VMware Horizon 7.4 Architecture Planning
View Architecture
Planning
Modified on 4 JAN 2018
VMware Horizon 7 7.4
View Architecture Planning
You can find the most up-to-date technical documentation on the VMware website at:
https://docs.vmware.com/
If you have comments about this documentation, submit your feedback to
docfeedback@vmware.com
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
Copyright © 2009–2018 VMware, Inc. All rights reserved. Copyright and trademark information.
VMware, Inc. 2
Contents
Horizon 7 Architecture Planning 5
Introduction to Horizon 7 6
1
Advantages of Using Horizon 7 6
Horizon 7 Features 9
How the Components Fit Together 11
Integrating and Customizing Horizon 7 16
Planning a Rich User Experience 21
2
Feature Support Matrix for Horizon Agent 21
Choosing a Display Protocol 22
Using Published Applications 28
Using Horizon Persona Management to Retain User Data and Settings 29
Using USB Devices with Remote Desktops and Applications 30
Using the Real-Time Audio-Video Feature for Webcams and Microphones 31
Using 3D Graphics Applications 32
Streaming Multimedia to a Remote Desktop 33
Printing from a Remote Desktop 33
Using Single Sign-On for Logging In 34
Monitors and Screen Resolution 34
Managing Desktop and Application Pools from a Central Location 36
3
Advantages of Desktop Pools 36
Advantages of Application Pools 37
Reducing and Managing Storage Requirements 38
Application Provisioning 47
Using Active Directory GPOs to Manage Users and Desktops 51
Architecture Design Elements and Planning Guidelines for Remote Desktop
4
Deployments 53
Virtual Machine Requirements for Remote Desktops 54
Horizon 7 ESXi Node 59
Desktop Pools for Specific Types of Workers 60
Desktop Virtual Machine Configuration 65
RDS Host Virtual Machine Configuration 66
vCenter Server and View Composer Virtual Machine Configuration 67
Horizon Connection Server Maximums and Virtual Machine Configuration 68
vSphere Clusters 71
VMware, Inc.
3
View Architecture Planning
Storage and Bandwidth Requirements 73
Horizon 7 Building Blocks 83
Horizon 7 Pods 84
Advantages of Using Multiple vCenter Servers in a Pod 86
Planning for Security Features 90
5
Understanding Client Connections 90
Choosing a User Authentication Method 93
Restricting Remote Desktop Access 96
Using Group Policy Settings to Secure Remote Desktops and Applications 98
Using Smart Policies 98
Implementing Best Practices to Secure Client Systems 98
Assigning Administrator Roles 99
Preparing to Use a Security Server 99
Understanding Communications Protocols 106
Overview of Steps to Setting Up a Horizon 7 Environment 113
6
VMware, Inc. 4
Horizon 7 Architecture Planning
Horizon 7 Architecture Planning provides an introduction to VMware Horizon™ 7, including a description
of its major features and deployment options and an overview of how the components are typically set up
in a production environment.
This guide answers the following questions:
n
Does the product solve the problems you need it to solve?
n
Would it be feasible and cost-effective to implement this solution in your enterprise?
Not all features and capabilities of VMware Horizon 7 are available in all editions. For a comparison of
feature sets in each edition, see
http://www.vmware.com/files/pdf/products/horizon-view/VMware-Horizon-View-Pricing-Licensing-FAQ.pdf.
To help you protect your installation, this guide also provides a discussion of security features.
Intended Audience
This information is intended for IT decision makers, architects, administrators, and others who need to
familiarize themselves with the components and capabilities of this product. With this information,
architects and planners can determine whether Horizon 7 satisfies the requirements of their enterprise for
efficiently and securely delivering Windows desktops and applications to their end users. The example
architecture helps planners understand the hardware requirements and setup effort required for a large-
scale deployment.
VMware, Inc.
5
Introduction to Horizon 7 1
With Horizon 7, IT departments can run remote desktops and applications in the datacenter and deliver
these desktops and applications to employees as a managed service. End users gain a familiar,
personalized environment that they can access from any number of devices anywhere throughout the
enterprise or from home. Administrators gain centralized control, efficiency, and security by having
desktop data in the datacenter.
This chapter includes the following topics:
n
Advantages of Using Horizon 7
n
Horizon 7 Features
n
How the Components Fit Together
n
Integrating and Customizing Horizon 7
Advantages of Using Horizon 7
When you manage enterprise desktops with Horizon 7, the benefits include increased reliability, security,
hardware independence, and convenience.
Reliability and Security
Desktops and applications can be centralized by integrating with VMware vSphere® and virtualizing
server, storage, and networking resources. Placing desktop operating systems and applications on a
server in the data center provides the following advantages:
n
Access to data can easily be restricted. Sensitive data can be prevented from being copied onto a
remote employee's home computer.
n
RADIUS support provides flexibility when choosing among two-factor authentication vendors.
Supported vendors include RSA SecureID, VASCO DIGIPASS, SMS Passcode, and SafeNet, among
others.
n
Integration with VMware Identity Manager means that end users have on-demand access to remote
desktops through the same Web-based application catalog they use to access SaaS, Web, and
Windows applications. Inside a remote desktop, users can also use this custom app store to access
applications.
VMware, Inc.
6
View Architecture Planning
n
The ability to provision remote desktops with pre-created Active Directory accounts addresses the
requirements of locked-down Active Directory environments that have read-only access policies.
n
Data backups can be scheduled without considering when end users' systems might be turned off.
n
Remote desktops and applications that are hosted in a data center experience little or no downtime.
Virtual machines can reside on high-availability clusters of VMware servers.
Virtual desktops can also connect to back-end physical systems and Microsoft Remote Desktop Services
(RDS) hosts.
Convenience
The unified management console is built for scalability so that even the largest Horizon 7 deployments
can be efficiently managed from a single management interface. Wizards and dashboards enhance the
workflow and facilitate drilling down to see details or change settings. Figure 1‑1 provides an example of
the browser-based user interface for Horizon Administrator.
Figure 1‑1. Administrative Console Showing the Dashboard View
Other features that increase convenience are the VMware remote display protocols, PCoIP (PC over IP)
and Blast Extreme. These display protocols deliver an end-user experience equal to the current
experience of using a physical PC:
n
On LANs, the display is faster and smoother than traditional remote displays.
n
On WANs, the display protocols can compensate for an increase in latency or a reduction in
bandwidth, ensuring that end users can remain productive regardless of network conditions.
