Upload
thiyagu4u
View
245
Download
0
Embed Size (px)
Citation preview
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 148
VMware Viewtrade
4E VA L UATO R rsquo S G U I D E
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2
Table of Contents
Welcome
Introducing VMware View 4
Whatrsquos New in VMWare View 4
VMware PCoIP Delivers a Rich Desktop Experience Better Value and Reduced Cost
VMware View 4 Components
NFR Licensing or Evaluation Use
Deployment Process
Preparing or the InstallationIP Addressing
Installing and Confguring VMware View
Be ore You BeginVMware View Manager Administration
Task 1 Installing the Connection ServerTask 4 Associating and Adding VMware vCenter ServerTask 5 Confguring Active Directory Users and Computers 1Task 6 Creating and Preparing Virtual MachinesTask 7 Preparing Virtual Machine Snapshots and Templates 1Task 8 Installing VMware View Composer or Linked Clones
VMware View Client Installation and Confguration
Task 9 Installing the VMware View Client in the host desktop or thin client (local system) 23
Task 10 Adding Desktop Source in VMware View ManagerTask 11 Desktop EntitlementTask 12 Accessing Virtual Desktop via RDP or PCoIPTask 13 Additional Virtual Desktop OptimizationTask 14 WAN Optimization
Scenario Overview
Scenario 1 Provision and Use PCoIP Desktops and Pools 32
Step 1 Creating the Replica Connection Server Step 2 Creating Linked Clone Pools Step 3 Connecting to Pool by Tags
Step 4 Deleting the Clone Using Deletion ScriptScenario 2 Confgure PCoIP Full and Linked Clone in VMware vSphere 43
Create Full Clone with Thin Provisioning Anti-Virus Protection
Scenario 3Set up Triple Single Sign-On (SSO) in View 4 47
Support In ormation
About the Author
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3
Welcome
Welcome to the VMwarereg Viewtrade Evaluatorrsquos Guide The purpose o this document is to support a sel -guidhands-on evaluation o VMware View The content includes a product overview including the new eatureso PCoIP installation instructions and scenarios to demonstrate how VMware View can help you deliver thedesktop as a managed service The guide is divided into our sections
1 Introducing VMware View 4
2 Whatrsquos New in VMware View 4
3 VMware View 4 Components Overview
4 Installing and Con guring VMware View 4
This guide is not intended to be a substitute or product documentation For detailed in ormation regardinginstallation con guration administration and usage o VMware products please re er to the onlinedocumentation You may also consult the online Knowledge Base i you have any additional questions
Introducing VMware View 4
Built on the industry-leading virtualization plat orm VMware View is a solution that enables IT organizationsto ldquodecouplerdquo a desktop rom physical devices or locations and deliver the desktop as a managed service
rom a centralized location VMware View makes desktops easily accessible to any end user on multipledevices (thick or thin) over any network connection complete with all applications and data or an optimizedand amiliar desktop experience Purpose-built or delivering desktops as a managed service VMware Viewprovides the best end user experience and simpli es and automates desktop management
Unlike other desktop virtualization products VMware View is a tightly integrated end to end solution allowingcustomers to extend business continuity and disaster recover eatures to their desktops and standardize on acommon plat orm rom the desktop through the datacenter to the cloud
Prior to building and planning the VMware View release the VMware View team reviewed eedback romcustomers to gauge their challenges and requirements
bull IT Professionals indicated that they generally re resh their laptops and desktops every three to our years butwith the tough economy they are now striving to do more with less Time money and resources are in shosupply so they need more e cient ways to deploy and manage their endpoint complexity and boost end-userproductivity They are looking or ways to reduce the complexity o their systems and get more per ormance
rom their in rastructure and are considering desktop virtualization as a solution
bull Designers and Knowledge Workers indicated that their work habits are changing They now need to have the
ability to access the work environment rom many endpoints without compromising the rich user experienceo their PCs or graphic- or video-intense o ine or online content ndash regardless o the device type or thenetwork to which it is attached
bull IT Decision Makers indicated that they are skeptical when it comes to desktop virtualization Some ITDecision Markers are unsure o the bandwidth necessary or a virtual desktop experience in LAN or WANsettings that could serve virtual desktops with the same quality as locally run OS images
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4
Whatrsquos New in VMWare View 4
VMware View is purpose built or desktop delivery and designed or the LAN or WAN con guration The gis to continue provide a smooth end-to-end desktop experience via so tware implementation
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 548
VMware View 4
E VA L U AT O R rsquo S G U I D E 5
FEATURE NEWIMPROVED DESCRIPTION
Quad monitorsupport New Support -bit color with x display resolution and up to monitorssimultaneously
Bene t True multiple displays allow you to ldquosee more and do morerdquo rom a ulldesktop This provides the ability to reproduce true color images with support orup to billion distinct colors per pixel
True multi-monitorsupport onL-shapecon guration
New Support landscape display and portrait display (with pivot monitors) variableresolution support and auto t to client
Bene t Each monitor can be o a di erent size and be set to a di erentresolution Auto Display Scaling Dynamic Resizing helps desktop publishing
nancial application and high-end graphic design needs
Guest desktopsupport WindowsVista and XP OS
New Support or connecting to virtual desktops rom Windows XP and Vista TheVMware View PCoIP is a so tware-to-so tware implementation However it alsosupports hardware PCoIP hosts such as the Samsung SyncMaster ND
rdquo monitor and Teradici Tera Portal
http www teradici com pcoip pcoip-products oem-solutions php
Bene t Provides scalable support to both so tware and hardware on thelocal hosts
Networkcharacteristics andsecurity
New SSL protection on TCP or session management and AES -bit key encryptionon UDP or media trans er between host and client system
Bene t Provides comparable security and encryption ound in other protocols
Protocolintelligence
New PCoIP protocol provides the intelligence to handle prioritization and quality oservices (QOS) or video mouse keyboard sound etc
Bene t This greatly helps the user experience by managing bandwidth andcontent variables
WAN per ormanceand optimization
New Operate with up to ms o round-trip latency with tolerance on packet lossup to
VPN tunneling New Support Cisco VPN so t client
RDP virtualchannelcompatibility orUSB redirection
New Support the comparable list o USB peripherals including biometrics cardreaders webcams mass storage fash devices scanners etc The authorizationcan be done on a per-user per-group basis to only accept speci c devices
Flash controlsupport or PCoIP
New PCoIP uses breakthrough graphics compression that is custom built or deliveringa user desktop over IP networks It works in such a way as to support all graphic( ull- rame rate D or design engineering video gaming etc ) and media (HD
video Microso t video ormats YouTube Microso t Silverlight Google QuickTior Adobe Flash)
Bene t By compressing the display image at the host PC Server you avoidapplication interoperability issues that have plagued thin clients or years and canquickly adapt to physical networks
Audio redirection New New to PCoIP protocol Redirect audio with dynamic audio quality adjustment onthe WAN
ClearType ont New Subpixel render ing technology which may help to improve the apperance o texton some computer displays Newly added to PCoIP protocol
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 648
VMware View 4
E VA L U AT O R rsquo S G U I D E 6
VMware PCoIP Delivers a Rich Desktop Experience
Figure
Operational E ciency
Enterprises that are struggling with the problem o endpoint security should explore desktop virtualization tolessen the requency o malware network breaches and data loss headaches
VMware View centralizes the control o desktop PC images applications and data Deploying desktopvirtualization with VMware View running VMware vSpheretrade can signi cantly improve security unctionalityand storage optimization
For business entities that are subject to stringent regulatory policies such as the Sarbanes-Oxley Act (SOX)the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data SecurityStandard (PCI DSS) VMware View creates a trusted enterprise-computing environment Security vendorslike McA ee and Trend Micro take a proactive role with VMware in raising the bar o security control and
management available to secure the cloud-based in rastructure
FEATURE NEWIMPROVED DESCRIPTION
Full clone pool withthin disk thinprovisioning
New VMware View provides seamless native support or thin provisioning with thevSphere server
Bene t Helps reduce storage usage and allows more guest desktops per corewhile still providing high per ormance
Mixed clustersupport orbackward ndash
orward
compatibility
New This new option in View Administrator allows di erent versions o clusters to bemanaged via the same UI
VWware VMsa eAPI or better anti-virus optimizationand execution
New VMware vSphere supports VMware VMsa etrade API Security virtual machinedeployment sold separately by security vendors is consistent with desktopdeployment Protects the virtual machine by inspecting virtual components(CPU Memory Network and Storage)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 748
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2
Table of Contents
Welcome
Introducing VMware View 4
Whatrsquos New in VMWare View 4
VMware PCoIP Delivers a Rich Desktop Experience Better Value and Reduced Cost
VMware View 4 Components
NFR Licensing or Evaluation Use
Deployment Process
Preparing or the InstallationIP Addressing
Installing and Confguring VMware View
Be ore You BeginVMware View Manager Administration
