VMware Horizon 8

VMware have released a new version of VMware Horizon 8 (2006), and this release is for now general available from August 2020. This is a major release, so I hope you like this article I put together. VMware have made some huge improvements in this release, which customers/partners are going to benefit from. HINT – If you are using Nvidia vGPU (on-prem) I highly recommend you upgrade to NVIDIA vGPU 11, as this is supporting VMware Horizon 8 (2006). I have in this article also included the new features of Horizon Cloud service for IBM Cloud, AWS, Azure. Lets dig into what is new.

What is new in VMware Horizon 8

VMware Horizon 8 provides the following new features and enhancements
  • VMware Horizon Connection Server On-Premises
  • VMware Horizon Agent for Linux
  • VMware Horizon Agent for Windows
  • VMware Horizon GPO Bundle
  • VMware Dynamic Environment Manager 2006
  • VMware Unified Access Gateway 3.10
  • VMware Horizon Clients 2006 for Android, Linux, iOS, Mac, Windows, HTML Access
VMware Horizon Cloud services:
  • VMware Horizon Cloud Service v3 (Azure, AWS, On-prem)

VMware Horizon Connection Server On-Premises

The VMware Horizon 8 version 2006 release includes many new features and enhancements. Beginning with this release, version numbering is based on the year and the month of the release. For example, 2006 represents the year 2020 and the month of June.
  • Cloud Pod Architecture
    • Global entitlements appear in alphabetical order in Horizon Client.
    • To use Horizon Console or lmvutil to configure and manage a Cloud Pod Architecture environment, an administrator must have the new Manage Cloud Pod Architecture global privilege. See Security Considerations for Cloud Pod Architecture.
    • You can define the global entitlement name that appears to users in Horizon Client. When creating or modifying a global entitlement in Horizon Console, use the new Display Name option. When using lmvutil commands, use the new –aliasName option. See Worksheet for Configuring a Global Entitlement and Creating a Global Entitlement.
    • The –htmlAccess and –disableHtmlAccess options are removed from the –updateGlobalEntitlement and –updateGlobalApplicationEntitlement lmvutil commands. The –htmlAccess option is also removed from the –createGlobalEntitlement and –createGlobalApplicationEntitlement lmvutil commands.
    • When you create or modify a global entitlement in Horizon Console, the HTML Access option is removed.
  • Published Desktops and Applications
    • Provisioning of majority of instant clone farms no longer involve creation of parent VM. This improves the manageability of the instant clone farm and well as optimizing the memory requirement of the farm.  For extremely large farms, parent VM will still be created.
    • When you create or modify a farm in Horizon Console, the Allow HTML Access to desktops and applications on this farm option is removed. To prevent HTML Access to a published desktop or application, either do not install HTML Access support when you install Connection Server, or use the client restriction feature to block access.
    • Horizon automatically chooses to provision instant clones directly from replicaVM, without creating any parentVM. This feature is called Smart Provisioning. See Creating an Automated Instant-Clone Farm.
    • You can view the Horizon Client version for a published desktop or application session. See Manage Published Desktops and Application Sessions in Horizon Console.
  • Virtual Desktops
    • Instant clones are available in more VMware Horizon license packages including Standard, Advanced, and Enterprise Edition license packages.
    • A high memory usage alert that is triggered during the instant clone provisioning process has been disabled. See the VMware KB article 2151438.
    • You can restrict access to entitled desktop pools from certain client computers. See Implementing Client Restrictions for Desktop Pools, Published Desktops, and Application Pools.
    • When you create or modify an instant-clone desktop pool or an automated pool that contains full-clone virtual machines in Horizon Console, the HTML Access option is removed. To prevent HTML Access to a desktop pool, either do not install HTML Access support when you install Connection Server, or use the client restriction feature to block access.
    • Horizon automatically chooses to provision instant clones directly from replicaVM, without creating any parentVM. This feature is called Smart Provisioning. See Instant-Clone Desktop Pools.
  • Horizon Console
    • When you select the network for an instant-clone desktop pool or farm, Horizon Console selects network type from the current master image configured in vSphere Client and displays networks based on the network type of the parent VM: DVS, NSX-t, and Standard. You can use the same network as the parent VM or select a network from the list of available options. Networks are filtered based on the parent VM network type. See Worksheet for Creating an Instant-Clone Desktop Pool and Worksheet for Creating an Instant-Clone Farm.
    • The View Storage Accelerator feature requires upto 32GB of RAM per ESXi host. You can specify a default host cache size between 100MB and 32,768MB. See Enable View Storage Accelerator Globally in Horizon Console.
    • You can click the Send Feedback icon in the Horizon Console header to send in-product feedback about features and functionality to the VMware Horizon team. See Send Feedback.
    • When you delete a desktop pool, the status of the desktop pool appears as “Deleting” on both the Desktops page and the Machines page. See Delete a Desktop Pool and Delete Virtual Machine Desktops in a Pool.
    • If you use an older Web browser such as Internet Explorer 11 to log in to Horizon Console, a pop-up windows appears that lists the Web browsers to use for the best user experience. See Log In to Horizon Console.
  • Horizon Connection Server Installer
    • The Connection Server installer has new branding.
    • The Connection Server installer has new icons.
    • You can select a deployment type to install Connection Server on premises or in a public cloud with VMware SDDC service.
    • You can perform a parallel upgrade of multiple Connection Servers. For more information about how to upgrade Connection Servers in parallel, see Upgrading Connection Servers in Parallel. For more information about troubleshooting errors in the Connection Server installer related to parallel upgrade of Connection Servers, see Troubleshooting Installation Errors During Parallel Upgrade of Connection Servers. Note: At the last step of the installation or upgrade process, the Connection Server waits for all the services to start.This can result in a longer installation time than earlier versions of Connection Server installations or upgrades.
    • You can configure load balancers for Connection Server health monitoring. See Configuring Load Balancers for Horizon Connection Server Health Monitoring.
  • Role-Based Delegated Administration
    • Two new privileges are added. See Global Privileges.
      • Manage Cloud Pod Architecture
      • Manage Access Groups

VMware Horizon Agent 8 for Linux

  • Horizon Agent supports the following new Linux operating systems:
    • RHEL/CentOS 7.8
    • RHEL/CentOS 8.2
    • SLES 12.x SP5
  • Horizon Agent no longer supports the following Linux operating systems:
    • SLED/SLES 12.x SP1 and SP2
    • RHEL/CentOS 6.x
    • NeoKylin 6 Update 1
  • You can configure RHEL 8.x/7.x and Ubuntu 18.04 virtual machines as multi-session Linux host machines. You can add these Linux host machines to manual or automated instant-clone farms on which you can base published desktop pools and published application pools. Each published desktop or published application can support multiple user sessions at the same time. See Setting Up Linux Published Desktops and Applications for Multi-Session Use.
  • vDGA graphics are no longer supported on Linux desktops.

VMware Horizon Agent 8 for Windows

VMware Horizon 8 GPO Bundle

  • The Blast Codec Quality group policy setting enables you to set the minimum and maximum values of the Quantization Parameter (QP), which controls the image quality of the remoted display when using Blast Codec compression. See VMware Blast Policy Settings.
  • With the Cursor warping group policy setting enabled, the remote agent detects sudden cursor movements and reflects them to the client by moving the local cursor. See VMware Blast Policy Settings.
  • The Configure maximum latency for mouse coalescing group policy setting enables you to configure the maximum latency allowed, in milliseconds, when coalescing mouse move events. See General Settings for Client GPOs.

