Deploying role-based secure virtual desktops through NSX and Appvolumes

Source: Internet
Author: User

As the concept of "Internet +" becomes more prevalent, more and more data centers are springing up, and desktop and application virtualization is rapidly gaining ground in businesses of all sizes because of the features it can place on the data center of operating systems, applications and data. After virtualization, you can reduce data loss due to device loss or corruption, reduce the access of sensitive apps installed on your device to others, and help you get efficient, centralized backup, and bug fixes. Eva, who works in the finance department, does not need to endure the noise of traditional PC noises and occasional downtime, which can work more efficiently. However, with the expansion of the company, more and more departments, different departments of business personnel requirements for customized desktop and application of the voice is increasingly high, so virtual desktop administrator Luke in the Virtual Desktop (VDI) for the various departments to add a desktop pool, the data center into this look ...

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/C4/wKiom1WndXzQxMqBAAG_5sbeKjc369.jpg "title=" screen Shot 2015-07-16 at 3.33.02 pm.png "alt=" Wkiom1wndxzqxmqbaag_5sbekjc369.jpg "/>

But different desktop pools to other resources of the use of permissions, desktop application settings, firewall settings, are not the same, Luke in accordance with the requirements of the departments are configured to find the network topology diagram is this look.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/C4/wKiom1Wnd-ywYRwnAAGgXBetWLY871.jpg "title=" screen Shot 2015-07-16 at 5.21.57 pm.png "alt=" Wkiom1wnd-ywyrwnaaggxbetwly871.jpg "/>

This can be complicated, different applications, different security requirements, each desktop pool to maintain a set of system images, system updates need to do multiple installation/mirroring refactoring, network more complex, manual configuration is slow and error prone, a little careless will receive a pile of complaints telephone, this system maintenance of economic/human/time cost is too high, The boss refused to add more people, Luke had a headache! What do we do?


As a technical expert, Luke discovered a network virtualization platform called NSX, and studied the NSX's differential segment (micro-segmentation) feature, and found that NSX can build "one-piece network" For each desktop, eliminating interference between networks, and can centrally define policies Automatically add a policy when the virtual machine is created, so that security always follows the desktop. At the same time, careful Luke also found that NSX can adjust the desktop's network settings and permissions according to the user's role in the Active Directory, better meet the financial department's desktop can not be on the external network, the service department's desktop does not have access to the source code of the Project Server, The development Department's desktop can only access the development server and so on flexible demand! This is a really good thing!

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6F/C2/wKioL1WngCPBHK34AAJZJUMoNPM387.jpg "title=" Microsegment.png "alt=" Wkiol1wngcpbhk34aajzjumonpm387.jpg "/>

Luke thought, this means I can use a unified pool to serve all the staff of the Department! After everyone login NSX will automatically set the network permissions according to the role, then I only maintain a mirror is enough, each time only rebuilt once, more people on the desktop, fewer people on the desktop, so the desktop utilization is higher, save money, I also convenient, really good!


But just did the system reconstruction, countless phone calls again: We have to look at Excel and PPT is enough, you have to help me install Excel and PPT; We human resources as long as word and PPT and workforce, other applications do not appear on my desktop!


Luke, the engineer, was defeated by the beauty's call. So he searched the internet after a few, and then studied the app volumes this east, found that the app volumes can achieve role-based second-level application release! Absolutely! In this way, we can set the application publishing policy uniformly, let the finance department people log on a clean desktop, through the app volumes automatically publish Excel and PPT on the desktop, log off and automatically uninstall the application, restore to a clean desktop. The next time the desktop is logged in by human resources, and automatically released word and PPT and workforce on the desktop, log off and then automatically uninstall. This is great! In the words of the foreigner, amazing!

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/C2/wKioL1WngZiwrlPiAAFjoAEjRX4604.jpg "title=" screen Shot 2015-07-16 at 5.55.04 pm.png "alt=" Wkiol1wngziwrlpiaafjoaejrx4604.jpg "/>


As a result, users of various departments later log on to the virtual desktop as simple as this:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6F/C2/wKioL1WngiTiAndIAADtlVWKkCQ857.jpg "title=" screen Shot 2015-07-16 at 5.46.56 pm.png "alt=" Wkiol1wngitiandiaadtlvwkkcq857.jpg "/>


Have to give Luke a praise! As a technical control, Luke in the traditional virtual desktop architecture, through the application of NSX and app volumes role-based network control and application publishing capabilities, greatly reducing the complexity of network and application deployment, reduce operating costs, improve the utilization of desktop pool, and finally won the company's Commendation and Promotion!


Luke has stepped into the ladder, are you ready?


Author Introduction

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/12/71/wKioL1MHBGGSuMJeAACu_x9xgv4957.jpg "title=" Jumbo-vmware1.jpg "alt=" wkiol1mhbggsumjeaacu_x9xgv4957.jpg "style=" padding:0px;margin:0px;vertical-align:top; Border:none; "/>

Shijiangpo (Sina Weibo: Jumbo Xue)

VMwareEnd-User computing solution architect,11 It experience, rich experience in business process management, digital marketing, and virtualization product and solution development. Currently committed toEnd-User computingProduct solution development and marketing work.


This article is from the VMware End User Computing blog, so be sure to keep this source http://vmwareeuc.blog.51cto.com/8606576/1675412

Deploying role-based secure virtual desktops through NSX and Appvolumes

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.