Task 1 Installing the Connection ServerTask 4 Associating and Adding VMware vCenter ServerTask 5 Confguring Active Directory Users and Computers 1Task 6 Creating and Preparing Virtual MachinesTask 7 Preparing Virtual Machine Snapshots and Templates 1Task 8 Installing VMware View Composer or Linked Clones
VMware View Client Installation and Confguration
Task 9 Installing the VMware View Client in the host desktop or thin client (local system) 23
Task 10 Adding Desktop Source in VMware View ManagerTask 11 Desktop EntitlementTask 12 Accessing Virtual Desktop via RDP or PCoIPTask 13 Additional Virtual Desktop OptimizationTask 14 WAN Optimization
Scenario Overview
Scenario 1 Provision and Use PCoIP Desktops and Pools 32
Step 1 Creating the Replica Connection Server Step 2 Creating Linked Clone Pools Step 3 Connecting to Pool by Tags
Step 4 Deleting the Clone Using Deletion ScriptScenario 2 Confgure PCoIP Full and Linked Clone in VMware vSphere 43
Create Full Clone with Thin Provisioning Anti-Virus Protection
Scenario 3Set up Triple Single Sign-On (SSO) in View 4 47
Support In ormation
About the Author
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3
Welcome
Welcome to the VMwarereg Viewtrade Evaluatorrsquos Guide The purpose o this document is to support a sel -guidhands-on evaluation o VMware View The content includes a product overview including the new eatureso PCoIP installation instructions and scenarios to demonstrate how VMware View can help you deliver thedesktop as a managed service The guide is divided into our sections
1 Introducing VMware View 4
2 Whatrsquos New in VMware View 4
3 VMware View 4 Components Overview
4 Installing and Con guring VMware View 4
This guide is not intended to be a substitute or product documentation For detailed in ormation regardinginstallation con guration administration and usage o VMware products please re er to the onlinedocumentation You may also consult the online Knowledge Base i you have any additional questions
Introducing VMware View 4
Built on the industry-leading virtualization plat orm VMware View is a solution that enables IT organizationsto ldquodecouplerdquo a desktop rom physical devices or locations and deliver the desktop as a managed service
rom a centralized location VMware View makes desktops easily accessible to any end user on multipledevices (thick or thin) over any network connection complete with all applications and data or an optimizedand amiliar desktop experience Purpose-built or delivering desktops as a managed service VMware Viewprovides the best end user experience and simpli es and automates desktop management
Unlike other desktop virtualization products VMware View is a tightly integrated end to end solution allowingcustomers to extend business continuity and disaster recover eatures to their desktops and standardize on acommon plat orm rom the desktop through the datacenter to the cloud
Prior to building and planning the VMware View release the VMware View team reviewed eedback romcustomers to gauge their challenges and requirements
bull IT Professionals indicated that they generally re resh their laptops and desktops every three to our years butwith the tough economy they are now striving to do more with less Time money and resources are in shosupply so they need more e cient ways to deploy and manage their endpoint complexity and boost end-userproductivity They are looking or ways to reduce the complexity o their systems and get more per ormance
rom their in rastructure and are considering desktop virtualization as a solution
bull Designers and Knowledge Workers indicated that their work habits are changing They now need to have the
ability to access the work environment rom many endpoints without compromising the rich user experienceo their PCs or graphic- or video-intense o ine or online content ndash regardless o the device type or thenetwork to which it is attached
bull IT Decision Makers indicated that they are skeptical when it comes to desktop virtualization Some ITDecision Markers are unsure o the bandwidth necessary or a virtual desktop experience in LAN or WANsettings that could serve virtual desktops with the same quality as locally run OS images
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4
Whatrsquos New in VMWare View 4
VMware View is purpose built or desktop delivery and designed or the LAN or WAN con guration The gis to continue provide a smooth end-to-end desktop experience via so tware implementation
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 548
VMware View 4
E VA L U AT O R rsquo S G U I D E 5
FEATURE NEWIMPROVED DESCRIPTION
Quad monitorsupport New Support -bit color with x display resolution and up to monitorssimultaneously
Bene t True multiple displays allow you to ldquosee more and do morerdquo rom a ulldesktop This provides the ability to reproduce true color images with support orup to billion distinct colors per pixel
True multi-monitorsupport onL-shapecon guration
New Support landscape display and portrait display (with pivot monitors) variableresolution support and auto t to client
Bene t Each monitor can be o a di erent size and be set to a di erentresolution Auto Display Scaling Dynamic Resizing helps desktop publishing
nancial application and high-end graphic design needs
Guest desktopsupport WindowsVista and XP OS
New Support or connecting to virtual desktops rom Windows XP and Vista TheVMware View PCoIP is a so tware-to-so tware implementation However it alsosupports hardware PCoIP hosts such as the Samsung SyncMaster ND
rdquo monitor and Teradici Tera Portal
http www teradici com pcoip pcoip-products oem-solutions php
Bene t Provides scalable support to both so tware and hardware on thelocal hosts
Networkcharacteristics andsecurity
New SSL protection on TCP or session management and AES -bit key encryptionon UDP or media trans er between host and client system
Bene t Provides comparable security and encryption ound in other protocols
Protocolintelligence
New PCoIP protocol provides the intelligence to handle prioritization and quality oservices (QOS) or video mouse keyboard sound etc
Bene t This greatly helps the user experience by managing bandwidth andcontent variables
WAN per ormanceand optimization
New Operate with up to ms o round-trip latency with tolerance on packet lossup to
VPN tunneling New Support Cisco VPN so t client
RDP virtualchannelcompatibility orUSB redirection
New Support the comparable list o USB peripherals including biometrics cardreaders webcams mass storage fash devices scanners etc The authorizationcan be done on a per-user per-group basis to only accept speci c devices
Flash controlsupport or PCoIP
New PCoIP uses breakthrough graphics compression that is custom built or deliveringa user desktop over IP networks It works in such a way as to support all graphic( ull- rame rate D or design engineering video gaming etc ) and media (HD
video Microso t video ormats YouTube Microso t Silverlight Google QuickTior Adobe Flash)
Bene t By compressing the display image at the host PC Server you avoidapplication interoperability issues that have plagued thin clients or years and canquickly adapt to physical networks
Audio redirection New New to PCoIP protocol Redirect audio with dynamic audio quality adjustment onthe WAN
ClearType ont New Subpixel render ing technology which may help to improve the apperance o texton some computer displays Newly added to PCoIP protocol
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 648
VMware View 4
E VA L U AT O R rsquo S G U I D E 6
VMware PCoIP Delivers a Rich Desktop Experience
Figure
Operational E ciency
Enterprises that are struggling with the problem o endpoint security should explore desktop virtualization tolessen the requency o malware network breaches and data loss headaches
VMware View centralizes the control o desktop PC images applications and data Deploying desktopvirtualization with VMware View running VMware vSpheretrade can signi cantly improve security unctionalityand storage optimization
For business entities that are subject to stringent regulatory policies such as the Sarbanes-Oxley Act (SOX)the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data SecurityStandard (PCI DSS) VMware View creates a trusted enterprise-computing environment Security vendorslike McA ee and Trend Micro take a proactive role with VMware in raising the bar o security control and
management available to secure the cloud-based in rastructure
FEATURE NEWIMPROVED DESCRIPTION
Full clone pool withthin disk thinprovisioning
New VMware View provides seamless native support or thin provisioning with thevSphere server
Bene t Helps reduce storage usage and allows more guest desktops per corewhile still providing high per ormance
Mixed clustersupport orbackward ndash
orward
compatibility
New This new option in View Administrator allows di erent versions o clusters to bemanaged via the same UI
VWware VMsa eAPI or better anti-virus optimizationand execution
New VMware vSphere supports VMware VMsa etrade API Security virtual machinedeployment sold separately by security vendors is consistent with desktopdeployment Protects the virtual machine by inspecting virtual components(CPU Memory Network and Storage)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 748
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3
Welcome
Welcome to the VMwarereg Viewtrade Evaluatorrsquos Guide The purpose o this document is to support a sel -guidhands-on evaluation o VMware View The content includes a product overview including the new eatureso PCoIP installation instructions and scenarios to demonstrate how VMware View can help you deliver thedesktop as a managed service The guide is divided into our sections
1 Introducing VMware View 4
2 Whatrsquos New in VMware View 4
3 VMware View 4 Components Overview
4 Installing and Con guring VMware View 4
This guide is not intended to be a substitute or product documentation For detailed in ormation regardinginstallation con guration administration and usage o VMware products please re er to the onlinedocumentation You may also consult the online Knowledge Base i you have any additional questions
Introducing VMware View 4
Built on the industry-leading virtualization plat orm VMware View is a solution that enables IT organizationsto ldquodecouplerdquo a desktop rom physical devices or locations and deliver the desktop as a managed service
