actually,
i do know that several documents already described the functions of security server, for example, this one.
i'm still wondering that since the security server is DMZ-based service and resides in the DMZ,
can the security server combine the NSX micro-segmentation to enhance the internal security of VDI?
or it is just simply created for filtering malicious connections from external network to VDI?
it never help on securing each virtual desktop VMs...?
It only helps creating a secure connection to a desktop and it indeed will not create extra security for the desktops themselves.
Security Server is commonly deployed in the DMZ to support remote access. It is now largely replaced by VMware Unified Access Gateway.
Both are for securing remote access, not to support micro segmentation. That is implemented separately.
Hello niceguy001,
Yes. You are correct its's simply created for filtering malicious connections from external network to VDI. It will not secure your VDI.
If you want micro-segmentation, NSX needs to install and configure various firewall rules,security policies and groups in service composer.
https://www.sk-gruppe.net/wp-content/uploads/2016/10/VMware-Vortrag-2.pdf
vmware velocity blog - VMware Velocity
Thanks,
Srini