Skip to content

Deploying Unified Access Gateway using vSphere Web Client

Introduction

In the previous post, we discussed an overview of Unified Access Gateway. In this post, I will be deploying a VMware Unified Access Gateway (UAG) appliance to give the end-user access to entitled Virtual Desktop / Remote Hosted applications over an insecure network like the internet.

You might think when you can provide access to Virtual Desktop or to Remote Hosted Applications using security server why there is a need for VMware Unified Access Gateway.  Why an organization should think of deploying Unified Access Gateway?

In my opinion, an organization should think of deploying Unified Access Gateway considering following reasons.

  1. Even if you can do a security hardening of windows based security server, Windows based OS is more vulnerable to attacks than a hardened Linux.
  2. You can only have 1:1 relationship between the Security Server and the Connection Server. You have more flexibility in case Unified Access Gateway.
  3. Unified Access Gateway can act as a single solution of different use cases
    • Secure Remote Access / Proxy of Horizon Protocols (Blast/ PCoIP)
    • DMZ Authentication (RADIUS, RSA SecurID, CAC, SAML)
    • Reverse Proxy – Access to on-prem web resources
    • Identity Bridging – Access to non SAML ready on-prem apps (Kerberos / Header based)
    • Airwatch Per-App VPN / Proxy Tunneling Server
    • Airwatch Content Gateway
  4. Unified Access Gateway can make use of Blast Extreme Adaptive Transport protocol. Blast is a UDP based protocol which gives a better remote user experience even if you are connecting over a lossy network.
  5. Much easier to configure & manage in comparison to sercurity server & Access point virtual appliance.

VMware UAG Virtual Appliance Requirement

  1. 4GB of RAM on a physical host running ESXi / Hyper-V running on Windows 2012 R2 or Windows 2016.
  2. 2 x vCPU
  3. 1 – 3 Network Cards
    • 1 NIC, Single NIC handle Internet, Internal & Management traffic (recommended for POC only)
    • 2 NIC, One NIC handles Internet traffic & Second NIC handles all internal & management traffic.
    • 3 NIC, Separate NIC to handle Internet, Internal & Management traffic each.
  4. 20 GB of Disk Space
  5. Horizon 6.x & 7.x
  6. 1 UAG node per 2000 concurrent connections

Deploying UAG Virtual Appliance using vSphere Web Client

Conclusion

This concludes the deployment of VMware Unified Access Gateway using VMware vSphere Web Client.  Hope this will be informative for you. Thanks for Reading!!. Be social and share if you find worth sharing it.