rom a centralized location VMware View makes desktops easily accessible to any end user on multipledevices (thick or thin) over any network connection complete with all applications and data or an optimizedand amiliar desktop experience Purpose-built or delivering desktops as a managed service VMware Viewprovides the best end user experience and simpli es and automates desktop management
Unlike other desktop virtualization products VMware View is a tightly integrated end to end solution allowingcustomers to extend business continuity and disaster recover eatures to their desktops and standardize on acommon plat orm rom the desktop through the datacenter to the cloud
Prior to building and planning the VMware View release the VMware View team reviewed eedback romcustomers to gauge their challenges and requirements
bull IT Professionals indicated that they generally re resh their laptops and desktops every three to our years butwith the tough economy they are now striving to do more with less Time money and resources are in shosupply so they need more e cient ways to deploy and manage their endpoint complexity and boost end-userproductivity They are looking or ways to reduce the complexity o their systems and get more per ormance
rom their in rastructure and are considering desktop virtualization as a solution
bull Designers and Knowledge Workers indicated that their work habits are changing They now need to have the
ability to access the work environment rom many endpoints without compromising the rich user experienceo their PCs or graphic- or video-intense o ine or online content ndash regardless o the device type or thenetwork to which it is attached
bull IT Decision Makers indicated that they are skeptical when it comes to desktop virtualization Some ITDecision Markers are unsure o the bandwidth necessary or a virtual desktop experience in LAN or WANsettings that could serve virtual desktops with the same quality as locally run OS images
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4
Whatrsquos New in VMWare View 4
VMware View is purpose built or desktop delivery and designed or the LAN or WAN con guration The gis to continue provide a smooth end-to-end desktop experience via so tware implementation
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 548
VMware View 4
E VA L U AT O R rsquo S G U I D E 5
FEATURE NEWIMPROVED DESCRIPTION
Quad monitorsupport New Support -bit color with x display resolution and up to monitorssimultaneously
Bene t True multiple displays allow you to ldquosee more and do morerdquo rom a ulldesktop This provides the ability to reproduce true color images with support orup to billion distinct colors per pixel
True multi-monitorsupport onL-shapecon guration
New Support landscape display and portrait display (with pivot monitors) variableresolution support and auto t to client
Bene t Each monitor can be o a di erent size and be set to a di erentresolution Auto Display Scaling Dynamic Resizing helps desktop publishing
nancial application and high-end graphic design needs
Guest desktopsupport WindowsVista and XP OS
New Support or connecting to virtual desktops rom Windows XP and Vista TheVMware View PCoIP is a so tware-to-so tware implementation However it alsosupports hardware PCoIP hosts such as the Samsung SyncMaster ND
rdquo monitor and Teradici Tera Portal
http www teradici com pcoip pcoip-products oem-solutions php
Bene t Provides scalable support to both so tware and hardware on thelocal hosts
Networkcharacteristics andsecurity
New SSL protection on TCP or session management and AES -bit key encryptionon UDP or media trans er between host and client system
Bene t Provides comparable security and encryption ound in other protocols
Protocolintelligence
New PCoIP protocol provides the intelligence to handle prioritization and quality oservices (QOS) or video mouse keyboard sound etc
Bene t This greatly helps the user experience by managing bandwidth andcontent variables
WAN per ormanceand optimization
New Operate with up to ms o round-trip latency with tolerance on packet lossup to
VPN tunneling New Support Cisco VPN so t client
RDP virtualchannelcompatibility orUSB redirection
New Support the comparable list o USB peripherals including biometrics cardreaders webcams mass storage fash devices scanners etc The authorizationcan be done on a per-user per-group basis to only accept speci c devices
Flash controlsupport or PCoIP
New PCoIP uses breakthrough graphics compression that is custom built or deliveringa user desktop over IP networks It works in such a way as to support all graphic( ull- rame rate D or design engineering video gaming etc ) and media (HD
video Microso t video ormats YouTube Microso t Silverlight Google QuickTior Adobe Flash)
Bene t By compressing the display image at the host PC Server you avoidapplication interoperability issues that have plagued thin clients or years and canquickly adapt to physical networks
Audio redirection New New to PCoIP protocol Redirect audio with dynamic audio quality adjustment onthe WAN
ClearType ont New Subpixel render ing technology which may help to improve the apperance o texton some computer displays Newly added to PCoIP protocol
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 648
VMware View 4
E VA L U AT O R rsquo S G U I D E 6
VMware PCoIP Delivers a Rich Desktop Experience
Figure
Operational E ciency
Enterprises that are struggling with the problem o endpoint security should explore desktop virtualization tolessen the requency o malware network breaches and data loss headaches
VMware View centralizes the control o desktop PC images applications and data Deploying desktopvirtualization with VMware View running VMware vSpheretrade can signi cantly improve security unctionalityand storage optimization
For business entities that are subject to stringent regulatory policies such as the Sarbanes-Oxley Act (SOX)the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data SecurityStandard (PCI DSS) VMware View creates a trusted enterprise-computing environment Security vendorslike McA ee and Trend Micro take a proactive role with VMware in raising the bar o security control and
management available to secure the cloud-based in rastructure
FEATURE NEWIMPROVED DESCRIPTION
Full clone pool withthin disk thinprovisioning
New VMware View provides seamless native support or thin provisioning with thevSphere server
Bene t Helps reduce storage usage and allows more guest desktops per corewhile still providing high per ormance
Mixed clustersupport orbackward ndash
orward
compatibility
New This new option in View Administrator allows di erent versions o clusters to bemanaged via the same UI
VWware VMsa eAPI or better anti-virus optimizationand execution
New VMware vSphere supports VMware VMsa etrade API Security virtual machinedeployment sold separately by security vendors is consistent with desktopdeployment Protects the virtual machine by inspecting virtual components(CPU Memory Network and Storage)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 748
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4
Whatrsquos New in VMWare View 4
VMware View is purpose built or desktop delivery and designed or the LAN or WAN con guration The gis to continue provide a smooth end-to-end desktop experience via so tware implementation
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 548
VMware View 4
E VA L U AT O R rsquo S G U I D E 5
FEATURE NEWIMPROVED DESCRIPTION
Quad monitorsupport New Support -bit color with x display resolution and up to monitorssimultaneously
Bene t True multiple displays allow you to ldquosee more and do morerdquo rom a ulldesktop This provides the ability to reproduce true color images with support orup to billion distinct colors per pixel
True multi-monitorsupport onL-shapecon guration
New Support landscape display and portrait display (with pivot monitors) variableresolution support and auto t to client
Bene t Each monitor can be o a di erent size and be set to a di erentresolution Auto Display Scaling Dynamic Resizing helps desktop publishing
nancial application and high-end graphic design needs
Guest desktopsupport WindowsVista and XP OS
New Support or connecting to virtual desktops rom Windows XP and Vista TheVMware View PCoIP is a so tware-to-so tware implementation However it alsosupports hardware PCoIP hosts such as the Samsung SyncMaster ND
rdquo monitor and Teradici Tera Portal
http www teradici com pcoip pcoip-products oem-solutions php
Bene t Provides scalable support to both so tware and hardware on thelocal hosts
Networkcharacteristics andsecurity
New SSL protection on TCP or session management and AES -bit key encryptionon UDP or media trans er between host and client system
Bene t Provides comparable security and encryption ound in other protocols
Protocolintelligence
New PCoIP protocol provides the intelligence to handle prioritization and quality oservices (QOS) or video mouse keyboard sound etc
Bene t This greatly helps the user experience by managing bandwidth andcontent variables
WAN per ormanceand optimization
New Operate with up to ms o round-trip latency with tolerance on packet lossup to
VPN tunneling New Support Cisco VPN so t client
RDP virtualchannelcompatibility orUSB redirection
New Support the comparable list o USB peripherals including biometrics cardreaders webcams mass storage fash devices scanners etc The authorizationcan be done on a per-user per-group basis to only accept speci c devices
Flash controlsupport or PCoIP
New PCoIP uses breakthrough graphics compression that is custom built or deliveringa user desktop over IP networks It works in such a way as to support all graphic( ull- rame rate D or design engineering video gaming etc ) and media (HD
video Microso t video ormats YouTube Microso t Silverlight Google QuickTior Adobe Flash)
Bene t By compressing the display image at the host PC Server you avoidapplication interoperability issues that have plagued thin clients or years and canquickly adapt to physical networks
Audio redirection New New to PCoIP protocol Redirect audio with dynamic audio quality adjustment onthe WAN