VMware, Inc. 7
View Architecture Planning
Manageability
Provisioning desktops and applications for end users is a quick process. No one is required to install
applications one by one on each end user's physical PC. End users connect to a remote application or a
remote desktop complete with applications. End users can access their same remote desktop or
application from various devices at various locations.
Using VMware vSphere to host virtual desktops and RDS host servers provides the following benefits:
n
Administration tasks and management chores are reduced. Administrators can patch and upgrade
applications and operating systems without touching a user's physical PC.
n
Integration with VMware Identity Manager means that IT managers can use the Web-based
VMware Identity Manager administration interface to monitor user and group entitlements to remote
desktops.
n
Integration with VMware App Volumes, a real-time application delivery system, enables enterprises to
deliver and manage applications at scale. Use App Volumes to attach applications to users, groups,
or target computers, even when users are logged into their desktop. Applications can also be
provisioned, delivered, updated and retired in real time.
n
With Horizon Persona Management, physical and virtual desktops can be centrally managed,
including user profiles, application entitlement, policies, performance, and other settings. Deploy
Persona Management to physical desktop users prior to converting to virtual desktops.
n
With VMware User Environment Manager, end users get a personalized Windows desktop that is
adapted to the user's situation, meaning that access to the required IT resources is based on aspects
such as role, device, and location.
n
Storage management is simplified. Using VMware vSphere, you can virtualize volumes and file
systems to avoid managing separate storage devices.
n
With vSphere 6.0 or a later release, you can use Virtual Volumes (VVols). This feature maps virtual
disks and their derivatives, clones, snapshots, and replicas, directly to objects, called virtual volumes,
on a storage system. This mapping allows vSphere to offload intensive storage operations such as
snapshotting, cloning, and replication to the storage system. For example, a cloning operation that
previously took an hour might now take just a few minutes using Virtual Volumes.
n
With vSphere 5.5 Update 1 or a later release, you can use Virtual SAN, which virtualizes the local
physical solid-state disks and hard disk drives available on ESXi™ hosts into a single datastore
shared by all hosts in a cluster. You specify only one datastore when creating a desktop pool, and the
various components, such as virtual machine files, replicas, user data, and operating system files, are
placed on either SSD disks or hard drive disks, as appropriate.
You manage virtual machine storage requirements, such as capacity, performance, and availability, in
the form of default storage policy profiles, which get created automatically when you create a desktop
pool.
n
With the Horizon 7 storage accelerator, the IOPS storage load is dramatically reduced, supporting
end-user logins at larger scales without requiring any special storage array technology.
VMware, Inc. 8
View Architecture Planning
n
If remote desktops use the space-efficient disk format available with vSphere 5.1 and later, stale or
deleted data within a guest operating system is automatically reclaimed with a wipe and shrink
process.
Hardware Independence
Remote desktops and applications are hardware-independent. For example, because a remote desktop
runs on a server in the data center and is only accessed from a client device, a remote desktop can use
an operating system that might not be compatible with the hardware of the client device.
Remote desktops run on PCs, Macs, thin clients, and PCs that have been repurposed as thin clients,
tablets, and phones. The remote applications run on a subset of these devices. New device support is
added quarterly.
If you use the HTML Access feature, end users can open a remote desktop or application inside a
browser, without having to install any client application on the client system or device.
Horizon 7 Features
Features included in Horizon 7 support usability, security, centralized control, and scalability.
The following features provide a familiar experience for the end user:
n
On certain client devices, print from a virtual desktop to any local or networked printer that is defined
on the client device. This virtual printer feature solves compatibility issues and does not require you to
install additional print drivers in a virtual machine.
n
On most client devices, use the location-based printing feature to map to printers that are physically
near the client system. Location-based printing does require that you install print drivers in the virtual
machine.
n
Local printer redirection is designed for the following use cases:
n
Printers directly connected to USB or serial ports on the client
n
Specialized printers such as bar code printers and label printers connected to the client
n
Network printers on a remote network that are not addressable from the virtual session.
n
Use multiple monitors. With the PCoIP and Blast Extreme display protocols, multiple-monitor support
means you can adjust the display resolution and rotation separately for each monitor.
n
Access USB devices and other peripherals that are connected to the local device that displays your
virtual desktop.
You can specify which types of USB devices end users are allowed to connect to. For composite
devices that contain multiple types of devices, such as a video input device and a storage device, you
can split the device so that one device (for example, the video input device) is allowed but the other
device (for example, the storage device) is not.
VMware, Inc. 9
View Architecture Planning
n
Use Horizon Persona Management to retain user settings and data between sessions even after the
desktop has been refreshed or recomposed. Persona Management has the ability to replicate user
profiles to a remote profile store (CIFS share) at configurable intervals.
You can also use a standalone version of Persona Management on physical computers and virtual
machines that are not managed by Horizon 7.
Horizon 7 offers the following security features, among others:
n
Use two-factor authentication, such as RSA SecurID or RADIUS (Remote Authentication Dial-In User
Service), or smart cards to log in.
n
Use pre-created Active Directory accounts when provisioning remote desktops and applications in
environments that have read-only access policies for Active Directory.
n
Use SSL/TLS tunneling to ensure that all connections are completely encrypted.
n
Use VMware High Availability to ensure automatic failover.
Scalability features depend on the VMware virtualization platform to manage both desktops and servers:
n
Integrate with VMware vSphere to achieve cost-effective densities, high levels of availability, and
advanced resource allocation control for your remote desktops and applications.
n
Use the Horizon 7 storage accelerator feature to support end-user logins at larger scales with the
same storage resources. This storage accelerator uses features in the vSphere 5 platform to create a
host memory cache of common block reads.
n
Configure Horizon Connection Server to broker connections between end users and the remote
desktops and applications that they are authorized to access.
n
Use View Composer to quickly create desktop images that share virtual disks with a master image.
Using linked clones in this way conserves disk space and simplifies the management of patches and
updates to the operating system.
n
Use the Instant Clone feature, introduced in Horizon 7, to quickly create desktop images that share
virtual disks and memory with a parent image. Instant Clones not only have the space efficiency of
View Composer linked clones, they also eliminate the need to refresh, recompose, rebalance, thus
further simplifying management of patches and updates to the operating system. Instant clones
eliminate the desktop maintenance window altogether.
