7.0
Table Of Contents
- Deploying and Configuring Access Point
- Contents
- Deploying and Configuring Access Point
- Introduction to Access Point
- System Requirements and Deployment
- Configuring Access Point
- Collecting Logs from the Access Point Appliance
- Setting Up Smart Card Authentication
- Setting Up Two-Factor Authentication
- Index
This chapter includes the following topics:
n
“Firewall Rules for DMZ-Based Access Point Appliances,” on page 8
n
“Access Point Topologies,” on page 12
Firewall Rules for DMZ-Based Access Point Appliances
DMZ-based Access Point appliances require certain firewall rules on the front-end and back-end firewalls.
During installation, Access Point services are set up to listen on certain network ports by default.
A DMZ-based Access Point appliance deployment usually includes two firewalls.
n
An external network-facing, front-end firewall is required to protect both the DMZ and the internal
network. You configure this firewall to allow external network traffic to reach the DMZ.
n
A back-end firewall, between the DMZ and the internal network, is required to provide a second tier of
security. You configure this firewall to accept only traffic that originates from the services within the
DMZ.
As an example, the following figure illustrates the protocols that each View component uses for
communication. This configuration might be used in a typical WAN deployment if you are using
Access Point appliances with the View component of VMware Horizon.
Deploying and Configuring Access Point
8 VMware, Inc.