Using Terminal Services as a Remote Access Solution at Microsoft Published: April 2008.

Slides:



Advertisements
Similar presentations
Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.
Advertisements

DirectAccess Infrastructure Planning and Design Published: October 2009 Updated: November 2011.
Remote Desktop Services
Jeff Patton & Doug Whiteley It Service Group IT Roundtable July 15 th, 2009 Thin Clients & Terminal Services.
Connect with life Gopikrishna Kannan Program Manager | Microsoft Corporation
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Lesson 1: Configuring Network Load Balancing
● Dondi Vigesaa ● Operations Engineer ● Microsoft Corporation ● How Microsoft IT Deploys Windows Server 2008.
Server 2008 Terminal Services and Remote Desktop Services Basic application access is possible without Citrix, and Server 2008 R2 adds on some key features.
Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.
Remote Networking Architectures
(ITI310) By Eng. BASSEM ALSAID SESSIONS 8: Network Load Balancing (NLB)
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.
Customer Sales Presentation Stoneware webNetwork Powered by ThinkServer.
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Course 201 – Administration, Content Inspection and SSL VPN
Implementing and Configuring Microsoft ® Windows Server ® 2008 Terminal Services Nicola Ferrini
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Terminal Services in Windows Server ® 2008 Infrastructure Planning and Design.
Barracuda Load Balancer Server Availability and Scalability.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Chapter 7: Using Windows Servers to Share Information.
VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District
Module 13: Network Load Balancing Fundamentals. Server Availability and Scalability Overview Windows Network Load Balancing Configuring Windows Network.
Access Gateway Operation
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.
INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.
Microsoft and Community Tour 2011 – Infrastrutture in evoluzione Community Tour 2011 Infrastrutture in evoluzione.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
Module 5: Designing a Terminal Services Infrastructure.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Computer Emergency Notification System (CENS)
Windows Server ® 2008 R2 Remote Desktop Services Infrastructure Planning and Design Published: November 2009.
Windows Server ® 2008 R2 Remote Desktop Services Infrastructure Planning and Design Published: July 2008 Updated: February 2011.
Remote Access Using Citrix Presentation Server December 6, 2006 Matthew Granger IT665.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Five Windows Server 2008 Remote Desktop Services,
Sudarshan Yadav Sr. Program Manager, Microsoft
James O’Neill : Microsoft UK Windows Server 2008 Terminal Services.
Shai Tirosh Windows Server Regional Director artNET Experts.
Module 8: Managing Terminal Services. Overview Use and manage Terminal Services RemoteApp programs Use and manage Terminal Services Gateway Optimize and.
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
Terminal Services Technical Overview Olav Tvedt TVEDT.info Microsoft Speaker Community
(WINDOWS PLATFORM - ITI310 – S15)
Module 7: Configuring Terminal Services. Overview Describe how the components of Terminal Services work together Identify new Terminal Services core features.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
Windows Server 2003 Terminal Server: Overview And Deployment Haim Inger CTO Malam Group.
Terminal Services.  Allows end user application to be used on different clients connected via a network applications are executed on the server  Terminal.
Linux Virtual Desktop Infrastructure (VDI) Access Bringing Linux virtualization to the enterprise Presenter: James Lui Director of Technical Services,
Virtual Private Network Access for Remote Networks
Chapter 7: Using Windows Servers
Lab A: Planning an Installation
(ITI310) SESSIONS 8: Network Load Balancing (NLB)
Self-service enrollment for Windows desktops
Affinity Depending on the application and client requirements of your Network Load Balancing cluster, you can be required to select an Affinity setting.
Securing the Network Perimeter with ISA 2004
VceTests VCE Test Dumps
Unit 27: Network Operating Systems
Utilize Group Policy Terminal Server Settings
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Using Terminal Services as a Remote Access Solution at Microsoft Published: April 2008

● The Terminal Services environment at Microsoft ● The Windows Server® 2008 Terminal Services pilot ● The Terminal Services Gateway (TS Gateway) feature ● Scalability—load-balancing configurations ● User experience enhancements ● Using TS Gateway as a remote access portal ● Best practices ● Conclusion Agenda