The following features provide centralized administration and management:
n
Use Microsoft Active Directory to manage access to remote desktops and applications and to
manage policies.
n
Use Persona Management to simplify and streamline migration from physical to virtual desktops.
n
Use the Web-based administrative console to manage remote desktops and applications from any
location.
n
Use Horizon Administrator to distribute and manage applications packaged with VMware ThinApp™.
n
Use a template, or master image, to quickly create and provision pools of desktops.
VMware, Inc. 10
View Architecture Planning
n
Send updates and patches to virtual desktops without affecting user settings, data, or preferences.
n
Integrate with VMware Identity Manager so that end users can access remote desktops through the
user portal on the Web, as well as use VMware Identity Manager from a browser inside a remote
desktop.
n
Integrate with Mirage™ and Horizon FLEX™ to manage locally installed virtual machine desktops
and to deploy and update applications on dedicated full-clone remote desktops without overwriting
user-installed applications.
How the Components Fit Together
End users start Horizon Client to log in to Horizon Connection Server. This server, which integrates with
Windows Active Directory, provides access to remote desktops hosted on a VMware vSphere server, a
physical PC, or a Microsoft RDS host. Horizon Client also provides access to remote applications on a
Microsoft RDS host.
Note Horizon 7 supports Active Directory Domain Services (AD DS) domain functional levels. For more
information about supported AD DS domain functional levels, see the VMware Knowledge Base (KB)
article http://kb.vmware.com/kb/2150351.
Figure 1‑2 shows the relationship between the major components of a Horizon 7 deployment.
VMware, Inc. 11
tablet
ESXi hosts running
Virtual Desktop virtual machines
View
Connection
Server
View
Administrator
(browser)
VMware vCenter Server
with View Composer
network
Windows client
Thin Client
Virtual desktops
ESXi host
VM VM VM
VM VM VM
VM
Virtual machine
Desktop OS
app app app
View Agent
Microsoft
Active Directory
RDS hosts
physical PCs
non-vCenter VMs
View Agent
ThinApp
Mac client
View Architecture Planning
Figure 1‑2. High-Level Example of a Horizon 7 Environment
Client Devices
A major advantage of using Horizon 7 is that remote desktops and applications follow the end user
regardless of device or location. Users can access their personalized virtual desktop or remote
application from a company laptop, their home PC, a thin client device, a Mac, or a tablet or phone.
End users open Horizon Client to display their remote desktops and applications. Thin client devices use
Horizon 7 thin client software and can be configured so that the only application that users can launch
directly on the device is Horizon 7 Thin Client. Repurposing a legacy PC into a thin client desktop can
extend the life of the hardware by three to five years. For example, by using Horizon 7 on a thin desktop,
you can use a newer operating system such as Windows 8.x on older desktop hardware.
If you use the HTML Access feature, end users can open a remote desktop inside a browser, without
having to install any client application on the client system or device.
VMware, Inc. 12
View Architecture Planning
Horizon Connection Server
This software service acts as a broker for client connections. Horizon Connection Server authenticates
users through Windows Active Directory and directs the request to the appropriate virtual machine,
physical PC, or Microsoft RDS host.
Connection Server provides the following management capabilities:
n
Authenticating users
n
Entitling users to specific desktops and pools
n
Assigning applications packaged with VMware ThinApp to specific desktops and pools
n
Managing remote desktop and application sessions
n
Establishing secure connections between users and remote desktops and applications
n
Enabling single sign-on
n
Setting and applying policies
Inside the corporate firewall, you install and configure a group of two or more Connection Server
instances. Their configuration data is stored in an embedded LDAP directory and is replicated among
members of the group.
Outside the corporate firewall, in the DMZ, you can install and configure Connection Server as a security
server, or you can install a Unified Access Gateway appliance. Security servers and
Unified Access Gateway appliances in the DMZ communicate with Connection Servers inside the
corporate firewall. Security servers and Unified Access Gateway appliances ensure that the only remote
desktop and application traffic that can enter the corporate data center is traffic on behalf of a strongly
authenticated user. Users can access only the resources that they are authorized to access.
Security servers offer a subset of functionality and are not required to be in an Active Directory domain.
You install Connection Server in a Windows Server 2008 R2 or Windows Server 2012 R2 server,
preferably on a VMware virtual machine. For more information about Unified Access Gateway appliances,
see Deploying and Configuring Unified Access Gateway.
Important It is possible to create a Horizon 7 setup that does not use Connection Server. If you install
the Horizon 7 Agent Direct Connect Plugin in a remote virtual machine desktop, the client can connect
directly to the virtual machine. All the remote desktop features, including PCoIP, HTML Access, RDP,
USB redirection, and session management work in the same way, as if the user had connected through
Connection Server. For more information, see View Agent Direct-Connection Plugin Administration.
Horizon Client
The client software for accessing remote desktops and applications can run on a tablet, a phone, a
Windows, Linux, or Mac PC or laptop, a thin client, and more.
VMware, Inc. 13
View Architecture Planning
After logging in, users select from a list of remote desktops and applications that they are authorized to
use. Authorization can require Active Directory credentials, a UPN, a smart card PIN, or an RSA SecurID
or other two-factor authentication token.
An administrator can configure Horizon Client to allow end users to select a display protocol. Protocols
include PCoIP, Blast Extreme, and Microsoft RDP for remote desktops. The speed and display quality of
PCoIP and Blast Extreme rival that of a physical PC.
Features differ according to which Horizon Client you use. This guide focuses on Horizon Client for
Windows. The following types of clients are not described in detail in this guide:
n
Details about Horizon Client for tablets, Linux clients, and Mac clients. See the Horizon Client
documentation at https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
n
Details about the HTML Access Web client, which allows you to open a remote desktop inside a
browser. No Horizon Client application is installed on the client system or device. See the
Horizon Client documentation at
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
n
Various third-party thin clients and zero clients, available only through certified partners.
n
View Open Client, which supports the VMware partner certification program. View Open Client is not
an official client application and is not supported as such.
VMware Horizon User Web Portal
From a Web browser on a client device, end users can connect to remote desktops and applications
through the browser, automatically start Horizon Client if it is installed, or download the Horizon Client
installer.
