Quick-Take: VMware View 4.6 and PCoIP Software GatewayMarch 1, 2011
VMware View 4.6 has been released. Andre Leibovici has a nice summary of the PCoIP Software Gateway (PSG) functionality – new in 4.6 – that finally allows PCoIP to be negotiated without external VPN tunnels.
VMware View 4.6 has been just released and as everyone expected this release introduces support for external secure remote access with PCoIP, without requirement for a SSL VPN. This feature is also known as View Secure Gateway Server. VMware’s Mark Benson, in his blog article, does a very good job explaining why tunnelling PCoIP traffic through the Security Server using SSL was never a viable solution because VMware didn’t want to interfere with the advanced performance characteristics of the protocol.
Other enhancements in the 4.6 release include:
- Enhanced USB device compatibility – View 4.6 supports USB redirection for syncing and managing iPhones and iPads with View desktops. This release also includes improvements for using USB scanners, and adds to the list of USB printers that you can use with thin clients. For more information, see the list of View Client resolved issues.
- Keyboard mapping improvements – Many keyboard-related issues have been fixed. For more information, see the list of View Client resolved issues.
- New timeout setting for SSO users – With the single-sign-on (SSO) feature, after users authenticate to View Connection Server, they are automatically logged in to their View desktop operating systems. This new timeout setting allows administrators to limit the number of minutes that the SSO feature is valid for.For example, if an administrator sets the time limit to 10 minutes, then 10 minutes after the user authenticates to View Connection Server, the automatic login ability expires. If the user then walks away from the desktop and it becomes inactive, when the user returns, the user is prompted for login credentials. For more information, see the VMware View Administration documentation.
- VMware View 4.6 includes more than 160 bug fixes – For descriptions of selected resolved issues, see Resolved Issues.
- Support for Microsoft Windows 7 SP1 operating systems
SOLORI’s Take: The addition of WAN-enabled PCoIP functionality takes VMware’s flagship desktop protocol to the next level. However, considerable tuning at the PCoIP desktop agent is necessary for most WAN configurations. The upside is the solution maintains PCoIP’s UDP basis without tunneling inside TCP.
Since PCoIP has always been AES encrypted by default, this is not really an issue of security but one of performance and delivery. Right-sizing the PCoIP payload for the intended WAN application will be challenging for most, so expect to see PSG use in campus-wide applications where security of PCoIP (UDP) has been difficult.
For a twist on PSG using Internet connections with dynamically assigned IP addresses, check-out Gabe’s Virtual World post – powershell included!
[updated to include links to VMware's View release notes, and link to Gabe's post.]