What Is Horizon Cloud Service
Desktop and app virtualization as a service
Like Omnissa Horizon® 8, Omnissa Horizon® Cloud delivers virtualized Windows desktops and apps to just about any endpoint device you can think of. Devices can include Windows, Mac, and Linux desktop computers and laptops, Chromebooks, tablets, smartphones, and thin and zero clients. The difference is that Horizon Cloud – next-gen is a DaaS (desktop-as-a-service) solution, meaning that Omnissa delivers and maintains all the critical virtual desktop infrastructure management components on your behalf.
Admins need concern themselves only with managing the virtual apps and desktops. The rest is provided as a service:
- DaaS management infrastructure: Omnissa has got you covered with respect to managing the VDI infrastructure services, app-packaging services, connection brokering service, edge gateways, databases, and so on.
- Resource capacity: Resource providers are supported hypervisors, cloud platforms and cloud PC’s that provide the necessary resource capacity to deliver desktops and applications to end users. At the time of this writing, Horizon Cloud – next-gen supports Microsoft Azure subscriptions, Windows 365 cloud PC’s and other platforms for resource capacity.
Horizon Cloud – next-gen also allows for the use of infrastructure capacity in an on-premises datacenter, as described in the Horizon Architecture chapters of the Omnissa Workspace ONE and Horizon Reference Architecture document.
For an overview of Horizon Cloud see the video below:
Horizon Cloud – next-gen delivers a cloud-native, hybrid, and multi-cloud desktop and app virtualization platform while still providing security and not sacrificing end-user experience.
What are the key features?
Perhaps your main concern focuses on remote work and providing speed, flexibility, and features to keep your users productive. Or perhaps your number one use case is maintaining business continuity, which might require rapidly deploying virtual desktops and apps for thousands of end users.
On top of all the features shared with Horizon 8, Horizon Cloud – next-gen offers the following key features:
Extraordinary scalability
Horizon Cloud – next-gen is the best solution for accommodating fluctuating capacity demands:
- Scale up without having to add hardware.
- Scale down according to demand and save on consumption costs. If only half your employees are using the system at a certain time, you do not have to pay for hardware to support the other half, who are not using the system.
The Horizon Cloud - next-gen “thin edge” architecture reduces the infrastructure footprint within customer environments, and each Horizon Edge can support up to 20,000 end users! Scaling beyond that number is straightforward by adding additional Horizon Edges.
Advanced automation
Horizon Cloud - next-gen is built entirely using APIs, so that anything you can do from the management interface is accessible through public APIs. This public API platform supports advanced automation and integration on several fronts:
- Third-party ticketing or monitoring solutions
- Partner-built managed service offerings
- Customer-built integrations and automations that leverage existing workflows
For more information, see the Horizon Cloud Service – next-gen API Reference, on the Omnissa Developer Documentation portal.
Less troubleshooting with proactive monitoring
With the Horizon Cloud – next-gen DaaS solution, fewer components run in the customer environment, and the Omnissa Operations team benefits from increased observability over the entire service offering. This visibility allows the Omnissa Ops team to proactively detect and resolve many issues before they affect your environment. But if an issue should arise, the proactive alerting features and advanced reporting capabilities greatly simplify troubleshooting.
Application and user environment management
Horizon Cloud – next-gen also includes other market-leading features, such as Omnissa App Volumes™ and Omnissa Dynamic Environment Manager™. With App Volumes and Dynamic Environment Manager, you deploy and manage applications separately from the OS image:
- App Volumes simplifies application management while reducing cloud consumption costs by efficiently delivering applications from one virtual disk to many desktops or published-application servers. Using virtual machines more efficiently in this way reduces the operational costs of running instances in cloud.
- Dynamic Environment Manager adds advanced user environment management capabilities to deliver desktops and apps that meet each user’s needs at the specific time they request it, and in the context of the company’s security requirements. User-specific Windows desktop and application settings can be applied in the context of client device, location, and other conditions.
Using this strategy, admins will not need to become virtualization wizards or layering experts. All they need to know to capture an application is how to install it. With Horizon Cloud – next-gen, the App Volumes functionality is provided as part of the DaaS management platform. The corresponding App Volumes and Dynamic Environment Manager agents are automatically installed for you when you create a golden image.
What is the architecture?
Horizon Cloud – next-gen is a great solution for rapidly scaling existing or new Horizon VDI or published application environments. To reduce the management footprint and deliver a true desktop virtualization service, Horizon Cloud - next-gen leverages a “thin edge” architecture.
All the thin Horizon Edge consists of are one or more Horizon Edge Gateways and one or more pairs of load-balanced Omnissa Unified Access Gateway™ virtual appliances; there are no connection servers and no cloud connectors. If more capacity is needed, you need only deploy a new Horizon Edge.
All Horizon Edges, whether spread around the world or located in the same region, leverage the same Horizon Control Plane and are managed as a single environment. All the VDI infrastructure servers, app-packaging servers, connection brokers, databases, and so on reside in the Horizon Control Plane, which is delivered and managed by Omnissa.
The following diagram illustrates, at a high level, the Horizon Cloud – next-gen architecture. Descriptions of individual components follow.
Figure 1: High-level architecture for Horizon Cloud – next-gen; Control Plane managed by Omnissa
The Horizon architecture is made up of the following components:
- Omnissa Horizon® Control Plane
Unifies and simplifies management across pods (multiple instances of Horizon configured for the cloud), providing monitoring and management of images, applications, and lifecycles.