When you open a browser and enter the URL of a View Connection Server instance, the Web page that
appears contains links to the VMware Downloads site for downloading Horizon Client. The links on the
Web page are configurable, however. For example, you can configure the links to point to an internal Web
server, or you can limit which client versions are available on your own View Connection Server.
If you use the HTML Access feature, the Web page also displays a link for accessing remote desktops
and applications inside a supported browser. With this feature, no Horizon Client application is installed
on the client system or device. For more information, see the Horizon Client documentation at
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Horizon Agent
You install the Horizon Agent service on all virtual machines, physical systems, and Microsoft RDS hosts
that you use as sources for remote desktops and applications. On virtual machines, this agent
communicates with Horizon Client to provide features such as connection monitoring, virtual printing,
Horizon Persona Management, and access to locally connected USB devices.
VMware, Inc. 14
View Architecture Planning
If the desktop source is a virtual machine, you first install the Horizon Agent service on that virtual
machine and then use the virtual machine as a template or as a parent of linked clones or instant clones.
When you create a pool from this virtual machine, the agent is automatically installed on every remote
desktop.
You can install the agent with an option for single sign-on. With single sign-on, users are prompted to log
in only when they connect to Horizon Connection Server and are not prompted a second time to connect
to a remote desktop or application.
Horizon Administrator
This Web-based application allows administrators to configure Horizon Connection Server, deploy and
manage remote desktops and applications, control user authentication, and troubleshoot end user issues.
When you install a Connection Server instance, the Horizon Administrator application is also installed.
This application allows administrators to manage Connection Server instances from anywhere without
having to install an application on their local computer.
View Composer
You can install this software service on a vCenter Server instance that manages virtual machines or on a
separate server. View Composer can then create a pool of linked clones from a specified parent virtual
machine. This strategy reduces storage costs by up to 90 percent.
Each linked clone acts like an independent desktop, with a unique host name and IP address, yet the
linked clone requires significantly less storage because it shares a base image with the parent. Because
linked-clone desktop pools share a base image, you can quickly deploy updates and patches by updating
only the parent virtual machine. End users' settings, data, and applications are not affected.
You can also use View Composer to create automated farms of linked-clone Microsoft RDS hosts, which
provide published applications to end users.
Although you can install View Composer on its own server host, a View Composer service can operate
with only one vCenter Server instance. Similarly, a vCenter Server instance can be associated with only
one View Composer service.
Important View Composer is an optional component. If you plan to provision instant clones, you do not
need to install View Composer.
vCenter Server
This service acts as a central administrator for VMware ESXi servers that are connected on a network.
vCenter Server provides the central point for configuring, provisioning, and managing virtual machines in
the datacenter.
In addition to using these virtual machines as sources for virtual machine desktop pools, you can use
virtual machines to host the server components of Horizon 7, including View Connection Server
instances, Active Directory servers, Microsoft RDS hosts, and vCenter Server instances.
VMware, Inc. 15
View Architecture Planning
You can install View Composer on the same server as vCenter Server or on a different server.
vCenter Server then manages the assignment of the virtual machines to physical servers and storage and
manages the assignment of CPU and memory resources to virtual machines.
You can install vCenter Server either as a VMware virtual appliance or install vCenter Server in a
Windows Server 2008 R2 server or a Windows Server 2012 R2 server, preferably on a VMware virtual
machine.
Integrating and Customizing Horizon 7
To enhance the effectiveness of Horizon 7 in your organization, you can use several interfaces to
integrate Horizon 7 with external applications or to create administration scripts that you can run from the
command line or in batch mode.
Integrating with Other Components
VMware Identity
Manager
You can integrate VMware Identity Manager with Horizon 7 to provide the
following benefits to IT managers and end users:
n
End users have on-demand access to remote desktops and
applications through the same user portal on the Web that they use to
access SaaS, Web, and Windows applications, with the same single
sign-on convenience.
With the True SSO feature, users who authenticate using smart cards
or two-factor authentication can access their remote desktops and
applications without supplying Active Directory credentials.
n
End users can access VMware Identity Manager on the Web from
inside a remote desktop for applications they need.
n
If you also use HTML Access, end users can open a remote desktop
inside a browser, without having to install any client application on the
client system or device.
n
IT managers can use the browser-based administration console of
VMware Identity Manager to monitor user and group entitlements to
remote desktops.
VMware Mirage and
Horizon FLEX
You can use Mirage and Horizon FLEX to deploy and update applications
on dedicated full-clone remote desktops without overwriting user-installed
applications or data.
VMware, Inc. 16
View Architecture Planning
Mirage provides a better offline virtual desktop solution than the Local
Mode feature that was previously included with Horizon 7. Mirage includes
the following security and management features for offline desktops:
n
Encrypts the locally installed virtual machine and prevents a user from
modifying virtual machine settings that affect the integrity of the secure
container.
n
Provides policies, including expiration, available in VMware Fusion™
Professional and VMware® Player Plus™, that are comparable to the
polices provided with the previous Local Mode feature. Fusion Pro and
Player Plus are included with Mirage.
n
Eliminates the need for users to check in or check out their desktops to
receive updates.
n
Enables administrators to utilize the Mirage layering capability, backup
features, and file portal.
VMware App Volumes VMware App Volumes is an integrated and unified application delivery and
user management system for Horizon 7 and other virtual environments.
Applications and data managed by App Volumes are kept in specialized
VMDKs or VHDs called AppStacks, which are attached to each Windows
user session at login or reboot. This strategy ensures that the most current
applications and data are delivered to the user. App Volumes also provides
a different container for persistent user-installed applications and settings
called a writable volume, which is also loaded at login or reboot time. User
profile and policy settings can also be managed using the App Volumes
platform.
VMware User
Environment Manager
You can use the Smart Policies feature to create policies that control the
behavior of the USB redirection, virtual printing, clipboard redirection, client
drive redirection, and PCoIP display protocol features on specific remote
desktops. User Environment Manager allows IT to control which settings
users are allowed to personalize, and also maps environmental settings
such as networks and location-specific printers. With Smart Policies, you
can create policies that take effect only if certain conditions are met. For
example, you can configure a policy that disables the client drive redirection
feature if a user connects to a remote desktop from outside your corporate
network.
