Using #VMware’s Unified Access Gateway (UAG) for internal #Horizon 7 connections – Design Discussion

Over the last months I gathered more and more experience about VMware’s secure Linux appliance¬† that allows secure access to a virtual Desktop (and more) over an unsecure network (e.g.) the Internet: Unified Access Gateway (UAG).

Keep in mind the UAG is not just a replacement for the old Windows based Security Sever, it is also  offering much more functionality (Edge Services for Airwatch / Workspace One, reverse proxy, 2nd-factor authentication integration, etc.).

There might be use cases where we want to design our horizon environment in a way that we use the UAGs not just for external unsecure access, but internally as well.

Examples:

  • Offering access to internal users coming from a not so trust-worthy site/location (including a second-factor authentication for those users). // Access restricted via Firewalls/ACLs
  • Constraints to always use tunneled connections (because of network-simplicity or security constraints).

Read more