Table of Contents
Advertisement
VMware View Architecture Planning Guide
Figure 5-3. Multiple Security Servers
View Client
internal network
load balancing
Microsoft
Active Directory
You must implement a hardware or software load balancing solution if you install more than one security
server. View Connection Server does not provide its own load balancing functionality. View Connection Server
works with standard third-party load balancing solutions.
Firewalls for DMZ-Based Security Servers
A DMZ-based security server deployment must include two firewalls.
An external network-facing, front-end firewall is required to protect both the DMZ and the internal
n
network. You configure this firewall to allow external network traffic to reach the DMZ.
A back-end firewall, between the DMZ and the internal network, is required to provide a second tier of
n
security. You configure this firewall to accept only traffic that originates from the services within the DMZ.
Firewall policy strictly controls inbound communications from DMZ services, which greatly reduces the risk
of compromising your internal network.
Figure 5-4
shows an example of a configuration that includes front-end and back-end firewalls.
58
remote
View Client
external network
DMZ
load balancing
View
Security
Servers
View
Connection
Servers
ESX hosts running
Virtual Desktop
virtual machines
vCenter
Management Server
VMware, Inc.
Advertisement
Table of Contents
