EUC Sessions at VMworld Barcelona 2014 (EUC3330-GD)

VMworld (Barcelona) 2014
As usual for this time of year I’m excited to be making my final preparations for VMworld Europe (Barcelona) and I thought I’d try something new and host a group discussion about using Horizon 6 with RDS Hosted Applications and Desktops. If you are interested in taking part then make sure to register for EUC3330-GD using the VMworld schedule builder. As the title suggests, being a group discussion means that this will be interactive and give you the opportunity to not only hear from myself on VMware Horizon 6 and RDS best practices, but hear from partners and customers on their implementations and experiences.

I look forward to seeing you all there!

Shellshock Vulnerability and Potential Exploitation (not another blog post on CVE-2014-6271 / CVE-2014-7169)

Bash (Shell Shock) Exploit LogoAs tempting as it is, I have no intention of jumping on the ‘Shellshock’ band wagon and writing a vague post on the subject. However, I do find this recent bash exploit interesting and worthy of investigation as it’s simple to test and has a plethora of vectors that could be exploited. I’ve read many media reports on this and unfortunately some of their layman’s terms are inaccurate or do not provide the full picture. The purpose of this blog post is for my own reference and anybody that needs starting point of where to look. For an in-depth look at this then I would recommend you read Troy Hunt’s article. For a quick technical reference then feel free to read on… [Read more…]

Virtual Design Master ‘Community and Learning’ VCP, VCAP, VCDX

Design-MasterIf you follow the virtualization community on Twitter then you may have already seen the hashtag #VirtualDesignMaster, and it’s something that I really think deserves more attention. The series over at presents competitors with a design challenge that puts their knowledge to the test, requiring many skills and disciplines from the virtualization industry. Even if you are not a veteran virtualization guru, the competitors come from all backgrounds and including networking and storage. In fact the competitors range from those holding VCP, VCAP, MCSE and other industry certifications to just solid work experience.

This series is in it’s 2nd season now, following on from a theme where zombies start taking over our planet and a virtual infrastructure design is required as part of the effort to save the world. It really does seem like great fun and you don’t have to be officially competing to take part as the design scenario is available on the website.

I just love the creativity and thought that has gone into this, and if you are studying for any design certification such as the VCAP-DCD or VCDX then I’d strongly recommend that you check out their Google Hangout recording on YouTube for a feel of what it’s about. In this video Melissa Palmer @vMiss33, Eric Wright @discoposse and Angelo Luciani @AngeloLuciani chat to the judges and competitors for Team Alpha and Team Beta.

New VCDX successes make the grade!

VCDX Make It SoCongratulations to the latest VCDX successes that made it in July 2014. You’ll find the VCDX Directory ( has been updated once again following the recent design defence round in Frankfurt this month. I’d just like to personally congratulate @harsha_hosur , @safouh75, @robertquast,  @elgwhoppo, @sidbrydon, @vTerahertz, @agmalanco, @NiranEC, and @Gortees. This is an awesome achievement and it’s great that this once small group of experts is growing to a huge army of architects! [Read more…]

VMware Horizon 6 View Configuration Maximums

VMware Horizon 6 Configuration MaximumsVMware doesn’t currently maintain an official Horizon 6 or View Configuration Maximums document, unlike the vSphere configuration maximums PDF which is has existed for many years. There are some maximum configurations in the Horizon 6 official documentation, and release notes but this does not include everything. Before diving into the configuration maximums below, let me first explain how they are derived. Many of the configuration maximums come from testing by developers at VMware and part of the Quality Assurance (QA) process before a product is released to GA (General Availability). These are what you’ll find in the product release notes or architecture guides. Other configuration maximums are derived from best practices, benchmark tests, and observations from many implementations and tests in the real world.

A configuration maximum that has caused some confusion over recent years in the number of linked clone virtual machines per datastore/LUN. For VMware View 5.1 and prior this was documented as a maximum of 64 linked clones per LUN (VMFS). Since View 5.2 this increased to 128 linked clones per VMFS datastore, and 140 if VAAI is enabled. Today with Horizon 6 this guidance hasn’t changed and this is reflected in the maximums below. If you refer to the Storage Sizing Guide for Windows 7 for View 5.2, page 6, you will see it is also stated there (in case you doubt!). [Read more…]

VMware Horizon 6 (View) Firewall & Network Ports

Updated (July 3rd 2014): Even higher resolution, includes RDS (Remote Desktop Session) hosts, Workspace Portal, MMR and correct PCoIP ports (TCP and UDP)

Back in April 2012 I posted my original View network firewall ports diagram, and it’s been used widely both internally at VMware and in the community. Since Horizon 6 launched this week I thought I’d create a brand new full size diagram to include Cloud Pod Architecture. This updated diagram contains a better layout and a new color theme to boot!  This image is 3767 x 2355 pixels, so simply click to enlarge then ‘Save Image’ to get the full size HD version.

You’ll notice the addition of VIPA (View inter-pod API) and ADLDS port 22389 which are both used for Cloud Pod Architecture. Bear in mind that between your View Pods, you will still require the usual Active Directory ports.

Key Firewall Considerations for VMware Horizon 6

  • TCP 8472: View interpod API (Cloud Pod Architecture) – NEW
  • TCP 22389: Global ADLDS (Cloud Pod Architecture) – NEW
  • HTTPS (443): Horizon Client access, authentication and RDP tunnel (HTTPS Secure Gateway)
  • HTTPS (8443): Used by HTML Access (Blast)
  • HTTPS (22443): HTML Access (Blast) to Virtual Desktops
  • TCP 9427: Used by Windows multimedia redirection (MMR)
  • TCP 32111: USB Redirection
  • ESP (Protocol 50) used for Security Server and Connection Server IPSEC communication (requires Windows firewall with Advanced Security to be enabled)
  • UDP 500: IPsec negotiation for Security Server and Connection Server communication and pairing.

For a full list of network ports please refer to the latest Horizon 6 documentation: