Using VMware Horizon to enable remote workers
Many regions of the world have started to restrict travel and encourage businesses to allow employees to work from home. For unplanned circumstances like these, VMware Horizon can solve many of the challenging business problems that IT organizations are facing today.
We are fortunate that at VMware, we already have a corporate culture built around distributed employees, which provides everyone with the flexibility to work from anywhere. We leverage our products and solutions to provide access to internal systems so we can be productive wherever we are. Over the past two weeks, we have been engaged with many IT administrators who are trying to provide such flexibility for their own employees to work remotely.
In this article, we wanted to start answering some of the pertinent questions being asked recently, and describe ways you can use Horizon to solve some near-term Business Continuity concerns, specifically around using Horizon for remote workers. (For more about business continuity, we recommend you start with Gabe Knuth's high-level blog about the differences between Business Continuity and Disaster Recovery.)
What does VMware Horizon provide?
VMware Horizon provides delivery and comprehensive lifecycle management of desktops and apps. Whether you host your desktops and apps on-premises or in the cloud, providing secure access to these resources from any device, any location, and at any time is a foundational tenet of Horizon.
Can an existing Horizon deployment be expanded easily?
Horizon desktop and application services scale easily to available hardware resources.
Whether deployed on-premises or on VMC on AWS, Horizon 7 is deployed using a block and pod architecture. Horizon pod federations can be used to scale up within a datacenter or scale out across global datacenters.
For more details on pod and block, multi-site deployments of Horizon 7, and more, please see Component Design: Horizon 7 Architecture in the Workspace ONE and Horizon Reference Architecture.
Horizon Cloud on Microsoft Azure
Each Horizon Cloud on Microsoft Azure pod can support up to 2000 concurrent users or 2000 VMs. Deploying an additional Horizon Cloud on Microsoft Azure pod into another Azure subscription or region is very straightforward. If you deploy two or more Horizon Cloud on Microsoft Azure pods, you can manage all of them from the same Horizon Service user interface.
For more details on building out a multi-pod deployment of Horizon Cloud on Microsoft Azure, please see the Component Design: Horizon Cloud Service on Microsoft Azure section of the Workspace ONE and Horizon Reference Architecture.
What's involved in deploying Horizon in the Cloud?
If you don't have hardware on hand, or cannot re-task hardware to accommodate your Horizon on-premises deployment, you can leverage infrastructure from a cloud provider to implement Horizon.
Acquiring cloud capacity from Microsoft Azure
You can implement Horizon Cloud on Microsoft Azure, in one or multiple Microsoft Azure regions. Horizon Cloud on Microsoft Azure leverages Azure infrastructure. The fastest way to get up and running on Horizon Cloud on Microsoft Azure is to follow the steps in the Quick Start Guide for Horizon Cloud on Microsoft Azure. If you want to practice deploying the solution before you do it, you can use the Hands-on-Lab to develop familiarity with the process of setting up the prerequisites and deploying Horizon Cloud on Microsoft Azure in cloud capacity.
If you have never used cloud infrastructure before and want a little background on connecting your own infrastructure to a cloud infrastructure, we have summarized the basics for you. There are three primary deployment methods of leveraging cloud infrastructure for expanding a Horizon solution.
Figure 1. Example of connection options for Microsoft Azure
A point-to-point VPN is the simplest way to connect your datacenter to a cloud infrastructure provider. A VPN gateway provides an encrypted tunnel between your on-premises environment to infrastructure you are renting from a cloud provider. This type of connection is preferred for hybrid environments where the traffic between on-premises and cloud infrastructures is likely to be light or tolerant of longer latency times.
A dedicated connection is a private, dedicated connection between your datacenter and the cloud provider located in a co-location environment. This type of connection does not leverage the Internet, and typically allows for more bandwidth and reliability than a point-to-point VPN connection. You acquire these connections through cloud exchange provider or from the cloud platform provider itself.
In an Island configuration, you acquire cloud capacity, and then build out all necessary infrastructure and services from scratch in that capacity. You do not rely or have minimal reliance on your current (on-premises) services and resources for anything. You re-build everything you need in the cloud for your remote users from scratch. Users and administrators access the infrastructure via the Internet. This is typically the fastest method of setting up cloud capacity, but it can be an onerous task to undertake, as you must build from scratch. Furthermore, if you deploy Horizon into an Island, that island will still need to provide remote access from this island to internal applications and data in your corporate datacenter.
Deploying Horizon on VMC on AWS
You can implement Horizon 7 on VMware Cloud on AWS. With this solution you can provision an entire SDDC, including the Horizon management components, in a matter of hours. Watch this brief VMware Cloud on AWS - Feature Walk-through video to see how easy it is to deploy Horizon on AWS. If you are new to Horizon, this solution enables you to get the infrastructure up and running quickly. For existing Horizon on-premises administrators, you can quickly expand your Horizon deployment by consuming cloud resources to build a hybrid deployment.
Figure 2. Horizon on VMC on AWS
Horizon Cloud Pod Architecture can be used to connect Horizon PODs deployed on-premises and on VMC.
Providing broker access to physical PCs with Horizon
VMware is well-known for virtualization technologies, but Horizon goes beyond brokering virtual machines. While there are myriad benefits to implementing Horizon with virtual desktops and application servers, you also have the option to broker access to your physical machines.
As an IT administrator, you benefit from using a common Horizon infrastructure, while end users benefit from remote access to their corporate resources. Remote access is enabled by VMware Blast, the next-generation remote display protocol which provides a high-fidelity remote user experience from nearly any endpoint device. See VMware Blast Extreme Optimization Guide to learn more about Blast.
Figure 3. Remote access to corporate PC
See Supported Operating Systems for Horizon Agent to ensure your Windows 10 desktops are supported, and watch for more technical detail on implementing this solution in Part Two of this blog series.
Despite the surprise of unforeseen events, there are many actions you can take. For more information about ways you can mitigate some of the circumstances we all face today, see the following resources and stay tuned for part 2 of this blog.
Listen to the Digital Workspace Tech Zone Podcast on Maintaining Business Continuity in difficult times.
Differences Between Business Continuity and Disaster Recovery
Empowering a Remote Workforce for Business Continuity with Hybrid and Multi-Cloud VDI and Apps
What to Do If You Suddenly Have to Support 80% of Users Working Remotely
Each day over the next few weeks, we will be rolling out a series of posts and resources around business continuity. We also hosted a business continuity webinar, Pandemic Preparedness and Response: How to Quickly Set Up a Remote Workforce for Success, that you can watch on-demand.