https://community.cisco.com/t5/network-access-control/vmware-horizon-design-guide/m-p/3429242#M524820 <HTML><HEAD></HEAD><BODY><P>Given that VMware has announced end-of-support for third-party switches (like the Nexus 1000v), what is our strategy for leveraging ISE in a VMware-based VDI going forward?&nbsp; Are there any design guides for VMware Horizon similar to what we've created for Citrix XenDesktop?&nbsp; The only topic I've seen related to this mentioned this <A href="http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/segmenting_clients_servers_guide.pdf">link</A>, but it's not VDI-focused (and relies on the Nexus 1000v).</P><P></P><P>Please advise.</P><P></P><P>Thank you,</P><P>Brian</P></BODY></HTML> Tue, 16 May 2017 16:16:37 GMT bricrock 2017-05-16T16:16:37Z https://community.cisco.com/t5/network-access-control/vmware-horizon-design-guide/m-p/3429242#M524820 <HTML><HEAD></HEAD><BODY><P>Given that VMware has announced end-of-support for third-party switches (like the Nexus 1000v), what is our strategy for leveraging ISE in a VMware-based VDI going forward?&nbsp; Are there any design guides for VMware Horizon similar to what we've created for Citrix XenDesktop?&nbsp; The only topic I've seen related to this mentioned this <A href="http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/segmenting_clients_servers_guide.pdf">link</A>, but it's not VDI-focused (and relies on the Nexus 1000v).</P><P></P><P>Please advise.</P><P></P><P>Thank you,</P><P>Brian</P></BODY></HTML> Tue, 16 May 2017 16:16:37 GMT https://community.cisco.com/t5/network-access-control/vmware-horizon-design-guide/m-p/3429242#M524820 bricrock 2017-05-16T16:16:37Z https://community.cisco.com/t5/network-access-control/vmware-horizon-design-guide/m-p/3429243#M524821 <HTML><HEAD></HEAD><BODY><P>Brian,</P><P></P><P>We currently don't have any documentation regarding VMware Horizon and ISE + TrustSec.&nbsp; One potential solution could be the use of PassiveID in ISE 2.2 which allows for the extraction of identity information in VDI environments.&nbsp; Unfortunately, it hasn't been tested with VMware Horizon so not sure that it would be supported.&nbsp; In addition, you would need infrastructure downstream of the environment that could consume the identity information as well as enforce policy.&nbsp; Please reach out to the PM team with specifics on the use case.</P><P></P><P>Regards,</P><P>-Tim</P></BODY></HTML> Tue, 16 May 2017 20:25:00 GMT https://community.cisco.com/t5/network-access-control/vmware-horizon-design-guide/m-p/3429243#M524821 Timothy Abbott 2017-05-16T20:25:00Z