VMware Dynamic Environment Manager 2006

  • Elevated Tasks. VMware Dynamic Environment Manager 2006 expands on privilege elevation with the new elevated-tasks feature. Elevated tasks simplify elevation of an application at logon or logoff, or when another application starts or exits.
  • ADMX-Based Computer Settings. You can now also use ADMX-based settings to apply computer policy registry settings.
  • VMware Dynamic Environment Manager releases follow a new versioning format. VMware Dynamic Environment Manager is moving from a major-minor version-number model to a date-driven model represented by a year and month (yymm). This release is version 2006. The previous release was version 9.11. Product filenames and version numbers continue to contain the major-minor versioning. For 2006, the major-minor version is 10.0.
  • VMware Dynamic Environment Manager Editions. Starting with version 2006, VMware Dynamic Environment Manager is available in both Standard and Enterprise editions. DEM Standard Edition assists VMware Horizon® Standard Edition and VMware Horizon® Advanced Edition customers with user profile management. DEM Enterprise Edition is the full-featured version of VMware Dynamic Environment Manager.
  • Additional Windows Support.
    • Windows 10 Version 2004 (May 2020 Update). See KB 57386 for the VMware Dynamic Environment Manager and Windows 10 Versions Support Matrix.

VMware Unified Access Gateway 3.10

VMware Unified Access Gateway 3.10 provides the following new features and enhancements:
  • Configuration of Workspace ONE edge services VMware Tunnel, Content Gateway, and Secure Email Gateway through the Admin UI now detects errors due to configuration issues and relays the error message to Admin UI. The error messages do get captured in the logs.
  • Added support to configure the maximum allowed CPU utilization to prevent an overload. Previous versions set this limit to a fixed 90%. When this level is exceeded, Unified Access Gateway responds to HTTP requests with a 503 error to indicate it is unable to handle the request due to temporary overloading. The support for this configuration allows a load balancer to allocate new sessions to alternative appliances. The default value is 100% so will never be exceeded, but a lower value can be configured in system settings using PowerShell or the Admin UI.
  • Extended support for Horizon Client IP protocol version bridging. Earlier versions supported IPv6 and IPv4 clients to connect to an IPv4 Horizon infrastructure. Support has been added to allow IPv6 and IPv4 clients to also connect to an IPv6 Horizon infrastructure.
  • Added a capability with Web Reverse Proxy edge service configuration to proxy requests normally used for local Unified Access Gateway resources. This capability was needed to support the download of the OPSWAT on-demand agent when Unified Access Gateway is used in a Horizon double-hop DMZ configuration. To support this case, the proxyPattern configured on the Web Reverse Proxy edge service must include /gateway/resources/(.*) so that these requests are forwarded to the Horizon Unified Access Gateway appliance.
  • The FIPS version of Unified Access Gateway now supports the Certificate-based authentication for Horizon Clients. This is for Smart Card/CAC and device certificate authentication.
  • General Unified Access Gateway SAML 2.0 enhancements for third-party Identity Providers used with the Horizon authentication.
  • Validated Microsoft ADFS and Shibboleth as additional SAML 2.0 Identity Providers for the Horizon authentication.
  • The Horizon OPSWAT device compliance check continuous evaluation interval can now be set to a minimum of every 5 minutes. Previously the minimum interval between checks was 30 minutes. By default, the continuous evaluation interval is still set to 0 meaning disabled. In this case, a continuous check is not performed but is still checked every time the user starts a Horizon desktop or application session.
  • Added support to configure a login disclaimer agreement message for the Admin UI login. The admin user must accept this agreement message before login. The Admin Disclaimer Text can be configured in the Admin UI or in the PowerShell .ini file.
  • Extended the logs collected with system information to further aid troubleshooting. The system_logs_archive directory has the following log files: cpu.info, mem.info, sysctl.log, and journalctl_archive.
  • The origin header used with Horizon requests to Connection Server can now optionally be rewritten to use the host name from the proxyDestinationUrl setting. In many cases, by rewriting the origin header with the host name can avoid the need to configure the locked.properties file on Connection Server to allow certain browsers to connect to Horizon.
  • Added support for additional connection concurrency for RADIUS authentication. In previous versions, this might cause delays in a Horizon user being prompted for RADIUS credentials during peak login rates when used with certain configurations of the on-premises version of Microsoft Azure Multi-Factor Authentication Server. The increased connection concurrency avoids this delay.
  • Updated TLS versions and default ciphers for connections on TCP port 443 for Horizon and Web Reverse Proxy edge services. Values are configurable. The non-FIPS Unified Access Gateway version defaults for these edge services are now: TLS 1.3 TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 The FIPS Unified Access Gateway version defaults for these edge services are now: TLS 1.2 only TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ​TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • The Horizon Blast Secure Gateway component on TCP port 8443 no longer uses TLS 1.1. It supports TLS 1.2 only.
  •  Secure Email Gateway support for Active Directory client certificate mapping authentication. For customers that publish client certificates to their user objects in Active Directory, this feature can be used when the certificate either does not have a UPN present, or the UPN does not match the UPN value in Active Directory.
  • For Secure Email Gateway, the Java version has been updated to Zulu OpenJDK JRE, version 11.0.7.
  • Qualified support for the AVI Networks load balancer in front-ending Unified Access Gateway for Horizon, Web Reverse Proxy, VMware Tunnel, Content Gateway, and Secure Email Gateway edge service.

