Book Image

VMware View Security Essentials

By : Daniel Langenhan
Book Image

VMware View Security Essentials

By: Daniel Langenhan

Overview of this book

Most people associate security with network security and focus on firewalls and network monitoring. However, there is more to security than that. Security starts with the establishment of a stable environment, protecting this environment not only from intrusion, but also from malicious intent. It is about tracking the issue and recovering from it. These elements of security are what this book aims to address. VMware View Security Essentials addresses the topic of security in the corporate environment in a new way. It starts with the underlying virtual infrastructure and then delves into securing your base, your connection, and your client. This is not only a “how-to” book, but is also a book that explains the background and the insights of View security for the experienced professional's desktop virtualization. This book takes you through the four major View security areas. Each area deals with all the aspects of security and explains the background as well as laying out simple-to-follow recipes to implement a higher security standard. We start at the Virtualization base and work our way through the various View server types. We will then dive into the problems and issues of securing a connection before we address the security of the desktop itself. We conclude with a look into the backing up of our View installation and preparing for disaster recovery.
Table of Contents (12 chapters)

Example setup

Let's take quick look at how this all works together. Let's imagine a middle-sized business where we have our office workers, our sales representatives and last but not least the IT guys.

In this scenario we could create a View environment that consists of only View Connection Servers because most workers are working in the office, however, let us assume we also want some workers to be able to work from home, so we add a security server that is configured to a proxy PCoIP over the Internet. This means we could use self-signed certs internally and trusted certs via the security server.

We should create three View desktop pools; one for the office workers, one for the sales reps, and one for the IT guys.

Let's start with the pool for the IT guys. That pool could be made up of persistent desktops that have all the needed software the admins need installed. Persona management isn't needed here as these VMs shouldn't contain any user data. All admin data is stored on a shared drive...