7.0
Table Of Contents
- View Architecture Planning
- Contents
- View Architecture Planning
- Introduction to View
- Planning a Rich User Experience
- Feature Support Matrix for Horizon Agent
- Choosing a Display Protocol
- Using Hosted Applications
- Using View Persona Management to Retain User Data and Settings
- Using USB Devices with Remote Desktops and Applications
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Using 3D Graphics Applications
- Streaming Multimedia to a Remote Desktop
- Printing from a Remote Desktop
- Using Single Sign-On for Logging In
- Monitors and Screen Resolution
- Managing Desktop and Application Pools from a Central Location
- Advantages of Desktop Pools
- Advantages of Application Pools
- Reducing and Managing Storage Requirements
- Application Provisioning
- Deploying Individual Applications Using an RDS Host
- Deploying Applications and System Updates with View Composer
- Deploying Applications and System Updates with Instant Clones
- Managing VMware ThinApp Applications in View Administrator
- Deploying and Managing Applications Using App Volumes
- Using Existing Processes or VMware Mirage for Application Provisioning
- Using Active Directory GPOs to Manage Users and Desktops
- Architecture Design Elements and Planning Guidelines for Remote Desktop Deployments
- Virtual Machine Requirements for Remote Desktops
- View ESXi Node
- Desktop Pools for Specific Types of Workers
- Desktop Virtual Machine Configuration
- RDS Host Virtual Machine Configuration
- vCenter Server and View Composer Virtual Machine Configuration
- View Connection Server Maximums and Virtual Machine Configuration
- vSphere Clusters
- Storage and Bandwidth Requirements
- View Building Blocks
- View Pods
- Advantages of Using Multiple vCenter Servers in a Pod
- Planning for Security Features
- Understanding Client Connections
- Choosing a User Authentication Method
- Restricting Remote Desktop Access
- Using Group Policy Settings to Secure Remote Desktops and Applications
- Using Smart Policies
- Implementing Best Practices to Secure Client Systems
- Assigning Administrator Roles
- Preparing to Use a Security Server
- Understanding View Communications Protocols
- Overview of Steps to Setting Up a View Environment
- Index
Table 5‑3. Default Ports (Continued)
Protocol Port
HTTP TCP port 80
HTTPS TCP port 443
MMR/CDR For multimedia redirection and client drive redirection, TCP port 9427
RDP TCP port 3389
NOTE If the View Connection Server instance is configured for direct client connections, these
protocols connect directly from the client to the remote desktop and are not tunneled through the View
Secure GW Server component.
SOAP TCP port 80 or 443
PCoIP Any TCP port from Horizon Client to port 4172 of the remote desktop or application.
PCoIP also uses UDP port 50002 from Horizon Client (or UDP port 55000 from the PCoIP Secure
Gateway) to port 4172 of the remote desktop or application.
USB redirection TCP port 32111. This port is also used for time zone synchronization.
VMware Blast
Extreme
Any TCP or UDP port from Horizon Client to port 22443 of the remote desktop or application.
HTML Access For the HTML Access Gateway on connection servers and security servers, TCP Port 8443
For View Agent or Horizon Agent connections, TCP Port 22443
TCP Ports for View Connection Server Intercommunication
View Connection Server instances in a group use additional TCP ports to communicate with each other. For
example, View Connection Server instances use port 4100 or 4101 to transmit JMS inter-router (JMSIR)
traffic to each other. Firewalls are generally not used between the View Connection Server instances in a
group.
View Broker and Administration Server
The View Broker component, which is the core of View Connection Server, is responsible for all user
interaction between clients and View Connection Server. View Broker also includes the Administration
Server that is used by the View Administrator Web interface.
View Broker works closely with vCenter Server to provide advanced management of remote desktops,
including virtual machine creation and power operations.
View Secure Gateway Server
View Secure Gateway Server is the server-side component for the secure HTTPS connection between client
systems and a security server, Access Point appliance, or View Connection Server instance.
When you configure the tunnel connection for View Connection Server, RDP, USB, and Multimedia
Redirection (MMR) traffic is tunneled through the View Secure Gateway component. When you configure
direct client connections, these protocols connect directly from the client to the remote desktop and are not
tunneled through the View Secure Gateway Server component.
NOTE Clients that use the PCoIP or Blast Extreme display protocol can use the tunnel connection for USB
redirection and multimedia redirection (MMR) acceleration, but for all other data, PCoIP uses the PCoIP
Secure Gateway, and Blast Extreme uses the Blast Secure Gateway, on a security server or Access Point
appliance.
Chapter 5 Planning for Security Features
VMware, Inc. 95