VMware Implementation for Network Trust

Network Trust

The Communication between the user, on its device, with backend application with its data must be secured. This will be achieved by implement the following parameters:

  • Least Privilege’s Access
  • Encryption of Transport
  • Protocol Session Protection

Least-Privileges Access

The Least-Privilege Access means to force users to access the applications they need in work without reaching sensitive parts of the network. For example, HR employees access only HR department applications and data without accessing other department’s applications, data, and servers.


Unified Access Gateway controls access to published applications and virtual desktops by Workspace ONE; to ensure connections from trusted, authenticated and authorized users from managed and compliant devices.

Unified Access Gateway can segment networks by configuring three network cards: Public Network Card NIC 0, Management Network Card NIC 1, and backend server Network Card NIC 2; users can access the backend network using routing.

Contextual Granularity Through Distributed Firewall Rule

Identity Firewall

Identity Firewall Workflow

Encryption of the Transport Protocol

Blast Extreme protocol

With Horizon 7 the Remote Desktop Session Host service allows a server to host applications and remote desktop sessions. With Horizon Agent installed on an RDS host, users can connect to applications and desktop sessions using the display protocol PCoIP or Blast Extreme.

Session Protection

A session is a temporary connection between two devices or between a user and a computer during which information is communicated and exchanged.

Session Expiration with Unified Access Gateway

Restriction of User Behaviors Based on Session Conditions

Intrusion Detection and Prevention


Network Trust include the implementation of three parameters: Least Privilege – Encryption of Transport and Session Protection.