ClearType ont New Subpixel render ing technology which may help to improve the apperance o texton some computer displays Newly added to PCoIP protocol
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 648
VMware View 4
E VA L U AT O R rsquo S G U I D E 6
VMware PCoIP Delivers a Rich Desktop Experience
Figure
Operational E ciency
Enterprises that are struggling with the problem o endpoint security should explore desktop virtualization tolessen the requency o malware network breaches and data loss headaches
VMware View centralizes the control o desktop PC images applications and data Deploying desktopvirtualization with VMware View running VMware vSpheretrade can signi cantly improve security unctionalityand storage optimization
For business entities that are subject to stringent regulatory policies such as the Sarbanes-Oxley Act (SOX)the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data SecurityStandard (PCI DSS) VMware View creates a trusted enterprise-computing environment Security vendorslike McA ee and Trend Micro take a proactive role with VMware in raising the bar o security control and
management available to secure the cloud-based in rastructure
FEATURE NEWIMPROVED DESCRIPTION
Full clone pool withthin disk thinprovisioning
New VMware View provides seamless native support or thin provisioning with thevSphere server
Bene t Helps reduce storage usage and allows more guest desktops per corewhile still providing high per ormance
Mixed clustersupport orbackward ndash
orward
compatibility
New This new option in View Administrator allows di erent versions o clusters to bemanaged via the same UI
VWware VMsa eAPI or better anti-virus optimizationand execution
New VMware vSphere supports VMware VMsa etrade API Security virtual machinedeployment sold separately by security vendors is consistent with desktopdeployment Protects the virtual machine by inspecting virtual components(CPU Memory Network and Storage)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 748
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 548
VMware View 4
E VA L U AT O R rsquo S G U I D E 5
FEATURE NEWIMPROVED DESCRIPTION
Quad monitorsupport New Support -bit color with x display resolution and up to monitorssimultaneously
Bene t True multiple displays allow you to ldquosee more and do morerdquo rom a ulldesktop This provides the ability to reproduce true color images with support orup to billion distinct colors per pixel
True multi-monitorsupport onL-shapecon guration
New Support landscape display and portrait display (with pivot monitors) variableresolution support and auto t to client
Bene t Each monitor can be o a di erent size and be set to a di erentresolution Auto Display Scaling Dynamic Resizing helps desktop publishing
nancial application and high-end graphic design needs
Guest desktopsupport WindowsVista and XP OS
New Support or connecting to virtual desktops rom Windows XP and Vista TheVMware View PCoIP is a so tware-to-so tware implementation However it alsosupports hardware PCoIP hosts such as the Samsung SyncMaster ND
rdquo monitor and Teradici Tera Portal
http www teradici com pcoip pcoip-products oem-solutions php
Bene t Provides scalable support to both so tware and hardware on thelocal hosts
Networkcharacteristics andsecurity
New SSL protection on TCP or session management and AES -bit key encryptionon UDP or media trans er between host and client system
Bene t Provides comparable security and encryption ound in other protocols
Protocolintelligence
New PCoIP protocol provides the intelligence to handle prioritization and quality oservices (QOS) or video mouse keyboard sound etc
Bene t This greatly helps the user experience by managing bandwidth andcontent variables
WAN per ormanceand optimization
New Operate with up to ms o round-trip latency with tolerance on packet lossup to
VPN tunneling New Support Cisco VPN so t client
RDP virtualchannelcompatibility orUSB redirection
New Support the comparable list o USB peripherals including biometrics cardreaders webcams mass storage fash devices scanners etc The authorizationcan be done on a per-user per-group basis to only accept speci c devices
Flash controlsupport or PCoIP
New PCoIP uses breakthrough graphics compression that is custom built or deliveringa user desktop over IP networks It works in such a way as to support all graphic( ull- rame rate D or design engineering video gaming etc ) and media (HD
video Microso t video ormats YouTube Microso t Silverlight Google QuickTior Adobe Flash)
Bene t By compressing the display image at the host PC Server you avoidapplication interoperability issues that have plagued thin clients or years and canquickly adapt to physical networks
Audio redirection New New to PCoIP protocol Redirect audio with dynamic audio quality adjustment onthe WAN
ClearType ont New Subpixel render ing technology which may help to improve the apperance o texton some computer displays Newly added to PCoIP protocol
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 648
VMware View 4
E VA L U AT O R rsquo S G U I D E 6
VMware PCoIP Delivers a Rich Desktop Experience
Figure
Operational E ciency
Enterprises that are struggling with the problem o endpoint security should explore desktop virtualization tolessen the requency o malware network breaches and data loss headaches
VMware View centralizes the control o desktop PC images applications and data Deploying desktopvirtualization with VMware View running VMware vSpheretrade can signi cantly improve security unctionalityand storage optimization
For business entities that are subject to stringent regulatory policies such as the Sarbanes-Oxley Act (SOX)the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data SecurityStandard (PCI DSS) VMware View creates a trusted enterprise-computing environment Security vendorslike McA ee and Trend Micro take a proactive role with VMware in raising the bar o security control and
management available to secure the cloud-based in rastructure
FEATURE NEWIMPROVED DESCRIPTION
Full clone pool withthin disk thinprovisioning
New VMware View provides seamless native support or thin provisioning with thevSphere server
Bene t Helps reduce storage usage and allows more guest desktops per corewhile still providing high per ormance
Mixed clustersupport orbackward ndash
orward
compatibility
New This new option in View Administrator allows di erent versions o clusters to bemanaged via the same UI
VWware VMsa eAPI or better anti-virus optimizationand execution
New VMware vSphere supports VMware VMsa etrade API Security virtual machinedeployment sold separately by security vendors is consistent with desktopdeployment Protects the virtual machine by inspecting virtual components(CPU Memory Network and Storage)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 748
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 648
VMware View 4
E VA L U AT O R rsquo S G U I D E 6
VMware PCoIP Delivers a Rich Desktop Experience
Figure
Operational E ciency
Enterprises that are struggling with the problem o endpoint security should explore desktop virtualization tolessen the requency o malware network breaches and data loss headaches
VMware View centralizes the control o desktop PC images applications and data Deploying desktopvirtualization with VMware View running VMware vSpheretrade can signi cantly improve security unctionalityand storage optimization
For business entities that are subject to stringent regulatory policies such as the Sarbanes-Oxley Act (SOX)the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data SecurityStandard (PCI DSS) VMware View creates a trusted enterprise-computing environment Security vendorslike McA ee and Trend Micro take a proactive role with VMware in raising the bar o security control and
management available to secure the cloud-based in rastructure
FEATURE NEWIMPROVED DESCRIPTION
Full clone pool withthin disk thinprovisioning
New VMware View provides seamless native support or thin provisioning with thevSphere server
Bene t Helps reduce storage usage and allows more guest desktops per corewhile still providing high per ormance
Mixed clustersupport orbackward ndash
orward
compatibility
New This new option in View Administrator allows di erent versions o clusters to bemanaged via the same UI
VWware VMsa eAPI or better anti-virus optimizationand execution
New VMware vSphere supports VMware VMsa etrade API Security virtual machinedeployment sold separately by security vendors is consistent with desktopdeployment Protects the virtual machine by inspecting virtual components(CPU Memory Network and Storage)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 748
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 748
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 848
VMware View 4
E VA L U AT O R rsquo S G U I D E 8
VMware View 4 Components
VMware View 4 extends the same in rastructure and components as in previous versions The key so tware components you need to install VMware View 4 are
bull VMware View Connection Server installed in a Windows Server 2003 system that is separate fromVMware vCentertrade
bull VMware View Agent installed in a virtual desktop (XP Windows 2003 or Vista desktops)
bull VMware View Client installed at the end point device (thin client local laptop or desktops)
bull VMware View Composer installed in VMware vCenter for Linked Clone provisioning use
Platform Integration
APPOS
APPOS
APPOS
VMware vSphere
AuthorizationProtocol
VMware View 4
VMware View Manager 4
Authentication ampDisplay
Superior UserExperience
Scalability ampAvailability
End UserFlexibility
Figure
On the in rastructure side you need to ensure that the ollowing components are provisioned in VMware ESXtrade35 or VMware vSphere
bull VMware vCenter and VMware View Composer are instal led on the same virtual machine whereVMware vCenter is installed
bull SQL Server is required for large virtual desktop deployments For this evaluation the SQL Server ExpressEdition con gured during the VMware vCenter installation is used
bull Con gure Windows 2003 with Active Directory DHCP and DNS service
bull Certi cate Authority (if certi cate or smart card authentication is required) This is not discussed inthis document
For a detailed supported version please re erence the VMware View Manager Administration Guide at httpwwwvmwarecomsupportpubsview_pubshtml
