HP Anyware Connection Models¶
HP Anyware enables PCoIP connections between users and remote workstations or desktops using any of several connection models dependent on number of users, location of users relative to remote workstations, your desire to incorporate public cloud workstations and your authentication requirements. Ultimately, your deployment architecture may be based on one or more of these connection models according to your corporate use case:
- Unmanaged direct connections
- Managed connections with HP Anyware Manager
- Managed connections for on-site users
- Managed connections for WAN users connecting to on-premises resources
- Managed connections for on-site users and public cloud workstations
- Managed connections for remote workstations in multicloud environments
- Work-From-Home Options
You can choose to license your HP Anyware deployment using the Cloud Licensing Service or a License Server. Information on the License Server is available in Licensing.
Tip: Session Enablement help
For troubleshooting tips, FAQs and specific documentation around PCoIP Session Establishment, see the following KB article. This article includes guidelines, troubleshooting checklists as well as links to the PCoIP connection instructions found in the various component guides.
Unmanaged Direct Connections¶
Unmanaged direct connections, as shown below, are well suited to proof of concepts, trials and small to medium sized LAN deployments where flexibility in machine assignment and multifactor authentication may not be required. Each Anyware endpoint connects directly to the IP address of a remote workstation.
Each Anyware Client connects to Anyware Agent software installed on a remote workstation.
- To learn more about Anyware Clients, see the relevant HP Anyware Client Guide.
- To learn more about Anyware Agents, see the relevant HP Anyware Agent Guide.
Managed Connections With HP Anyware Manager¶
In larger LAN deployments, or WAN deployments incorporating on-premises or public cloud workstations, the Anyware clients and the remote desktops may be behind firewalls or distributed across a collection of public or private clouds. In this scenario, management capabilities may be required to coordinate and administer connections.
HP Anyware Manager is a management plane that enables users to configure, manage and monitor remote workstation connections. Anyware Manager enables highly-scalable and cost-effective HP Anyware deployments by managing cloud compute costs by brokering PCoIP connections to remote Windows or Linux workstations.
Anyware Manager is offered in two variants: as an HP managed Service, and as an installable instance deployed and managed by corporate IT in your on-premises or cloud environments. For more information, see Anyware Manager as a Service.
Anyware Manager requires a separate component, called an Anyware Connector, which is installed in the corporate deployment. The Anyware Connector acts as an access hub, facilitating PCoIP connections to remote desktops and workstations by providing user authentication, entitlement, and security gateway services.
For more information, see the "Key Concepts" topic in the Anyware Manager as a Service guide.
In environments with multiple cloud regions or on-premises environments, you can install a separate Anyware Connector into each; Anyware Manager will communicate with multiple Anyware Connectors.
In addition to managing cloud compute costs, Anyware Manager handles user entitlement, authentication including RADIUS-compatible multifactor authentication (MFA), and brokering of connections during PCoIP session establishment. The Anyware Connector enables external users to access their remote desktops without the complexity of endpoint VPNs.
For more information, see the Anyware Manager Administrators' Guide.
On-site LAN users¶
LAN Users establish a PCoIP connection with a remote workstation by first connecting to an internally published IP address of the Anyware Connector.
Anyware Connector configuration details are described in the Anyware Manager Administrators' guide.
WAN Users Connecting On-Premises¶
Off-site WAN users wishing to connect to on-premises remote workstations connect to an externally published IP address of the Anyware Connector.
Anyware Connector DMZ Deployment
The Anyware Connector is conventionally deployed in a DMZ or semi-trusted zone (not shown in the diagram) and may be coupled with a reverse proxy to facilitate load balancing.
TCP 60443
We recommend using TCP 60443 for internal connections. It is not mandatory for TCP 60443 to be opened to the public network.
Anyware Connector configuration details are described in the Anyware Manager Administrators' guide.
Public Cloud Workstations¶
Anyware Manager supports connections to public cloud workstations. By deploying the Anyware Connector in your preferred public cloud (in one or more regions and/or multiple public clouds), you can provide your on-site users with public cloud workstations or support users across different geographic regions with the nearest public cloud workstations. By choosing public cloud workstations situated geographically close to your remote users, the user experience is optimized.
TCP 60443
We recommend using TCP 60443 for internal connections. It is not mandatory for TCP 60443 to be opened to the public network.
Anyware Connector configuration details are described in the Anyware Manager Administrators' guide.
Multi-Cloud Workstations¶
Anyware Manager supports hybrid multicloud deployments comprising a combination of on-premises remote workstations (e.g. on VMware ESXi or KVM) and public cloud workstations in your preferred public cloud (in one or more regions and/or multiple public clouds). This is achieved by deploying the Anyware Connector both on-premises and in one or more public clouds. By choosing public cloud workstations situated geographically close to your remote users, the user experience is optimized.
TCP 60443
We recommend using TCP 60443 for internal connections. It is not mandatory for TCP 60443 to be opened to the public network.
Anyware Connector configuration details are described in the Anyware Manager Administrators' guide.
Work-From-Home Options¶
HP HP Anyware can offer a number of different solutions to your corporate work-from-home demands. The following image outlines a top-level architecture of the Work-from-Home scenario with HP Anyware:
TCP 60443
We recommend using TCP 60443 for internal connections. It is not mandatory for TCP 60443 to be opened to the public network.
For an in-depth view of our work-from-home offerings, please see our Work-from-Home Rapid Response Guide.
This guide outlines: