Since Horizon Workspace 1.0 was release VMware created some very good documents (white papers, reference architectures, etc.) related to Horizon Workspace. While some are very easy to find others are a bit more hidden in the VMware communities.
In this post I want to highlight some of the documents which I found very helpful and interesting.
Horizon Workspace 1.0 Reviewer’s Guide
Everyone who is just starting with Horizon Workspace should have a look at the Reviewer’s Guide. This document is a guided walkthrough of VMware Horizon Workspace, including a step-by-step perspective into technical architecture, use cases and initial installation, configuration, and integration.
Horizon Workspace Reference Architecture
If you want to know more about how to size your Horizon Workspace environment this is the right paper for you. I gives you an idea about the requirements for a 2,000-user Horizon Workspace environment.
Security Considerations for Horizon Workspace 1.0
This paper provides an overview of security considerations and recommendations for VMware Horizon Workspace. Topics covered are authentication and authorization, auditing, the demilitarized zone (DMZ), sharing, access control, and device control.
Horizon Workspace 1.0 – Load Balancing with F5
This paper details the setup of F5 BIG IP 11.3 with Horizon Workspace 1.0 to load balance gateway-VAs for internal and external access
Horizon Workspace – External vFabric Postgres database
This paper details the setup scenarios for using VMware vFabric Postgres 9.1 for use with Horizon Workspace service-va to implement this service in HA mode or for production environments where external PostgreSQL database is a requirement.
In my opinion all of these papers are a must read.
Let me first say ThinApp is by absolutely no means a security product, it is an application virtualization product. But ThinApp, as an application virtualization product, certainly can help to make your environment more secure. For example when using ThinApp for your applications you can deploy critical patches much faster as it would be possible with traditional software deployment tool like SCCM or LanDesk.
That said customers still ask how they can disable certain functions within ThinApp to make their applications more secure. These functions are copy and past as well as cut and paste and of course printing. Obviously ThinApp can handle these requirements as one of the most versatile application virtualization solution on the market.
Disable copy and paste / cut and paste
To disable copy and paste within your virtual application you have to modify the package.ini in the [BuildOptions] section. To disable this functionality just add the following line:
If the user then tries to copy or cut and paste something he gets the following message by default.
You can change this message by adding just another line and modify the message as wanted.
DisableCutPasteMsg=Administrator has disabled Cut and Paste for application %1s
The variable %1s will be replaced by the name of the process of which you want to copy or cut content from. In this example it is firefox.exe
To disable printing from a ThinApp package you also have to add just another line to your package.ini build options.
When a user tries to print from the virtual application while this option is set he gets the following result.
If this tip may come in handy you should pay Christoph Harding’s (@cdommermuth) blog called That’s my view (http://www.thatsmyview.net) a visit. He brought this customer requirement to my attention.