VMware Horizon Community
Gabrie1
Commander
Commander
‎03-28-2011 03:15 AM

View 4.6 and open ports through internal firewall

Hi

Page 60/61 of the VMware View Architecture Planning View 4.6 guide shows an overview of the ports needed between internet and security server and security server and internal network. I was surprised to read that (table on page 61) the Security servers needs a connection to the View desktops. I don't like that :slightly_smiling_face:

Shouldn't the security server ONLY talk to the connection server and have the connection server talk to my View desktops?

Since my customers environment is very small, I have no seperate IP range for View desktops and normal physical desktops. Which means I would be opening the security server to all clients in my internal network over 3389/4172/32111.

Gabrie

http://www.GabesVirtualWorld.com
Reply
0 Kudos
2 Replies
npeter
Expert
Expert
‎03-28-2011 04:16 AM

won't that be a bad idea to keep Connection server also in Loop?  for security reasons as well as resource comsuption/delay

View Client->Security server->Connection server->View Agent

Also Security Server doesn't manage View agents it simply acts as a gateway connecting to Agent as directed by connection server.

I believe the basic idea here is to protect View Connection server from out side attack by not allowing any direct connection from outside world.

-nObLe
Reply
Gabrie1
Commander
Commander
‎03-28-2011 04:26 AM

Yeah, you have a point there :slightly_smiling_face:

http://www.GabesVirtualWorld.com
Reply
0 Kudos