Deploying F5 Application Ready Solutions with VMware View 4.5



Similar documents
Integrating F5 Application Delivery Solutions with VMware View 4.5

Optimizing VMware View VDI Deployments with F5

Deliver Secure and Accelerated Remote Access to Applications

Secure iphone Access to Corporate Web Applications

Connecting to the Cloud with F5 BIG-IP Solutions and VMware VMotion

VMware DRS: Why You Still Need Assured Application Delivery and Application Delivery Networking

F5 provides a secure, agile, and optimized platform for Microsoft Exchange Server 2007 deployments

High-Performance DNS Services in BIG-IP Version 11

Achieve Unified Access Control and Scale Cost-Effectively

Hardware Load Balancing for Optimal Microsoft Exchange Server 2010 Performance

Intelligent Layer 7 DoS and Brute Force Protection for Web Applications

Deliver Secure and Fast Remote Access to Anyone from Any Device

Deploying the BIG-IP LTM with. Citrix XenApp. Deployment Guide Version 1.2. What s inside: 2 Prerequisites and configuration notes

Achieve Unified Access Control and Scale Cost-Effectively

F5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access

F5 White Paper. The F5 Powered Cloud

F5 and Secure Windows Azure Access

Deploying the BIG-IP LTM with IBM WebSphere MQ

Deploying the BIG-IP System for Microsoft Application Virtualization

Deploying the BIG-IP System v11 with LDAP Servers

Deploying the BIG-IP LTM with IBM QRadar Logging

F5 and the 8 Ways to Virtualization

Deploying F5 with IBM Tivoli Maximo Asset Management

ORACLE S SIEBEL BUSINESS APPLICATIONS 8.0

Load Balancing 101: Firewall Sandwiches

The VDC Maturity Model Moving Up the Virtual Data Center Stack

5 Key Reasons to Migrate from Cisco ACE to F5 BIG-IP

Accelerating Mobile Access

Post-TMG: Securely Delivering Microsoft Applications

The F5 Intelligent DNS Scale Reference Architecture.

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES

Filling the Threat Management Gateway Void with F5

Configuring a single-tenant BIG-IP Virtual Edition in the Cloud

BIG-IP LTM VE The Virtual ADC Your Physical ADC Has Been Missing

Deliver More Applications for More Users

F5 and VMware. Realize the Virtual Possibilities.

Deploying the BIG-IP System with Microsoft Lync Server 2010 and 2013 for Site Resiliency

Deploying F5 to Replace Microsoft TMG or ISA Server

F5 and Oracle Database Solution Guide. Solutions to optimize the network for database operations, replication, scalability, and security

Presented by Philippe Bogaerts Senior Field Systems Engineer Securing application delivery in the cloud

F5 and VMware Solution Guide. Virtualization solutions to optimize performance, improve availability, and reduce complexity

Optimize Application Delivery Across Your Globally Distributed Data Centers

The On-Demand Application Delivery Controller

Deploying F5 BIG-IP Virtual Editions in a Hyper-Converged Infrastructure

Document version: 1.3 What's inside: Products and versions tested Important:

Secure remote access to your applications and data. Secure Application Access

Oracle Database Firewall

PRODUCT CATEGORY BROCHURE

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013

Maximize the Productivity of Your Help Desk With Proxy Networks Remote Support Software

Comparing Mobile VPN Technologies WHITE PAPER

Deploying the BIG-IP System with VMware vcenter Site Recovery Manager

Security F5 SECURITY SOLUTION GUIDE

Fight Malware, Malfeasance, and Malingering with F5

Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium

EasyConnect. Any application - Any device - Anywhere. Faster, Simpler & Safer Networks

Deploying the BIG-IP System v11 with DNS Servers

Achieve Unified Access Control and Scale Cost-Effectively

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

BIG-IP ASM plus ibypass Switch

PRODUCT CATEGORY BROCHURE. Juniper Networks SA Series

Configuring the BIG-IP LTM v11 for Oracle Database and RAC

Availability Acceleration Access Virtualization - Consolidation

Kaseya IT Automation Framework

Endpoint Security VPN for Mac

Achieve Unified Access Control and Scale Cost-Effectively

Application Security in the Cloud with BIG-IP ASM

Best Practices for Secure Remote Access. Aventail Technical White Paper

ScaleN: Elastic Infrastructure

White Paper. BD Assurity Linc Software Security. Overview

Mobile Secure Desktop Maximum Scalability, Security and Availability for View with F5 Networks HOW-TO GUIDE

Enterprise Desktop Solutions: VMware View 4.5

Citrix Access Gateway

Link Controller ENSURES RELIABLE NETWORK CONNECTIVITY

SECURE ACCESS TO THE VIRTUAL DATA CENTER

Array Networks & Microsoft Exchange Server 2010

Secure Virtual Assist/ Access/Meeting

Enterprise Solution for Remote Desktop Services System Administration Server Management Server Management (Continued)...

