adv1586be what's new in horizon 7 technical deep dive or ... · what's new in horizon 7...

Graeme GordonJohn Wilkinson

ADV1586BE

#VMworld #ADV1586BE

What's New in Horizon 7Technical Deep Dive

VMworld 2017 Content: Not fo

r publication or distri

bution

• This presentation may contain product features that are currently under development.

• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

• Technical feasibility and market demand will affect final delivery.

• Pricing and packaging for any new technologies or features discussed or presented have not been determined.

Disclaimer

#ADV1586BE CONFIDENTIAL 2



bution

Agenda

1 Just-in-Time Management Platform (JMP)

2 Horizon Apps

3 Horizon Helpdesk

4 User Experience

5 Wrap Up

#ADV1

586BE

CONFI

DENTI

AL

3



bution

Horizon Makes Desktop and

App Management Easy

Horizon centralizes end users' desktops and applications in the datacenter, so IT can efficiently provision new clients, centralize desktop management, and improve security and compliance and is based on 7 key pillars

Smart

Policies

Great User

Experience

JMP

Platform

Desktops and

Apps From a

Single Platform

Flexible

Delivery

SDDC

Integration

Complete

Environment

Management

4



bution

JMP Technologies Eliminate Cost and Complexity

Real-Time App Delivery

Ultra-fast Desktop Provisioning

Contextual Policy Management

UserEnvironment Management

Instant Clones

App Volumes




bution

• Rapid creation of desktop VMs.

• 1 Clone created per Second per vSphere host.

• Quickly customized with ClonePrep

Instant Clones

1 …

Master VM

Desktop Pool

vSphere Hosts




bution

• Priming Process (active parents on hosts) can be pre-staged.

• 1 Clone created per Second per vSphere host.

Updating Instant Clones

1 …

Desktop Pool

2

Master VM

vSphere Hosts




bution

App Volumes – Managed Application Containers

• Real-time application delivery.

• Applications contained within a virtual disk.

• User assignments are attached at logon.

– Can be immediate if required.

• Update AppStack to create new version.

– Swap assignment to give users new at next logon.

– Update once, attach many times.App Volumes Agent

Just-in-Time App Model

OS

AppStack Writable VolumeAppStack

#ADV1

586BE

CONFI

DENTI

AL

9



bution

VMware User Environment Manager

Settings

Data / Files Applications

OS

VMware User Environment Manager Event-Driven Dynamic

Configuration

User Environment Settings

Application Configuration

Personalization

#ADV1

586BE

CONFI

DENTI

AL

10



bution

Building a Service with JMPService

Instant Clone Desktop

Virtualized Apps

App Volumes

Core Apps

AppStack

Departmental Apps

AppStack

User Installed Apps

Writable Volume

Streamed

ThinApps

Horizon Desktop Pool

Instant Clone

Automated Pool

Folder Redirection(File Shares)

Mandatory Profile

Documents

Downloads

Music

Pictures

Videos

User Environment Manager(Environment Setting &

Application Config)

IT Configuration

User Personalization

Base Profile




bution

Unified Access Gateway vs Security Server

• Hardened appliance with strong security considerations.

• No 1-1 mapping needed with Horizon connection servers.

• Provides Strong DMZ Authentication.

‒ Smartcard, Cert, RSA SecurID, RADIUS, SAML

• Support latest Blast enhancements

• Deployed in DMZ or Cloud tenants.

• Compliance and certifications (FIPS/ CC)

UAG Key Advantages

UAG

Internal Network

External

Connection

ServersLoad

Balancer CS1

CS2

DMZ

Load

Balancer

UAG



bution

Unified Access Gateway (UAG) – What’s New ?

• New Admin UI

– Ease of deployment and config updates w/o redeployment.

– Health status for services and log levels.

• Support Endpoint Compliance check for Horizon.

• Support FIPS - 140-2 mode and Common Criteria certification.

– Separate OVA for FIPS-140-2

• Reverse Proxy and Identity Bridging .

– Support Access to on-prem apps supporting headers and Kerberos.

• Support on ESXi and Microsoft Hyper-V hypervisor.