VMware
Unified Access
Gateway
Unified Access Gateway functions as a secure gateway for users who want
to access remote desktops and applications from outside the corporate
firewall. Unified Access Gateway is an appliance that is installed in a
demilitarized zone (DMZ). Use Unified Access Gateway to ensure that the
VMware, Inc. 17
View Architecture Planning
only traffic entering the corporate data center is traffic on behalf of a
strongly authenticated remote user. You can use Unified Access Gateway
appliances instead of Horizon 7 security servers. For more information, see
the Unified Access Gateway documentation.
Integrating with Popular Video Conferencing Software
Flash URL Redirection Streaming Flash content directly from Adobe Media Server to client
endpoints lowers the load on the datacenter ESXi host, removes the extra
routing through the datacenter, and reduces the bandwidth required to
simultaneously stream live video events to multiple client endpoints.
The Flash URL redirection feature uses a JavaScript that is embedded
inside a Web page by the Web page administrator. Whenever a virtual
desktop user clicks on the designated URL link from within a Web page, the
JavaScript intercepts and redirects the ShockWave File (SWF) from the
virtual desktop session to the client endpoint. The endpoint then opens a
local VMware Flash Projector outside of the virtual desktop session and
plays the media stream locally.
Note With Flash URL Redirection, the multicast or unicast stream is
redirected to client devices that might be outside your organization's
firewall. Your clients must have access to the Adobe Web server that hosts
the ShockWave Flash (SWF) file that initiates the multicast or unicast
streaming. If needed, configure your firewall to open the appropriate ports
to allow client devices to access this server.
This feature is available only on some types of clients. To find out whether
this feature is supported on a particular type of client, see the feature
support matrix included in the "Using VMware Horizon Client" document for
the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Microsoft Lync 2013 You can use a Microsoft Lync 2013 client on remote desktops to participate
in Unified Communications (UC) VoIP (voice over IP) and video chat calls
with Lync certified USB audio and video devices. A dedicated IP phone is
no longer required.
This architecture requires the installation of a Microsoft Lync 2013 client on
the remote desktop and a Microsoft Lync VDI plug-in on the Windows 7 or 8
client endpoint. Customers can use the Microsoft Lync 2013 client for
presence, instant messaging, Web conferencing, and Microsoft Office
functionality.
VMware, Inc. 18
View Architecture Planning
Whenever a Lync VoIP or video chat call occurs, the Lync VDI plug-in
offloads all the media processing from the datacenter server to the client
endpoint, and encodes all media into Lync-optimized audio and video
codecs. This optimized architecture is highly scalable, results in lower
network bandwidth used, and provides point-to-point media delivery with
support for high-quality real-time VoIP and video. For more information, see
the white paper about VMware Horizon 6 and Microsoft Lync 2013, at
http://www.vmware.com/files/pdf/techpaper/vmware-horizon-view-microsoft-
lync-install-configure.pdf.
Note Recording audio is not yet supported. This integration is supported
only with the PCoIP or Blast Extreme display protocol.
Integrating Horizon 7 with Business Intelligence Software
You can configure Horizon Connection Server to record events to a Microsoft SQL Server or Oracle
database.
n
End-user actions such as logging in and starting a desktop session.
n
Administrator actions such as adding entitlements and creating desktop pools.
n
Alerts that report system failures and errors.
n
Statistical sampling such as recording the maximum number of users over a 24-hour period.
You can use business intelligence reporting engines such as Crystal Reports, IBM Cognos, MicroStrategy
9, and Oracle Enterprise Performance Management System to access and analyze the event database.
For more information, see the View Integration document.
You can alternatively generate Horizon 7 events in Syslog format so that the event data can be accessible
to analytics software. If you enable file-based logging of events, events are accumulated in a local log file.
If you specify a file share, the log files are moved to that share. For more information, see the View
Installation document.
Using Horizon PowerCLI to Create Administration Scripts
Windows PowerShell is a command-line and scripting environment that is designed for Microsoft
Windows. PowerShell uses the .NET object model and provides administrators with management and
automation capabilities. As with any other console environment, you work with PowerShell by running
commands, which are called cmdlets in PowerShell.
The Horizon PowerCLI provides an easy-to-use PowerShell interface to Horizon 7. You can use the
Horizon PowerCLI cmdlets to perform various administration tasks on Horizon 7 components.
n
Create and update desktop pools.
n
Configure multiple network labels to greatly expand the number of IP addresses assigned to virtual
machines in a pool.
VMware, Inc. 19
View Architecture Planning
n
Add datacenter resources to a full virtual machine or linked-clone pool.
n
Perform rebalance, refresh, or recompose operations on linked-clone desktops.
n
Sample the usage of specific desktops or desktop pools over time.
n
Query the event database.
n
Query the state of services.
You can use the cmdlets in conjunction with the vSphere PowerCLI cmdlets, which provide an
administrative interface to the VMware vSphere product.
For more information, see the View Integration document.
Modifying LDAP Configuration Data in Horizon 7
When you use Horizon Administrator to modify the configuration of Horizon 7, the appropriate LDAP data
in the repository is updated. Horizon Connection Server stores its configuration information in an LDAP
compatible repository. For example, if you add a desktop pool, Connection Server stores information
about users, user groups, and entitlements in LDAP.
You can use VMware and Microsoft command-line tools to export and import LDAP configuration data in
LDAP Data Interchange Format (LDIF) files from and into Horizon 7. These commands are for advanced
administrators who want to use scripts to update configuration data without using Horizon Administrator
or Horizon PowerCLI.
You can use LDIF files to perform a number of tasks.
n
Transfer configuration data between Connection Server instances.
n
Define a large number of Horizon 7 objects, such as desktop pools, and add these to your
Connection Server instances without using Horizon Administrator or Horizon PowerCLI.
n
Back up a configuration so that you can restore the state of a Connection Server instance.
For more information, see the View Integration document.
Using SCOM to Monitor Horizon 7 Components
You can use Microsoft System Center Operations Manager (SCOM) to monitor the state and performance
of Horizon 7 components, including Connection Server instances and security servers and the services
running on these hosts.
For more information, see the View Integration document.
Using the vdmadmin Command
You can use the vdmadmin command line interface to perform a variety of administration tasks on a
Connection Server instance. You can use vdmadmin to perform administration tasks that are not possible
from within the Horizon Administrator user interface or that need to run automatically from scripts.
For more information, see the View Administration document.
