Book Image

VMware View Security Essentials

By : Daniel Langenhan
Book Image

VMware View Security Essentials

By: Daniel Langenhan

Overview of this book

Most people associate security with network security and focus on firewalls and network monitoring. However, there is more to security than that. Security starts with the establishment of a stable environment, protecting this environment not only from intrusion, but also from malicious intent. It is about tracking the issue and recovering from it. These elements of security are what this book aims to address. VMware View Security Essentials addresses the topic of security in the corporate environment in a new way. It starts with the underlying virtual infrastructure and then delves into securing your base, your connection, and your client. This is not only a “how-to” book, but is also a book that explains the background and the insights of View security for the experienced professional's desktop virtualization. This book takes you through the four major View security areas. Each area deals with all the aspects of security and explains the background as well as laying out simple-to-follow recipes to implement a higher security standard. We start at the Virtualization base and work our way through the various View server types. We will then dive into the problems and issues of securing a connection before we address the security of the desktop itself. We conclude with a look into the backing up of our View installation and preparing for disaster recovery.
Table of Contents (12 chapters)

View Security Server

We now turn our attention to the View Security Server. The security server exists as a way to expose the View desktop to a less secure environment; for example, the Internet. Each View Security Server is paired with one View Connection Server and acts as a proxy for all connection.

In the newest version, the security server has the ability to proxy the View HTTPS (RDP) as well as the PCoIP connections between the external client and the portals. Before View 4.6, PCoIP was not a very good choice for View desktops; neither the View Security Server nor the View Connection Server was able to proxy the PCoIP connection. Meaning, that the external client needed a direct connection (and DNS resolution) to the View desktop, therefore, opening up the internal structures to the external network.

The PCoIP Gateway service securely connects the client and View desktop making PCoIP now a valid and secure choice for an external desktop protocol.

As I mentioned earlier, one View Security...