Supported versions of Windows 10 on Horizon Agent Including All VDI Clones (Full Clones, Instant Clones, and Linked Clones on Horizon 8)

  • Windows 10 1607 LTSB (Enterprise)
  • Windows 10 1703 CBB, Semi-Annual (Enterprise, Professional, Education)
  • Windows 10 1803
  • Windows 10 1809
  • Windows 10 1903
  • Windows 10 1909
For more additional information please read this knowledge article

VMware Horizon Client 2006 – new features

VMware Horizon Client 2006 for Android

What’s New in This Release
  • Printing to a local or network printer If the VMware Integrated Printing feature is configured for a remote desktop or published application, you can print to it from any local or network printer available on the client device. See Printing From a Remote Desktop or Published Application.
  • Client version restriction A warning message appears in Horizon Client for Android if you try to connect to a server that does not support your Horizon Client version. For information about setting up client version restrictions, see Global Client Restriction Settings for Client Sessions.
  • OPSWAT integration support You can use OPSWAT integration with Horizon Client for Android by installing OPSWAT Mobile App on the client device. When OPSWAT Mobile App is installed, Horizon Client for Android prompts you to share the client device’s ID with OPSWAT. You can use a new Horizon Client for Android setting to configure whether to share the device ID with OPSWAT. For more information, see Configure Device ID Sharing with OPSWAT.

VMware Horizon Client 2006.1 for iOS

What’s New in This Release
  • Printing to a local or network printer If the VMware Integrated Printing feature is configured for a remote desktop or published application, you can print to it from any local or network printer available on the client device. See Printing From a Remote Desktop or Published Application.
  • Client version restriction A warning message appears in Horizon Client if you try to connect to a server that does not support your Horizon Client version. For information about setting up client version restrictions, see Global Client Restriction Settings for Client Sessions.
  • Support for iOS 14

VMware Horizon Client 2006 for Mac

What’s New in This Release
  • USB auto-connect support for published applications When you connect a USB device to a published application, you can select the Auto-connect at startup check box to connect the USB device automatically at start up and the Auto-connect when inserted check box to connect the USB device automatically when you plug in the device. See Use USB Redirection to Connect USB Devices.
  • Configure cursor event handling You can optimize cursor event handling by configuring settings in the ~/Library/Preferences/VMware Horizon View/config file on the Mac client system. See Configuring Cursor Event Handling.
  • Client version restriction A warning message appears in Horizon Client if you try to connect to a server that does not support your Horizon Client version. For information about setting up client version restrictions, see Global Client Restriction Settings for Client Sessions.
  • VMware USB arbitrator kernel extension replaced with the Apple USB IOKit API To maintain backward compatibility with older macOS versions, both modes of operation are supported. On Catalina and later, the Apple USB IOKit API is used by default. On earlier macOS versions, including High Sierra and Mojave, the VMware USB arbitrator kernel extension (com.vmware.kext.vmioplug) is used by default. You can use a config option, useVirtApi, to switch between the VMware USB arbitrator kernel extension and the Apple USB IOKit API. For more information, see VMware Knowledge Base (KB) article 79858.

