Tech Tips

Successful Deployment of
VMware Horizon (with View) and
VMware Mirage
In todays rapidly-changing workplace, workers are increasingly mobile. In fact more than 52 percent of employees carry at least
three devices for work, and many bring their own devices to and from work, a practice known as bring your own device (BYOD).
These workplace dynamics create new IT challenges including data security and compliance, cost containment, and endpoint/
image management.
VMware Horizon (with View) helps IT tackle these challenges head-on by virtualizing end-user desktops. With View, IT organizations
can move desktop assets (OS, applications and data) into the data center, where IT staf can more securely manage and deliver them
to end users across multiple devices and locations. This approach ofers many benets:
Lowers Total Cost of Ownership
Reduces Operational Expenses (OpEx)
Improves Security
Supports Mobility and Workplace Device Diversity
VMware Mirage helps IT tackle image management challenges. Mirage is designed to deliver unied image management to physical,
virtual, and BYO devices. While View virtualizes end-user desktops, Mirage works on any new or existing physical or virtual device. With
Mirage, IT creates and updates layers, such as base layers, with core OS components and common business applications. Devices are
backed up to a central repository and updated with IT-managed dynamic layers. Mirage provides fully-automated backup and recovery,
extends PC lifecycle management tools, and is designed for distributed environments.
As you plan your virtual desktop infrastructure (VDI) or physical endpoint deployment, consider the following tips:
1
Look at Your User Roles and Requirements
For a more successful VDI deployment, create groups of
users with similar desktop usage models and requirements.
Considerations might include: types of users (e.g., task
worker, knowledge worker); mobility requirements (e.g.,
none, mobile, ofine access); and user requirements (e.g.,
dedicated desktop, customized, user-installed apps).
This will afect your choice of desktop pool (dedicated or
oating), the number of virtual machine pools you create,
and whether or not your users can connect to a virtual
desktop. You can alternatively decide to centrally control
physical endpoints via VMware Mirage. Consider what
you must do to maintain user data when users are not
connected. Roaming proles, View Persona Management,
user data disks and other third-party methods of user data
storage are available to best manage your diferent user
roles. See the Desktop Pools for Specic Types of Workers
section in the VMware View manual for more details.
For physical endpoints, consider Mirage
Research the requirements of diferent departments or
groups of users who may have unique application or policy
requirements before managing your physical endpoints.
This allows you to create fewer IT-managed layers and
simplies Mirage desktop deployment. See the Mirage
Reviewers Guide for more details.
Set expectations with users
The success of a VDI deployment depends on employee
satisfaction, so it is important to build user expectations
into your deployment plan. Ask key questions, such as:
what devices will employees use? Will printing be a
requirement? Do users need to play or record audio?
Run a desktop virtualization pilot to gather data on
performance requirements and employee satisfaction.
Make sure that users can quickly access their data. For
more information, see the Horizon Reviewers Guide.
Figure 1: Managing User Persona and Data
Tech Tips - VMware Horizon (with View) and VMware Mirage
2
Assess Applications Requirements
To optimize the desktop experience for end users, do a full
assessment of all applications that will be run by the virtual
desktops. Check the number of licenses, including renewal
dates and their compatibility with View and Mirage. If you
are upgrading operating system versions, check application
compatibility or package them using VMware ThinApp.
For Mirage, use Application Layers to support specic
use cases for diferent applications. Identify the smallest
number of base layers that can support broad numbers
and types of endpoints in your Mirage environment.
Reducing the number of images for IT to support reduces
management time and costs.
Use application layers on top of the standard base layer
to support the deployment of custom applications. The
Mirage Driver library enables using the same base layer
on all types of physical and virtual hardware. For details,
see the Architecture and Components section in the
Mirage Reviewers Guide.
3
Evaluate Your Data Topology
Have a clear understanding of where user les, folders,
settings and user personalization settings are located and
plan how to map them to the new environment. You may
need to enable le access to users across remote locations
but have the les centralized in one location. If you use
roaming for terminal services, decide whether you will
continue to do so in your virtual desktop environment.
4
Conrm your Directory Services are Properly Congured
and Running
Make sure all Active Directory domain controllers are
replicating properly, and that DNS and DHCP are correctly
congured, running, and able to accommodate the newly-
created desktops. Ensure that you have domain controllers
in the locations where people are logging in. For example,
if your rewall software blocks Global Catalog and LDAP
ports, administrators will have problems conguring user
entitlements. If you have a rewall between your View
environment and your Active Directory server, all of the
necessary ports must be open for Active Directory to
function correctly.
5
Assess Your Current Infrastructure
Review your current setup to see what existing
infrastructure you can leverage and what you might need
to add for your new environment. Review and optimize
WAN topology, QoS/CoS, display protocols, geographic
location of sites and remote access methods. Determine
whether a VPN solution is in place, and whether you will
use hybrid-security multi-factor authentication, or an
alternate topology (e.g., View Security Server). For best
practices on setting up your new environment, see Horizon
Architect Planning.
Size your Mirage servers appropriately to support the
number of endpoints you need to manage. Each Mirage
server can support up to 1,500 endpoint devices. Follow
the general guidelines in Figure 2 to size the physical
Mirage server appropriately. Deployments larger than
1,500 endpoints require a number of Mirage servers
behind a Layer 7 load balancer, such as the F5 BIG-IP
Local Trafc Manager or the SteelApp Trafc Manager.
UP TO 300
ENDPOINTS
UP TO 500 UP TO 1,500
Server
Type
Virtual Physical Physical
CPU 1x Dual-Core
Processor,
2.26 GHz
1x Quad-Core
Processor,
2.26 GHz
2x Quad-Core
Processor,
2.26 GHz
RAM 8 GB 8 GB 16 GB
Figure 2: Mirage Server Sizing Guidelines
Mirage relies on the network to stream layers to the
Mirage server. Be sure to optimize your existing network
infrastructure, including the location of the Mirage server.
