By: Karthic Kumar
Thanks to VMware vSphere, VMware NSX, and VMware Horizon VDI solutions, which made remote work possible from anywhere and helping organizations continue their business amidst the “New Normal “situation. Almost everyone is working from home now; it is a new challenge every organization is facing, keeping the infrastructure healthy, and meeting the IT demand is crucial for business continuity.
Here is a snippet from one of our customers on the VDI solution.
We’ve been very fortunate to utilize VDI to allow new employees in these situations to use whatever device they have at home while we work on getting them their company-issued device,” he explains. “Since they are accessing our data center and company network from a secure VDI instance, we can get new hires up and running quickly on a personal device without being concerned from a security standpoint.
Click here to read more.
vRealize Network Insight
vRealize Network Insight contains a complete database for your datacenter and has an ocean of information collected across vSphere, NSX, Public Cloud, SD-WAN, and physical network devices. In this blog post, we will see how a VDI admin can use pinboards inside vRealize Network Insight to monitor & secure the VDI infrastructure.
After partnering with multiple VDI customers, we have carefully curated this pinboard, which has all information for VDI admins to debug and get overall VDI network visibility under a single page.
This pin provides a quick overview of total VMs, flows, incoming and outgoing traffic, quick comparison on change in traffic, and location of the users accessing the virtual desktops. To deep-dive into each item, click on the blue-colored text inside the widget.
Total Traffic Graph
This pin helps to view the overall network activity, average network utilization, and generates alerts if there are any abnormal spikes. Alerts can be configured based on manual configuration or automatically when it deviates from past behavior.
This pin shows VDI architecture in graphical format and helps to understand the VDI traffic patterns. To get more details, simply zoom-in, it further expands and shows more flow lines. Each flow line is clickable and provides detailed traffic information.
Whenever an issue occurs, knowing the root cause solves half of the problem. Usually, VDI admin will have minimal access to the underlying VDI infrastructure. During debugging, even to get a basic level of information, multiple teams have to be engaged, which increases overall resolution time. The ability to recover quickly from an unexpected issue is a crucial factor for a thriving VDI environment. In addition to flow and tier details, the topology diagram also shows physical switches and routers involved in VDI traffic, which provides full 360-degree visibility and help VDI admin to collaborate with network admins effectively.
Micro-segmentation and Traffic visibility
A massive surge in remote traffic is an opportunity for an attacker to compromise the network; in this situation, it is critical to get visibility and secure east-west traffic. These widgets help VDI admin quickly validate a day’s and week’s traffic and get suggestions on writing firewall rules to block unwanted connections.
This Sankey chart will be helpful to find which group of flows improves or degrades over time. We can further drill-down to see the possible cause. To investigate further, click on the chart item.
Events & vSphere Host Problems
For any reported issues, this pin is an excellent place to start debugging. It contains all alerts and events of the VMs and VDI components.
vSphere hosts with problems
This pin provides on the information on vSphere hosts have issues and needs attention.
OS & VDI Infrastructure components
OS in VDI VMs
This pin shows the OS images used in VDI infrastructure. This will helpful for VDI admins during OS image maintenance.
Application Members Manager
VDI admin usually has minimal access to its infrastructure like vCenter, NSX & Public Cloud. This pin lists the core infrastructure components like vCenter, NSX and public clouds. It will help VDI admin to understand the architecture and gather the necessary information to troubleshoot an issue.
Top Outgoing Ports
A glance at the outgoing ports, count of flows, and traffic size. It helps to validate the traffic and helps to make sure no unwanted ports are listed.
Top Talkers and Deep Dive
Find the VMs which has high traffic volume based on flow count and total traffic size. To deep dive further, check the other pin, which allows choosing multiple combinations.
Outliers – Elephant Flows
From the traffic pattern, find out which VMs are behaving differently from others. This pin helps a lot to validate if an outlier VM is valid or compromised. This pin also provides multiple options to find the outliers, use the drop-down to explore more options.
vRealize Network Insight is a perfect and must-have tool for a VDI admin to monitor, maintain the overall health, and get deep traffic visibility. In the next blog post, we will see step by step instructions to create this pinboard and customize further according to your requirement.
To learn more and see a live demo of this pinboard, sign-up for an upcoming webinar called Monitor Traffic and Network Visibility Across a Distributed Workforce with vRealize Network Insight Cloud on July 9, 10 AM PDT.