VDI on VMware: Architecture and Solution Overview
What is VMware VDI?
Large enterprises use VMware Virtual Desktop Infrastructure (VDI) solutions to centrally manage desktops and applications and deliver them to users remotely. The core product of the VMware VDI solution is VMware Horizon. It is based on VMware vSphere virtualization, adding functionality to manage and deliver virtualized desktops.
In VMware Horizon, user desktops are based on VMs running on ESXi hosts. These in turn are managed by a full version of VMware vSphere. This allows you to take advantage of vSphere features such as Snapshot, vMotion, High Availability, and Distributed Resource Scheduler.
Users can connect to a VMware Horizon virtual desktop through a personal computer (PC), tablet, smartphone, thin client, or zero client. Thin clients are low-cost computing devices with low-performance hardware (just enough to connect to the server and input/output signals). A zero client is a small box connected to a keyboard, mouse and monitor, which has only a network interface, and operates in a client-server model, with no local storage capacity.
VMware Horizon VDI Architecture
An important part of the VMware Horizon strategy is making it suitable for hybrid and multi-cloud deployments. Organizations looking to build a hybrid architecture can get started with VMware Horizon, vSphere, Microsoft RDSH, and virtual desktop servers running locally, and operated using a cloud-based control plane.
This allows your organization to run desktop and application workloads in multiple clouds, while also running some Horizon pods in a local data center, and move workloads between these locations. Horizon supports any cloud that works with VMware vSphere, or dedicated Horizon infrastructure created in partnership with VMware on AWS, IBM Cloud or Microsoft Azure.
The main components of the VMware VDI system are:
- View Connection Server—management server that helps desktop users connect and authenticates them via Active Directory/LDAP.
- View Composer—manages storage on the vCenter Server, and improves storage efficiency using a technique called linked cloning—holding any shared data in a common location, and only the unique data belonging to each user on their virtual hard disk (VMDK).
- Horizon Administrator—a web-based interface for managing a Horizon VDI site. Administrators can use this interface to add more vCenter Server and View Composers as needed.
- View Agent—this component is included in every VM managed by the View Connection Server. It provides features such as USB and peripheral support, as well as connection monitoring.
- Horizon Client—installed on a user’s local device (Windows, MacOS or Linux), communicates and authenticates with the View Connection Server.
Related content: read our in-depth guide to vmware horizon architecture
VMware VDI Solutions
Let’s take a look at the main solutions offered as part of VMware’s VDI portfolio.
VMware Horizon 7
VMware Horizon 7 delivers virtual desktops, running both Windows and Linux operating systems, as well as locally published software applications. It is available in the following editions:
- Standard Edition—provides complete, basic VDI functionality
- Advanced Edition—enables unified workspaces which improve utilization on VDI hosts, also provides app virtualization and application catalog
- Enterprise Edition—provides improved VDI management and automation capabilities
Additionally, notable features include:
- Blast Extreme protocol—enabling better user experience and longer battery life on user devices
- GPU support via NVIDIA GRID technology
- Single sign on—enabling users to conveniently log into desktops and applications
VMware Horizon 8
VMware Horizon 8, officially known as VMware Horizon version 2006, was released in September 2020. The updated Horizon platform includes:
- Stronger support for cloud-based VMware stacks—including Azure VMware Solution (AVS) and Google Cloud VMware Engine (GCVE)
- Instant Clone Smart Provisioning—reduces costs by removing the need for parent VMs and improving desktop consolidation on each host
- REST APIs—enables automation and orchestration of Horizon management functions
- Support for Microsoft Teams and other collaboration tools
- Linux hosted applications—leverages the Linux operating system to reduce licensing costs
- Dynamic Environment Manager—enables smart policies for user profiles
- Digital watermark—enables improves privacy protection and compliance auditing
- 8K display support—enables end users to use the latest display technology for a better experience
With VMware Horizon Air, businesses can offer end users virtual workspaces, including complete Windows client desktops, shared desktops and applications, as a subscription service. Because Horizon Air is built and delivered by VMware, you can launch desktops and applications using a single cloud control plane, greatly simplifying desktop management.
Horizon Air is offered in two models:
- Hybrid mode—allows customers to combine cloud-based subscription services with local infrastructure and desktops.
- Cloud hosting—allows customers to use a hosted VDI infrastructure running entirely in VMware’s data centers.
Workspace Security VDI
VMware Workspace Security VDI integrates VMware Horizon and Carbon Black Cloud into a single solution, providing a more secure virtual desktop and application solution for distributed employees.
The solution includes Carbon Black’s Next Generation Antivirus (NGAV), which can protect against threats that traditional antivirus cannot stop, such new and unknown attacks, fileless attacks, PowerShell vulnerabilities and remote logins.
In addition it provides multiple layers of protection for virtual desktops, using behavioral endpoint detection and response (EDR). VMware Carbon Black Cloud collects data from across the VDI environment and analyzes it using machine learning and behavioral models. These models not only detect and prevent attacks, but can also predict new attack vectors. Administrators can use policy-based controls to fine-tune security in their VDI environment.
VMware VDI vs. Hysolate IWaaS
Creating and managing a VMware VDI solution is a huge undertaking for an organization. Creating, planning the infrastructure correctly, and making sure everything is tested, has the proper sizing to support the target population requires thousands of hours of work and a huge investment. In addition, running the servers on premise, involves tremendous costs of purchasing the servers, and of course maintaining the infrastructure leading to high OpEx and CapEx costs.
With that said, in today’s remote first world, users connecting to the datacenter VDI solution, sometimes over a VPN tunnel will get poor performance and user experience and desktops are not available when offline.
Hysolate solves these problems with an innovation called isolated workspace as a service (IWaaS). Users get a local isolated operating system running on their machine deployed within minutes which is managed from the cloud.
Isolated workspaces enable:
- A higher level of freedom on employees corporate devices
- Ability to receive 3rd party generated content in an isolated zone
- Access to IT admins, DevOps, developers, and other privileged users in their everyday environment
- Access to employees from personal, unmanaged devices
The behavior of the workspace is managed in the cloud, while all of the computing resources run locally on user machines.
This eliminates the need to invest in a large and costly infrastructure, and provides a better local user experience, with offline availability.