New Features



bution

Instant Clone Updates



bution

Rapid Feature Enhancements

No Multi-VLAN

Support in a single

Pool

No RDSH

Application Farms

or Desktop Pools

No Reusable

Computer

Accounts

No Dedicated

Desktop Pools

Fixed max

resolution &

number of

monitors

No GPU Support

Multi-VLAN

Support in a single

Pool

RDSH Application

Farms or Desktop

Pools

Reusable

Computer

Accounts

Dedicated

Desktop Pools

Flexible resolution

and number of

monitors

GPU Support




bution

vGPU for Instant Clones

Overview

• Deploy Instant Clones pools with graphics acceleration using NVidia GRID cards.

• Adds vGPU capability.

• Set vGPU profile in Master VM

• Instant-clone desktop pool automatically uses this profile for the clones.

Requirements

• vSphere 6.0 U1 or higher

• VDI desktop pools only.

– Farms of RDSH desktop or applications not yet supported.

• NVidia M-series cards only.

• Blast Extreme

– PCoIP (Tech Preview)




bution

Four Monitor Support

• Instant clone desktop pool inherits graphic settings of the vCenter parent VM snapshot:

‒ Video Memory

‒ Number of monitors

‒ Resolution

vCenter VM Settings Pool – Select Image Snapshot




bution

Multi-VLAN support for Instant Clone Pools

Overview

• Provides native support in Horizon Administrator for large Instant Clone pools.

• Create Instant Clone pool of greater size than single subnet mask permits.

Detail

• Virtual Distributed Switch only.

• Port Group must be configured for:

– Static Port Binding & Fixed Port Allocation.

– No support for Dynamic or Ephemeral.

• Works with Instant Clone pools only.

– VDI or RDS

• No dependency on Guest OS.

Dis

trib

ute

d

Sw

itch

Po

ol

10

00

VM

s

Uplinks

Port Group

VLAN1

Port Group

VLAN2

Port Group

VLAN3

x100

Port Group

VLAN4

Port Group

VLAN5

x100x100x100x100




bution

Other Instant Clone Enhancements

• vSphere Host Maintenance Mode with Instant Clones

– Automatically deletes Parent VMs when a vSphere host goes into maintenance mode.

• Reuse AD Account for Instant Clones Pool.

– Allows machines in an Instant Clone Pool to keep all machine assignments by reusing the computer account.

• Local storage support for Instant Clones

– Ability to use local disk for Instant Clones storage.

– Provides another storage option.

– Low cost storage tier.




bution

Horizon Apps Features

Hosted Apps and RDS Desktops

PrintingScanning and

Imaging Devices

SmartCard

USB Storage Devices

HTML5 and Chromebook

Clients

Client Drive Redirection

Windows Media Redirection

File Type Association

Skype for Business / Lync 2013 for RDS

Desktops

3D Apps and Desktops with NVIDIA GRID

URL Content Redirection

RTAV

USB Redirection

Application Layering

User Environment Management

Load Balancing

RDSH Image Management

And now… Instant Clones for RDSH for Just in Time App Provisioning




bution

Instant Clones for RDSH Servers

Overview

• Fast provisioning of RDSH Servers using vmFork Instant Clone technology.

• Running parent VM is quiesced and “forked.”

– Clones are rapidly customized and powered-on.

– Enables disk-space and memory efficiency.

• One clone is created per second per vSphere host

– (on average during the instant-cloning phase).

Benefits

• Faster provisioning of RDSH servers.

• Simpler and quicker maintenance and updating.

• No database required.

• Smaller load on vCenter Server.

APP APP APP APP




bution

Instant Clones RDSH Farms

Overview

• Add or Remove RDS Hosts from the Farm Rapidly.

• Priming process is done at farm creation.

– Or when farm is updated.

– Active Parent VMs are created on each vSphere host.

• Individual RDS Hosts are Instant Clones

– Rapidly created, customized and available.

• Set the minimum number of ready VMs to achieve rolling server updates when performing maintenance.

Benefits

• Can scale up or down existing farms rapidly by editing the farm settings.




bution

RDSH Maintenance with Instant Clones

Immediate

• A one off update or refresh of the RDSH farm.

• Use the same or a new Master snapshot.

• Can be Immediate or at a specific time.

• What Happens:

– Old RDS Hosts are deleted.

– New Parent VMs are created if updating to a new snapshot.

– New RDS Host Instant Clones are created.

– A minimum number of RDS Hosts are kept available during maintenance.

• One off regeneration of the RDSH Instant Clones.

Recurring

• Scheduled Maintenance.