If you plan to place the Mirage server in the data center
of your headquarters and make it available via the WAN,
configure the Network QoS and use Mirage Branch
Reectors to reduce network consumption.
Steady-state network utilization with Mirage averages
15Kb/sec per user, or about 50Mb per user per day. You can
throttle bandwidth on routers to ensure top performance.
Finally, if your users connect over a WAN ensure your
system uses bandwidth efficiently, does not degrade
performance and is latencytolerant.
Use a Branch Reector to improve performance in
Branch Ofces
Branch Reectors optimize layer deployment (application
layer, base layer and driver library). Mirage lets you
centrally nominate any Mirage-managed device as a
Branch Reector. The nominated device automatically
takes on the nominated role the next time that it connects
to the Mirage server. The Branch Reector acts as a staging
area for image updates, allowing other devices to update
via their LAN, usually without dedicated infrastructure or
an on-site technician.
For more on Branch Reectors and multiple ofce
locations, see the Mirage Reviewers Guide.
Tech Tips - VMware Horizon (with View) and VMware Mirage
Figure 3: Networking Setup for Mirage
6
Conrm Your Security Needs
Determine your requirements for authentication, data
protection, compliance, and archiving and retention
policies. For example, nd out if you are using multi-factor
authentication such as smart cards or tokens in addition to
Active Directory to authenticate user access.
You can install and congure a View Security Server in
your DMZ to help connect external users with their View
desktops behind the corporate firewall. For more
information on security with desktop virtualization, see
the Security Solution Architecture for VDI. For Mirage, you
can set up the Mirage Gateway so users are not required
to VPN in from remote locations in order for their device
to centralize with the Mirage server.
For all Mirage client-server communication, you can
enable SSL via a global setting. Doing so will help keep
your client-server communications secure. For details,
see Setting Up the SSL Certicate in Windows Server in
the Mirage Administrators Guide.
To protect user data, Mirage uses NTFS on the server side
so that regular Windows Security applies through access-
control-list object permissions. If you choose NAS storage
instead, you can leverage vendor data security tools and
use them in conjunction with Mirage. For example, to
configure NetApp NAS storage security to mimic pure
Microsoft NTFS permissions, see the VMware Knowledge
Base article Conguring Mirage Storage Security (2031614).
During backup and restore operations, Mirage uses the
MD5 Message-Digest Algorithm checksum to ensure
data integrity. Mirage is compatible with the Microsoft
Encrypting File System (EFS), Microsoft BitLocker drive
encryption, Sophos SafeGuard hard drive encryption,
and other encryption technologies, giving you the
exibility to secure your data in the way that best meets
your business needs.
7
Right Size Your Storage
Many VDI projects fail, underperform or over-cost due
to poor storage design. To size your storage, use the most
accurate data you can gather about current and future
desktop requirements and compare it to the capabilities
of your storage systems. When sizing your storage,
consider both peak and average workloads.
Sizing storage for average workloads results in
inadequate resources during peak times, which
degrades end-user performance.
For Mirage, allocate appropriate storage resources for
optimal endpoint management. Both the reference
machine (where you capture IT-managed layers) and
backup/restore snapshots for each endpoint require
storage on the Mirage server. While capacity consumption
varies depending on the level of le duplication, number
of base layers and the number of snapshots you store, a
starter guideline is 15-30 GB of datacenter storage for
each user.
VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com
Copyright 2014 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed
at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be
trademarks of their respective companies. Item No: VMW6221-TT-SUCC-DELY-HORZN-USLET-108 07/14
Tech Tips - VMware Horizon (with View) and VMware Mirage
8
Consider Options for Restoring Endpoints
If a physical computer is lost, stolen or damaged you can
either restore the entire image to a replacement device or
restore only selected layers.
Restoring all layers to new hardware gives end-users the
exact experience they had on their old hardware, which
minimizes productivity loss. You can also deliver only
user-managed layers to the new device if you require a
new base layer. If the information on an endpoint hard disk
is corrupted, you can overwrite the prior information and
restore the desktop image to the same device.
For a hands-on exercise in restoring a PC, see Using
Horizon Mirage for Desktop Recovery in the Mirage
Reviewers Guide.
9
Determine Support Requirements
Train all desktop support staf on the support model
changes so that support requirements for View and
Mirage are clear. Doing this at the beginning of the
deployment can greatly increase the likelihood of
success for your implementation.
10
Evaluate Total Cost of Ownership (TCO) and Return on
Investment (ROI)
Desktop virtualization does not deliver TCO and ROI in
the same way that server virtualization does. To show
how this new capability benets your organization, use
the VMware TCO Calculator. This can be done ahead of
deployment to nd out exactly what gains your
organization can expect. For example, desktop
virtualization can:
Reduce support costs by 50 percent by centralizing
management
Let you support up to 40 percent more end users with
the same IT personnel
Reduce network requirements through more efcient
bandwidth usage
Push out PC refresh cycles from 3-4 years to 5-7 years
Resources
Learn more about VMware Horizon (with View)
Horizon Product Overview
Horizon Data Sheet
Horizon Technical Documentation
Horizon Reviewers Guide
Horizon Architectural Planning Guide
Learn more about VMware Mirage
Mirage Product Overview
Mirage Data Sheet
See the VMware Knowledge Base for Mirage-related
questions
Read the End User Computing Blog for the latest on Mirage
Evaluate Mirage for 60 days
Mirage Administrators Guide
Mirage Reviewers Guide