I am just curious how companies are utilizing their Horizon environment Outside the office. How do your users login via the internet? Do you have users login to a VPN prior to accessing View? I am just really curious how others are accessing their view desktops and Apps? If you all can reply and let me know that would be awesome. Our Cyber Security Insurance company is forcing us to remove our view login from the web even thought we utilize two factor auth. We do not allow HTML access but just thru the client. Any comments or suggestions are welcome. thanks
Normally I have always used components called Unified Access Gateway (UAG) which allows:
To help design secure application access for deployments of VMware Horizon® and Workspace ONE, use Unified Access Gateway. This appliance helps enable secure remote access for users of virtual desktops, internal sites, applications, and file repositories. Deploying Unified Access Gateway is simple and secure, providing the necessary security hardening and multi-cloud support across Amazon AWS, Microsoft Azure, and Google Cloud Platform, in addition to vSphere.
Here more details
With the UAG it is possible to choose whether to enable access with the horizon client or with HTML 5 or with both.
I did forget to mention that we do utilize UAG 2111. We are still being declined because they still see out site out there. Really looking to find out how others are giving access to users form outside the office.
Use AVI loadbalancer and then UAG then Connection servers
AVI loadbalancer has buildin WAF, you can restrict the unwanted traffic and UAG can be integrated with the radius and then 2FA. and it is more secure.