– Daily, weekly, monthly.

• Regularly delete and recreate the RDSH Instant Clones.

– Can update to a new Master snapshot.

– Subsequent times will use the same Master snapshot.

• A minimum amount of RDS Hosts are kept available during maintenance.

• Regularly regenerate the RDSH Instant Clones.




bution

Horizon App Shortcuts

• Create shortcuts to Horizon resources:

– Published Applications

– Desktops

– Global Entitlements

• Shortcuts appear in Start menu.

• Admin configured.

• Can categorize into folders.

• Use has choice at login to have shortcuts created.




bution

Application Session Pre-Launch

Overview

• Configure a published application to launch as a user logs in.

• Faster launch of frequently launched applications.

Configurable

• Per application

• Timeout Adjust boot storm headroom accordingly!




bution

Horizon Smart Policies for Apps

Overview

• Conditionally enable, disable or restrict:

‒ USB Redirection

‒ Printing

‒ Clipboard

‒ Client Drive Redirection

‒ HTML Access File Transfer

‒ Bandwidth Profile for Blast Extreme & PCoIP

Benefits

• Granular user experience management on Horizon platforms.

• Create policies that control the behavior of published applications.




bution

Unauthenticated Access with Published Applications

Overview

• Enable users to access RDSH applications without have to authenticate (username/password).

• Popular in healthcare environments or where the application is:

– Used in Kiosk mode or

– Has its own security and user management.

• Enabled per Connection Server.

• Supported clients: Windows, Linux.

Benefits

• Preserve user workflow.

• Remove unnecessary double authentication step.

• Simplify user experience.

Client

RDSH

Unauthenticated

Login

Application




bution

Unauthenticated Access Demo




bution

Horizon Helpdesk



bution

3030

Horizon Helpdesk

A simple dashboard for L1 & L2

support team to quickly remediate

problems.

Support team may have limited

training on Horizon (or no access

to Horizon console).

Quick username / full name look

up & session information, or

provide user/session details to

facilitate case escalation.

Installed by default on

Connection Server

‒ https://<CS

FQDN>/helpdesk

‒ Button in /adminVMworld 2017 Content: Not fo


bution

Session Details

• CPU, Memory

• Network Latency, TX bandwidth, Packet Loss, Protocol Info

• Session start time and duration

• Logon breakdown

• Restart

• Reset (hard)

• Send Message

• Remote Assist (MS)

• Disconnect

• Log-off & Shutdown

• Client name

• User

• IP

• Operating System

• Computer name

• IP address

• Agent version

• Pool/Farm

• Pod and vCenter

name

Horizon Helpdesk Highlights

VDI and RDSH



bution



bution

Coming Soon – New Help Desk Features!

• Role-based Access Control - Full, Read-only and Custom Help Desk role.

• Active Application & Processes - similar to Windows task manager and ability to end specific application or process.

• Host-level metrics for CPU and Memory to complement VM metrics.

• Additional Blast metrics: Est. Bandwidth (up & down link), packet loss (up & down link), and counters for imaging, audio counters.

• Unified Access Gateway - name and IP address the user is connected through.

• Horizon Client version.

• Horizon Agent version in Global session.VMworld 2017 Content: N

ot for publicatio

n or distribution

Role-based Access Control & Custom Roles



bution

User Session Details

• Client version

• UAG name & IP

• Logon breakdown (client to broker):

‒ brokering,

‒ GPO load,

‒ profile load,

‒ Interactive, and

‒ authentication

35



bution

Process, Applications and End Process



bution

Helpdesk Demo



bution

© 2016 VMware Inc. All rights reserved.

User Experience



bution

Blast Extreme – Designed for the Mobile Cloud Era

40

Bandwidth Friendly:Deliver better video to more users

Broad Client Support:H264 available in most devices

GRID Optimized:Deliver more 3D users

Network Friendly: TCP or UDP works in more places

Built for the Cloud:Adapts better to lossy networks

Better Battery Life:Optimized for mobile workers



bution

41

6Xfaster file transfers

across WAN

50% lower

bandwidth

utilization

Blast Extreme Adaptive Transport Makes the Workspace Better

13x higher

framerate under

extreme network

conditions



bution

Session Collaboration (Beta)

• Allow a user to share their remote session with other users.

‒ Multicast a desktop to many simultaneous collaborators/viewers or a single one.