Proof of Concept Guide

Protecting Against Application DDoS Attacks with BIG-IP ASM: A Three-Step Solution

Deploying F5 with VMware View and Horizon View

Revenue [in $ Millions] Gross Margin [in %] 125.4

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

Deploying the BIG-IP System v11 with SAP NetWeaver and Enterprise SOA: ECC

Transcription:

F5 White Paper Deploying F5 Application Ready Solutions with VMware View 4.5 VMware View is the leading desktop virtualization solution built for delivering desktops as a managed service. F5 BIG IP devices optimize the user experience and help ensure maximum performance, availability, and security for VMware View implementations. by Joe Malek Product Management Engineer and Alan Murphy Technical Marketing Manager

Contents Introduction 3 Deployment Benefits 4 F5 Value for Users 4 Conclusion 7 2

Introduction Corporate desktop management has long been a necessary evil for IT groups. Most employees need full desktops, and different business units usually require multiple types of desktops: Windows XP for accounting, Mac for creative design, Windows 7 for sales and people in the field, Linux for technical staff, and so on. This multi-level matrix can be a major management headache on its own. But when you add in supporting all the different desktop needs, and that you ll need to support some of those desktops remotely on laptops, desktop management can consume most of your IT management budget and time. VMware View 4.5 part of VMware s complete Virtual Desktop Infrastructure (VDI) solution alleviates two major management headaches: location and standardization. To solve the location problem, VDI deployments virtualize user desktops by delivering them to individual machines over the network from a central location. Those desktops are stored and run in the data center, rather than having individual desktop and laptop machines in the field that run localized operating systems. The end result is a better user experience and users don t notice that their desktops are now virtualized. VMware View also helps solve the standardization problem: business groups that have specific desktop needs can be clustered together in the data center and managed as a unit. For example, when all the Windows XP machines for accounting need a new piece of software, it can be batch-installed to each desktop in the data center overnight and then delivered to users the next morning when they log in to their virtual desktops. IT staff no longer have to visit each local system or push software installs down through remote tools, which would force the user to reboot during the business day. Most virtual platform providers bundle VDI solutions as part of their virtual server platforms in the data center, such as VMware with VMware View 4.5. Companies can now deploy and manage virtual servers and virtual desktops at the same time and in the same place. Integrating virtual servers and virtual desktops cuts down on management time and costs because IT can manage these two virtual technologies as a single solution. One area where virtual servers and virtual desktops differ, however, is how they rely on the Application Delivery Network (ADN), both in usage and complexity. Virtual servers are typically focused on pushing small bits of data over the network: web pages, application data, and connection data. Virtual desktops, however, send much more GUI-based application data across the network. 3

VDI can strain network resources from the first deployment, and this strain is exacerbated in large-scale and remote-deployment architectures. Due to the unique placement of VDI as users primary daily work tool users immediately see VDI performance issues. When a user s desktop moves from a physical machine to the data center, the user experience becomes paramount; a poor VDI deployment will result in IT being flooded with My desktop is too slow calls. Before VDI, those calls were typically prompted by old or sluggish hardware on the desktop. VDI moves the cause of the sluggishness to the network, placing the responsibility for a good user experience on the infrastructure rather than individual hardware. Organizations consistently cite the following criteria as critical for measuring the success of their virtual desktop deployments: User experience Performance and availability of desktops Security of the end-to-end system Reduced desktop operating costs F5 offers a variety of Application Ready Solutions to help organizations maximize the success of VMware View desktop projects. As a VMware partner, F5 has thoroughly tested and documented the benefits of using our Application Delivery Networks with VMware View 4.5. F5 solutions include secure access, single- sign-on, load balancing, and server health monitoring. Deployment Benefits F5 Value for Users The F5 Application Ready Solution for VMware View ensures a secure, fast, and available deployment, which provides the following benefits to organizations. Optimizing the Network Ensuring a good user experience often means over-provisioning bandwidth to account for peaks in network traffic. F5 s Application Ready Solution for VMware View uses advanced compression, deduplication, and TCP optimization to help reduce these bandwidth requirements while maintaining and even improving the user experience. Additionally, session persistence maintains stateful desktop 4