VMware Horizon Client 2006 for Linux

What’s New in This Release

  • IPv6 Support Using the view.ipProtocolUsage configuration key, administrators can configure Horizon Client for Linux to use IPv4 or IPv6 or to switch automatically between IPv4 and IPv6 modes as needed. For more information, see Horizon Client Configuration Settings and Command-Line Options.
  • Custom Display Resolution and Scaling for Remote Desktops When an administrator sets the view.enableSyncDesktopLayout configuration key to allow this capability, users can customize the display resolution and scaling for remote desktops. The custom display settings specified by a user remain in effect for subsequent connection sessions from that user’s client system. For more information, see Customize the Display Resolution and Display Scaling for a Remote Desktop.
  • Configure Cursor Event Handling With the RemoteDisplay.mouseMoveMaxLatencyMsecRemoteDisplay.allowCursorWarping, and RemoteDisplay.allowCursorEventsOnLowLatencyChannel configuration settings, administrators can enable, disable, and specify parameters for certain cursor events. Configuration settings on the client and on the agent must match for the cursor features to be enabled. For more information, see Configuring Cursor Event Handling.
  • Updated SDK for Horizon Client for Linux The new SDK allows you to fully customize Horizon Client for Linux. The SDK is only available to VMware Thin Client Program partners and EUC Integration program partners.

VMware Horizon Client 2006 for Windows

What’s New in This Release
  • Configure the maximum latency for mouse coalescing The Configure maximum latency for mouse coalescing group policy setting enables you to configure the maximum latency allowed, in milliseconds, when coalescing mouse movement events. See General Settings for Client GPOs.
  • Windows 10 2004 support You can install Horizon Client for Windows on a Windows 10 2004 client system.
  • Client version restriction A warning message appears in Horizon Client if you try to connect to a server that does not support your Horizon Client version. For information about setting up client version restrictions, see Global Client Restriction Settings for Client Sessions.
  • Certificate revocation changes When the Ignore certificate revocation problems group policy setting is enabled, the client might only use a cached URL during server certificate verification. Horizon Client now passes additional certificate flags to handle time outs.
  • Video support in Media Optimization for Microsoft Teams Both audio and video are supported. Previously, only audio was supported. This feature requires Horizon Agent 2006. To use this feature, the Enable Media Optimization for Microsoft Teams option must be selected during Horizon Client for Windows installation. See Install Horizon Client for Windows.

VMware Horizon Client 2006 for HTML Access

What’s New in This Release
  • Multiple-monitor mode enhancements The way you enable and configure the multiple monitor feature has changed. See Use Multiple Monitors.
  • Chromium-based Microsoft Edge browser support changes You can use HTML Access with Chromium-based Microsoft Edge versions 81 and 83.
  • Chrome browser support changes You can use HTML Access with Chrome versions 81 and 83.
  • Navigation changes in Workspace ONE Workspace ONE users can now see all their running desktops and applications in the Running list in the HTML Access sidebar. For information about launching desktops and applications in Workspace ONE, see the Workspace ONE Access Documentation.
  • Copy and paste enhancements When you use HTML Access in a Chrome or Microsoft Edge 81 or later browser, and you allow permission, you can right-click and select Copy and Paste to copy and paste text from the client to a remote desktop or published application. In addition, you no longer need to grant permission every time you try to copy and paste plain text from a remote desktop or published application to the client system.

Whats new in VMware Horizon Cloud services:

  • VMware Horizon Cloud Service on IBM Cloud 20.2.
  • VMware Horizon Cloud Service 3.1 (Azure, AWS, On-prem)

VMware Horizon Cloud Service on IBM Cloud 20.2.0

  • RDSH Farms now support per VM maintenance by setting the User Login Mode which will route connections to other available VMs in the RDSH Farm.
  • The Domain Join Account now supports a reduced set of Active Directory permissions when configuring “Write All Properties” on an Organizational Unit (OU).
  • The Domain Join Account now supports a reduced set of Active Directory permissions when configuring “Write All Properties” on an Organizational Unit (OU).
  • Administrators can now configure the display name behavior for all assigned dedicated desktops by displaying the assignment name when end-users connect with the Horizon Client.
  • The tenant administrator can now use Instant-Clone technology to create and refresh Tenant Application Farms and deliver Session and Application Pools using rapid provisioning.
  • Added Horizon DaaS platform support for vCenter/vSphere 6.7 P02.

What’s New for Horizon Cloud Service

  • The Horizon Cloud Administration Console now supports both single sign-on (SSO) and multi-factor authentication, providing enhanced security for administrators accessing the console. Authentication is enabled using VMware Cloud Services federated identity management. The federated identity management feature is in Limited Availability.

What’s New for Horizon Cloud on Microsoft Azure

  • Universal Broker is now available for greenfield deployments of Horizon Cloud on Microsoft Azure pods. Universal Broker enables unified brokering of multi-cloud assignments across hybrid and multi-cloud Horizon environments with support for both Horizon 7 and Horizon Cloud on Microsoft Azure. To learn more, visit vmware.com/go/Horizon-UB.
  • Horizon Cloud administrators can now create multi-cloud assignments with greenfield deployments of Horizon Cloud on Microsoft Azure pods using Universal Broker. Multi-cloud assignments provide administrators with the ability to create both dedicated and floating desktops that span across multiple pods and sites.
  • App Volumes with Simplified Application Management is now available for Horizon Cloud on Microsoft Azure pods. App Volumes provides the ability to decouple application package management from assignment management, along with full lifecycle management of an application to meet the dynamic needs of end users.
  • Use of App Volumes with Microsoft Windows 10 Enterprise multi-session in your Horizon Cloud on Microsoft Azure pods — both for Microsoft’s MSIX app attach and for App Volumes VHDs — is now Tech Preview. For more details about this tech preview, see App Volumes Applications – Overview and Prerequisites in the Administration Guide.
  • Horizon Cloud on Microsoft Azure pods now support multiple tenant subnets from either the pod’s VNet or from multiple, connected, peered VNets for both desktop assignments and farms.
  • RDSH farms now support advanced session load balancing, which provides the ability to load balance sessions using dynamic performance metrics from the session hosts in the Horizon Cloud on Microsoft Azure pods.
  • Additional Microsoft Azure VM sizes are now available for use with internal and external Unified Access Gateways for Horizon Cloud on Microsoft Azure pods.
  • Administrators can now cancel both desktop and farm expansion tasks that are in a queued or running state, with support for automatic desktop assignment and farm resizing for Horizon Cloud on Microsoft Azure pods.

What’s New for Cloud-Connected Horizon Pods

  • Horizon Cloud Connector 1.7 is released and available for download from the Horizon Cloud Connector area within the Horizon Cloud Service downloads page at my.vmware.com.
  • You can now schedule your Horizon Cloud Connector automatic updates using the Horizon Cloud Administration Console.
  • Collecting support log bundles is now much easier through the Horizon Cloud Administration Console and the Cloud Connector setup interface.
  • License sync warnings are much more accessible displayed as color-coded banners at the top of the Horizon Cloud Administration Console dashboard. The banner will change color and description based on severity.
  • More descriptive connectivity error messages in the Horizon Cloud Administration Console event logs. These messages enable administrators to self-diagnose and provide a link to a corresponding KB article that offers remediation recommendations.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Turn on pictures to see the captcha *