Embed Size (px)
Citation preview
8/10/2019 VMware Horizon View and Mirage Tech Tips
http://slidepdf.com/reader/full/vmware-horizon-view-and-mirage-tech-tips 1/4
Tech Tips
Successful Deployment ofVMware Horizon (with View) and
VMware MirageIn today’s rapidly-changing workplace, workers are increasingly mobile. In fact more than 52 percent of employees carry at least
three devices for work, and many bring their own devices to and from work, a practice known as bring your own device (BYOD).
These workplace dynamics create new IT challenges including data security and compliance, cost containment, and endpoint/
image management.
VMware Horizon™ (with View) helps IT tackle these challenges head-on by virtualizing end-user desktops. With View, IT organizations
can move desktop assets (OS, applications and data) into the data center, where IT staff can more securely manage and deliver them
to end users across multiple devices and locations. This approach offers many benefits:
• Lowers Total Cost of Ownership
• Reduces Operational Expenses (OpEx)
• Improves Security• Supports Mobility and Workplace Device Diversity
VMware Mirage™ helps IT tackle image management challenges. Mirage is designed to deliver unified image management to physical,
virtual, and BYO devices. While View virtualizes end-user desktops, Mirage works on any new or existing physical or virtual device. With
Mirage, IT creates and updates layers, such as base layers, with core OS components and common business applications. Devices are
backed up to a central repository and updated with IT-managed dynamic layers. Mirage provides fully-automated backup and recovery,
extends PC lifecycle management tools, and is designed for distributed environments.
As you plan your virtual desktop infrastructure (VDI) or physical endpoint deployment, consider the following tips:
1 Look at Your User Roles and Requirements
For a more successful VDI deployment, create groups of
users with similar desktop usage models and requirements.
Considerations might include: types of users (e.g., task
worker, knowledge worker); mobility requirements (e.g.,
none, mobile, offline access); and user requirements (e.g.,
dedicated desktop, customized, user-installed apps).
This will affect your choice of desktop pool (dedicated or
floating), the number of virtual machine pools you create,
and whether or not your users can connect to a virtual
desktop. You can alternatively decide to centrally control
physical endpoints via VMware Mirage. Consider what
you must do to maintain user data when users are not
connected. Roaming profiles, View Persona Management,
user data disks and other third-party methods of user data
storage are available to best manage your different user
roles. See the Desktop Pools for Specific Types of Workers
section in the VMware View manual for more details.
For physical endpoints, consider Mirage
Research the requirements of different departments or
groups of users who may have unique application or policy
requirements before managing your physical endpoints.
This allows you to create fewer IT-managed layers and
simplifies Mirage desktop deployment. See the Mirage
Reviewer’s Guide for more details.
Set expectations with users
The success of a VDI deployment depends on employee
satisfaction, so it is important to build user expectations
into your deployment plan. Ask key questions, such as:
what devices will employees use? Will printing be a
requirement? Do users need to play or record audio?
Run a desktop virtualization pilot to gather data on
performance requirements and employee satisfaction.
Make sure that users can quickly access their data. For
more information, see the Horizon Reviewer’s Guide.
Figure 1: Managing User Persona and Data
8/10/2019 VMware Horizon View and Mirage Tech Tips
http://slidepdf.com/reader/full/vmware-horizon-view-and-mirage-tech-tips 2/4
Tech Tips - VMware Horizon (with View) and VMware Mirage
2 Assess Applications Requirements
To optimize the desktop experience for end users, do a full
assessment of all applications that will be run by the virtual
desktops. Check the number of licenses, including renewal
dates and their compatibility with View and Mirage. If youare upgrading operating system versions, check application
compatibility or package them using VMware ThinApp®.
For Mirage, use Application Layers to support specific
use cases for different applications. Identify the smallest
number of base layers that can support broad numbers
and types of endpoints in your Mirage environment.
Reducing the number of images for IT to support reduces
management time and costs.
Use application layers on top of the standard base layer
to support the deployment of custom applications. The
Mirage Driver library enables using the same base layer
on all types of physical and virtual hardware. For details,
see the Architecture and Components section in theMirage Reviewer’s Guide.
3 Evaluate Your Data Topology
Have a clear understanding of where user files, folders,
settings and user personalization settings are located and
plan how to map them to the new environment. You may
need to enable file access to users across remote locations
but have the files centralized in one location. If you use
roaming for terminal services, decide whether you will
continue to do so in your virtual desktop environment.
4
Confirm your Directory Services are Properly Configured
and Running
Make sure all Active Directory domain controllers are
replicating properly, and that DNS and DHCP are correctly
configured, running, and able to accommodate the newly-
created desktops. Ensure that you have domain controllers
in the locations where people are logging in. For example,
if your firewall software blocks Global Catalog and LDAP
ports, administrators will have problems configuring user
entitlements. If you have a firewall between your View
environment and your Active Directory server, all of the
necessary ports must be open for Active Directory to
function correctly.
5 Assess Your Current Infrastructure
Review your current setup to see what existing
infrastructure you can leverage and what you might need
to add for your new environment. Review and optimize
WAN topology, QoS/CoS, display protocols, geographic
location of sites and remote access methods. Determine
whether a VPN solution is in place, and whether you will
use hybrid-security multi-factor authentication, or an
alternate topology (e.g., View Security Server). For best
practices on setting up your new environment, see Horizon
Architect Planning.
Size your Mirage servers appropriately to support the
number of endpoints you need to manage. Each Mirage
server can support up to 1,500 endpoint devices. Follow
the general guidelines in Figure 2 to size the physical
Mirage server appropriately. Deployments larger than
1,500 endpoints require a number of Mirage servers
behind a Layer 7 load balancer, such as the F5 BIG-IP
Local Traffic Manager or the SteelApp Traffic Manager.
UP TO 300
ENDPOINTS
UP TO 500 UP TO 1,500
Server
Type
Virtual Physical Physical
CPU 1x Dual-Core
Processor,
2.26 GHz
1x Quad-Core
Processor,
2.26 GHz
2x Quad-Core
Processor,
2.26 GHz
RAM 8 GB 8 GB 16 GB
Figure 2: Mirage Server Sizing Guidelines
Mirage relies on the network to stream layers to the
Mirage server. Be sure to optimize your existing network
infrastructure, including the location of the Mirage server.
If you plan to place the Mirage ser ver in the data center
of your headquarters and make it available via the WAN,
configure the Network QoS and use Mirage Branch
Reflectors to reduce network consumption.
Steady-state network utilization with Mirage averages
15Kb/sec per user, or about 50Mb per user per day. You can
throttle bandwidth on routers to ensure top performance.
Finally, if your users connect over a WAN ensure your
system uses bandwidth efficiently, does not degrade
performance and is latency–tolerant.
Use a Branch Reflector to improve performance in
Branch Offices
Branch Reflectors optimize layer deployment (application
layer, base layer and driver library). Mirage lets you
centrally nominate any Mirage-managed device as a
Branch Reflector. The nominated device automatically
takes on the nominated role the next time that it connects
to the Mirage server. The Branch Reflector acts as a staging
area for image updates, allowing other devices to update
via their LAN, usually without dedicated infrastructure or
an on-site technician.
For more on Branch Reflectors and multiple office
locations, see the Mirage Reviewer’s Guide.
8/10/2019 VMware Horizon View and Mirage Tech Tips
http://slidepdf.com/reader/full/vmware-horizon-view-and-mirage-tech-tips 3/4
Tech Tips - VMware Horizon (with View) and VMware Mirage
Figure 3: Networking Setup for Mirage
6 Confirm Your Security Needs
Determine your requirements for authentication, data
protection, compliance, and archiving and retention
policies. For example, find out if you are using multi-factor
authentication such as smart cards or tokens in addition to
Active Directory to authenticate user access.
You can install and configure a View Security Server in
your DMZ to help connect external users with their View
desktops behind the corporate firewall. For more
information on security with desktop virtualization, see
the Security Solution Architecture for VDI. For Mirage, you
can set up the Mirage Gateway so users are not required
to VPN in from remote locations in order for their device
to centralize with the Mirage server.
