VMware Horizon 7 version 7.0

VMware announced the release of Horizon 7 on 22nd March 2016. In this blog i will guide you through the VMware Horizon 7 new features and enhancements.


  • Instant Clones
  • Smart Policies
  • VMware Blast Extreme
  • True SSO
  • Access Point 2.5 Integration
  • Support for IPv6 with VMware blast Extreme on security servers
  • Protection against inadvertent pool deletion
  • Windows Server 2016 support (Tech Preview)
  • URL Content redirection for Windows Horizon Clients

Instant Clones:

Instant clone technology allows administrators to rapidly clone and deploy Virtual machines in less time. Instant clones utilize the vmFork technology within vSphere to fork a virtual machine from running virtual machine. VMware announced the technology behind Instant clones (Project Fargo/VMFork) during VMworld 2014.

  • Instant Clones are only available in Horizon Enterprise edition
  • Instant clone pool does not rely on View Composer. No need to install composer if you plan only with Instant clone pool.
  • Customization process use ClonePrep (new process introduced in Horizon 7).
  • All Instant clones are non-persistent.
  • Persistent can be achived using AppVolumes and UEM

Smart Policies:

Smart policies help administrators to manage Virtual environment better and improve user’s access in real time.

Smart policies can be applied for below conditions:

  • Desktop Pool
  • User / Endpoint Location
  • View Client
  • Horizon Tags

List of Smart Policies that can be applied:

  • USB Redirection
  • Printing
  • Clipboard Redirection (Disable, Allow all, Allow copy from Client to agent & Allow copy from agent to Client)
  • Client Drive redirection (Disable, Allow all, Read-only)
  • PCoIP Profile : This can be used to configure bandwidth profile for PCoIP sessions. Below table explains the predefined bandwidth profile.
PCoIP Profile Max Session BW (Kbps) Min Session BW (Kbps) Enable BTL Max Initial Image Quality Min Image Quality Max FPS Max Audio BW (Kbps) Image Quality Performance
High-speed LAN (20 Mbps) 900000 100 Yes 100 50 60 1600 50
LAN (10 Mbps or higher) 900000 100 Yes 90 50 30 1600 50
Dedicated WAN (5 Mbps, default) 900000 100 No 80 40 30 500 50
Broadband WAN (2 Mbps) 5000 100 No 70 40 20 500 50
Low-speed WAN (1 Mbps) 2000 100 No 70 30 15 200 25
Extremely low-speed connection (up to 500 kbps) 1000 100 No 70 30 5 90 0
  • PCoIP requires Horizon 7, UEM 9, latest agent & Horizon Client 4.0
  • Only works with PCoIP and Blast extreme protocols. Doesn’t support RDP.

VMware Blast Extreme:

VMware Blast Extreme uses H.264 (MPEG-4 AVC) for encoding and decoding its remote display. It is optimized for mobile cloud and supports the broadest range of client devices that supports H.264. By using H.264, end-user devices can offload the protocol decode to hardware, rather than the CPU. Also on the server side, when combined with an NVIDIA GRID vGPU, the protocol encoding can be offloaded to the server’s GPU. This provides both performance gains and saves CPU utilization.

It offers the lowest CPU consumption for longer battery life on Mobile devices. Blast extreme display protocol can be used for remote applications and for remote desktops that use virtual machines or shared-session desktops on an RDS host. The RDS host can be a physical machine or a virtual machine. Now you can select Blast Extreme as the default protocol.

True SSO:

Horizon 7 True SSO provides the ability to seamlessly sign onto a virtual desktop a single time using two-factor authentication via Identity Manager or Workspace ONE. True SSO separates authentication and access to Horizon-based desktops and applications.

True SSO uses SAML (Security Assertion Markup Language) to send the User Principal Name to the identity provider’s authentication system to access AD credentials. Horizon 7 then generates a unique, short-lived certificate for the Windows login process.

Access point 2.5:

Access point is a replacement of Security server. Access Point is a virtual appliance primarily designed to allow secure remote access to VMware end-user-computing resources from authorized users connecting from the Internet. Can be configured for RADIUS or RSA SecurID. Support for smart card identification. User gets identified within the DMZ.

  • Smart card authentication is now fully supported.
  • RSA SecurID and RADIUS authentication have been added.
  • Smart policies can be used with Access Point.
  • VMware Blast protocol can now be directed to port 443. Previously, port 8443 was required.

For more information on What’s new, Please Click here.

I hope you find this useful. Thanks for reading.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.