• mobisec8

What’s New in VMware Unified Access Gateway 3.4

The latest updates for VMware Unified Access Gateway 3.4 are here! This release’s highlights include: new deployment options, licensing package updates, and Horizon 7 integration enhancements.

High Availability Support

Since high availability is a requirement to properly support all the EUC products and services, VMware Unified Access Gateway now supports out of the box high availability. The simplified configuration is based on a virtual IP address and Group ID, balances traffic on port 443 for up to 10,000 concurrent sessions. This simplified deployment  can lower your total operating cost for the following edge services: VMware Horizon 7, Web Reverse Proxy, Per-App Tunnel, and VMware Content Gateway.

New Edge Services Session Statistic Monitoring

Now, you can view information about active edge services sessions in the Unified Access Gateway administration console. The monitoring collects real-time statistics about active and inactive sessions, failed login attempts, session high water mark, Blast sessions, PCoIP session, and Tunnel sessions. Use this valuable information better understand the usage, prioritization and balance allocation for each edge service.

New Licensing Editions

Starting in Unified Access Gateway 3.4, the platform now comes in three editions: standard, advanced, and enterprise. The following table shows what each edition offers:

Each edition of Unified Access Gateway maps to different products in the digital workspace:

  • Standard – Included on  Workspace ONE Standard, Horizon 7 Standard, and Horizon Apps Standard and Advanced. Keep in mind, the standard edition for Workspace ONE does not include VMware Tunnel, and only applies to VMware Content Gateway for rugged licenses.

  • Advanced – Included on Workspace ONE Advanced and Horizon 7 Advanced.

  • Enterprise – Included on Workspace ONE Enterprise, Workspace ONE Enterprise for VDI, and Horizon 7 Enterprise.

Cascade Mode for Horizon 7 Support

For organizations where a dual DMZ is mandated, Unified Access Gateway now supports cascade mode for Horizon 7 edge services. In this deployment mode, a Unified Access Gateway is deployed in the outward facing DMZ and acts as a Web Reverse Proxy. Then, another Unified Access Gateway is deployed on the internal DMZ, and acts as a Horizon edge service. External users connect through the first DMZ layer, then the second, before accessing the internal network.

Amazon Web Services Deployment Support

Customers that limit access to their on-premises resources through Amazon, can now leverage Unified Access Gateway edge service to secure access to those resource as they normally do in other platforms. Unified Access Gateway can be imported on Amazon EC2, registered as Amazon Image Machine (AMI) and deployed through PowerShell script.

Custom Thumbprints for Horizon 7

Last but not least are the Unified Access Gateway and Horizon 7 integration improvements, which include support for custom thumbprints. Custom thumbprints allow the use of separate certificates for Blast TCP and VMware Tunnel connections. You can configure custom thumbprints in the Unified Access Gateway administrative console or through PowerShell INI. On the Horizon client you only need to set the following properties on the file:

  • advertiseThumbprintSHA1

  • advertiseThumbprintSHA256 properties

Native Support in Horizon 7

The Horizon 7 administration console now natively supports Unified Access Gateway appliance registration, and reports each appliance’s status on the Horizon Dashboard.

For more info on VMware Workspace ONE, VMware Horizon and VMware UAG contact us:

Mobisec Technologies the leading endpoint management and security experts services in Israel with hundreds of VMware EUC products installations and a certified experienced team at your service.

219 views1 comment