VMware Horizon Community
Super6VCA
Expert
Expert
‎10-25-2022 06:00 AM

Horizon View Question

I am just curious how companies are utilizing their Horizon environment Outside the office.  How do your users login via the internet?  Do you have users login to a VPN prior to accessing View?  I am just really curious how others are accessing their view desktops and Apps?  If you all can reply and let me know that would be awesome.  Our Cyber Security Insurance company is forcing us to remove our view login from the web even thought we utilize two factor auth.  We do not allow HTML access but just thru the client.  Any comments or suggestions are welcome.  thanks

Thank you, Perry
0 Kudos
3 Replies
fabio1975
Commander
Commander
‎10-25-2022 06:13 AM

Ciao 

Normally I have always used components called Unified Access Gateway (UAG) which allows:


To help design secure application access for deployments of VMware Horizon® and Workspace ONE, use Unified Access Gateway. This appliance helps enable secure remote access for users of virtual desktops, internal sites, applications, and file repositories. Deploying Unified Access Gateway is simple and secure, providing the necessary security hardening and multi-cloud support across Amazon AWS, Microsoft Azure, and Google Cloud Platform, in addition to vSphere.


Here more details
https://techzone.vmware.com/resource/unified-access-gateway-architecture

 

With the UAG it is possible to choose whether to enable access with the horizon client or with HTML 5 or with both.

Fabio

Visit vmvirtual.blog
If you're satisfied give me a kudos

0 Kudos
Super6VCA
Expert
Expert
‎10-25-2022 06:26 AM

Fabio1975,

 

I did forget to mention that we do utilize UAG 2111.  We are still being declined because they still see out site out there.  Really looking to find out how others are giving access to users form outside the office.  

Thank you, Perry
Tags (1)
0 Kudos
subashv4u
Contributor
Contributor
‎10-27-2022 11:41 AM

Use AVI loadbalancer and then UAG then Connection servers

AVI loadbalancer has buildin WAF, you can restrict the unwanted traffic and UAG can be integrated with the radius and then 2FA. and it is more secure.

https://avinetworks.com/docs/18.2/configure-avi-vantage-for-vmware-horizon/

 

 

Preview file
325 KB