VMware, Inc. 20
Planning a Rich User Experience 2
Horizon 7provides the familiar, personalized desktop environment that end users expect. For example, on
some client systems, end users can access USB and other devices connected to their local computer,
send documents to any printer that their local computer can detect, authenticate with smart cards, and
use multiple display monitors.
Horizon 7 includes many features that you might want to make available to your end users. Before you
decide which features to use, you must understand the limitations and restrictions of each feature.
This chapter includes the following topics:
n
Feature Support Matrix for Horizon Agent
n
Choosing a Display Protocol
n
Using Published Applications
n
Using Horizon Persona Management to Retain User Data and Settings
n
Using USB Devices with Remote Desktops and Applications
n
Using the Real-Time Audio-Video Feature for Webcams and Microphones
n
Using 3D Graphics Applications
n
Streaming Multimedia to a Remote Desktop
n
Printing from a Remote Desktop
n
Using Single Sign-On for Logging In
n
Monitors and Screen Resolution
Feature Support Matrix for Horizon Agent
When planning which display protocol and features to make available to your end users, use the following
information to determine which agent (remote desktop and application) operating systems support the
feature.
The types and editions of the supported guest operating system depend on the Windows version. For
updates to the list of supported Windows 10 operating systems, see the VMware Knowledge Base (KB)
article http://kb.vmware.com/kb/2149393. For Windows operating systems, other than Windows 10, see
the VMware Knowledge Base (KB) article http://kb.vmware.com/kb/2150295.
VMware, Inc.
21
View Architecture Planning
To see a list of specific remote experience features supported on Windows operating systems where
Horizon Agent is installed, see the VMware Knowledge Base (KB) article
http://kb.vmware.com/kb/2150305.
Note For information about which features are supported on the various types of client devices, see the
Horizon Client documentation at https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
In addition, several VMware partners offer thin and zero client devices for Horizon 7 deployments. The
features that are available for each thin or zero client device are determined by the vendor and model and
the configuration that an enterprise chooses to use. For information about the vendors and models for
thin and zero client devices, see the VMware Compatibility Guide, available on the VMware Web site.
Choosing a Display Protocol
A display protocol provides end users with a graphical interface to a remote desktop or application that
resides in the datacenter. Depending on which type of client device you have, you can choose from
among Blast Extreme and PCoIP (PC-over-IP), which VMware provides, or Microsoft RDP (Remote
Desktop Protocol).
You can set policies to control which protocol is used or to allow end users to choose the protocol when
they log in to a desktop.
Note For some types of clients, neither the PCoIP nor the RDP remote display protocol is used. For
example, if you use the HTML Access client, available with the HTML Access feature, the Blast Extreme
protocol is used, rather than PCoIP or RDP. Similarly, if you use a remote Linux desktop, Blast Extreme is
used.
VMware Blast Extreme
Optimized for the mobile cloud, VMware Blast Extreme supports the broadest range of client devices that
are H.264 capable. Of the display protocols, VMware Blast offers the lowest CPU consumption for longer
battery life on mobile devices. VMware Blast Extreme can compensate for an increase in latency or a
reduction in bandwidth and can leverage both TCP and UDP network transports.
The VMware Blast display protocol can be used for remote applications and for remote desktops that use
virtual machines or shared-session desktops on an RDS host. The RDS host can be a physical machine
or a virtual machine. The VMware Blast display protocol does not operate on a single-user physical
computer.
VMware Blast Extreme Features
Key features of VMware Blast Extreme include the following:
n
Users outside the corporate firewall can use this protocol with the corporate virtual private network
(VPN), or users can make secure, encrypted connections to a security server or Access Point
appliance in the corporate DMZ.
VMware, Inc. 22
View Architecture Planning
n
Advanced Encryption Standard (AES) 128-bit encryption is supported and is turned on by default. You
can, however, change the encryption key cipher to AES-256.
n
Connections from all types of client devices.
n
Optimization controls for reducing bandwidth usage on the LAN and WAN.
n
Performance counters displayed using PerfMon on Windows agents provide an accurate
representation of the current state of the system that also updates at a constant rate for the following:
n
Blast session
n
Imaging
n
Audio
n
CDR
n
USB: USB counters displayed using PerfMon on Windows agents are valid if USB traffic is
configured to use VMware Virtual Channel (VVC).
n
Skype for Business: counters are for control traffic only.
n
Clipboard
n
RTAV
n
Serial port and scanner redirection features
n
Virtual printing
n
HTML5 MMR
n
Windows Media MMR: Performance counters appear only if you configured this feature to use
VMware Virtual Channel (VVC).
n
Network continuity during momentary network loss on Windows clients.
n
32-bit color is supported for virtual displays.
n
ClearType fonts are supported.
n
Audio redirection with dynamic audio quality adjustment for LAN and WAN.
n
Real-Time Audio-Video for using webcams and microphones on some client types.
n
Copy and paste of text and, on some clients, images between the client operating system and a
remote application or desktop. For other client types, only copy and paste of plain text is supported.
You cannot copy and paste system objects such as folders and files between systems.
n
Multiple monitors are supported for some client types. On some clients, you can use up to four
monitors with a resolution of up to 2560 x 1600 per display or up to three monitors with a resolution of
4K (3840 x 2160) for Windows 7 remote desktops with Aero disabled. Pivot display and autofit are
also supported.
When the 3D feature is enabled, up to two monitors are supported with a resolution of up to 1920 x
1200, or one monitor with a resolution of 4K (3840 x 2160).
VMware, Inc. 23
View Architecture Planning
n
USB redirection is supported for some client types.
n
MMR redirection is supported for some Windows client operating systems and some remote desktop
operating systems (with Horizon Agent installed).
n
Connections to physical machines that have no monitors attached are supported with NVIDIA
graphics cards. For best performance, use a graphics card that supports H.264 encoding. This is a
technical preview feature for Horizon 7 version 7.1.
If you have an add-in discrete GPU and an embedded GPU, the operating system might default to the
embedded GPU. To fix this problem, you can disable or remove the device in Device Manager. If the
problem persists, you can install the WDDM graphics driver for the embedded GPU, or disable the
embedded GPU in the system BIOS. Refer to your system documentation on how disable the
embedded GPU.
Caution Disabling the embedded GPU might cause future loss of access to functionality such as
console access to BIOS setup or NT Boot Loader.