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 948
VMware View 4
E VA L U AT O R rsquo S G U I D E 9
NFR Licensing or Evaluation Use
To request Not For Resale evaluation licenses please email desktop-tmvmwarecom
Deployment Process
In this evaluation you will experience the VMware View setup and con guration all in a single ESX VMwarevSphere box You will also install the needed in rastructure components and virtual machines rom scratch Anonline connection is required only i you plan to use the Internet
Be ore starting the deployment process
bull Set up the networking and IP address in ESXVMware vSphere with NAT router and VMware vSwitch
bull Con gure the required infrastructure components including VMware vCenter Active Directory SQL serverand VMware View Connection Server
bull Prepare the desktops snapshots and templates
The ollowing deployment process is not intended to provide a deep technical explanation o the technologiesound in VMware View 4 Nor is it intended to be used as a deployment guide The tasks include
bull Task 1Installing the Connection Server
bull Task 2Confguring and Administrating VMware View Manager
bull Task 3Installing the License
bull Task 4Associating and Adding VMware vCenter Serverbull Task 5Confguring Active Directory Users and Computers
bull Task 6Creating and Preparing Virtual Machines
bull Task 7Preparing Virtual Machine Snapshots and Templates
bull Task 8Installing VMware View Composer or Linked Clones
bull Task 9Installing VMware View Client in the Host Desktop or Thin Client (local system)
bull Task 10Adding Desktop Source In VMware View Manager
bull Task 11Desktop Entitlement
bull Task 12Accessing Virtual Desktop via RDP or PCoIP
bull Task 13Additional Virtual Desktop Optimization
bull Task 14WAN Optimization
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1048
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 0
Preparing for the Installation
AssumptionsTo success ully use this guide it is assumed that VMware vSphere ESX Server has been installed and
is unctioning properly Please re er to the online documentationhttp www vmware com resourcestechresources 10020 or urther installation assistance
Before You BeginPlease re erence Getting Started with VMware View at httpwwwvmwarecomsupportpubsview_pubshtml For more in ormation on administrating VMware View you can review the ollowing documentation
bull VMware View Manager Administration Guide
bull VMware View Upgrade Guide
bull VMware View Architecture and Planning Guide
bull Knowledge Base
System Requirements
The ollowing is a description o the hardware and so tware required ( or the major components o VMwareView) You can get more in ormation rom the VMware View 4 Architecture Planning Guide
VMware View Connection ServerVMware View Connection Server is not supported on servers that have the Windows Terminal Server roleinstalled Remove the Windows Terminal Server role rom any server where you will be installing the VMwareView Connection Server
VMware View Connection Server runs on a 32-bit or 64-bit dedicated physical or virtual server with the ollowing speci cations
bull Pentium IV 20Ghz processor or higher mdash dual processors are recommended
bull 2GB RAM or higher mdash 3GB RAM is recommended for deployments of 50 or more View Manager desktopsVMware View connection server can handle 2000 connections in clear mode and 750 in tunneled mode
The ollowing VMware vSphere document lists the limits or the server sidehttp www vmware com support pubs vs pages vsp pubs esx40 vc40 html
bull One or more 10100Mbps network interface controllers (NIC) mdash 1Gbps NIC is recommended
Supported Operating SystemsThe VMware View Connection Server can be installed on the ollowing 32-bit operating systems
bull Windows Server 2003 R2 Standard Edition with SP2
bull Windows Server 2003 Standard Edition with SP2
bull Windows Server 2003 R2 Enterprise Edition with SP2
bull Windows Server 2003 Enterprise Edition with SP2
Prerequisites
VMware View Connection Server has the ollowing prerequisites
You will need a valid license key or VMware View Manager The ollowing types o licenses are available
bull VMware View Manager
bull VMware View Manager with View Composer
bull VMware View Manager with View Composer and O ine Desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1148
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 1
For the VMware virtualization environment you will need one o the ollowing
bull VMware vSphere 4 Update 1 (U1 is required)
bull VMware Infrastructure 35 (U3 or U4 recommended U5 not supported)
bull VMware Infrastructure 302 (supported)
bull Both ESX and ESXi hosts are supported VMware vCenter is required
Required Host operating systems or standard or replica VMware View Connection Server instances are joinedto an Active Directory domain The ollowing versions o Active Directory are supported You will need one othe ollowing
bull Windows 2000 Active Directory
bull Windows 2003 Active Directory
bull Windows 2008 Active Directory
IP Addressing
For easy con guration this evaluation scenario speci es a standalone LAN environment with IP addressingbased on the ollowing assumptions
bull One VMware vSwitch is con gured as the External Network for static manually assigned IP addressing
VIEW COMPONENTS IP ADDRESSING
Virtual Center (vCenter) Static 19216813247
View Connection Server (View ) Static 19216813246
View Connection Server (View ) Static 19216813245
Active Directory (ActiveDirectory) Static 19216813252
bull VMware vCenter installation provides SQL Server Express Edition You do not need a separate SQL Serverinstance or this evaluation
bull This evaluation asks you to set up two VMware View Connection Servers This will be used in the evaluationthe new ldquotag entitlementrdquo eature later Itrsquos an optional task i you just need to review the basic unctionalitie
bull If you already have networking setup you can assign a static IP to infrastructure components needed forthis evaluation
bull You can also access the Internet if it rsquos available by separate 2 vLANs and con gure the open source Yvetta
NAT appliance You can nd additional instructions athttp www vyatta com downloads swdl phpbull You will prepare three virtual machines including XP andor Vista for the scenario These desktop virtual
machines have IP addresses assigned using DHCP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1248
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 2
Figure
The network con guration can be customized based on your network availability Figure is a samplecon guration Make sure the in rastructure components have a static routable and pointable IP addressand complete a ping test rom the servers to the desktops and rom the desktops to the servers The IPcon guration is critical to a success ul evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1348
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 3
Installing and Confguring VMware View
Before You Begin
VMware View is tightly integrated with VMware vCenter You can install VMware vCenter as a standalone serveror as a hosted server under the same ESX box or the testing purposes Please assign a static IP or your VMwarevCenter IP con guration
Figure 5
bull In your physical ESX host create a Windows Server 2003virtual machine or the VMware vCenter installation
bull Make sure to assign it with a routable static IP In this settingVMware vCenter can be pinged through vc demo local
bull Select Create a stand-alone VMware vCenter and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1448
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 4
bull In this evaluation the default Microsoft SQL Server Expressinstance or the storage is used
bull Uncheck the System Account
bull Enter the default Administrator credentials- Username Administrator
- Password b gd m
bull ClickNext
bull Based on your network setting you can adjust the ports usedby vCenter I it is an isolated network environment leave thede ault port as they are and clickNext
bull Click Next until the installation is nished Now you havecompleted the vCenter con guration process
VMware View Manager Administration
VMware View Connection Server acts as a connection broker or client connections by authenticating and then directing incoming remote desktop user requests to the appropriate virtual desktop physical desktop or terminal server You can run VMware View Connection Server on a 32-bit or 64-bit virtual server For detailed in ormation about the hardware operating system and Active Directory requirements orVMware View Connection Server see the System Requirements section o the VMware View ManagerAdministration Guide
A standard server deployment creates a single standalone VMware View Connection Server You can havemultiple connection server instances in the same domain and point them all to the same VMware vCenter idesired For a di erent Connection Server deployment such as Replica or Security Server (DMZ) please re erto the View Administration Guide
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1548
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 5
Task 1 Installing the Connection Server
When the VMware Installation wizard appears clickNext
Accept the VMware license terms and clickNext
Select the Standard deployment option and click Next
bull ClickInstall
bull ClickFinish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1648
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 6
Task 2 Con guring and Administrating View Manager
bull After you install the VMware View Connection Server
validate your View Manager Administration in a Webbrowser by entering http your-connection-server-ipgtadmin
bull Enter the Administrator username and password andclick Login
bull You will notice a certi cate error next to the URL eldVMware View Administrator is accessed using a secure
(SSL) connection The rst time you connect your Webbrowser might present you with an intermediary page thatwarns you that the security certi cate associated with theaddress is not issued by a trusted certi cate authority Thisresponse is expected because the de ault root certi catesupplied with View Connection Server is sel -signed
bull Click Ignore to continue using the current SSL certi cate
Task 3 Installing the Product License
bull From the Con guration tab clickProduct Licensingand Usage
