vmworld 2016: what's new with horizon 7
TRANSCRIPT
What's New with Horizon 7Tony Huynh, VMwareHenry Robinson, VMware
EUC8404
#EUC8404
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not been determined.
Disclaimer
2
3
Agenda
1 Horizon 7
2 Infrastructure Updates
3 User Experience
4 Summary
Horizon 7
VMware Horizon Portfolio
5
MAIN OFFICE REMOTE OFFICE CAMPUS SPECIALIST MOBILE NON-EMPLOYEE
Horizon Flex
Containerized desktopsand apps
Horizon Air
Cloud Hosted or HybridDesktop and app deliveryfrom the cloud
Horizon 7
Desktop and app delivery from private cloud
Innovations in Horizon 7 Make the Mobile Cloud a Reality
6
Just-in-Time Desktops
Access & Authentication
True SSO
Blast Extreme Experience /
GPU Support
Hybrid Cloud Ready
App Lifecycle Management
Smart Policies
7
Horizon Makes Desktop and App Management EasyHorizon centralizes end users' desktops and applications in the datacenter, so IT can efficiently provision new clients, centralize desktop management, and improve security and compliance and is based on 7 key pillars
Desktops and Apps From a
Single Platform
Smart PoliciesJust-in-Time Desktops
Great User Experience
Flexible and Hybrid Delivery
SDDC Integration
Complete Environment Management
8
Just-in-Time DesktopsWith innovative technologies like Instant Clones, User Environment Management and App Volumes—Horizon ensures that IT can streamline desktop and application management like never before, providing employees with truly stateless desktops.
Drive Down Storage Costs by >30%
Deliver Apps Instantly
Streamline OpEX by >50%
9
User-installed Apps
Applications 1
Applications 2
Instant Clones
Windows Windows
Windows
User Data
Data/FilesUser 1
PersonalizationUser 1
Data/FilesUser 2
PersonalizationUser 2
Corporate Apps
Instant Clones
+ + +
Overview• Just-In-Time Desktops (Operating System, Applications, and user
data) instantly provisioned for the user at login. • Instant Clones use VMware vmFork technology to rapidly provision
new desktops from a parent desktop (Gold Master).• Administrators have the option to either provision a pool up front or
create an elastic pool of desktops that grow or shrink to meet demand.
Benefits• Ideal User Experience. Instantly delivers the most up to date
desktop with the latest version of the operating system and applications.
• Simplified desktop administration. Operating system and applications are patched on a rolling basis. Maintenance window is virtually eliminated.
• High performance. VMware vmFork technology provisions desktops on demand with no boot storms and efficient storage utilization.
10
Instant Clones
Data/FilesUser 1
PersonalizationUser 1
Applications 1Applications 2
Cloning Desktop
User
Loading ApplicationsCustomizing DesktopJust In Time Desktop
How It Works• Instant Clones leverage VMware vmFork technology
‒ A running, powered on desktop (Parent Virtual Machine) is quiesced and cloned.
‒ Clones share the disk and memory of the Parent VM for reads – space and memory efficiency;
• The guest OS is customized, joins the domain, and is ready for user login as the desktop fully powers on
• Instant Clones can be non-persistent or persistent desktops‒ Instant Clones by themselves are non-persistent (e.g. for call center users)‒ App Volumes and UEM enable a persistent experience by attaching and
managing corporate apps, user data and profiles, and user installed applications.
• The desktop is destroyed at the time of user logoff. A new, fresh and updated desktop is created and ready for the next user log in.
• Desktop maintenance is virtually eliminated‒ Patching the Operating System is as simple as updating the Parent Virtual
Machine. A user automatically gets an updated desktop at next login. No lengthy recompose operation.
‒ Desktops are short-lived and always recreated and automatically optimized for best performance. No separate rebalance operation is required.