‒ Collaborators/viewers can be invited and then join the shared desktop via URI or manual launch.

‒ Input control, multiple cursors display.



bution

HTML5 Video Redirection

Overview

• Redirect HTML5 video from remote to local.

• Overlay the redirected video on top of the remote browser.

• Windows client only.

• Chrome support only; more browser support planned.

Benefits

• Next generation technology for company town hall in

Horizon (leave Flash behind!)

• Plug free solution – support generic sites such as YouTube.

• Seamless experiences – end users only see smooth video.

• Reduce the data center network traffic and CPU utilization.



bution

Performance Tracker

Monitor End User Performance

• Tech Preview.

• Simplifies protocol evaluation.

• Helps determine end user experience.

• Supports Blast Extreme and PCoIP protocol.

‒ FPS

‒ RTT

‒ Packet Loss

‒ System & Encoder CPU

‒ Etc..VMworld 2017 Content: N

ot for publicatio

n or distribution

Collaborate Effectively with Skype for Business

47

Apps WindowsDesktops Linux



bution

VMware Horizon Virtualization Pack for Skype for Business

• Enables customers to use Skype for Business within Horizon desktops.

• Optimizes audio-video calls and telephony features using the native Skype client.

• Windows clients initially.



bution

Benefits of Horizon® Virtualization Pack for Skype for Business

49

Highly Scalable

All media is rendered on client

and there does not affect server

scalability

Point to Point Media

Provides best user experience

and eliminates delay

Bandwidth Savings

Through use of native Skype

codecs, optimized bandwidth

usage

Network QoS

Audio/Video sent outside display

protocol and can be classified and

prioritized by QoS



bution

Architecture Virtual Machine

VMware Horizon

Media Proxy

Skype For Business

2016 Client

Client Machine

VMware Horizon Media Engine

Horizon Client

Lync Server 2013 /

Skype for Business

Server 2015

Office 365

Authentication

SIP Signaling & IM

Data Collaboration

Virtual Channel

Other Skype for

Business user

endpoint or serverAudio / Video Media

VMware Horizon® Virtualization Pack

for Skype for Business



bution

CONFI

DENTI

AL

52



bution

CONFI

DENTI

AL

53



bution

CONFI

DENTI

AL

54



bution

CONFI

DENTI

AL

55



bution

CONFI

DENTI

AL

56



bution

CONFI

DENTI

AL

57



bution

• Horizon 7 or Horizon Cloud

• Skype for Business 2015 or Office365

• Support for multiple Horizon clients with Horizon Virtualization Pack for Skype for Business

• Windows, Linux, Mac

• Communicate using rich Skype audio and video calls

• Optimized architecture for delivering rich audio and video without negative affects on virtual infrastructure and network

Scalability & Performance

Horizon Virtualization Pack for Skype Highlights

Client Flexibility

On Premise or Cloud

58



bution

Wrap Up

Customer Success

• Laser focus on customers

Ease of Deployment and Supportability

• Make Horizon easier to deploy, consume and manage for our customers

Horizon Apps

• Make Horizon Apps first class citizen

User Experience

• Make the VDI experience to native desktop experienceVMworld 2017 Content: N

ot for publicatio

n or distribution



bution

LearnHorizon Product Page & Technical

Resourceshttps://www.vmware.com/products/horizon

EUC Bloghttps://blogs.vmware.com/euc

Reference Architectures

EUC YouTube Channel

Get Started with VMware Horizon

Experience

Horizon SessionsSpotlights, breakouts, quick talks & group discussions

Visit the VMware BoothUse case demos, chat with VMware Horizon experts

Test Drive Horizon with free Hands-on LabsExpert-led or Self-paced. labs.hol.vmware.com

Sessions to attend or listen to on playback

• Delivering Skype for Business with VMware Horizon: All You Need to Know [ADV1583BU]

• Beyond the Marketing: VMware Horizon 7.1 Instant Clones Deep Dive [ADV1594BU]

• Deliver Any App, Any Desktop, Anywhere in the World Using VMware Blast Extreme [ADV1609BU]

• Your VDI Trifecta: Instant clones, App Volumes, and UEM [ADV1246BU]

• Wednesday, Aug 30, 8:00 a.m. - 9:00 a.m.




bution

https://www.vmware.com/products/horizon

https://blogs.vmware.com/euc

http://labs.hol.vmware.com/



bution