bull Enter the license key provided with the evaluation
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1748
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 7
Task 4 Associating and Adding VMware vCenter Server
bull From the Con guration tab selectServers on the le t
menu panelbull Select Add under the VirtualCenter Servers pane
bull ClickAdd
bull Enter the fully quali ed domain name (FQDN) or the IPaddress o the VMware vCenter Server you want VMwareView Manager to communicate with in theServer addresstext box
bull Enter Administrator username and password for thevCenter login
Note For evaluation purposes advanced or optional tasks will not be covered I you have DNS servicesinstalled you can confgure an external URL or the Connection Server Those tasks are covered in the GettingStarted Guide or Administration Guide
Task 5 Con guring Active Directory Users and Computers
In this evaluation the virtual machine (ActiveDirectory) is promoted as Domain Controller hosted in WindowsServer 2003 with a single local domain name called demolocal
bull Before you can entitle a user access to the desktop youneed to create three users in the Active Directory namedreviewer_1 reviewer_2 and reviewer_3
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1848
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 8
Task 6 Creating and Preparing Virtual Machines
The ollowing steps assume that the user has already created a virtual machine and has installed the guest OS(XPVISTA) joined AD domain turned on the RDP remote connection added user groups to the remote users
list and turned o the rewall in the guest OS
bull Run the View Agent executable on the guest system
bull When the VMware Installation wizard appears clickNext
bull Accept the VMware license terms and clickNext
Select your custom setup options The o ine desktop isoptional and does not appear as the de ault in all agents
Click Install to begin the installation process
Select Continue Anyway or the installation alert
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 1948
VMware View 4
E VA L U AT O R rsquo S G U I D E 1 9
Click Finish
At this point you have the main VMware View components installed and con gured Be ore you proceedurther you can do a quick ping test rom the View Connection Server virtual machine to the Guest Desktop
virtual machine and vice versa The components should be pingable and routable between each
Task 7 Preparing Virtual Machine Snapshots and Templates
The guest system o the virtual machine which you create in vCenter provides the basis or virtual desktopdeployment To prepare a guest system or deployment per orm the ollowing tasks
bull Install the guest operating system Select Inventory romthe menu and clickVirtual Machine to start the creation oa new virtual machine
Once you con gure the OS and itrsquos up and running
bull Install the latest version of VMware Tools (provided withVMware In rastructure)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2048
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 0
bull Con gure Active Directory settings Con gure the preferredand alternate DNS servers to use your Active Directoryserver addresses For example on Windows XP con gure
the DNS server settings rom the properties menuStart gt Control Panel gt Network Connections gt LAN gtProperties Internet Protocol (TCPIP) gt Properties gtUse (VMActiveDirectory) IP Address 19216813252
bull Make sure that you have administrative rights to theguest system
bull Join the desktop to the AD domain Add guest system tothe domain (demo local)
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2148
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 1
bull In Control Panel turnOf Windows Firewall
bull In Control Panel selectSystem Properties gtRemote tab
bull Check Allow User to Connect Remotely
bull Take a virtual machine Snapshot mdash Once the virtual machinetemplate is ully prepared you can power o the virtualmachine and right mdash clickGuest and select Take Snapshot
bull Snapshot is used for Linked Clone creation discussed in thelater sandbox scenario
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2248
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 2
Create a Desktop Template
bull Power o the virtual machine
bull Right-click the previously con gured guest system and
select one o the ollowing options- Clone to Template mdash select this option i you want to use
the selected guest system as the basis or a new templatewithout altering the virtual machine itsel Choose thisand walk through the dialogs boxes to create a virtualmachine template
- Convert to Template mdash select this option i you want tochange the guest system into a template This processhappens instantly
bull To get a quick view of the template created go toInventory and select VM and Templates The highlighted
template will appear in VMware Center
You can repeat the same procedures or Windows 7 and Vista desktops with the same con guration i youwish At the end o the task you will have three prepared guest systems ready or VMware View Manager to use
Task 8 Installing VMware View Composer for Linked Clones
VMware View Composer provides a highly e cient storage alternative to creating and managing manystandalone virtual machines With VMware View Composer Linked Clone technology you can rapidly cloneand deploy multiple desktops rom a single centralized base image Subsequent changes to this image canbe automatically proli erated among all desktops in a Linked Clone pool A ter the desktops are created theyremain indirectly linked to a snapshot residing on the parent virtual machine View Composer needs to beinstalled on the system where VMware vCenter is installed
bull VMware View Composer installation is optional in theVMware View installation process i you donrsquot plan to haveLinked Clone in your production environment Howeverwith this evaluation you can see the bene ts o havingVMware View work with VMware vSpherersquos thin-provisioning eature Start the VMware View Composerinstaller you have in your media
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2348
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2448
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 4
bull Choose your custom setup options
- Deselect the USB Redirection component i you do not want usersto access locally connected USB devices through their desktops
- Deselect the Log in as current user component i you want to requireall users to provide identity and credential in ormation to log in to aView Connection Server and again to access a VMware View desktop
bull For this evaluation simply leave them as theselected de ault This is anew improved eature which allows single sign-on to the guestdesktop
bull Enter the IP address of the VMware View Connection Server that thisclient will connect to For this evaluation enter 1921681247
bull Leave the login ascurrent user unchecked
bull Select Continue Anyway or the Virtual USB so tware installation
bull Select Finish and Exit installation I VMware View Client does not startautomatically a ter installation double-click the desktop shortcutor click
Start gtPrograms gtVMware gtVMware View Client
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2548
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 5
Task 10 Adding Desktop Source in VMware View Manager
The in rastructure components are now con gured in VMware vCenter Now go back to VMware ViewManager and con gure the desktop resource or an individual desktop provisioning use
bull Enter the VMware View Connection Server IP addressadmin as the URL in a Web browser
bull Login as Administrator
bull From within View Administrator clickDesktops andPools and click theInventory tab
bull In the Global desktop and pool view pane make sure thatthe Desktops and Pools tab is selected and clickAdd
bull When the Add Desktop wizard appears selectIndividualDesktop and clickNext
bull Select Desktop Source rom VMware vCenter
Need new image
bull From the list provided select theVMware vCenter Serverto be used by this desktop and clickNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2648
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 6
bull Enter the Unique ID Display name (optional) andDescription (optional) and clickNext
bull Con gure the desktop properties and click Next Sincethe new PCoIP eatures are being evaluated set thede ault protocol as PCoIP and allow users to change thesetting at connection When set toDo Not Control orAdobe Flash quality bandwidth is not a concern with theLAN deployment
bull Con gure the desktop provisioning properties andclick Next
bull Select the desktop to use as the base image for thedeployment and click Next
bull Click Finish to complete one guest desktop provisioning
bull Once the desktop provisioning is complete you can see adesktop under Desktops and Pools tab
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2748
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 7
This shows the basic steps on how to provision one desktop For more advanced eatures you can re er to theVMware View Administration Guide In a later scenario a PCoIP pool is created through similar provisioning
Task 11 Desktop Entitlement
bull From within View Administrator click Desktops and Pools and click theInventory tab
bull In the Global desktop and pool view pane select the desktop or poolyou want to entitle and clickEntitlements
bull Click Add The user and group entitlement dialog box appears Fromhere you can view search on and lter all Active Directory users withinthe domain orest
bull Select the DemoLocal domain created and enter wildcard user matchreview VMware View Manager should display all users that contain thephrase
bull Entitle the userreviewer_1 to use the Vista desktop
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2848
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 8
Figure 6
Once this is set and done you will see a green checkmark under Global Desktop and View showing Entitledand Enabled or the guest desktop
Task 12 Accessing Virtual Desktop via RDP or PCoIP
bull In theConnection Server drop-down menu enter thehost name or IP address o a VMware View Connection Server
bull Select Options
Need New Image
bull Select Log in as current userto be authorized to log in to theVMware View Connection Server You will not be prompted toenter login credentials in the guest desktop login This is anenhancement or single sign-on
Need New Image
bull Enter the credentials with desktop entitlement
- Username Administrator
- Password b gd m
bull In VMware View 4 you have the option to use the preferredprotocols o either Teradici PCoIP or Microso t RDPSelect Teradici
bull Select the XP desktop you want to access
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 2948
VMware View 4
E VA L U AT O R rsquo S G U I D E 2 9
Task 13 Additional Virtual Desktop Optimization
bull Adjust ClearType Settings in Control Panel gtDisplay gtAdvanced Tab gtFonts and choose ClearType
bull Turn o Windows Firewall Settings inControl Panel gtWindows Firewall and select the Of radio buttonbull Multiple Display Con guration
bull In VMware View Manager Administration you cancentrally con gure the desktop monitors that aresupported in the local systems
bull In the guest desktop check theDisplay settings that have been changed tomultiple displays
Note PCoIP also supports pivot mode or one landscape and one horizontal confguration
Task 14 WAN Optimization
PCoIP technology uses low-latency image compression algorithms to optimize the user experience or widearea network (WAN) applications The WAN enhancements dramatically improve the user experience toprovide support or multi-media and 3D graphics audio and IO responsiveness over long-distancehigh-latency and low-bandwidth networks
Key PCoIP WAN Capabilities
bull Reduced Minimum Bandwidth To support the lower bandwidth typically available over a WAN theminimum peak bandwidth required or a PCoIP connection is Mbps Because PCoIP only transmitschanges to the desktop image the actual bandwidth used may be much lower i the screen is not changingsigni cantly or rapidly
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3048
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 0
bull Local Keyboard and Mouse To provide instant response over high-latency networks the mouse pointer canbe displayed locally on the desktop (within VMware View Agent) in addition to being sent to the host Localkeyboard capability is also provided to prevent lost keystrokes due to network delay
bull Packet Reordering To accommodate the out-o -order packets o ten produced by network links on a WANthe PCoIP portal in VMware View Agent can create multiple packet chains as out-o -order packets receivedand connect chains to restore the correct sequence Without this out-o -order packets can result in dataretransmission and delays
bull Bandwidth-Sensitive Audio Compression PCoIP transmits compressed or uncompressed audiondashswitchingdynamically based on the available bandwidth to provide the best possible user experience
Since PCoIP is integrated seamlessly into the VMware View Agent and ully optimized into VMware Viewin rastructure as the administrator you simply need to con gure the desktop protocol and its bandwidththrottling rom the administration UI
Con gure Flash contents bandwidth allowance
For an optional task to test WAN per ormance with PCoIP try to access your corporate desktop rom home byconnecting through IPSec VPN
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3148
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 1
Scenario Overview
This document provides several di erent test scenarios to review the tasks you per ormed earlier andexperience the combined advantages o using VMware View To compare a variety o WAN connectivityscenarios you can consider using either WANEMhttp wanem source orge net or Shunra VE SMB EditionFree Trial http www shunra com ve-smb-trial php or WAN emulation
bull Scenario 1 Provision and use PCoIP 25 persistent desktops and one non-persistent PCoIP pool thatcontains desktops using a Linked Clone You can adjust the actual number o desktops based on your locastorage allowance
ndash Create a snapshot on both Windows XP SP3 and Windows 7
ndash Add desktops and pools using automatic pools and Linked Clone
ndash Administrate users and entitlements
ndash Create ully Linked Clones
ndash Con gure pools in mixed cluster environment
ndash Con gure or WAN tag and LAN tag use
ndash Delete desktops and pools
bull Scenario 2 Con gure 50 PCoIP fully Linked Clones in VMware vSphere
ndash Create desktops and pools
ndash Leverage ThinDisk Provisioning in VMware vSphere
ndash Check storage saving comparison
ndash Review VMware VMsa e Security virtual machine unctionali ties
bull Scenario 3 Set-up Triple SSO in VMware View 4 (PCoIP)
ndash Use archive directory credentials to login with ldquoLogin as current userrdquo checked
ndash Access rom the Replica View Connection Server and login to see the same session running
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3248
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 2
Scenario 1Provision and Use PCoIP Desktops and Pools
Get Started with PCoIPPCoIP is a so tware-to-so tware display protocol ully integrated with the VMware View in rastructureThe PCoIP portal (server) is installed with the agent The proprietary SVGA driver is included as part o thePCoIP portal
Figure
The PCoIP client is included in the standard VMware View client installation on your end point device sothere are no additional installation procedures required or PCoIP From the end user perspective there areno con gurations needed or using PCoIP As an administrator you can con gure the PCoIP protocol throughVMware View Administrative SettingsPolicies De ault RDP setup is to be tunneled but the de ault PCoIPsetting is directly connected Some other con gurations on bandwidth throttling or Flash video or on USBredirection policy are consistent as the previous View administration
Lossy and Lossless CompressionImage compression in PCoIP includes both lossless and lossy compression schemes Lossy compression allows or higher levels o compression on initial screen change and subsequent image quality improvement
or static screen regions Lossless motion compensation is also supported Image compression bandwidthmanagement is supported using packet loss as an indicator o congestion or lower bandwidth limits
Network Bandwidth and Characteristics
The host to client network connection operates with up to 250ms o round-trip latency The host to clientnetwork connection operates with lt01 percent packet loss but will tolerate periods o up to 5 percent packetloss and will survive short durations o loss o connectivity
A single TCP connection (SSL) is used between the host and client or session management A single UDP connection using UDP encapsulated IPSec-ESP [r c 3948] with AES 128-bit key encryption is used betweenthe host and client or media tra c supporting unreliable and reliable transport Port numbers keys andother connection parameters are exchanged via the SSL connection You can re erence the VMware ViewDeployment Guide or urther end-to-end per ormance measurements
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3348
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 3
Step 1 Creating the Replica Connection Server
The installation package or the Connection Server alsocontains the installation source or the VMware ViewReplica Server Launch the VMware View ConnectionServer installer and select Replica server or the secondConnection Server SelectAgree to the VMware Viewproduct licensing terms
A VMware View Replica Server is a Connection Serverwith its own replica o the ADAM database stored locallyAll con guration data and changes are instantaneouslyreplicated to all replica servers resulting in entirelyindependent Connection Servers which can actindependently in case o ailure o other replica servers
Enter the rst VMware View Connection Server instanceIP address (View1 19216813246) ClickNext
Complete the Replica Connection Server instanceinstallation Select Finish
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3448
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 4
Step 2 Creating Linked Clone Pools
DESKTOP TYPE OS TYPE PERSISTENT DESKTOP COUNTS
PCoIP Windows XP SP Persistent
RDP PCoIP Windows XP SP Non-Persistent
The Linked Clone creation process is the same as conducted in the previous section You can con gure thetask based on your storage availability and virtual machine sizing
Step 3 Connecting to Pool by Tags
Tag-based EntitlementsVMware View provides the advanced entitlement to Desktop Pools not only based on current entitlementsettings but also on the Connection Server through which a user logs in For customers who need perimeteridentity ( or example Internal Connection Server or External Security Server access) at logon VMware View
enables users con guring certain clients to go through a particular Connection Server In this case a tag isintroduced to identi y and route the client to the Connection Server In a broker cluster at a large VMware Viedeployment The tag or tags o a Connection Server are then compared to the tag speci ed in time o thedesktop pool creation edit
I the tag required by the desktop pool does not match the tag o the broker in question even i a useris entitled or assigned to a desktop pool the desktop will not show up in the available desktop list TheConnection Server tags take precedence over the desktop or pool tags
In this evaluation you will set up two instances o Connection Servers where brokers have been classi ed toserve di erent networks (internal external or example)
VMWARE VIEWCONNECTIONSERVER IP
NAME TAG DESKTOPS OS
19216813246 View External XP Pro SP
19216813245 View Internal XP Pro SP
Use CaseThe internal broker might not be visible to users connecting over a VPN In a case like this the two brokerscould still be ormed into a cluster The external broker might be tagged ldquoExternalrdquo and the internal brokertagged ldquoInternalrdquo and then pools could be tagged so that some desktops are not visible when a user logs inexternally but are visible internally
For example imagine a deployment o our Connection Servers where two o the Connection Servers haveconnected Security Servers The two Connection Servers without Security Servers are used to support internalusers and the two Connection Servers with Security Servers are used to support Internet (external) users The
