VMware Access Point

VMware Access Point is a virtual appliance first introduced in Horizon 6 version 6.2 designed to serve as a secure gateway through which authorized users can safely and remotely access VMware end-user computing resources -- namely desktops and appliances hosted either in the cloud, in on-premises customer data centers or through Horizon Air -- from outside the corporate firewall. Access Point was created with Linux and Windows administrators familiar with virtual machine technology and data center operations in mind.

Access Point resides within a network demilitarized zone (DMZ) and acts as a proxy host for connections within a trusted network, shielding resources from the Internet and allowing for a greater degree of security. In order to achieve this level of security, Access Point enforces strict user authentication through a number of methods, including Active Directory domain password, Kiosk mode and Security Assertion Markup Language (SAML). All authentication requests are directed to the appropriate server, at which point the appliance discards all unauthorized requests.

The functionality of Access Point is comparable to that of the Horizon View Security Server, but is distinguished by the fact that it is implemented as a preconfigured Linux-based virtual machine as opposed to software run on a Windows operating system. View Security Server can only connect to View Connect Servers on an individual bases. Access Point does not have that limitation and can establish a connection between Access Point and either an individual or multiple View Connection Servers with the use of a load balancer.

Access Point is similar to a Virtual Private Network (VPN) in some areas but there are some differences when it comes to control management, user interface and performance. VPNs typically require a lot of work from an administrator to keep up with the required rules. With Access Point, access rules are applied automatically. The PCoIP, HTML access, and WebSocket protocols are secured without requiring additional encapsulation with Access Point. Access Point is packaged in Open Virtualization Format (OVF) and can be deployed onto an ESX or ESXi host as a pre-configured virtual appliance. It is recommended that those deploying Access Point in a production environment use the OVF Tool. Other than monitoring, Access Point requires very little administrator management or intervention. Access Point can also be managed through the command line.

Access Point 2.7.2, the latest release as of October 2016, allows admins to use one version to provide edge services to Horizon Connection Servers, VMware Identity Manager and VMware AirWatch. In previous versions, admins had to use different versions of Access Point to accomplish that.

This was last updated in October 2016

Continue Reading About VMware Access Point

Dig Deeper on VMware networking