Machines – Workload: The RAWC code resides on each of the desktop virtual machines.
- Email Server Virtual Machine: The email server is required only if you are running Microsoft Outlook. You may use the email server that is provided or supply your own.
- RAWC Controller Virtual Machine: The RAWC Controller hosts the RAWC GUI and the shared network folder for the configuration and log files. The RAWC Controller can be a physical or virtual machine.
As the desktop virtualization world evolves, so will the desktop workload tools. Know your environment (network, servers, storage and desktops), and your users (applications, light/heavy use), before determining which workload tool to use. Research the various tools and even conduct an assessment to determine if virtualization is right for your company. Make sure the tool is easy to install and use and that it simulates the applications you run most. Be sure to allow enough time for a proper assessment, testing and interpretation of the results, as this will aid in the proper planning and deployment of your virtual desktop infrastructure.
Download out the full Workload Considerations for Virtual Desktop Reference Architecture guide.
Consumer Simple – Enterprise Secure. VMware Workspace ONE delivers and manages any app on any device by integrating identity, application and enterprise mobility management. Learn more here: http://www.vmware.com/products/workspace-one/
In the 5.1 release of View, VMware introduced some complex configuration options for the usage and management of USB devices in a View virtual desktop session. This white paper gives a high-level overview of USB remoting, discusses the configuration options, and provides some practical worked examples to illustrate how these options can be used.
USB Redirection Overview
We are all familiar with using USB devices on laptop or desktop machines. If you are working in a virtual desktop infrastructure (VDI) environment such as View, you may want to use your USB devices in the virtual desktop, too. USB device redirection is a function in View that allows USB devices to be connected to the virtual desktop as if they had been physically plugged into it. Typically, the user selects a device from the VMware Horizon Client menu and selects it to be forwarded to the virtual desktop. After a few moments, the device appears in the guest virtual machine, ready for use.
Definitions of Terms
In this paper, various terms are used to describe the components involved in USB redirection. The following are some brief definitions of terms:
- USB redirection – Forwarding of the functions of a USB device from the physical endpoint to the View virtual machine.
- Client computer, or client, or client machine – Physical endpoint displaying the virtual desktop with which the user interfaces, and where the USB device is physically plugged in.
- Virtual desktop or guest virtual machine – The Windows desktop stored in the data center that is displayed remotely on the endpoint. This virtual desktop runs a Windows guest operating system, and has the View Agent installed on it.
- Soft client – Horizon Client in software format, such as a Horizon Client for Windows or Linux. The soft client is installed on a hardware endpoint, such as a laptop, and displays the virtual desktop on the endpoint.
- Zero client – A hardware-based client used to connect to a View desktop. Stateless device containing no operating system. Delivers the client login interface for View.
- Thin client – A hardware device similar to a zero client, but with an OS installed. The Horizon Client is installed onto the OS of the thin client. Both devices generally lack local user-accessible storage and simply connect to the virtual desktop in the data center.
- USB interface – A function within a USB device, such as mouse or keyboard or audio. Some USB devices have multiple functions and are called composite (USB) devices.
- Composite (USB) device – A USB device with multiple functions, or interfaces.
- HID – Human interface device. A device with which the user physically interacts, such as mice, keyboards, and joysticks.
- VID – The vendor identification, or code, for a USB device, which identifies the vendor that produced the device.
- PID – The product identification, or code, which, combined with the VID, uniquely identifies a USB device within a vendor’s family of USB products. The VID and PID are used within View USB configuration settings to identify the specific driver needed for the device.
- USB device filtering – Restricting some USB devices from being forwarded from the endpoint to the virtual desktop. You specify which devices will be prevented from being forwarded: individual VID-PID device models, device families, such as storage devices, or devices from specific vendors.
- USB device splitting – The ability to configure the USB device such that when connected to a View desktop leaves some of the USB interfaces local to the client endpoint, and other interfaces forwarded to the guest. This can result in an improved user experience of the device in a virtual environment.
- USB Boolean settings – Simple “on” or “off” settings. For example, whether a specific feature is enabled (true) or disabled (false).
Download out the full USB Device Redirection, Configuration, and Usage in View Virtual Desktops white paper.
Check out this ONE; Workspace ONE that is. Here’s a high level introduction and demo of what to expect with this great offering.
Extensive user experience and operations testing, including use of Login VSI desktop performance testing of up-to 1,600 desktops, desktop provisioning operations of up-to 2,400 desktops, revealed world-class performance at an extremely low cost. VMware Virtual SAN technology allows easy scalability while maintaining superior performance at a competitive price point.
VMware reference architectures are built and validated by VMware and supporting partners. They are designed to address common use cases; examples include enterprise desktop replacement, remote access, business process outsourcing, and disaster recovery. A reference architecture describes the environment and workload used to simulate realistic usage, and draws conclusions based on that particular deployment.
This guide is intended to help customers—IT architects, consultants, and administrators—involved in the early phases of planning, design and deployment of Horizon View–based solutions. The purpose is to
provide a standard, repeatable, and highly scalable design that can be easily adapted to specific
environments and customer requirements.
The reference architecture “building block” approach uses common components to minimize support costs
and deployment risks during the planning of large-scale, Horizon View–based deployments. The building block approach is based on information and experiences from some of the largest VMware deployments in production today. While drawing on existing best practices and deployment guides pertinent to many of the individual specific components, the reference architectures are tested and validated in the field and described in detail.
Some key features that can help an organization get started quickly with a solution that integrates easily into existing IT processes and procedures include:
- Standardized, validated, readily available components
- Scalable designs that allow room for future growth
- Validated and tested designs that reduce implementation and operational risks
- Quick implementation, reduced costs, and minimized risk
Virtual SAN uses a hybrid disk architecture that leverages both flash-based devices for performance and magnetic disks for capacity and persistent data storage. This hybrid architecture delivers a scale-out storage platform with enterprise performance and resiliency at a compelling price point.
The distributed datastore of Virtual SAN is an object-store file system that leverages the vSphere Storage Policy–Based Management (SPBM) framework to deliver application-centric storage services and capabilities that are centrally managed through vSphere virtual machine storage policies.
This document focuses on the definitions, sizing guidelines, and characteristics of the Virtual SAN distributed datastore for Horizon™ View™ virtual desktop infrastructures.
This session will cover the basic features of VMware View Persona Management and the appropriate use cases where it provides the right fit. It will contain a brief demo of setting it up, including the most common settings to be used.