What Is VMware Horizon?VMware Horizon 8
Virtual desktop infrastructure (VDI) products, such as VMware Horizon®, enable IT departments to run virtual machine (VM) desktops and applications in the data center or cloud and remotely deliver these desktops and applications to employees as a managed service. This computer-within-a-computer strategy enables multiple VMs to be run per physical server core.
For administrators, this means desktop and application management can be simplified, automated, and made more secure. Admins can quickly create virtual desktops on demand based on location and profile, and securely deliver desktops as a service from a single control plane. VMware Horizon supports hybrid (on-premises but managed in the cloud) as well as multi-cloud architectures, to enable global entitlement and management.
End users can access their personalized virtual desktops or remote RDSH-published applications from company laptops, their home PCs, thin client devices, Macs, tablets, or smartphones. Horizon is the leading platform for Windows desktop and application virtualization, providing a consistent user experience across devices, locations, and networks. All of this is accomplished while keeping corporate data compliant and securely stored in the data center on premises or in a private or public cloud, such as Microsoft Azure, VMware Cloud™ on AWS, Google Cloud, IBM Cloud, or other partner clouds.
When VDI solutions first started appearing, about a decade ago, the strategy was to take a Windows desktop system, install applications, virtualize the whole thing, and place it in the data center. Unlike this traditional VDI, Horizon is built on technologies that allow components of a desktop or application to be decoupled and managed independently in a centralized manner, yet reconstituted on demand to deliver a personalized user workspace.
For example, when the user logs in, a virtual desktop can assemble itself on the fly by combining an instant clone of a golden image (VM) with a user environment profile and one or more containerized applications that attach themselves to (but are not installed in) the VM.
Besides improving on traditional VDI, Horizon allows the same strategy to be used with Microsoft Remote Desktop Session Host (RDSH) server farms, which provide published applications and desktops.
In addition, Horizon integrates with VMware Workspace ONE® on a common identity framework to provide a single catalog for accessing Windows applications and desktops, as well as software-as-a-service (SaaS), web, cloud, and native mobile applications.
What Are the Key Capabilities / Features of VMware Horizon?
Horizon features can be broadly grouped into two categories, those that benefit IT admins and those that primarily benefit end users. Because this article is written for IT admins, let’s begin with the management and administration benefits.
Note: For cloud-based Horizon deployments, organizations have a choice between using a cloud-native infrastructure, such as a Microsoft Azure data center, or a VMware software-defined data center, which uses a VMware vSphere® infrastructure. For example, Horizon Cloud® on Microsoft Azure uses a Microsoft Azure data center; whereas the Azure VMware® Solution uses a vSphere data center delivered by Microsoft on Azure. In the sections that follow, mention of vSphere-enabled features, such as Instant Clone Technology, do not apply to Horizon Cloud on Microsoft Azure.
Deliver applications and desktops automatically and in real-time.
With VMware just-in-time desktops and applications, the necessary systems are provisioned in real time. Horizon uses the following components to deploy desktop and application services to specific groups of users at the time and location the IT admin chooses:
- VMware vSphere Instant Clone Technology leverages the VMware virtualization infrastructure for ultra-fast desktop provisioning. Cloning a VM takes only a second or two.
- VMware Dynamic Environment Manager™ (formerly User Environment Manager) enables admins to personalize user and application settings and configure user environments dynamically based on conditions such as the user’s location, type of device, and user group.
- VMware App Volumes™ is a container-style technology that attaches applications to a VM at login time. App Volumes eliminates the pain in application packaging and can reduce the number of images admins must manage by up to 70 percent.
These technologies, used together, rapidly create desktops that seem persistent. They maintain user customizations, user-installed applications, and more, from session to session, even though the desktop itself is destroyed on logout. New desktops are automatically recreated and ready for the user’s next login.
Simplify management and maintenance tasks.
Horizon gives you the benefits of VDI, which include security, reliability, and access from all types of client devices, while removing the usual obstacles. For example, instead of each user having a dedicated VM that requires as much maintenance effort as a physical desktop, only a few golden VM images are required.
Other VMware technologies provide personalization and the seeming experience of a dedicated, persistent desktop. Users no longer need to equate the VDI experience with a locked-down, restricted, vanilla desktop:
- Instant Clone Technology allows administrators to quickly create virtual desktops that share virtual disks with a golden image, conserving disk space and simplifying the management of OS patches and updates—no separate server or database required.
