WIXLIB

January 201653-1003954-02Brocade Virtual Traffic Manager andVMware Horizon View ServersDeployment Guide

2016 Brocade Communications Systems, Inc. All Rights Reserved.Brocade, Brocade Assurance, the B-wing symbol, ClearLink, DCX, Fabric OS, HyperEdge, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, Vplane, and Vyatta areregistered trademarks, and Fabric Vision is a trademark of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands,products, or service names mentioned may be trademarks of others.Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature,or serv ice offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes noresponsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information onfeature and product av ailability. Export of technical data contained in this document may require an export license from the United States government.The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or entity with respect to the accuracy of this documentor any loss, cost, liability , or damages arising from the information contained herein or the computer programs that accompany it.The product described by this document may contain open source software covered by the GNU General Public License or other open source license agreements.To find out w hich open source softw are is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of theprogramming source code, please visit http://www.brocade.com/support/oscd.Page 2Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide53-1003954-02

ContentsPreface. 5About This Guide. 5Audience. 5Contacting Brocade . 5Internet . 5Technical Support . 5Professional Services. 5Chapter 1: Solution Overview . 6Virtual Traffic Manager Overview . 6Performance. 6Reliability and Scalability. 6Advanced Scripting and Application Intelligence. 6Application Acceleration. 6Application-Layer Security . 7VMware Horizon View . 7Chapter 2: VMware Horizon View Architecture. 7Chapter 3: Deploying Virtual Traffic Manager for View Servers. 8Requirements. 9Load-balance Connection Servers . 9Configure the VMware Horizon View Connection Server for SSL Offload on Virtual Traffic Manager.10Allow HTTP Connections from Virtual Traffic Manager .10Configure vTM for View Connection Servers .11Create a Traffic IP Group.11Create a Pool.11Configure Session Persistence.12Configure a Health Monitor.12Create a Virtual Server .12Configure SSL Decryption .13Configuration Summary.13Load-balance Security Servers.13Modify VMware Horizon View Security Server Settings .14Configure vTM for View Security Servers .15Create a Traffic IP Group.15Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide53-1003954-02Page 3

Create a Pool.15Enable SSL Encryption on the Pool.15Configure Session Persistence.16Configure a Health Monitor.16Create a Virtual Server .16Configure SSL Decryption .17Configuration Summary.17Chapter 4: Virtual Traffic Manager Deployment—VMware’s AlwaysOn Desktop Reference Architecture.18Virtual Traffic Manager Configuration for Each Site.19Set Up the Authenticator.19Create a Traffic IP Group.20Create Pools .20Enable SSL Encryption on the Pool.21Configure a Health Monitor.21Create a Virtual Server .21Configure SSL Decryption .22TrafficScript Rules and Virtual Server Association.22Request and Response Rule .23Chapter 5: Conclusion.23Appendix.24TrafficScript Rule Associated to the Virtual Server.24Page 4Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide53-1003954-02

PrefaceWelcome to the Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide. Read thispreface for an overview of the information provided in this guide and for contact information. This preface includes thefollowing sections: About This Guide Contacting BrocadeAbout This GuideThe Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide describes the differentways of load-balancing different View Server components. The guide also details the reference architecture of anAlwaysOn mechanism of deploying View Servers.AudienceThis guide is written for network operations professionals, server administrators, and DevOps professionals familiarwith administering and managing application delivery controllers (ADCs), servers, and applications.You must also be familiar with: VMware Horizon View Server components Brocade Virtual Traffic Manager (vTM)For more details on the Brocade vADC product family, see http://www.brocade.com/vADC.Contacting BrocadeThis section describes how to contact departments within Brocade.InternetYou can learn about Brocade products through the company website: http://www.brocade.com.Technical SupportIf you have problems installing, using, or replacing Brocade products, contact Brocade Support or your channelpartner who provides support. To contact Brocade Support, see l ServicesBrocade Global Services has the expertise to help organizations build scalable and efficient cloud infrastructures.Leveraging 15 years of expertise in storage, networking, and virtualization, Brocade Global Services delivers worldclass professional services, technical support, and education services, enabling organizations to maximize theirBrocade investments, accelerate new technology deployments, and optimize the performance of networkinginfrastructures.Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide53-1003954-02Page 5

