To deploy the Access Point appliance, ensure that your system meets the hardware and software requirements.
VMware Product Versions Supported
You must use specific versions of VMware products with specific versions of Access Point. Refer to the product release notes for the latest information about compatibility, and refer to the VMware Product Interoperability Matrix at http://www.vmware.com/resources/compatibility/sim/interop_matrix.php. Information in the release notes and interoperability matrix supersede information in this guide.
Access Point 2.8 can be used as a secure gateway with the following VMware offerings.
- Vmware AirWatch 8.4 and later
- VMware Identity Manager 2.7 and later
- VMware Horizon 6.2 and later
- VMware Horizon Air Hybrid Mode 1.0 and later
- VMware Horizon Air 15.3 and later
Hardware Requirements for ESXi Server
The Access Point appliance must be deployed on a version of vSphere that is the same as a version supported for the Horizon products and versions you are using.
If you plan to use the vSphere Web Client, verify that the client integration plug-in is installed. For more information, see the vSphere documentation. If you do not install this plug-in before you start the deployment wizard, the wizard prompts you to install the plug-in. This requires that you close the browser and exist the wizard.
Virtual Appliance Requirements
The OVF package for the Access Point appliance automatically selects the virtual machine configuration that Access Point requires. Although you can change these settings, VMware recommends that you not change the CPU, memory, or disk space to smaller values than the default OVF settings.
Ensure that the datastore you use for the appliance has enough free disk space and meets other system requirements.
- Virtual appliance download size is 2.5 GB
- Thin-provisioned disk minimum requirement is 2.5 GB
- Thick-provisioned disk minimum requirement is 20 GB
The following information is required to deploy the virtual appliance
- Static IP address
- IP address of the DNS server
- Password for the root user
- URL of the server instance of the load balancer that the Access Point appliance points to
Networking Configuration Requirements
You can use one, two, or three network interfaces, and Access Point requires a separate static IP address for each. Many DMZ implementations use separated networks to secure the different traffic types. Configure Access Point according to the network design of the DMZ in which it is deployed.
- One network interface is appropriate for POCs (proof of concept) or testing. With one NIC, external, internal, and management traffic are all on the same subnet.
- With two network interfaces, external traffic is on one subnet, and internal and management traffic are on another subnet.
- Using three network interfaces is the most secure option. With a third NIC, external, internal, and management traffic all have their own subnets.
Log Retention Requirements
The log files are configured by default to use a certain amount of space which is smaller than the total disk size in the aggregate. The logs for Access Point are rotated by default. You must use syslog to preserve these log entries. See Collecting Logs from the Access Point Appliance.