VMware Horizon Community
Super6VCA
Expert
Expert
Jump to solution

Horizon Update Question

Finally looking to update my environment to a newer version (currently on 7.7).  We are still running a security server and wanted to find out a few things before the upgrade.  I am waiting for a hardware upgrade for one server but was hoping to get things started on this upgrade as soon as i can.  Is it a good idea to replace the security server with a UAG?  If so, are there any suggestions about do's and Don'ts?  I am looking to take my environment up to at least 7.12 for now.  Haven't had time to investigate version 8 yet so not sure i want to go there. For now I am curious about replacing the security server.  Any thoughts or comments would be appreciated.  Thanks.  

P

Thank you, Perry
0 Kudos
1 Solution

Accepted Solutions
a_p_
Leadership
Leadership
Jump to solution

The latest UAG supports Horizon 7.5, and later, so that's not an issue at all, see https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#interop&569=&326=

The required downtime can be minimized to a few minutes, if you configure firewall settings, and deploy the UAG upfront. What will require some downtime in this case is to NAT the external URL/IP to the UAG instead of your security server. External users will be disconnected , but should be able to reconnect through the UAG again.

That said, things may be a bit different depending on your current setup, e.g. number of connection, and security servers, the use of load balancers, etc..

André

View solution in original post

0 Kudos
4 Replies
a_p_
Leadership
Leadership
Jump to solution

I just did an upgrade for one of my customers to version 7.13 last week.

>>> Is it a good idea to replace the security server with a UAG?
Yes, Security Servers are no longer supported with Horizon 8 (2006)
https://docs.vmware.com/en/VMware-Horizon/2006/horizon-upgrades/GUID-37449047-4E44-426C-BB9D-D6F5503...

>>> If so, are there any suggestions about do's and Don'ts?
Well, how to do this exactly depends on your needs, e.g. size of the environment, 2-factor authentication, ...
UAG is basically not a rocket science, and pretty easy to deploy.

>>> I am looking to take my environment up to at least 7.12 for now. Haven't had time to investigate version 8 yet so not sure i want to go there.
If you are still using linked clones, stay on version 7, and migrate to Instant clones. VMware made instant clones available in version 7.13 regardless of the edition, i.e. it's been added to the Standard and Advanced edition.

André

0 Kudos
Super6VCA
Expert
Expert
Jump to solution

Andr'e

 

Thanks for the reply.  I am still on Linked clones only because of login times.  I was never able to get login times down to a decent time with UEM and AppVol so i gave up.  So currently i run some Linked clones and some Instant clone.  One of the things i am curious about is whether or not i will have much downtime when switching to UAG.  Also if there are any issues running UAG with version 7.7 until i get my new hardware.  Thank you again for the reply.  

Thank you, Perry
0 Kudos
a_p_
Leadership
Leadership
Jump to solution

The latest UAG supports Horizon 7.5, and later, so that's not an issue at all, see https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#interop&569=&326=

The required downtime can be minimized to a few minutes, if you configure firewall settings, and deploy the UAG upfront. What will require some downtime in this case is to NAT the external URL/IP to the UAG instead of your security server. External users will be disconnected , but should be able to reconnect through the UAG again.

That said, things may be a bit different depending on your current setup, e.g. number of connection, and security servers, the use of load balancers, etc..

André

0 Kudos
Super6VCA
Expert
Expert
Jump to solution

Got it!   Thanks again Andre.  Appreciate the assistance

Thank you, Perry
0 Kudos