The Horizon View security server
The Horizon View security server is another role of the View Connection Server, but architecturally, it sits within your DMZ. The reason for this is that you can allow end users to securely connect to their virtual desktop machine from an external network or the Internet without necessarily needing to connect via a VPN first. The security server does not expose any internal network details to the Internet.
We will cover the installation process of the View security server in Chapter 4, Installing Horizon View 6.0, but it's almost identical to installing the View Connection Server. Instead, you select the View Security Server option from the drop-down menu of the different role options.
Note
You cannot install a View security server on the same machine that is running a View Connection Server or any of the other Horizon View components.
As part of the installation process, a View security server is paired with a View Connection Server on a 1:1 basis, so every security server will be connected to a View Connection Server. This pairing process is configured using a one-time password at the installation time. It's a bit like pairing your Bluetooth phone with the hands-free kit in your car.
We will cover this in the installation of the Installing the View security server section in Chapter 4, Installing Horizon View 6.0.
How does it work?
The login process for the user is the same as when logging in from an internal network; however, there are some different tasks going on in the background, which we will cover later in the chapter.
A user logs in from the View Client, selects a View Connection Server, and enters their login credentials, which are authenticated in Active Directory. So far, the process is no different, but now, the security server elements come into play, as we will now describe.
If the View Connection Server is configured as a PCoIP Gateway, it will pass the connection and address information to the View Client. This connection information allows the View Client to connect to the View security server using PCoIP. This is shown in the following diagram with the green arrow (1):
The View security server then forwards the PCoIP connection to the virtual desktop machine (2), creating the connection for the user and allowing them to start using it.