Horizon Branch Office Desktop Architecture

VMware has a number of virtual desktop architectures that give a prescriptive approach to matching a companies’ specific use case to a validated design. These architectures are not price-list bundles, they include VMware’s own products combined with 3rd party solutions with the goal of bringing customers from the pilot phase all the way into production.

At the moment there a 4 different architectures focussed on different use cases, these are the Mobile Secure Workplace, the AlwaysOn Workplace, the Branch Office Desktop, and the Business Process Desktop.

horizonArch

In this article I wanted to focus in on the Branch Office Desktop but in the interest of completeness please find below the partner solutions around:

Seeing that there are over 11 million branch offices across the globe, a lot of people are working with remote, or distributed, IT infrastructures which potentially have a lot of downsides. (No remote IT staff, slow and unreliable connectivity, no centralised management,…).

branchofficevmw

With the Horizon Branch Office Desktop you have some options to alleviate those concerns and bring the remote workers into the fold. Depending on your specific needs you could look at several options.

If you have plenty of bandwidth and low latency, using a traditional centralised Horizon View environment is going to be the most cost effective and easy path to pursue. There are of course additional options if you have bandwidth concerns but still want to provide a centralised approach.

Optimized WAN connectivity delivered by F5 Networks.

The F5 solution offers simplified access management, hardened security, and optimized WAN connectivity between the branch locations and the primary datacenter. Using a Virtual Edition of F5’s Traffic Manager in the branch combined with a physical appliance in the datacenter.

F5

The solution provides secure access management via the BIG-IP APM (access policy manager) which is an SSL-VPN solution with integrated AAA services and SSO capabilities. The BIG-IP LTM (local traffic manager) is an Application Delivery Networking solution that provides load-balancing for the Horizon View Security and Connection servers. The solution can also provide WAN optimisation through it’s Wan Optimization Manager (WOM) module, in this case focused on other non PCoIP branch traffic.

If you find that ample bandwidth is not available however you still have other options like the architectures combining Horizon with Riverbed, Cisco, and IBM which I’ll focus on in this article.

Riverbed for the VMware (Horizon) Branch Office Desktop.

With Riverbed’s architecture we essentially take your centralised storage (a LUN from your existing SAN array) and “project” this storage across the WAN towards the branch office. In the branch we have an appliance, called the Granite Edge (steelhead EX + Granite in the picture below) which then presents this “projected” LUN to any server, including itself (the Granite Edge appliance is also a x86 server running VMware ESXi). If we install the virtual desktops on the LUN we have just “projected” out from the central SAN environment then these desktops are now essentially locally available in the branch office. This means that from the POV of the end-user they setup a local (LAN) PCoIP connection toward the virtual desktop and can work with the same local performance one would expect in the datacenter location.

granite

The end-result is that from a management perspective you keep (or gain) centralised control and from an end-user perspective you get the same performance as if you were local. For more details on this architecture you can download a deployment guide here: Deployment Guide: Riverbed for the VMware Branch Office Desktop …

Cisco Office in a Box.

With Cisco’s Office in a Box architecture you take their Integrated Services Routers Generation 2 (ISR G2) platforms (Cisco 2900 and 3900 Series ISRs) and the Cisco UCS E-Series Servers, and combine those into one physical platform that can host up to 50 virtual desktops in a Branch Office.

cisco office in a box

In this case you have essentially built a remote desktop appliance that sits in the branch office, all virtual machines share the direct-attached storage (DAS) of the Cisco UCS E-Series blade. So in this case the management domain is not stretched across the WAN but instead you have a “pod-like” design that includes everything you need to run virtual desktops in the branch.

ciscoLogical

For more information on Cisco’s architecture please see: http://www.cisco.com/c/en/us/products/collateral/servers-unified-computing/ucs-e-series-servers/white_paper_c11-715347.html

IBM Branch Office Desktop.

IBM has another validated approach that combines VMware Mirage and VMware Horizon View technologies to address the varying requirements within the branch office.

With VMware Mirage you can centrally manage OS images for both persistent virtual desktops and physical endpoints, while ensuring employees have fast, secure access to applications and data. With centralized images and layered single image management, the same image can be deployed in a server-hosted virtual desktop for remote execution and natively to a physical PC or client hypervisor for local execution.

This approach let’s you deliver centrally managed desktops with LAN-like performance and disaster recovery capabilities to locations with robust and reliable as well as well as unreliable wide area networks.

These components run on IBM’s (Lenovo’s) System x and FlexSystems compute nodes, IBM storage and IBM System networking components.

ibmbranch

For more information on the IBM architecture please see: http://thoughtsoncloud.com/2012/10/vmware-robo-solution-ibm-vmworld/

Alternatively (or in conjunction with all the architectures mentioned) we can also independently leverage Horizon Mirage for the Branch Office, specifically if you have to deal with frequently disconnected users (laptop users that are not always on the office for example) or physical devices.

For more information on all these Branch Office architectures please see: http://www.vmware.com/remote-branch/remote-branch-office  and http://www.vmware.com/be/nl/remote-branch/partners.html for the partner extended capabilities.

2 thoughts on “Horizon Branch Office Desktop Architecture

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s