For information about which client devices support specific VMware Blast Extreme features, go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Recommended Guest Operating System Settings
1 GB of RAM or more and a dual CPU is recommended for playing in high-definition, full screen mode, or
720p or higher formatted video. To use Virtual Dedicated Graphics Acceleration for graphics-intensive
applications such as CAD applications, 4 GB of RAM is required.
Video Quality Requirements
480p-formatted video You can play video at 480p or lower at native resolutions when the remote
desktop has a single virtual CPU. If you want to play the video in high-
definition Flash or in full screen mode, the desktop requires a dual virtual
CPU. Even with a dual virtual CPU desktop, as low as 360p-formatted
video played in full screen mode can lag behind audio, particularly on
Windows clients.
720p-formatted video You can play video at 720p at native resolutions if the remote desktop has a
dual virtual CPU. Performance might be affected if you play videos at 720p
in high definition or in full screen mode.
VMware, Inc. 24
View Architecture Planning
1080p-formatted video If the remote desktop has a dual virtual CPU, you can play 1080p formatted
video, although the media player might need to be adjusted to a smaller
window size.
3D rendering You can configure remote desktops to use software- or hardware-
accelerated graphics. The software-accelerated graphics feature enables
you to run DirectX 9 and OpenGL 2.1 applications without requiring a
physical graphics processing unit (GPU). The hardware-accelerated
graphics features enable virtual machines to either share the physical
GPUs (graphical processing unit) on a vSphere host or dedicate a physical
GPU to a single virtual desktop.
For 3D applications, up to two monitors are supported, and the maximum
screen resolution is 1920 x 1200. The guest operating system on the
remote desktops must be Windows 7 or later.
For more information about 3D features, see Using 3D Graphics
Applications.
Hardware Requirements for Client Systems
For information about processor and memory requirements, see the "Using VMware Horizon Client"
document for the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
PCoIP
PCoIP (PC over IP) provides an optimized desktop experience for the delivery of a remote application or
an entire remote desktop environment, including applications, images, audio, and video content for a wide
range of users on the LAN or across the WAN. PCoIP can compensate for an increase in latency or a
reduction in bandwidth, to ensure that end users can remain productive regardless of network conditions.
The PCoIP display protocol can be used for remote applications and for remote desktops that use virtual
machines, physical machines that contain Teradici host cards, or shared session desktops on an RDS
host.
PCoIP Features
Key features of PCoIP include the following:
n
Users outside the corporate firewall can use this protocol with your company's virtual private network
(VPN), or users can make secure, encrypted connections to a security server or Access Point
appliance in the corporate DMZ.
n
Advanced Encryption Standard (AES) 128-bit encryption is supported and is turned on by default. You
can, however, change the encryption key cipher to AES-256.
n
Connections from all types of client devices.
n
Optimization controls for reducing bandwidth usage on the LAN and WAN.
VMware, Inc. 25
View Architecture Planning
n
32-bit color is supported for virtual displays.
n
ClearType fonts are supported.
n
Audio redirection with dynamic audio quality adjustment for LAN and WAN.
n
Real-Time Audio-Video for using webcams and microphones on some client types.
n
Copy and paste of text and, on some clients, images between the client operating system and a
remote application or desktop. For other client types, only copy and paste of plain text is supported.
You cannot copy and paste system objects such as folders and files between systems.
n
Multiple monitors are supported for some client types. On some clients, you can use up to 4 monitors
with a resolution of up to 2560 x 1600 per display or up to 3 monitors with a resolution of 4K (3840 x
2160) for Windows 7 remote desktops with Aero disabled. Pivot display and autofit are also
supported.
When the 3D feature is enabled, up to 2 monitors are supported with a resolution of up to 1920 x
1200, or one monitor with a resolution of 4K (3840 x 2160).
n
USB redirection is supported for some client types.
n
MMR redirection is supported for some Windows client operating systems and some remote desktop
operating systems (with Horizon Agent installed).
For information about which desktop operating systems support specific PCoIP features, see Feature
Support Matrix for Horizon Agent.
For information about which client devices support specific PCoIP features, go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Recommended Guest Operating System Settings
1GB of RAM or more and a dual CPU is recommended for playing in high-definition, full screen mode, or
720p or higher formatted video. To use Virtual Dedicated Graphics Acceleration for graphics-intensive
applications such as CAD applications, 4GB of RAM is required.
Video Quality Requirements
480p-formatted video You can play video at 480p or lower at native resolutions when the remote
desktop has a single virtual CPU. If you want to play the video in high-
definition Flash or in full screen mode, the desktop requires a dual virtual
CPU. Even with a dual virtual CPU desktop, as low as 360p-formatted
video played in full screen mode can lag behind audio, particularly on
Windows clients.
720p-formatted video You can play video at 720p at native resolutions if the remote desktop has a
dual virtual CPU. Performance might be affected if you play videos at 720p
in high definition or in full screen mode.
VMware, Inc. 26
View Architecture Planning
1080p-formatted video If the remote desktop has a dual virtual CPU, you can play 1080p formatted
video, although the media player might need to be adjusted to a smaller
window size.
3D rendering You can configure remote desktops to use software- or hardware-
accelerated graphics. The software-accelerated graphics feature enables
you to run DirectX 9 and OpenGL 2.1 applications without requiring a
physical graphics processing unit (GPU). The hardware-accelerated
graphics features enable virtual machines to either share the physical
GPUs (graphical processing unit) on a vSphere host or dedicate a physical
GPU to a single virtual machine desktop.
For 3D applications, up to 2 monitors are supported, and the maximum
screen resolution is 1920 x 1200. The guest operating system on the
remote desktops must be Windows 7 or later.
For more information about 3D features, see Using 3D Graphics
Applications.
Hardware Requirements for Client Systems
For information about processor and memory requirements, see the "Using VMware Horizon Client"
document for the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Microsoft RDP
Remote Desktop Protocol is the same multichannel protocol many people already use to access their
work computer from their home computer. Microsoft Remote Desktop Connection (RDC) uses RDP to
transmit data.