information between connections which can help users reconnect to their existing desktop for fast re-access, with no need for re-authentication. One of the biggest challenges IT departments around the world face is network latency across the WAN. When deploying VMware View, this can be a major concern for organizations that have users who access desktops and applications from anywhere. Simply increasing bandwidth does not solve the problem. F5 helps drastically reduce the impact of latency by optimizing application protocols, prioritizing traffic, optimizing TCP from clients to servers, and reducing the amount of data sent over the WAN, which helps prevent costly bandwidth upgrades. These measures ensure that critical or time-sensitive applications receive priority over others to maximize performance over the WAN. F5 provides granular control of traffic based on enterprise needs, enabling you to manage and prioritize bandwidth per application and improve quality of service for users over the WAN. Application Performance and Availability The larger the VMware View deployment, the more View Manager Connection Broker servers will be needed to handle the concurrent desktop connections. F5 devices provide valuable load balancing, health monitoring, and server resource offload functions (such as SSL processing) for the VMware Connection Brokers, resulting in higher system availability and greater scalability of the existing server infrastructure. This translates to a better user experience, lower server costs, and reduced monthly operating expenses (such as power and space). One of the unique features of the F5 Application Ready Solution for VMware View is the ability to persist client-to-broker connections on a session-by-session basis. Other implementations commonly use simple/source address persistence, where all the connections from a single IP address are sent to one server. F5 can direct traffic with greater precision, resulting in a more uniform load distribution on the connection servers. Enhancing Security and Access Control Ensuring secure access is a critical component of protecting corporate information. F5 addresses this need with pre-login checks to the endpoint device prior to allowing the login sequence to begin. F5 can determine if an antivirus or personal firewall is running on the PC and whether it is up to date, or it can enforce a specific 5

operating system patch level, among a host of other pre-login checks. F5 can direct the user to a remediation page for further instructions or even turn on antivirus or firewalls for the user. F5 also supports a broad range of authentication mechanisms, including twofactor schemes and various back-end directory services. F5 devices enforce Active Directory group policies on corporate-owned and non-corporate-owned assets for the duration of the connection. Finally, once authenticated, F5 guarantees the encryption of all VMware View transport protocols, whether natively encrypted or not, without compromising performance. Starting with VMware View 4.5, VMware introduced the high-performance PCoIP (PC over IP) communications protocol. Unfortunately, most traditional SSL VPN devices are unable to properly handle this unique protocol and therefore run slow, which degrades the user experience. F5 overcomes this issue with its Datagram Transport Layer Security (DTLS) feature. This transport protocol is uniquely capable of providing all the desired security for transporting PCoIP communications, but without the degradation in performance. In addition, F5 supports automatic fallback to TCP if a high-performance UDP tunnel cannot be established. F5 devices can also apply quality-of-service functions so PCoIP traffic receives priority over other network traffic. This ensures that no matter how busy the network may be, the virtual desktop user experience remains a positive one. Simplified Authentication for Users Streamlining the authentication process for remote workers is important to the user experience. Users should be able to log in once and access their desktops immediately. Further, users should not have to manually re log in every time their network connection gets temporarily interrupted. F5 securely caches login credentials and enables authentication pass-through during the login process. Log in once, and stay logged in as long as you are using the system. If your connection drops, it reauthenticates you automatically. This not only makes for a seamless user experience, but it minimizes the security risk and reduces password lockout calls to the help desk. Attacks do not always come from outside of the network; internal users can gain sensitive information or sabotage applications with greater ease than external users. Because F5 devices can offload SSL encryption duties, organizations can encrypt traffic for entire transactions, without affecting performance for the end user. This allows 6

organizations to use SSL everywhere and prevents information from being sent in clear text over the internal network, so you can mitigate risks associated with internal users as well as comply with state and federal privacy regulations. This also simplifies administration by providing organizations a single location for certificate management. Conclusion There s no doubting the advantages and impact of deploying virtualized desktop solution like VMware View 4.5 throughout the enterprise. When deployed alongside F5 s suite of BIG-IP Application Delivery Networking products, IT can enjoy the following benefits of VMware View 4.5 deployments as part of their complete ADN: High Availability and Scalability F5 provides valuable load balancing, health monitoring, and SSL offload for VMware Connection Brokers, resulting in higher system availability and greater scalability of the existing server infrastructure. Reduced Bandwidth Usage F5 enables organizations to reduce bandwidth requirements while maintaining, and even improving the user experience. Secure Access F5 provides a broad range of authentication mechanisms, including two-factor schemes and various back-end directory services, as well as comprehensive pre-logon checks. Convenient Single Sign On F5 enables authentication pass-through during the logon process. Log in once, and stay logged in as long as you are using the system. 7

High Performance of PCoIP F5 devices enable all the security for transporting PCoIP communications, but without the degradation in performance associated with many SSL VPN solutions. Whether F5 BIG-IP devices are deployed in front of a small VMware View desktop environment such as for use in a lab or kiosk environment or if they manage an entire enterprise desktop deployment, offloading VMware View resources to BIG-IP devices can not only improve performance but also secure VMware View 4.5 desktop traffic and enable it to scale. F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119 888-882-4447 www.f5.com F5 Networks, Inc. Corporate Headquarters info@f5.com F5 Networks Asia-Pacific apacinfo@f5.com F5 Networks Ltd. Europe/Middle-East/Africa emeainfo@f5.com F5 Networks Japan K.K. f5j-info@f5.com 2010 F5 Networks, Inc. All rights reserved. F5, F5 Networks, the F5 logo, BIG IP, FirePass, icontrol, TMOS, and VIPRION are trademarks or registered trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. CS07-00013 0710

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information