NSX for Desktop: Jumpstart microsegmentation with Horizon Service Installer fling

 

We fortunately see a lot more NSX with EUC deployments. Used for microsegmentation of the virtual desktop infrastructure, virtual desktop security protection and load balancing of the workspace components (see my previous post here: https://www.pascalswereld.nl/2017/06/09/euc-layers-horizon-connectivity-from-nsx-load-balancers-with-love/).

I want to focus a bit on the microsegmentation and mainly on the NSX service profiles,  groups and standard set of rules for EUC with VMware Horizon. Currently neither NSX for Desktop as Horizon ships with a prepared set to use. Well the Horizon suite does not ship with NSX in any form, what is still a miss in my humble opinion. It can be a little difficult I know.

This blog post will try to focus on the expected to be part of your desktop environment and Horizon components and their NSX rules. Focussing on static Horizon services, static Infrastructure services and dynamic applications based on group membership. And using a fling to get them in your environment. I also have added more services and rules to the fling configuration file, and put up a github project to manage these changes. You can download an updated yml file from there, details a little later on so do read or scroll ahead ;). This is a work in progress as I am also just working on it in my current project.

Continue reading NSX for Desktop: Jumpstart microsegmentation with Horizon Service Installer fling