Microsoft RDP is a supported display protocol for remote desktops that use virtual machines, physical
machines, or shared session desktops on an RDS host. (Only the PCoIP display protocol and the
VMware Blast display protocol are supported for remote applications.) Microsoft RDP provides the
following features:
n
RDP 7 has true multiple monitor support, for up to 16 monitors.
n
You can copy and paste text and system objects such as folders and files between the local system
and the remote desktop.
n
32-bit color is supported for virtual displays.
n
RDP supports 128-bit encryption.
n
Users outside the corporate firewall can use this protocol with your company's virtual private network
(VPN), or users can make secure, encrypted connections to a View security server in the corporate
DMZ.
To support TLSv1.1 and TLSv1.2 connections to Windows 7 and Windows Server 2008 R2, you must
apply Microsoft hotfix KB3080079.
VMware, Inc. 27
View Architecture Planning
Hardware Requirements for Client Systems
For information about processor and memory requirements, see the "Using VMware Horizon Client"
document for the specific type of client system. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Note Mobile client 3.x devices use only the PCoIP display protocol. Mobile client 4.x clients use only the
PCoIP display protocol or the VMware Blast display protocol.
Using Published Applications
You can use Horizon Client to securely access published Windows-based applications, in addition to
remote desktops.
With this feature, after launching Horizon Client and logging in to a Horizon 7 server, users see all the
published applications they are entitled to use, in addition to remote desktops. Selecting an application
opens a window for that application on the local client device, and the application looks and behaves as if
it were locally installed.
For example, on a Windows client computer, if you minimize the application window, an item for that
application remains in the Taskbar and looks identical to the way it would look if it were installed on the
local Windows computer. You can also create a shortcut for the application that will appear on your client
desktop, just like shortcuts for locally installed applications.
Deploying published applications in this way might be preferable to deploying complete remote desktops
under the following conditions:
n
If an application is set up with a multi-tiered architecture, where the components work better if they
are located geographically near each other, using published applications is a good solution.
For example, when a user must access a database remotely, if large amounts of data must be
transmitted over the WAN, performance is usually affected. With published applications, all parts of
the application can be located in the same data center as the database, so that traffic is isolated and
only the screen updates are sent across the WAN.
n
From a mobile device, accessing an individual application is easier than opening a remote Windows
desktop and then navigating to the application.
To use this feature, you install applications on a Microsoft RDS host. In this respect, Horizon 7 published
applications work similarly to other application remoting solutions. Horizon 7 published applications are
delivered using either the Blast Extreme display protocol or the PCoIP display protocol, for an optimized
user experience.
VMware, Inc. 28
View Architecture Planning
Using Horizon Persona Management to Retain User Data and Settings
You can use Horizon Persona Management with remote desktops and with physical computers and virtual
machines that are not managed by Horizon 7. Persona Management retains changes that users make to
their profiles. User profiles comprise a variety of user-generated information.
n
User-specific data and desktop settings, which allow the desktop appearance to be the same regard
less of which desktop a user logs in to.
n
Application data and settings. For example, these settings allow applications to remember toolbar
positions and preferences.
n
Windows registry entries configured by user applications.
To facilitate these abilities, Persona Management requires storage on a CIFS share equal or greater than
the size of the user's local profile.
Minimizing Logon and Logo Times
Persona Management minimizes the time it takes to log on to and off of desktops. During logon, by
default, Horizon 7 downloads only the files that Windows requires, such as user registry files. Horizon 7
takes recent changes in the profile on the remote desktop and copies them to the remote repository at
regular intervals.
With Persona Management, you can avoid making any changes to Active Directory in order to have a
managed profile. To configure Persona Management, you specify a central repository, without changing
the user's properties in Active Directory. With this central repository, you can manage a user's profile in
one environment without affecting the physical machines that users might also log on to.
With Persona Management, if you provision desktops with VMware ThinApp applications, the ThinApp
sandbox data can also be stored in the user profile. This data can roam with the user but does not
significantly affect logon times. This strategy provides better protection against data loss or corruption.
Configuration Options
You can configure Horizon 7 personas at several levels: a single remote desktop, a desktop pool, an OU,
or all remote desktops in your deployment. You can also use a standalone version of Persona
Management on physical computers and virtual machines that are not managed by Horizon 7.
By setting group policies (GPOs), you have granular control of the files and folders to include in a
persona. You can specify whether to include the local settings folder, which files to load at login time,
which files to download in the background after a user logs in, and which files within a user's persona to
manage with Windows roaming profiles functionality instead of Persona Management.
As with Windows roaming profiles, you can configure folder redirection. You can redirect the following
folders to a network share.
VMware, Inc. 29
View Architecture Planning
Contacts My Documents Save Games
Cookies My Music Searches
Desktop My Pictures Start Menu
Downloads My Videos Startup Items
Favorites Network Neighborhood Templates
History Printer Neighborhood Temporary Internet Files
Links Recent Items
Limitations
Persona Management has the following limitations and restrictions:
n
This feature is not supported on instant clone desktop pools.
n
You must have a Horizon 7 license that includes the Personal Management component.
n
Persona Management requires a CIFS (Common Internet File System) share.
n
This feature is not supported for use with persistent disk on Windows 10 linked-clone desktop pools.
Using USB Devices with Remote Desktops and Applications
Administrators can configure the ability to use USB devices, such as thumb flash drives, cameras, VoIP
(voice-over-IP) devices, and printers, from a remote desktop. This feature is called USB redirection, and it
supports using the VMware Blast, PCoIP, or Microsoft RDP display protocol. A remote desktop can
accommodate up to 128 USB devices.
You can also redirect locally connected USB devices, including thumb flash drives, hard disks, TOPAZ
Signature Pad, Olympus Dictation Foot pedal, and Wacom signature pad, for use in published desktops
and published applications. Other types of USB devices, including security storage drives and USB CD-
ROM drives, are not supported in published desktops and published applications.
When you use this feature in desktop pools that are deployed on single-user machines, most USB
devices that are attached to the local client system become available in the remote desktop. You can
even connect to and manage an iPad from a remote desktop. For example, you can sync your iPad with
iTunes installed in your remote desktop. On some client devices, such as Windows and Mac computers,
the USB devices are listed in a menu in Horizon Client. You use the menu to connect and disconnect the
devices.
In most cases, you cannot use a USB device in your client system and in your remote desktop or
application at the same time. Only a few types of USB devices can be shared between a remote desktop
and the local computer. These devices include smart card readers and human interface devices such as
keyboards and pointing devices.
VMware, Inc. 30
Loading...