● Windows® Terminal Services ● Network Load Balancing (NLB) ● SSL ● Domain Name System (DNS) configuration—DNS round robin Level 200 Prerequisite Knowledge

Current Environment Terminal Services at Microsoft IT ● Three Windows Server 2003–based Terminal Services deployments worldwide ● Only a few applications are supported ● Seven internal business applications ● Microsoft® Office system applications such as Microsoft Office Word and Microsoft Office Excel® ● Experienced little usage—only 30 to 40 users each month

Current Environment Accessing terminal servers—challenges ● Terminal servers can be accessed only from within the internal corporate network ● Remote users must first establish a virtual private network (VPN) connection to the internal network ● VPN connection requires an appropriately configured computer ● Many organizations do not allow for outbound VPN connections ● VPN connections are less tolerant to network delays

Windows Server 2008 Terminal Services deployment goals ● Test and validate the TS Gateway concept— remove the limitations of a VPN connection ● Test the scalability of a Windows Server 2008–based terminal server farm ● Increase the security of sensitive corporate documents ● Reduce the likelihood that users copy internal documents to remote computers

Terminal Services Pilot Deployment strategy ● Phase 1: Configure a single TS Gateway environment ● Perform security tests to verify that the environment meets security requirements ● Open TS Gateway to approximately 200 developers to obtain initial feedback ● Phase 2: Extend the environment to multiple sites worldwide ● Open TS Gateway to multiple groups at Microsoft ● Perform load-balancing and scalability tests

Terminal Services Gateway Overview of the TS Gateway role ● A Web server component ● Provides the following functionalities ● Acts as the endpoint of an SSL connection ● Performs authentication and authorization of the connecting user ● Forwards the user’s connection to a resource by using Remote Desktop Protocol (RDP) ● Requires Terminal Services client (TSClient) version 6.0

TS Gateway Design Connection process

Terminal Services Pilot Phase 1—deployment characteristics ● Two TS Gateway computers ● Five Windows Server 2008–based terminal servers ● One Terminal Services Session Broker (TS Session Broker) computer ● All computers based on commodity hardware ● Dual 2.2-gigahertz (GHz) CPUs ● Four gigabytes (GB) RAM

Deployment Results Phase 1—initial feedback ● Approximately 200 users—Terminal Services developers group ● The TS Gateway concept proven ● Users could successfully connect from any location worldwide ● Connection speed met or exceeded that of a VPN connection ● Extremely popular with developers—easy connections to Remote Desktop–enabled workstations

Extending the Deployment Phase 2—expanded goals ● Expand the deployment to that of a large enterprise-level deployment ● Test TS Gateway scalability ● By using NLB clusters ● By using third-party load balancers ● Test terminal server farm scalability ● Round-robin DNS ● TS Session Broker ● Implement user experience enhancements ● TS Portal—based on Terminal Services Web Access (TS Web Access) ● TS RemoteApp

Extending the Deployment Phase 2—deployment characteristics ● Ten TS Gateway computers ● Nine terminal servers ● Three TS Session Broker computers ● Four locations worldwide ● Dublin ● Hyderabad ● Redmond ● Singapore

Deployment Characteristics A worldwide implementation

Worldwide Deployment Usage statistics ● Deployment first opened to other developer groups—approximately 2,000 developers ● Deployment next opened to other groups at Microsoft—a goal of increased usage of typical terminal server resources ● Overall usage of approximately 7,500 people worldwide

Worldwide Deployment Usage statistics—Dec 1, 2007, through Dec 31, 2007 Usage statistic RedmondDublinHyderabadSingapore Total number of users 5, Users who have more than one logon in a month 4, Users who have more than 10 logons in a month 2, Total resources accessed 8,

Worldwide Deployment Load statistics—Dec 1, 2007, through Dec 31, 2007 Load statistic RedmondDublinHyderabadSingapore Total number of sessions 115,7873,0884,5802,750 Total gigabytes sent Total gigabytes received 2,

