Modern SWG solutions tend to perform at a much higher levels than a traditional VPN/Proxy approach, but the highest level of experience is always achieved via a direct connection and avoiding any inspection or intermediary devices. Routing this traffic through a tunnel to an intermediary device to reach its destination inevitably adds latency and can restrict throughput regardless of how well configured or performing said device is. However, as with any virtualized device which needs a remote connection to access, the above model poses several challenges:įirstly, the remote desktop traffic is latency sensitive, in that delay to the traffic reaching its destination can feasibly translate into a poor user experience, with lag on actions and desktop display. With a physical device the tunnel is normally up and running before or shortly after the user sees their desktop on screen, meaning they can then quickly get on with their work without noticing its presence. Many of these VPN/SWG solutions build a tunnel in the user context, which means that when a user logs in, the service starts and creates the tunnels required to provide both internet and private access as defined for that user. The more modern, cloud based SWG solutions fit very well with this modern Zero-Trust approach and generally perform at a higher level than traditional, legacy VPN software, where internet browsing is hairpinned through On-Premises proxies and back out to the internet.Īs we have many Windows 365 customers using such solutions as part of their deployment, there are some specific configuration guidelines which are outlined in this post which Microsoft recommends are applied to optimize key traffic and provide the highest levels of user experience. This is especially the case when deployed in the Microsoft Hosted Network (MHN) model where the Cloud PC is located on a network with direct, open high-speed internet available. The use of VPN or Secure Web Gateway (SWG) client software or agents to provide tunneled access to On-Premises resources in addition to providing protected internet access via a cloud based Secure Web Gateway (SWG) or a legacy VPN & on-premises proxy path is very commonly seen in Windows 365 deployments.
0 kommentar(er)