With Horizon Cloud – next-gen, the Omnissa Horizon® Universal Console, the connection server/brokering function, App Volumes management servers, and associated databases are all included in the Horizon Control Plane. - Omnissa Access™
An identity and access management solution that is included with Horizon Cloud – next-gen, Workspace ONE Access provides your end users with an app catalog to access Horizon desktops and apps, web apps, and SaaS apps through a browser. Workspace ONE Access also provides the ability to integrate with other identity providers to enable single sign-on (SSO) to all your apps without sacrificing security. - Monitoring with Omnissa Workspace ONE® Intelligence™
Horizon Cloud - next-gen benefits from Omnissa Workspace ONE® integration, with support for Workspace ONE Intelligence for dashboards and customized reports. - Omnissa App Volumes
With Horizon Cloud – next-gen, the App Volumes management components are included in the Horizon Control Plane, which simplifies packaging and deploying applications. With App Volumes, applications are virtually attached and integrated into the Windows OS rather than natively installed on the virtual desktop or RDSH server. Use this strategy to reduce OS image count and simplify application maintenance. - Omnissa Horizon® Edge Gateway
Acts as an orchestration bridge between the Horizon Control Plane and the infrastructure capacity provider. This gateway also provides single sign-on capabilities for the service, so that users do not have to enter their passwords multiple times to log into a virtual desktop or published app. For more information, see the Horizon Edge chapter of the Horizon Cloud Service - next-gen Architecture document. - Omnissa Unified Access Gateway
Provides secure remote access from the client endpoint to virtual desktops and published applications, without using a VPN. These gateways are for communication from the broker down into your environment.
In Horizon Cloud – next-gen, Unified Access Gateway virtual appliances are set up as pass-through devices that provide a direct (not tunneled) connection and do not perform any kind of security. The connection string has an authentication token in it. The Blast display protocol session that uses the direct connection is encrypted.
The Unified Access Gateway just points the user to the virtual machine they are authorized to use. In Horizon Cloud – next-gen, these gateways can handle 10,000 connections each. For more information, see Unified Access Gateway in the Horizon Cloud Service - next-gen Architecture document. - Single-session desktops
Dedicated (persistent) or floating (nonpersistent) desktop pools are created from a golden image to provide single-session remote desktops to your end users. - Multi-session desktops and apps
Remote Desktop Session Host server pools or pools of multi-session Windows 10 or Windows 11 desktops are created from a golden image to provide published applications and multi-session-based remote desktops to your end users. - Active Directory
With Horizon Cloud – next-gen, directory services for user authentication, or identity (IdP), has been separated from directory services for virtual machines. Active Directory is still used for virtual machine identity, so that the machine can be joined to the domain. For machines, you can place a local domain controller in your provider’s infrastructure capacity, such as your Microsoft Azure subscription, near where the machine objects are going to be created, or you can use Azure AD services.
User accounts can use either Azure Active Directory services or Workspace ONE Access. You can sync either of these to an on-premises Active Directory if you like.
The deployment architecture for the above-mentioned components is described in the following diagram, which shows how the cloud service works with the Horizon Edge, deployed on an infrastructure provider, to manage and orchestrate virtual desktops and applications for end users.
Figure 2: Deployment architecture for Horizon Cloud – next-gen
Integration with other Omnissa services
With a publicly available API, Horizon Cloud – next-gen was built with integrations in mind from the start. In addition to the already mentioned integration with Workspace ONE Access, Horizon Cloud – next-gen uses the Omnissa Connect for single sign-on and RBAC (role-based access control) functionality for administrators.
Figure 3: Omnissa Workspace ONE Cloud Services home page, with Horizon Cloud Service tile
Click Manage on the Horizon Cloud Service tile to access the Horizon Universal Console for Horizon Cloud – next-gen.
Figure 4: Horizon Universal Console home page, for simplified app and desktop management across pods
The platform also integrates with Omnissa Workspace ONE Intelligence to bring reporting and analytics capabilities to Horizon Cloud Service. Dashboards with insights from Workspace ONE Intelligence are visible directly in the Horizon Universal Console. With the added Digital Employee Experience Management for Horizon reports, you can combine measurement of environment KPIs (key performance indicators) and employee sentiment, with root-cause analysis and remediation.
Figure 5: Analytics score for digital employee experience, provided through integration with Workspace ONE Intelligence
Conclusion
Horizon Cloud – next-gen gives organizations a secure, comprehensive, cloud-hosted solution for delivering virtualized Windows applications and desktops. This service, which is deployed and managed by Omnissa, enables you to focus on managing desktops and applications rather than the underlying infrastructure.
You can use Horizon Cloud – next-gen for device redirection, unified communications, access to applications and desktops, and more. End users have easy single sign-on access from any device and can connect to virtual desktops and applications from any location.
Find out more
You’ll find a wealth of related information on Tech Zone and Omnissa Docs, including:
- Using Omnissa Horizon Cloud Service – next-gen
- Horizon Cloud Service - next-gen Architecture
- Omnissa Horizon Cloud Service - next-generation Network Ports Diagrams
- Horizon Cloud Service - next-gen Initial Setup & Configuration Workflow
Learn more about other Omnissa projects
If you are interested in other Omnissa projects, see the following introductions:
- What Is Workspace ONE?
- What Is Workspace ONE UEM?
- What Is Horizon?
- What Is Digital Employee Experience (DEX)?