Insurance company with a long standing history providing their customers with the best insurance solution – even if that means to cooperate with others under one umbrella. “We live the motto ‘The power of unity brings good to many’” says the CTO “we combine forces with many other insurance specialists and therefore have a diverse infrastructure, striving to use the best in the market”.
While this sounds like a good strategy, it also means that a flexible access solution was needed, when it came to providing secure external access to their internal apps.
“Usually we prefer to integrate a holistic mobile device management and secure workplace solutions such as Workspace ONE, where we control every aspect of the solution” said Reinhard Partmann, comdivision lead architect on the case “but sometimes, we need to consider other options, where a heterogeneous number of systems work hand in hand. Either because the customer has recently invested in a technology of another vendor, or, as in this use case, the customer needs to provide access to external consultants, whose devices are not under our control”Partmann concluded.
“We needed a lightweight access solution for the apps that support our field consultants and technicians” the CTO explained “but we wanted to make sure, that future growth is possible without having to start over”.
„We decided that a 2-node all flash VMware vSAN cluster with instant clones was the solution, where we can increase performance by just adding more nodes. The decision to use VMware Horizon View Enterprise enabled us to use vSAN instant clones and also have the ability to manage user profiles with the Dynamic Environment Manager (DEM)” Partmann explained the system in detail “and as an option, the customer can use dynamic application assignment with VMware AppVolumes.”
Partmann continued to explain the server setup: “the hardware vendor was set, as they use HP as their primary supplier. So we used aHPE vSAN ReadyNode solution built on HPE ProLiant servers as base and we equipped it with more memory. As we only have two nodes, one node had to be capable to handle the given workload and leave some headroom for performance peaks and growth.”
“As the main use case is to provide a jump desktop for external users” Partmann explained “we would normally use the UAG (universalaccess gateway). But in this case we had a F5 firewall solution already inplace and used this device to handle multi factor authentication and secure access.”
The jump desktop itself was a optimized Windows 10Enterprise with only a small set of applications. Most of these apps had been pre configured with the DEM.
The whole implementation took 6 days including the basic installation, creating the desktop image, app configuration and app profiles,integration the F5 for a higher security/MFA and testing.
The CTO concluded: “the final test showed a very good performance and the snappy behaviour of the whole system was outstanding!”