VMware Horizon Community
eyesonlyone
Contributor
Contributor
‎02-02-2018 12:31 PM

Restrict Horizon Access to corporate devices

Hey guys,

I wonder what's the best way to restrict Horizon Access to corporate devices?

In other words, how to prevent users from connecting to Horizon via their private or even a public computer.

Is it possible with the UAG or Security Server?

kind regards,

eyesonly

Labels (1)
Labels
Tags (3)
Reply
0 Kudos
3 Replies
vJoeG
VMware Employee
VMware Employee
‎02-02-2018 12:54 PM

A couple of quick questions.

- Do you have HTML access enabled on your pools?

- Do you allow external access to the Horizon environment? (Since you mention Public Computers I'm thinking Yes?)

I'm not aware that Security Server of UAG can lock down to corporate devices but am checking.

------------------
Joe Graziano
Senior Solution Engineer - EUC Federal
VCP7-DTM, VCP6-DM, VCP6-DCV
vExpert, vExpertPro
jgraziano@vmware.com
Reply
0 Kudos
jrodsguitar
Enthusiast
Enthusiast
‎02-02-2018 01:09 PM

In the UAG I noticed an endpoint compliance check option. We don't use this ourselves yet but it may be worth exploring for what you asked.

https://onlinehelp.opswat.com/mem/attachments_13832096_1_VMware_UAG_Gears_integration_v0.4.pdf

Blog: https://powershell.house/
Reply
0 Kudos
eyesonlyone
Contributor
Contributor
‎02-02-2018 01:16 PM

- Do you have HTML access enabled on your pools?

No we don't.

- Do you allow external access to the Horizon environment? (Since you mention Public Computers I'm thinking Yes?)

Yes we allow external access for selected users. Additionaly we want to make sure they only connect from their corporate laptop and not from their private devices.

I read about the additional compliance checks with the latest UAG versions but for now implementing another third party solution is out of question.

Reply
0 Kudos