F5 networks brings added oomph to VMware Virtual Desktop
Infrastructure deployments with its Application Ready Solution for VMware View
4.5, an add-on capability for F5’s BIG-IP Edge Gateway that consists of a set
of best practices, guidelines and policies for speeding deployment and
optimizing performance. This solution, which is part of a line of
application-specific add-ons from F5, can save time by eliminating the need for
much of the manual configuration associated with pushing out a new application
to the field.
The BIG-IP Edge Gateway is offered as a hardware appliance
that incorporates multiple hardware and software technologies designed to
improve connectivity between remote users/sites and the data center by
optimizing throughput and reducing latency through improved packet compression,
packet de-duplication and local caching.
Perhaps the biggest demand for WAN optimization solutions
comes from the consolidation market, where enterprises are looking to roll
branch offices into the data center and consolidate desktop PCs with a shift
toward offering PCs as a service. Those transformations increase the demand
placed on data center resources and increases the demand for bandwidth.
Increased traffic demand is usually met by purchasing additional
bandwidth. However, that can prove to be an expensive and inefficient way to
move data to remote offices or mobile workers. The better solution is to first
maximize the throughput of any existing connectivity options in place, and that
is the goal of a WAN optimization and acceleration product.
Based on my tests, the F5 solution offers a solid option for
achieving this goal in the context of VMware View 4.5 deployments. What’s more,
I saw no challenges with using a BIG-IP Edge Gateway to replace independent VPN
hardware, act as a single sign-on solution appliance, shape traffic, accelerate
applications and improve connectivity management and provide access policies.
Testing the
BIG-IP Edge Gateway
I took a detailed look at F5’s BIG-IP Edge Gateway appliance
to see how the technology works and what benefits it can offer in the real
world. F5 offered me access to two devices, one located in Seattle, the other
one located in London, using both remote desktop access and the product’s
browser-accessible consoles. I was also able to examine a physical device at
F5’s Seattle offices and attend some basic training on how to deploy and use
the BIG-IP Edge Gateway.
As the product name implies, the unit is installed at the
edge of the network, becoming the communications sentry or gateway between
remote/external users and the network. The product incorporates many features,
including a high performance SSL VPN, which adds a layer of security to remote
access, without complicating things for the user. I found it quite simple to
install the client application, which was also very easy to use. As a matter of
fact, the client application simplifies access to the data center and could
prove to be a real time saver for remote users.
Typically, a device that is chock full of features and
capabilities can be difficult to manage and troubleshoot; however, F5 has moved
far away from the days of RS232-based consoles, telnet and a CLI,
and now offers a management GUI. I found the GUI-based management intuitive—
the device offers context-sensitive help, ample deployment
wizards and a coherent dashboard design that eases deployment, setup and usage.
Nonetheless, don’t kid yourself, the BIG-IP Edge Gateway is not a plug-and-play
solution; you must understand network design and concepts to properly use the
device.
VMware View
Enhancements
I looked at the new features offered for View 4.5, which are
geared toward performance and ease of use. First and foremost is single sign-on
capabilities. With SSO, I was able to configure the desktop client to access a
VMware View session with a single set of credentials. Behind the scenes, I was able
to define the various sign-on credentials and relationships needed to initiate
a session; those credentials were associated with a user’s master set of
credentials, allowing the user to sign on and access his or her VMware View
session with a single log-on and password. That eliminates the need to
separately log into a VPN, remote access client, the server and VMware View—
a major time saver.
In practice, the BIG-IP Edge Gateway caches sign-on
credentials and enables authentication pass-through during the log-on process.
If the connection drops, the user will automatically be re-authenticated; this
helps to keep sessions live and prevents disconnects from leaving active View
sessions in limbo, until an administrator manually shuts them down. Another
benefit is that the user experiences a faster, easier log-on–removing one of
the biggest complaints associated with VDI.
The BIG-IP Edge Gateway provides enhanced support for the
PCoIP display protocol, which is used by VMware View 4.5. Those enhancements
include a DTLS (Datagram Transport Layer Security) feature, which improves the
security of PC over IP communications
transport, without impacting performance. Further enhancing connectivity is the
BIG-IP Edge Gateway’s support of automatic TCP
fallback, which maintains a connection between the client and the VMview
session if a high-performance UDP (User Datagram Protocol) tunnel cannot be
established. Under testing, the performance enhancements were readily apparent;
screen updates and key strokes exhibited no lag over a simulated WAN
connection, showing that the optimization does indeed benefit remote users of
VMware View 4.5.
The BIG-IP Edge Gateway offers enhanced scalability for
VMware View 4.5 solutions, thanks to the products LTM (Local Traffic Manager),
which optimizes local traffic and allows the server to offload CPU-intensive
functions, such as load balancing, health monitoring, session persistence, and
SSL (Secure Sockets Layer) server functions used by VMware View connection
brokers. For the most part, LTM is automated and required very little setup on
my part and offered features that allow VMware View hosts to handle more
connections and support more active sessions, as well as improving traffic
performance.
Virtualization Technology News & Reviews 