11
Instant Clones vs View Composer
Instant Clones
• Faster provisioning– Desktops on demand, created in seconds
• Better performance– No boot storms – desktops always powered on and
ready for login– Desktop clones share disk and memory for reads,
better performance through common cache– Significantly less load on vCenter
• Simplified desktop administration– No refresh, recompose, rebalanced– SE-Sparse and clone-level CBRC no longer needed– No separate database of View Composer– Leverages App Volumes and UEM for desktop
personalization
View Composer
• Slower provisioning– Desktops takes several minutes to provision per
desktop, new pools take hours• Desktop Administration Challenges
– Patching requires lengthy Recompose operations; entire pools are offline for hours
– Frequent refresh and rebalance for ongoing maintenance
– Pool provisioning and patching caused boot storms and heavy vCenter load
– Separate View Composer server and database
Desktop Types Revisited – Just-in-Time
Non-Persistent Desktops
Persistent Desktops
Windows
Windows Windows
+
Instant Clones Corporate Apps User-installed Apps
Data/FilesUser 1
PersonalizationUser 1
Data/FilesUser 2
PersonalizationUser 2
User Data
Applications 1
Applications 2
+ +
• Best user experience• Simplified, consistent management, no patch maintenance window• Provisioning on-demand• Space efficient
Smart Policies
14
Smart PoliciesTrue SSO Experience
Policy-Managed Client Features
Access Point Authentication
Common Criteria / FIPS 140-2
Policies are tied to the end user allowing IT to be able to provide end users with a truly contextual user experience with policies dynamically changes depending on the device used or the location services are being accessed from.
Access & Authentication: True SSOOverview• Users authenticate to VMware Identity Manager using a variety of
credential options
• Once authenticated, users can select any Windows desktop or application without needing to present AD or Smartcard credentials
• Uses SAML to connect the Identity Provider’s (IdP) authentication with the user’s UPN for access to AD credentials
• True SSO generates a unique, short-lived certificate to manage the Windows logon process
Benefits• Separates Authentication (validating a user’s identity) from Access
(user can use a Windows desktop or application)
• Enhanced security. User credentials are secured by digital certificate, no passwords are vaulted or transferred within the datacenter
• Supports a wide range of authentication methods – enterprises can select or change authentication protocols with limited impact to the infrastructure
15
AD
vIDM Appliance
ConnectionServer
Enrolment Server
CertificateAuthority
ClientDevice
VM / RDSH
Infrastructure Updates
Cloud Pod Architecture (CPA)
Overview• Combines multiple Horizon environments (POD) into a single
Federation
• PODs managed independently. Different versions or configurations are ok.
• User has global entitlements, can granted access to desktops or applications across PODs
• A user accesses CPA through any POD
• Global Load Balancer or GeoDNS to nearest POD
• Flexible configuration to direct user to Home Site
• CPA useful for load balancing and failover
• Horizon Admin Console:
• CPA Configuration, Global User Entitlements
• Single View for User Sessions 17
Federation of Horizon Environments
Cloud Pod Architecture
Overview• Increased scale - CPA allows federation of up to 25 Horizon
PODs across up to five sites for a scale of 50,000 sessions
• More flexible entitlements - CPA now allows home site assignments for nested AD security groups.
• Improved failover support - Home site users now directed to available desktops at other site.
• Integration with VMware Identity Manager - Identity Manager presents desktops or applications available from any CPA Pod.
18
Scale and Failover Improvements
Access Point – Overview
• Hardened appliance for external user access
• SLES 12 Linux Appliance
• Added Security & Multifactor Authentication
• Pass-Through Authentication to CS
• Smart Card Support – GA
• SAML Pass-Thru support
• RADIUS / SecurID Support
• Blast support over 443 (Port Sharing)
• API’s for service and Perf Stats
• Enhanced Health Status
Overview
CONFIDENTIAL 20
Automation Improvements• A powerful, complete, integrated scripting environment for Horizon
• Allows administrators to automate every aspect of Horizon administration– Pool Management– User Entitlement– Desktop and Application Provisioning– … and much more
• Integrated with VMware PowerCLI for an end-to-end experience
• Consider attending INF8092 with Alan Renouf and Luc Dekens, Tuesday at 12:30pm for more information
User Experience
CONFIDENTIAL 22
Enhancing the Remote Experience with Blast Extreme
• End users enjoy better battery life across their devices
• Supports end users with great performance even over lossy networks
• Provides organizations with added flexibility when optimizing the user experience across use cases
• Ensures end users have the same great experience regardless of where their infrastructure and desktops are deployed from.
Designed to deliver better user experience across a range of low-cost devices including zero and thin clients.
