Over the last months I gathered more and more experience about VMware’s secure Linux appliance that allows secure access to a virtual Desktop (and more) over an unsecure network (e.g.) the Internet: Unified Access Gateway (UAG).
Keep in mind the UAG is not just a replacement for the old Windows based Security Sever, it is also offering much more functionality (Edge Services for Airwatch / Workspace One, reverse proxy, 2nd-factor authentication integration, etc.).
There might be use cases where we want to design our horizon environment in a way that we use the UAGs not just for external unsecure access, but internally as well.
Examples:
- Offering access to internal users coming from a not so trust-worthy site/location (including a second-factor authentication for those users). // Access restricted via Firewalls/ACLs
- Constraints to always use tunneled connections (because of network-simplicity or security constraints).