Chapter 1: Solution OverviewThis chapter includes the following sections: Virtual Traffic Manager Overview VMware Horizon ViewVirtual Traffic Manager OverviewBrocade Virtual Traffic Manager (vTM) is a software-based application delivery controller (ADC) that is designed todeliver faster and more reliable access to public websites and private applications. vTM frees applications from theconstraints of legacy, proprietary, hardware-based load balancers, which enables applications to run on any physical,virtual, or cloud environment. With vADC products from Brocade, organizations can: Make applications more reliable with local and global load balancing. Scale application servers by up to 3x by offloading TCP and SSL connection overhead. Accelerate applications by up to 4x by using web content optimization (WCO). Secure applications from the latest application attacks, including SQL injection, XSS, and CSRF. Control applications effectively with built-in application intelligence and a full-featured scripting engine.Virtual Traffic Manager offers much more than basic load balancing. It controls and optimizes end-user services byinspecting, transforming, prioritizing, and routing application traffic. The powerful TrafficScript engine facilitates theimplementation of traffic management policies that are unique to an application by allowing organizations to buildcustom functionality or leverage existing features in Virtual Traffic Manager in a specialized way. With vTM,organizations can deliver the following.PerformanceImprove application performance for users by offloading encryption and compression from the web server by dynamiccaching and reducing the number of TCP sessions on the application.Reliability and ScalabilityIncrease application reliability by load-balancing traffic across web and application servers, balancing load acrossmultiple data centers (private or public clouds), monitoring the response time of servers in real-time to decide thefastest way to deliver a service, protecting against traffic surges, and managing the bandwidth and rate of requestsused by different classes of traffic.Advanced Scripting and Application IntelligenceManage application delivery more easily with fine-grained control of users and services using TrafficScript, an easy-touse scripting language that can parse any user transaction and take specific, real-time action based on user,application, request, or other criteria. Development teams use TrafficScript to enable a point of control in distributedapplications, whereas operations teams use it to quickly respond to changing business requirements or problemswithin an application before developers can fix it.Application AccelerationDramatically accelerate web-based applications and websites in real-time with optional web content optimization(WCO) functionality. WCO dynamically groups activities for fewer long-distance round trips, resamples and usesimage sprites to reduce bandwidth, and minifies JavaScript and combines style sheets to give the best possibleresponse time for loading a web page on any browser or device.Page 6Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide53-1003954-02

Application-Layer SecurityEnhance application security by filtering errors in web requests and protecting against external threats, with the optionof a comprehensive Layer 7 firewall to defend against deliberate attacks.VMware Horizon ViewThe VMware Horizon View portfolio of products delivers personalized virtual desktops as a managed service from avirtualization platform built to deliver the entire desktop, including the operating system, applications, and data. WithHorizon View, desktop administrators virtualize the operating system, applications, and user data and deliver moderndesktops to end users across a variety of network conditions.Chapter 2: VMware Horizon View ArchitectureThe VMware Horizon View high-level network architecture, as depicted in the following figure, has a few keycomponents relevant to this deployment guide. View Connection Server—View Connection Server acts as a broker for client connections. View ConnectionServer authenticates users through Windows Active Directory and directs the requests to the appropriatevirtual machine, physical or blade PC, or Windows Terminal Services server. View Connection Serverprovides the following management capabilities: Authenticating users. Entitling users to specific desktops and pools. Assigning applications packaged with VMware ThinApp to specific desktops and pools. Managing local and remote desktop sessions. Establishing secure connections between users and desktops. View Security Server—View Security Server is a special instance of View Connection Server that runs asubset of View Connection Server functions. View Security Server provides an additional layer of securitybetween the Internet and the internal network. A security server resides within a DMZ and acts as a proxyhost for connections inside your trusted network. Each security server is paired with an instance of ViewConnection Server and forwards all traffic to that instance.Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide53-1003954-02Page 7

Figure 2-1: VMware Horizon View ArchitectureIn order to provide scalability and availability, a load balancer is deployed to load-balance both security servers andconnection servers.Chapter 3: Deploying Virtual Traffic Manager for View ServersThis chapter describes the process of deploying Virtual Traffic Manager in the VMware Horizon View architecture. Itincludes the following sections: Requirements Load-balance Connection Servers Configure vTM for View Connection Servers Load-balance Security Servers Configure vTM for View Security ServersPage 8Brocade Virtual Traffic Manager and VMware Horizon View Servers Deployment Guide53-1003954-02