23
Blast Extreme - The Mobile Cloud Protocol
Use Less Bandwidth:Deliver better video to more users
Broad Client Support: H264 available in most devices
GRID Optimized:Deliver more 3D users
Network Friendly: TCP or UDP works in more places
Built for the Cloud:Adapts better to lossy networks
Better Battery Life:Optimized for mobile workers
Same Horizon Clients / Broadest Support for Every Use Case
Same Common Feature-Rich User Experience
Multiple Protocols
2424
Blast Extreme & PCoIP: Feature Parity
Hosted Apps & RDS
Desktops
Printing Scanning & Imaging Devices
USB Audio In/OutSmart Card
Client DriveRedirection
Windows Media Redirection
File TypeAssociation
Unified Communi-
cations
Webcams
Session Enhancement SDK
RDP VC Bridge SDK
Blast Extreme & PCoIP
Mac iOSLinuxThin Clients
Windows Android Chrome OS HTML (Blast Only)
Common SDKs
WAN Optimization: Riverbed SteelHead and VMware Horizon 7 / Blast Extreme
• Additional acceleration benefit depending on applications and workloads
SteelHead
• #1 industry-leading application and network optimization solution
• Addresses bandwidth and latency through deduplication, compression, TCP/IP optimization, application-specific acceleration, and more
26
vRealize Operations for Horizon with Blast Extreme
CONFIDENTIAL
• Blast Session Statistics– Round Trip Latency (RTT)– Encode Frame Rate (FPS)– Protocol TX Bandwidth (throughput)– Estimated Bandwidth
27
Horizon 3D Graphics Update
Supports NVIDIA GRID K1, K2, M6,
M10 and M60 graphics cards Higher scalability and frames per
second (FPS) Supports 4K resolution and up to 4
monitors
1:1 Pass-Through with vDGA Supports 4K resolution Enhances 3D and multimedia
experience
CONFIDENTIAL
Continuing to Evolve Our RDS Hosted App Capabilities
CONFIDENTIAL 28
Continued investment in RDS hosted app capabilities and significant new capabilities
Hosted Apps and RDS Desktops
PrintingScanning and
Imaging Devices
Smart Card
USB Storage Devices
HTML5 and Chromebook
Clients
Client Drive Redirection
Windows Media
Redirection
FileType
Association
Skype for Business /
Lync 2013 for RDS
Desktops
3D Apps and Desktops
with NVIDIA GRID
URL Content Redirection RTAV USB
Redirection
Hosted Apps and RDS Desktops
Application Layering
User Environment Management
Load Balancing
RDSH Image Management
Q2 2014 – USER EXPERIENCE
Q2 2014 – MANAGEMENT
Q3 2016
29
RDSH Client Peripherals
High Level Device Redirection Printers Scanners & Imaging devices USB Storage Drives Smartcards Webcams1
Microphones1
Generic USB Redirection / HID redirection2
Signature Pads Barcode scanners Credit Card Readers Speech Mics Dictation Foot Pedals Fingerprint Readers Pin Pads
1 – Upcoming release of Horizon2 - Windows client only and limited to Windows 2012 / 2012 R2 RDS Hosts; available with upcoming release of Horizon
30
Seamless User Experience Easily access to your applications with
File Type Association Quick and seamless access to your files Start-menu integration for quick pinning
of commonly used
Optimized User
Experience with Horizon
RDS Applications
Our RDS Hosted Apps are Best-in-Class
31
Hosted Apps and RDS Desktops
Printing Scanning and Imaging Devices
SmartCard
USB Storage Devices
HTML5 and Chromebook
Clients
Client Drive Redirection
Windows Media Redirection
File Type Association
Skype for Business / Lync 2013 for RDS
Desktops
3D Apps and Desktops with NVIDIA GRID
URL Content Redirection
RTAV
USB Redirection
Application Layering
User Environment Management
Load Balancing
RDSH Image Management
Summary
CONFIDENTIAL 33
Summary• Horizon 7 – Best in class platform for delivering desktops and applications
• Just in Time (JIT) desktops leverages power of the SDDC streamline delivery of desktops and applications and reduce TCO
• Continued focus on optimizing user experience with 3D graphics, rich client features, brand new protocol – Blast Extreme
• Commitment to making Horizon RDSH industry leader
What's New with Horizon 7Tony Huynh, VMwareHenry Robinson, VMware
EUC8404
#EUC8404