TS Gateway Scalability Network Load Balancing ● NLB clusters are limited by overall traffic and not by the number of nodes ● A heavily loaded cluster may experience issues with convergence and with cluster node synchronization ● For Windows Server 2008–based NLB clusters ● Single node—supports approximately 700 simultaneous connections with a maximum of 1,300 connections ● Multiple nodes—supports approximately 1,500 simultaneous connections with a maximum of 2,600 connections ● For fault tolerance, it is best to deploy at least three nodes to support 1,500 connections ● For loads greater than 1,500 simultaneous connections, a third-party load balancer is best

TS Gateway Load Balancing Traffic flow

TS Gateway Clustering Benefits ● IP affinity is not required—improves cluster efficiency ● TS Gateway automatically redirects the SSL traffic to the appropriate TS Gateway computer ● Enables TS Gateway to efficiently handle multiple connections from an organization that has only one external IP address ● Uses SSL for session encryption ● SSL connections are much more tolerant to network delays than are VPN connections ● SSL connections do not require specialized configuration

Terminal Server Scalability Load balancing in a terminal server farm ● Implemented a typical DNS round-robin configuration ● Implemented TS Session Broker ● A new feature—builds on the functionality that is available in Terminal Services Session Directory ● Provides a load-balancing functionality and user session management ● Directs a reconnected session to the appropriate terminal server ● Directs new sessions to the least busy terminal server

TS Farm Load Balancing Connection process

TS Farm Load Balancing TS Session Broker benefits ● Easy to implement—no specialized configuration required ● TS Session Broker has low overhead—can be installed on a computer that hosts other roles ● Enables simple and effective load balancing in a terminal server farm ● TS Session Broker together with DNS round robin is the only load-balancing solution in three of the four Windows Server 2008–based terminal server farms

User Experience Enhancing Terminal Services usage ● Used TS Web Access to create an easy-to-use Web-based portal to access terminal server resources ● Implemented TS RemoteApp to create a seamless terminal server application experience ● Deployed many more Terminal Services applications—approximately 30 applications now available

TS Portal A customized TS Web Access portal ● Based on TS Web Access ● A consistent and intuitive Web application that appears when a user accesses TS Gateway ● A single location—enables easy access to terminal server resources

TS Portal Main page

TS Portal Applications page

TS RemoteApp Enhancing the application experience ● A Terminal Services component—wholly directed toward the end-user experience ● Enables Terminal Services applications to run seamlessly on the end-user desktop ● Enables Terminal Services applications to run in individual windows on the user’s desktop ● Includes notification icons in the notification area on the client computer ● Does not modify the way in which a terminal server makes the application available—only how the TSClient program displays the application

TS RemoteApp Deployment results ● Proved popular for opening large documents ● Documents opened quickly and appeared the same as if they were opened locally—easier and faster than copying the document to the local computer ● Some users determined that they no longer required locally installed Microsoft Office applications ● Fewer documents were copied to remote locations—improved security ● Users sometimes experienced issues with trying to drag information from a TS RemoteApp application ● Users would forget that the running application was a Terminal Services application—unable to drag information between a Terminal Services application and a local application

Conclusion ● TS Gateway enables the creation of a scalable SSL-based remote access solution ● TS Session Broker enables the creation of simple and effective load balancing for a terminal server farm ● The Windows Server 2008 Terminal Services pilot was so successful that the project did not end—instead, the environment is being integrated into the production environment at Microsoft IT

Next Steps 1. Obtain the Windows Server 2008 Terminal Services Guide us/library/cc aspx us/library/cc aspx us/library/cc aspx 2. Visit the Microsoft TechNet Terminal Services Web site en/servermanager/terminalservices.mspx en/servermanager/terminalservices.mspx en/servermanager/terminalservices.mspx 3. Obtain a trial copy of Windows Server us/trial-software.aspx us/trial-software.aspx us/trial-software.aspx

For More Information ● Additional content on Microsoft IT deployments and best practices can be found on ● Microsoft IT Showcase Webcasts ebcasts ebcasts ebcasts ● Microsoft TechNet

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.