- AMAZON VDI INSTALL
- AMAZON VDI WINDOWS
Standard – 2 vCPU x 4 GB memory x 50 GB storage. Value – 1 vCPU x 2 GB memory x 10 GB storage. However, unlike EC2 where there are dozens of instance types to choose from, Amazon only provides four choices for WorkSpaces. Here is the breakdown of the components of a WorkSpaces bundle:įirst there is the virtual hardware, which is essentially an EC2 instance under the covers. WorkSpaces FoundationĪmazon uses the term “bundles” to describe the combination of virtual hardware, an operating system, and applications that will be used for a given virtual desktop. AHEAD helps organizations understand its vision for DaaS and designs the infrastructure foundation to ensure the service meets all availability, performance, and cost requirements. The public cloud used for virtual desktop deployment should be designed for frictionless scalability and result in a simplified operational model for ongoing support and maintenance. IT has shifted its stance by embracing the cloud and leveraging it as an extension to its data center strategy, which includes all security and governance requirements. AHEAD recommends for all virtual desktop initiatives to be rationalized between both a traditional on-premises virtual desktop (VDI) approach and a DaaS solution.Īs organizations evaluate on-premises VDI against DaaS, key benefits will arise and value will be understood throughout each solution. As DaaS is becoming more relevant amongst AHEAD’s client base, rapid delivery and infrastructure scalability are driving this relevance and becoming critical success factors for these initiatives. In your Okta org, configure the Amazon WorkSpaces application and required factors.Īmazon WorkSpaces must be configured for MFA.ĪWS WorkSpace users are managed in Active Directory but must be provisioned into Okta.AHEAD helps organizations architect, design, and deliver a Desktop as a Service (DaaS), specializing in Amazon WorkSpaces. AMAZON VDI INSTALL
Preconfigure Amazon WS instances with required Active Directory, EC2 and workspace.ĭownload and install the Okta RADIUS agent on Instance B.įor throughput, availability and other considerations, see Okta RADIUS Server Agent Deployment Best Practices.Ĭreate inbound rules to allow the RADIUS agent to communicate with an AWS Directory Service instance. When an end user that's enrolled in Okta with DUO MFA attempts to access Amazon Workspaces configured with RADIUS, they must provide the six digit MFA passcode displayed on the DUO mobile app in addition to their primary password. If that private IP changes the AWS Directory MFA configuration must be updated to reflect the new private IP.ĭUO MFA with Push/SMS/Call isn't supported for Amazon Workspaces with RADIUS. The AWS Directory service requires the private IP address of Instance B to delegate the MFA challenge over RADIUS. Directory ID is used to determine the name of the Security Group. You must have the Directory ID of the AWS Directory Service.
The AWS Directory Service requires the private IP address of Instance B to delegate the MFA challenge over RADIUS.ĪWS Directory Service instance, configured and pointing to Instance A, running Active Directory.
AMAZON VDI WINDOWS
Instance B: represents the Windows 2012r2 host on which to install the Okta RADIUS agent.Instance A: represents the Amazon Directory Service virtual machine instance.In addition, you must configure Amazon Web Services as: In addition, you must configure Amazon Web Services as:Īmazon Web Services instances, configured as: RADIUS traffic between the gateway (client) and the RADIUS agent (server). (Default, you can change this when you install and configure the RADIUS app) Meet the following network connectivity requirements before you install the Okta RADIUS agent: SourceĬonfiguration and authentication traffic.
0 kommentar(er)
