This insurance company has a long-standing history of providing their customers with the best insurance solutions, even if it means collaborating with others under one umbrella. "We live by the motto, 'the power of unity brings good to many,'" says the CTO. They combine forces with many other insurance specialists and, therefore, have a diverse infrastructure, striving to use the best in the market.
While this sounds like a good strategy, it also means that a flexible access solution was needed when it came to providing secure external access to their internal apps.
"Usually, we prefer to integrate a holistic mobile device management and secure workplace solution, such as Workspace ONE, where we control every aspect of the solution," said Reinhard Partmann, comdivision’s lead architect. However, sometimes, we need to consider other options, where a heterogeneous number of systems work hand in hand; either because the customer has recently invested in a technology of another vendor, or, as in this case, the customer needs to provide access to external consultants whose devices are not under our control.
"We needed a lightweight access solution for the apps that support our field consultants and technicians," the CTO explained. "But we wanted to make sure that future growth was possible without having to start over."
We decided that a two-node all-flash VMware vSAN cluster, with instant clones, was the solution, where we can increase performance by just adding more nodes. The decision to use VMware Horizon View Enterprise enabled us to use vSAN instant clones and also have the ability to manage user profiles with the Dynamic Environment Manager (DEM) As another option, the customer can additionally use dynamic application assignment with VMware AppVolumes.
Partmann asserted that, since the hardware vendor was set – they use HP as their primary supplier – “we used an HPE vSAN ReadyNode solution built on HPE ProLiant servers as a base, and we equipped it with more memory. As we only have two nodes, one node had to be capable of handling the given workload and leave some headroom for performance peaks and growth."
"As the main use case is to provide a jump desktop for external users," Partmann further explained, "we would normally use the UAG (universal access gateway). But in this case, we had an F5 firewall solution already in place and used this device to handle multifactor authentication and secure access."
The jump desktop itself was an optimized Windows 10 Enterprise with only a small set of applications. Most of these apps had been preconfigured with DEMM.
The whole implementation took one week, including the basic installation, creating the desktop image, app configuration and app profiles, integration of the F5 for higher security/MFA, and testing.
The CTO concluded: “The final test showed very good performance, and the snappy behaviour of the whole system was outstanding!”
