Architecture Planning
Table Of Contents
- View Architecture Planning
- Contents
- View Architecture Planning
- Introduction to View
- Planning a Rich User Experience
- Feature Support Matrix for View Agent
- Choosing a Display Protocol
- Using Hosted Applications
- Using View Persona Management to Retain User Data and Settings
- Using USB Devices with Remote Desktops and Applications
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Using 3D Graphics Applications
- Streaming Multimedia to a Remote Desktop
- Printing from a Remote Desktop
- Using Single Sign-On for Logging In to a Remote Desktop
- Using Multiple Monitors
- Managing Desktop and Application Pools from a Central Location
- Architecture Design Elements and Planning Guidelines for Remote Desktop Deployments
- Virtual Machine Requirements for Remote Desktops
- View ESXi Node
- Desktop Pools for Specific Types of Workers
- Desktop Virtual Machine Configuration
- RDS Host Virtual Machine Configuration
- vCenter Server and View Composer Virtual Machine Configuration
- View Connection Server Maximums and Virtual Machine Configuration
- vSphere Clusters
- Storage and Bandwidth Requirements
- View Building Blocks
- View Pods
- Advantages of Using Multiple vCenter Servers in a Pod
- Planning for Security Features
- Understanding Client Connections
- Choosing a User Authentication Method
- Restricting Remote Desktop Access
- Using Group Policy Settings to Secure Remote Desktops and Applications
- Implementing Best Practices to Secure Client Systems
- Assigning Administrator Roles
- Preparing to Use a Security Server
- Understanding View Communications Protocols
- Overview of Steps to Setting Up a View Environment
- Index
Table 5‑3. Default Ports (Continued)
Protocol Port
HTTP TCP port 80
HTTPS TCP port 443
MMR/CDR For multimedia redirection and client drive redirection, TCP port 9427
RDP TCP port 3389
NOTE If the View Connection Server instance is configured for direct client connections, these
protocols connect directly from the client to the remote desktop and are not tunneled through the View
Secure GW Server component.
SOAP TCP port 80 or 443
PCoIP Any TCP port from Horizon Client to port 4172 of the remote desktop or application.
PCoIP also uses UDP port 50002 from Horizon Client (or UDP port 55000 from the PCoIP Secure
Gateway) to port 4172 of the remote desktop or application.
USB redirection TCP port 32111. This port is also used for time zone synchronization.
HTML Access For the HTML Access Gateway on connection servers and security servers, TCP Port 8443
For View Agent connections, TCP Port 22443
TCP Ports for View Connection Server Intercommunication
View Connection Server instances in a group use additional TCP ports to communicate with each other. For
example, View Connection Server instances use port 4100 or 4101 to transmit JMS inter-router (JMSIR)
traffic to each other. Firewalls are generally not used between the View Connection Server instances in a
group.
View Broker and Administration Server
The View Broker component, which is the core of View Connection Server, is responsible for all user
interaction between clients and View Connection Server. View Broker also includes the Administration
Server that is used by the View Administrator Web interface.
View Broker works closely with vCenter Server to provide advanced management of remote desktops,
including virtual machine creation and power operations.
View Secure Gateway Server
View Secure Gateway Server is the server-side component for the secure HTTPS connection between client
systems and a security server, Access Point appliance, or View Connection Server instance.
When you configure the tunnel connection for View Connection Server, RDP, USB, and Multimedia
Redirection (MMR) traffic is tunneled through the View Secure Gateway component. When you configure
direct client connections, these protocols connect directly from the client to the remote desktop and are not
tunneled through the View Secure Gateway Server component.
NOTE Clients that use the PCoIP display protocol can use the tunnel connection for USB redirection and
multimedia redirection (MMR) acceleration, but for all other data, PCoIP uses the PCoIP Secure Gateway on
a security server or Access Point appliance.
View Secure Gateway Server is also responsible for forwarding other Web traffic, including user
authentication and desktop and application selection traffic, from clients to the View Broker component.
View Secure Gateway Server also passes View Administrator client Web traffic to the Administration Server
component.
Chapter 5 Planning for Security Features
VMware, Inc. 89