没有合适的资源?快使用搜索试试~ 我知道了~
NSXT-EUC-DESIGN-GUIDE-v1.0
需积分: 0 2 下载量 67 浏览量
2023-09-13
16:03:51
上传
评论
收藏 4.95MB PDF 举报
温馨提示
NSXT_EUC_DESIGN_GUIDE_v1.0
资源推荐
资源详情
资源评论
NSX-T End User Computing Design Guide
NSX-T End User Computing Design Guide
Table of Contents
1. Intended Audience ............................................................................................................................. 5
2. Introduction ....................................................................................................................................... 5
2.1 Horizon 7 Reference Architecture ............................................................................................ 6
2.2 NSX-T Design Guide ................................................................................................................. 6
3. NSX-T and Horizon Architecture and Components ............................................................................ 6
3.1 NSX-T Component Definitions ................................................................................................. 6
3.1.1 NSX-T Architecture ....................................................................................................... 6
3.2 Horizon Core Component Definitions ...................................................................................... 8
3.2.1 Horizon Architecture - Pod and Block ........................................................................... 9
4. NSX-T and Horizon Use Cases ........................................................................................................... 10
5. NSX-T Features for Horizon .............................................................................................................. 11
5.1 NSX-T Virtual Networking for Horizon ................................................................................... 11
5.1.1 NSX-T Networking Logical View .................................................................................. 12
5.2 NSX-T Security for Horizon ..................................................................................................... 13
5.2.1 NSX-T Context Micro-segmentation for Horizon ........................................................ 15
5.2.2 Context-aware Micro-segmentation Design Methodologies ...................................... 17
5.2.3 NSX-T Distributed Firewall .......................................................................................... 17
5.2.3.1 NSX-T Distributed Firewall Security Definitions ....................................................... 18
5.2.3.3 NSX-T Distributed Firewall Connectivity Strategy .................................................... 19
5.2.3.4 NSX-T Distributed Firewall Enforcement ................................................................. 20
5.2.4 NSX-T Identity Firewall ............................................................................................... 21
5.2.5 NSX-T Security Consumption ...................................................................................... 24
5.3 NSX-T Edge and Partner Services ........................................................................................... 27
5.3.1 NSX-T Gateway Routing .............................................................................................. 27
5.3.2 Load Balancing ............................................................................................................ 28
5.3.3 Gateway Firewall ........................................................................................................ 29
5.3.4 DHCP Relay ................................................................................................................. 29
5.3.5 Partner Service – Guest Introspection ........................................................................ 29
6. Deployment Topology for Horizon with NSX-T ................................................................................. 31
NSX-T End User Computing Design Guide
6.1 NSX-T and Horizon – Pod and Block ....................................................................................... 31
6.2 NSX-T and Horizon – Server and Horizon Domain.................................................................. 32
6.3 NSX-T and Horizon Cross-vCenter Topology .......................................................................... 34
6.4 NSX-T and Horizon Topologies ............................................................................................... 34
6.4.1 NSX-T and Horizon – Small (Converged Cluster) Topology – Single Pod up to 4000 VMs 35
6.4.2 NSX-T and Horizon – Medium Topology – Single Pod up to 10000 VMs .................... 36
6.4.3 NSX-T and Horizon – Large Topology – Multi-Pod for 10000+ VMs ............................ 38
7. NSX-T for Horizon Core Architecture Design Recommendations ..................................................... 40
7.1 NSX-T Core Network Infrastructure Layout ............................................................................ 40
7.1 Horizon Access ....................................................................................................................... 41
7.1.1 External Access ........................................................................................................... 41
7.1.1.1 External Access – Services ....................................................................................... 41
7.1.1.2 External Access – Security ....................................................................................... 42
7.1.2 Internal Access ............................................................................................................ 42
7.1.2.1 Internal Access – Services ........................................................................................ 42
7.1.2.2 Internal Access – Security ........................................................................................ 43
7.2 Unified Access Gateways ....................................................................................................... 44
7.2.1 Unified Access Gateways – Networking...................................................................... 44
7.2.2 Unified Access Gateways – Edge and Partner Services ............................................... 45
7.2.3 Unified Access Gateways – Load Balancing ................................................................ 45
7.2.4 – Unified Access Gateways – Grouping and Tagging .................................................. 47
7.2.5 Unified Access Gateways – Services ........................................................................... 48
7.2.6 Unified Access Gateways – Security ........................................................................... 49
7.3 Connection Servers ................................................................................................................ 50
7.3.1 Connection Servers – Networking .............................................................................. 50
7.3.1 Connection Servers – Edge and Partner Services ....................................................... 51
7.3.2 Connection Servers – Load Balancing ......................................................................... 52
7.3.4 Connection Servers – Grouping and Tagging .............................................................. 54
7.3.5 Connection Servers – Services .................................................................................... 55
7.3.6 Connection Servers – Security .................................................................................... 55
7.4 Virtual Desktops ..................................................................................................................... 57
NSX-T End User Computing Design Guide
7.4.1 Virtual Desktops – Networking ................................................................................... 57
7.4.2 Virtual Desktops – Edge and Partner Services ............................................................ 58
7.4.3 Virtual Desktops – Guest Introspection ...................................................................... 58
7.4.4 Virtual Desktops – Grouping and Tagging ................................................................... 59
7.4.5 Virtual Desktops - Services ......................................................................................... 60
7.4.6 Virtual Desktops – Security ......................................................................................... 60
7.5 RDS Hosts ............................................................................................................................... 60
7.5.1 RDS Hosts – Networking ............................................................................................. 60
7.4.2. RDS Hosts – Edge and Partner Services ..................................................................... 61
7.5.2 RDS Hosts – Guest Introspection ................................................................................ 62
7.5.3 RDS Hosts – Grouping and Tagging ............................................................................. 62
7.5.4 RDS Hosts – Services ................................................................................................... 62
7.5.5 RDS Hosts – Security ................................................................................................... 63
Glossary ................................................................................................................................................ 63
NSX-T End User Computing Design Guide
1. Intended Audience
This guide highlights design and deployment considerations when using NSX-T Data Center (NSX-T) to implement network
virtualization, create a secure end user computing environment, and load balance Horizon infrastructure.
The intended audience is virtualization, networking, and security architects who are interested in deploying Horizon for virtual
desktops and NSX in a vSphere environment. Solid conceptual understanding and hands-on experience with both NSX-T and Horizon
products is recommended for successfully understanding this design guide. While this document is not specifically meant for
comparing and contrasting the differences in NSX for vSphere (NSXv) and NSX-T, there may be times where the comparison is
necessary to differentiate the two platform design differences as they relate to Horizon. NSX-T does provide additional benefits and
simplicities to the overall Horizon and NSX-T deployment.
None
First Release
2. Introduction
The Software Defined Data Center (SDDC) is defined by server virtualization, storage virtualization, and network virtualization. Server
virtualization has already proven the value of SDDC architecture by reducing costs and complexity of compute infrastructure. VMware
NSX-T addresses the third critical pillar of SDDC, extending the same benefits obtained from the virtualization of compute to the data
center network. NSX-T accelerates the provisioning of core network and security services, simplifying operations and improving
economics.
With network virtualization, the functional equivalent of a network hypervisor, NSX-T reproduces the complete set of Layer 2 through
Layer 7 networking services (e.g., switching, routing, firewalling, and load balancing) in software. It allows these services to be
programmatically assembled in any arbitrary combination to produce unique, isolated virtual networks in a matter of seconds. NSX-T
also provides a platform for various security services – both network and endpoint based. NSX-T provides various built-in services,
including L2-L7 firewall and contextual-based security. Additionally, security vendors can leverage its Guest Introspection and Network
Introspection frameworks to deliver service chained next-generation firewall, IDS/IPS, agentless anti-virus/anti-malware, file integrity
monitoring, and vulnerability management capabilities.
Horizon delivers hosted virtual desktops and applications to end users through a single platform. These desktop and application
services - including RDS-hosted applications, packaged applications with VMware ThinApp®, software-as-a-service (SaaS) applications,
and virtualized applications from Citrix - can all be accessed from a single unified workspace across devices, locations, media, and
connections. Leveraging closed-loop management and optimized for the software-defined data center, Horizon helps IT control,
manage, and protect the Windows resources that end users want at the speed they expect while delivering the efficiency that business
demands.
This design guide provides recommended practices and topologies to optimize interoperability between the NSX-T and Horizon
platforms, enabling deployment of a secure end user SDDC environment. It is intended for customers who would like to utilize the
benefits of network virtualization, micro-segmentation, and load-balancing in their brownfield/greenfield Horizon virtual desktop
environment.
剩余63页未读,继续阅读
资源评论
routetable
- 粉丝: 0
- 资源: 6
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功