- Horizon Control Plane is a feature-rich, cloud-based service that uses a multi-tenant, cloud-scale architecture and enables administrators to choose where virtual desktops and applications reside. For more information, see the Horizon Control Plane section of the VMware Workspace ONE and VMware Horizon Reference Architecture.
- VMware Advanced Monitoring powered by ControlUp can be purchased and added for monitoring, reporting, deep in-guest troubleshooting, and root cause analysis.
Keep sensitive data safe and enforce endpoint compliance.
Horizon includes security features across all product areas, from the data center and network to the endpoint, including mobile devices.
- Communication among server components, client devices, and, optionally, virtual desktops uses TLS/SSL.
- With Dynamic Environment Manager, you can easily configure fine-grained policies for application blocking and disabling features such as copying, pasting, and printing based on user device, location, and other defined security conditions.
- VMware NSX can provide micro-segmentation for network data separation. NSX advantages include providing security within the hypervisor—no additional hardware required.
Note: NSX is not bundled in perpetual Horizon editions. You can purchase NSX for Horizon as a standalone license per user. NSX is typically included in VMware-based infrastructure-as-a-service solutions, such as VMware Cloud on AWS, Google Cloud VMware Engine, and Azure VMware Solution.
- For endpoint protection of virtual desktops, VMware Carbon Black Cloud™ provides support for persistent Horizon desktops and previews nonpersistent clones to detect and prevent malware and fileless non-malware attacks. Carbon Black also has audit and remediation features, using a system-centric, cloud-based approach.
Give end users a rich, personalized experience from any device and any location.
When integrated with Workspace ONE, end users can sign on once, through the Workspace ONE Intelligent Hub, and access all their personalized virtual desktops and applications from company laptops, their home PCs, thin client devices, Macs, tablets, or smartphones.
- Blast Extreme is the VMware user-interface remoting technology. With the Blast Extreme display protocol, end users can enjoy the responsiveness and high-fidelity display they are accustomed to, even those users that require graphically intensive, 3D applications or high-definition (up to 8K) displays.
- Optimization packs are available to provide an enhanced audio and video experience and support for Zoom, Cisco Webex, and Microsoft Teams.
- Horizon virtual desktops and applications can connect to most commonly used peripherals, including printers, scanners and imaging devices, smart cards, and USB storage devices.
- In addition to Windows virtual desktops and apps, you can provide virtualized Linux desktops to developers, CAD/CAM developers, government workers, and organizations who want to take advantage of the cost savings, security, and customizations available with Linux.
Give your users a desktop that can never die.
Physical hardware can have accidents, get lost, get stolen, or just die. Restoring from a backup is a pain, takes time, and might or might not bring back your most recent work. In contrast, virtualized desktops and applications are, by design, highly available and accessible from whatever device is appropriate for the user at any given time and location.
- For example, a user starts writing a report on the branch office PC, and suddenly the power goes out in their building. The user can pick up where they left off at home on their MacBook or iPad because their virtual desktop does not reside on that office PC.
- In fact, if a user does not happen to have a device of their own at the moment, they can borrow one and use the Horizon HTML Access web client. The web client does not require installing any software on the client device.
- VMs can reside on high-availability clusters of VMware vSphere servers.
These are just a few of the remote experience features available. For more detail and a longer list, see the blog post The Evolution of VMware Horizon for Hybrid and Multi-Cloud Deployments of Virtual Desktops and Applications.
Why Consider VMware Horizon?
Horizon is a complete solution that delivers, manages, and protects virtual desktops, RDSH-published desktops, and applications across devices and locations. From provisioning to management and monitoring, Horizon offers an integrated stack of enterprise-class technologies that can deploy hundreds of customized desktops and RDSH servers in a few minutes from centralized single images.
Horizon can be integrated with Workspace ONE through VMware Workspace ONE® Access (formerly VMware Identity Manager) either on-premises or as part of the Workspace ONE service. Workspace ONE Access is provided with Horizon Enterprise Edition or Workspace ONE when purchased.
Call to Action
Now that you have a good understanding of what Horizon can do, be sure to take a look at how Horizon does it. See “How Does VMware Horizon Work?”