For all Mirage client-server communication, you can
enable SSL via a global setting. Doing so will help keep
your client-server communications secure. For details,
see Setting Up the SSL Certificate in Windows Server in
the Mirage Administrator’s Guide.To protect user data, Mirage uses NTFS on the server side
so that regular Windows Security applies through access-
control-list object permissions. If you choose NAS storage
instead, you can leverage vendor data security tools and
use them in conjunction with Mirage. For example, to
configure NetApp NAS storage security to mimic pure
Microsoft NTFS permissions, see the VMware Knowledge
Base article Configuring Mirage Storage Security (2031614).
During backup and restore operations, Mirage uses the
MD5 Message-Digest Algorithm checksum to ensure
data integrity. Mirage is compatible with the Microsoft
Encrypting File System (EFS), Microsoft BitLocker drive
encryption, Sophos SafeGuard hard drive encryption,
and other encryption technologies, giving you the
flexibility to secure your data in the way that best meets
your business needs.
7 Right Size Your Storage
Many VDI projects fail, underperform or “over-cost” due
to poor storage design. To size your storage, use the most
accurate data you can gather about current and future
desktop requirements and compare it to the capabilities
of your storage systems. When sizing your storage,
consider both peak and average workloads.
Sizing storage for average workloads results in
inadequate resources during peak times, which
degrades end-user performance.
For Mirage, allocate appropriate storage resources for
optimal endpoint management. Both the reference
machine (where you capture IT-managed layers) and
backup/restore snapshots for each endpoint require
storage on the Mirage server. While capacity consumption
varies depending on the level of file duplication, number
of base layers and the number of snapshots you store, a
starter guideline is 15-30 GB of datacenter storage for
each user.
8/10/2019 VMware Horizon View and Mirage Tech Tips
http://slidepdf.com/reader/full/vmware-horizon-view-and-mirage-tech-tips 4/4
VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486- 9273 Fax 650-427-5001 www.vmware.com
Copyright © 2014 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed
at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be
trademark s of their respective companies . Item No: VMW6221 -TT-SUCC-DELY-HORZN -USLE T-108 07/14
Tech Tips - VMware Horizon (with View) and VMware Mirage
8 Consider Options for Restoring Endpoints
If a physical computer is lost, stolen or damaged you can
either restore the entire image to a replacement device or
restore only selected layers.
Restoring all layers to new hardware gives end-users theexact experience they had on their old hardware, which
minimizes productivity loss. You can also deliver only
user-managed layers to the new device if you require a
new base layer. If the information on an endpoint hard disk
is corrupted, you can overwrite the prior information and
restore the desktop image to the same device.
For a hands-on exercise in restoring a PC, see Using
Horizon Mirage for Desktop Recovery in the Mirage
Reviewer’s Guide.
9 Determine Support Requirements
Train all desktop support staff on the support model
changes so that support requirements for View andMirage are clear. Doing this at the beginning of the
deployment can greatly increase the likelihood of
success for your implementation.
10 Evaluate Total Cost of Ownership (TCO) and Return on
Investment (ROI)
Desktop virtualization does not deliver TCO and ROI in
the same way that server virtualization does. To show
how this new capability benefits your organization, use
the VMware TCO Calculator. This can be done ahead of
deployment to find out exactly what gains your
organization can expect. For example, desktop
virtualization can:
• Reduce support costs by 50 percent by centralizing
management
• Let you support up to 40 percent more end users with
the same IT personnel
• Reduce network requirements through more efficient
bandwidth usage
• Push out PC refresh cycles from 3-4 years to 5-7 years
ResourcesLearn more about VMware Horizon (with View)
• Horizon Product Overview
• Horizon Data Sheet
• Horizon Technical Documentation
• Horizon Reviewers Guide
• Horizon Architectural Planning Guide
Learn more about VMware Mirage
• Mirage Product Overview
• Mirage Data Sheet
• See the VMware Knowledge Base for Mirage-related
questions
• Read the End User Computing Blog for the latest on Mirage
• Evaluate Mirage for 60 days
• Mirage Administrator’s Guide
• Mirage Reviewer’s Guide
