Co-Authored by Bo Fu, Product Line Manager, VMware
What Are We Announcing for Horizon Cloud with Hosted Infrastructure?
VMware is excited to announce that VMware Identity Manager is now included as part of VMware Horizon Cloud with Hosted Infrastructure. Organizations that choose to use Identity Manager can take advantage of integration capabilities with existing identity infrastructure, advanced authentication methods, a single place for Horizon Cloud desktops and apps, and conditional access controls to ensure only the right users in the right situations get access to cloud desktops.
This feature is available to all Horizon Cloud with Hosted Infrastructure customers. New customers can get this feature as part of their service. The team is reaching out to existing customers to ensure that they can add this feature to their Horizon Cloud Hosted deployment.
Organizations that choose to deploy Identity Manager with Horizon Cloud will see a number of benefits, such as integration with existing identity infrastructure, advanced authentication methods, and conditional access control that protects Horizon Cloud desktops.
Integration with Existing Identity Infrastructure
Identity Manager makes integrating Horizon Cloud with your existing Identity and Access Management (IAM) infrastructure easy. For organizations that already have identity providers in place, Identity Manager allows you to integrate Horizon Cloud into your current identity infrastructure using the SAML protocol. For example, if you’re already using an Identity Provider (IDP) such as Okta or Ping for IAM, Identity Manager allows you to set up Horizon Cloud as a SAML app in your IDP. Adding Horizon Cloud to your IDP’s app list through Identity Manager allows you to minimize the amount of change management required to provide cloud desktop access to your users, and it also ensures your cloud desktops fit into your access management strategy.
If your organization wants to boost productivity and employee satisfaction, Identity Manager integrates easily with VMware Workspace ONE to create a digital workspace. The digital workspace means easy access to the apps (virtual, native, cloud, web, and legacy) employees need to do work on all their devices; organizations that implement digital workspaces see workers report higher levels of productivity and better customer service.
You can use Identity Manager’s SAML support to integrate Horizon Cloud with your existing single sign-on (SSO) system for access to both desktops and applications. SSO into Horizon Cloud simplifies access, allowing your users to access cloud desktops the same way they get to their other work apps while maintaining security. If you want to simplify access further by including cloud desktops in a single mobile app or cloud portal with all your native, cloud, web, and legacy apps, Identity Manager integrates with Workspace ONE for consumer simple access to all your work resources.
Advanced Authentication Methods
Identity Manager brings support for multi-factor authentication (MFA) and advanced authentication methods to Horizon Cloud. You can choose to support methods such as RSA, Radius, certificate-based authentication, Kerberos, and VMware Verify MFA to ensure only the right users get access to your environment. Identity Manager’s conditional access policies mean users can only access their cloud desktops if they meet the conditions you set for authentication method, user group, and network location. For example, you can allow users to access their cloud desktops using only username and password when on the corporate network, but require them to pass an MFA check when they access their desktops from outside the network.
True SSO Support
Horizon Cloud with True SSO support provides a seamless sign-on experience to desktops and applications when using 2FA with Identity Manager. With True SSO, a user can login to Identity Manager using any non-AD method such as RSA SecureID, SmartCard, Certificate, Radius, or any other supported 2FA method. Once authenticated, the user sees their desktop and application launch without being prompted for their AD password. True SSO removes the cumbersome login experience of prompting users for their AD password when launching their desktop or applications. True SSO requires configuration on Identity Manager, enrollment servers deployed in the Horizon Cloud environment and a Microsoft Certificate Authority.
Identity Manager makes it easy to integrate Horizon Cloud with your existing IAM infrastructure and to protect your cloud desktops with advanced authentication methods and conditional access. If you’re interested in deploying Identity Manager with Horizon Cloud, contact your VMware Account Exec today to get started.
If you’re interested in simplifying access to your cloud desktops as part of a digital workspace, visit our Workspace ONE page and ask your VMware Account Exec for more info.
Source: VMware EUC – https://blogs.vmware.com/euc/digital-workspace