rst two could have a con gured entitlements tag o ldquoInternalrdquo and the second two could have a con guredentitlements tag o ldquoExternalrdquo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3548
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 5
bull The UI allows an administrator to specify one or moretag strings of up to 64 characters for each ConnectionBroker You can then speci y the tag string required or
a speci c Connection Broker to access the Pool Atruntime when a user authenticates him or hersel via aConnection Server an extra step o tag matching isper ormed The result will be a lter o the resultingentitled Desktop list
bull Set the replica server tag as External
bull Once the tags are set in the connection broker you cansee the tag column in the VMware View Managerconsole is lled with the Tag attributes
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3648
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 6
bull In the VMware View 1 Connection Server(19216813246admin) login to the View Managerconsole clickDesktops and Pools tab and selectAdd
You are creating ull clone and Linked Clonedesktops Select Automated Desktop Pool
bull Select Persistent or the desktop type
bull ClickNext
bull Create the 10 Linked Clone desktop pools rst and gothrough the same process again to create the ull clone
ndash only without checking the highlighted checkbox
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3748
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 7
bull Fill in the name attribute for theUnique ID andDisplay Name
bull This is same user interface as you used to create theindividual desktop earlier Leave the de ault setup as
it is
bull Enter the number of the desktops that your storage
allows you to create The naming pattern or thedesktop is the name vCenter will use to name thevirtual machine so create a unique and easilyrecognized name
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3848
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 8
bull Desktop cloning relies on the virtual machine templateas the base Previously you created a template byselecting a clean base template and cloning it to
template Select that template and clickNext
bull Linked Clone requires the template and snapshot asthe golden image
bull Select the folder location where the desktops shouldbe organized
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 3948
VMware View 4
E VA L U AT O R rsquo S G U I D E 3 9
bull Select the host or ESX server where the desktop iscreated Note the vSphere mode or VMware ViewComposer option is dimmed and not selectable It is
because the host being used is running vSpherealready I you are using a previous version o ESX thisoption will be available or upgrade use
bull Add desktops to the resource pool
bull Allocate user data disk for the persistent data Keepthe de ault value and selectNext
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4048
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 0
bull In this setup the storage LUN for the better demoe ects is attached You can simply use the localstorage host storage or your test
bull You can see that the default domain is lled inautomatically by quickprep This is set at the
Con guration Tab gtServers gtSelect ViewConnection gt Edit
bull Do a nal review of the Linked Clone setup and clickFinish to complete It will take several minutes tocreate the clones
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4148
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 1
bull Create additional users in Active Directory(ActiveDirectory19216813252)
- Corporate - user or the Group Internal
- Contractor - user or the Group Externalbull This will be used for the pool entitlement for users and
groups
bull Access VMware vCenter or ESX management by usingthe VMware vSphere client
bull Login to View Manager console You can see the LinkedClone pools are created and listed in the Desktop andPool pane SelectEntitlements to grant right to accessthe desktop
bull Assign the group you created in ActiveDirectory
Repeat these steps or creating additional XP desktops with non-persistent and persistent use
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4248
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 2
Step 4 Deleting the Clone Using Deletion Script
Provide the cleanup rule and scripting capabilities to enable administrators to per orm urther integrationunctions In some environments this can be achieved by removing entries rom ActiveDirectory In others
you may need to trigger other applications or a tighter integration
bull A new key needs to be created manuallyPlease re er to VMware View Administration Guide or
urther details
bull The visual basic script can be used to clean up ortrigger urther application activities This new eatureo ers the extensibility ramework
bull Run servicesmsc to access the Services consoleEnable the script services manually It is not startedby de ault
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4348
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 3
bull Login to VMware View Manager SelectDelete thedesktop SelectDelete rom Disk option It will triggerthe script set previously
Scenario 2Confgure PCoIP Full and Linked Clone
in VMware vSphereCreate Full Clone with Thin Provisioning
Thin Provisioning in its simplest orm means only using the disk space you need Traditionally with virtualmachines i you create a 500GB virtual disk it will use 500GB o your VMFS data store With Thin Provisioningyou can create a 500GB virtual disk but i only 100GB is in use only 100GB o your VMFS data store will beutilized
500GBVirtual Disk
500GB GB VMDK le size 100GB VMDK le size
400GBunused butallocated
100GBApplicationUsage
500GBVirtual Disk
100GBActual Usage(Footprint)
Figure
You can create a ve desktop XP pool using Full Clone rom VMware View and compare them with the ThiProvisioning option check The eatures include increased storage utilization reduced application downtimeand streamlined capacity management
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4448
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 4
bull When you create a virtual machine in VMware vSpherethe option to create Thin Provisioning settings is underSettings gtAdd Hardware
bull In VMware View 4 you can con gure the ThinProvisioning while preparing the Linked Clone basetemplate
Now in order to compare the storage usage di erence with Thin Provisioning enabled in the virtual desktopdeployment the best approach is to provision them and per orm storage comparison with the virtualmachines without thin provisioning enabled Considerations or storage provisioning all in throughput needsto scale with an increase in capacity ie multiple virtual machines per IO path
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4548
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 5
In the meantime transient storage on the swap space is used only when the virtual machine ispowered on and delta disks are used by snapshots and linked to virtual machines
Figure 0
Datastore View in vSphere
Figure
VM Storage Performance View
Figure
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4648
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 6
Anti-Virus Protection
The VMsa e API comes with VMware vSphere VMware o ers a number o VMsa e partner solutions thatprovide secure virtual machines with virus-scanning capability
bull Trend Micro Core Protection 10 This is an anti-virus product that performs o ine and online scheduled virtualmachine scans without an agent It uses a smaller agent or on-access scanning or to clean up in ections Thproduct is available at http us trendmicro com us solutions enterprise security-solutions virtualizationvirtual-machines index html
bull McAfee Virus Scan for O ine Virtual Images 20 This is an anti-virus product that performs o ine schedulevirtual machine scans without an agent It complements a regular virus scan agentsrsquo online scanning
Figure 6
VMsa e reduces high storage IO and memory usage during scheduled and pandemic malware scan activities
Figure
The above gure shows the anti-virus server committing a real-time agent to an individual virtual machine
It also has the unctionality o o ine snapshot image scanningThis is a VMware vSphere eature and is now available or VMware View 4 Please re er to the VMware View 4Deployment Guide or urther product demonstration
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4748
VMware View 4
E VA L U AT O R rsquo S G U I D E 4 7
Scenario 3Set up Triple Single Sign-On (SSO) in VMwareView 4Log in as Currently Logged-on UserThis is a new option in VMware View Client that allows you to log onto the broker using currently logged oncredentials The standard sign up fow using AD credentials is
bull User connects to View Connection Server
bull VMware View Connection Server compares a list of trusted AD domains to the client
bull User authenticates with username and password
bull VMware View Connection Server delegates authentication to WindowsAD
Figure
VMware View 4 continues to support the AD credential (username and password) login smart card and RSA
securID token in RDP
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo
892019 VMware View4 Evaluators Guide
httpslidepdfcomreaderfullvmware-view4-evaluators-guide 4848
bull During the View Agent installation select theConnectas Current Logon User checkbox option to enable SSO
bull Launch View Client at local desktop or thin clientbull View Client has newLog in as Current User Domain
User checkbox When a userrsquos AD credential isauthenticated on the client device using eitherpassword (RDP PCoIP) or smart card authentication inRDP the Connection Broker will use the same useridentity
bull This value can also be set using GPO policy orregistry key setting Please re er to the ViewAdministration Guide
bull You should be able to login to the guest desktopenvironment without being prompted to enter thecredentials again
Support In ormation
For additional evaluation questions and installation support please address your questions to desktop-tmvmwarecom
About the Author
Cynthia Hsieh is a senior technical marketing manager in VMware Enterprise Marketing team She ocuses onapplication integration proo o concepts and security subjects
Hsiehrsquos previous background includes product management positions at Wyse Trend Micro Oracle and Yahoo