How to get started with VDI in Zoom App

How to get started with VDI

This is known as virtual desktop infrastructure (VDI) or global desktop virtualization (GDN), a method of delivering a desktop image to an endpoint device via a network. Once the user has gained access to the operating system (OS) and applications on the endpoint, he or she may perform various tasks. A variety of endpoint types are available, including PCs, thin clients, and mobile devices. VDI has several potential benefits, including data protection, better remote worker support, and the ability to keep older computers operational for a longer period of time.

Zoom is a Virtual Desktop Infrastructure solution that can be integrated into Citrix, VMware, or Azure Virtual Desktop (AVD) Virtual Desktop Infrastructure. Zoom is also delivered via thin clients. On this page you can find links to the different download packages, as well as links to information regarding installation.

What are the prerequisites for getting started with VDI?

  • Citrix XenDesktop, VMware Horizon, and Windows Remote Desktop are available by mail-order for those using Citrix XenDesktop and VMware Horizon
  • There are a variety of remote desktop applications available for Apple OS X, Linux and Windows operating systems
    Note: The Citrix Workspace application from the Microsoft store cannot be used.

Here are some tips on how to get started with VDI

You should be able to understand how VDI installations and connectivity work

VDI Client Host Installers are downloadable and installed using software or device management tools and can be deployed as .msi files using standard installation tools. The plugin installations can be accessed as a .msi installation for Windows systems, a .pkg installation for Macs, and a .deb, .rpm or a zipped installation for Linux systems, which can also be installed through the device management software of your choice. You can find detailed instructions on how to install and connect to VDI on this page.

Note: There are two separate programs, namely the VDI Client and the VDI Plugin, each of which has its own installed software location.

Understanding the installation of Zoom in the VDI environment

Zoom application installations in a VDI environment require administrator privileges and the following steps to be performed:

  • It is essential to install the software on an image that is installed on the VDI server, which should be found within the Virtual Desktop.
  • It is an extension that is installed on each thin client that accesses the VDI through the Zoom Media Plugin.

On the Citrix support pages or the VMware support pages, you can find more detailed instructions about how to install the product.

Notes:

  • In order to optimize VDI, customers must install the VDI Client (Host Installer) on the virtual desktop from which the user is accessing the VDI plugin on the remote device or thin client through which VDI is being accessed.
  • There is currently no support for running Zoom as a published application.
  • With AVD for Windows and the iGel plugins for RDP remote desktop, these remote desktops can be accessed.
  • This client cannot connect to a VMware server with an RDP protocol. However, a client can connect to a VMware server using the VMware Blast or PCoIP protocols.

Develop a thorough understanding of supported infrastructure and minimum requirements for software

If you want to deploy Zoom VDI server, you will need at least Windows Server 2012. Zoom VDI client will only run on Windows-based operating systems. If you are connecting through Windows RDP, it is possible to offload media created by VDI with the Azure Virtual Desktop (AVD) plugin (formerly known as Windows Virtual Desktop). To learn more, visit the article Supported VDI software requirements.

Understand VDI release & feature information as well as downloads

Compared to the Zoom client, the VDI client is almost identical to it in almost every aspect. As mentioned, the Zoom Meet features an assortment of features; such as end-to-end encryption, speaker view, gallery view, language interpretation, breakout rooms, screen sharing, the Zoom phone, and so on. If you are interested in seeing a list of the VDI client features comparisons, please visit the article on the VDI client feature comparisons.

It may occasionally occur that, since the standard meeting client and VDI client are released at staggered times, there will be a feature disparity with the newly released VDI client.

Note: There are some VDI features that are only available for a limited amount of time.

Keep up to date on VDI releases and features by following these steps:

  • Make sure you keep up to date with the latest changes to the VDI release notes by following them.
  • You can view and download compatible plugins for each VDI release by following the VDI releases and downloads.

Understand the concept of backward compatibility when it comes to VDI

In addition, some of the plugins for VDI are not backward compatible with Zoom Meeting’s older versions. It is necessary that the version number of the plugin is always equal to or lower than the version number of the VDI Client. For feature parity and product improvements, it is important to keep the version number of both VDI and plugin the same or nearly the same.

You can access VDI release content and Zoom Client release content online by following the VDI backward compatibility guide.

How to get started with optimizing your VDI environment

Zoom Meeting and Zoom Phone are two of the products supported by the VDI plugin optimizations at the moment: Zoom Meetings and Zoom Phone. The Zoom Phone media optimization has been expanded despite the fact that all supported plugins are offloading and optimizing Zoom Meetings media.

Learn how to optimize Zoom Meetings for Virtual Desktop Infrastructure

When the VDI Client and the Zoom plugin are working together, the two create a seamless experience, superimposing the plugin’s media on top of the VDI Client’s Zoom placeholder. The result is a seamless experience. In order to achieve this, a virtual channel that is already provided by the VDI software provider is used to synchronize the update between the plugin and the VDI Client.

Modes of connection

Zoom meeting infrastructure is supported by three different connection modes for the VDI Client with Zoom. A Mode of Direct Optimized Experience is the most common mode in which both the VDI Client and the Zoom plugin establish unique connections to Zoom and render independently their own portions in a Zoom meeting for a seamless experience.

There is also the ability for the VDI Client to work in alternative connection modes – such as UDP/Channel Optimized or Fallback Mode – to suit user needs depending on workflows or security requirements.

How to optimize Zoom Phone for Virtual Desktop Infrastructure (VDI)

The VDI plugin will also offload Zoom Phone media on selected operating systems and virtual desktop agents in the same way that it optimizes meeting experiences. Using this method, a user gets a richer quality experience by directly connecting to the plugin over the network and processing the media locally.

Frequently asked questions about VDI optimization

How does Screen Sharing work with VDI?

In virtual desktop integration (VDI) settings, screen sharing is managed differently depending on whether the user shares their screen from a virtual desktop, or whether they receive a share session from another user while using a virtual desktop.
In meetings during which the video from another participant is shared, the video from that member is sent to the virtual desktop, and, by default, the video is forwarded to the plug-in for the VDI. This plugin is called the VDI plugin and is designed to optimize the performance of video, meetings, and shared sessions on the thin client by forwarding on to the VDI plugin. Using a registry key, it is possible to disable that behavior when a shared session is to be rendered on a virtual desktop, but it is not recommended.

In order to make sure that all of the virtual desktop users can see the newly shared screen, the shared session is transmitted from the virtual desktop in the cloud to the Zoom cloud, where it is forwarded to everyone else participating in the meeting. This means that the VDI plugin is not used to deliver the video content in the shared session. The audio is sent to the VDI plugin from the virtual desktop, where it is mixed up with the user’s audio, and then sent to the Zoom cloud and to all users. In the Share selection dialog box there is a check box called Share sound, which enables you to choose whether to share the sound. This option was not displayed by default in earlier releases of the Zoom Meeting client for Virtual Desktop Infrastructure, but the registry could be changed to enable it. As of the recently released versions (5.9.0 and higher), the option is enabled by default.

Is local screen sharing processed on the VDI server?

There is no doubt that VDI server must process the local as well as outgoing screen sharing data to initiate screen sharing from a virtual desktop. The CPU cores that are under use in the virtual desktop are provided as virtual CPU cores, which means that some of the offloading to a GPU that can be done with the real hardware cannot be done with the virtual desktop. This performance challenge has been addressed by reducing the frame rate of screen sharing of the VDI Client to five frames per second in order to maintain the server’s performance.

If the virtual desktop is to be deployed in a scenario where the frame rate needs to be increased to the maximum that the virtual desktop is capable of supporting, the registry key EnableOptimizeForVideo can be enabled. There is no magic number when it comes to the frame rate that is achieved, since it depends of the number of cores that are available on the desktop and other factors, such as the media being shared and the application presenting the media.

In order to optimize server performance, customers who are concerned about virtual desktop performance can reduce the capture rate through the registry key ShareCaptureFps.

What is the difference between a Direct Optimized and UDP/Channel Optimized connection?

In the case of a Direct Optimized connection, both the cloud infrastructure of Zoom as well as the VDI Client can maintain independent connections to it. Both the plugin as well as the VDI Client take advantage of the best possible data route for an optimal user experience.

If a business wishes to maintain control over the media data flow between the VDI Client and plugin, and use UDP and channel optimized communications for the VDI Client, then this installation can be beneficial for the organization. As it stands, the plugin cannot establish a direct connection with the Zoom cloud infrastructure due to this configuration. Instead, all audio, video, and screen share data is transmitted over a dedicated VDI server, with all data arriving at the plugin through a secure out-of-band out-of-band L2TP UDP connection. As soon as a UDP connection out of band fails, the client will switch to another connection channel made by the VDI vendor, such as the ICA channel.

How is the out-of-band UDP connection established?

VDI Client and plugin establish an out-of-band UDP connection, which uses port 17000-18000 by default, to communicate with each other. The encrypted connection is confirmed through a confirmation window.

The existing encrypted virtual connection between the VDI Client and the plugin (e.g., ICA Channel), which enables the exchange of encryption keys between the end points and the confirmation of the connection. When the UDP connection cannot be established, the virtual channel will be used instead if an UDP connection cannot be established.

Under the UDPPortBegin and UDPPortEnd keys, if necessary, the range of UDP ports can be set between the values of 1000 to 65000 through the set of registry keys. As long as the total number of ports required is at least 100, that means the lowest valid value of 100 ports is 1,000-1,100 and the highest valid value of 100 is 64000-64100.

Note: A value of UDPPortBegin of more than 64000 cannot be specified.

Windows Defender Firewall organizations that use customized port ranges need advanced configurations in order to use this firewall effectively.

Note: Zoom recommends that you reserve at least eight ports per user if you are sharing a Host System between multiple users.

How does the virtual connection failover work?

There is a possibility that a direct or UDP connection cannot be established between the VDI Client and plugin during the establishment of the connection, which will failover to the virtual connection hosted by the agent of the virtual desktops. It is likely that the quality of media will be impacted by these connections due to the limited bandwidth available.

Can I force the UDP/Channel Optimized connection?

As a result of the VDI registry keys, various connection protocols can be enforced by using these keys

Make sure that the MMRDirect, ICABridge, and UDP Bridge keys are disabled.

  • By disabling MMRDirect, the plugin will no longer be able to establish direct connections with the meeting server and will attempt to connect through UDP Optimized mode.
  • In case a direct connection or UDP Bridge cannot be established between the VDI client and plugin, “DisableICABridge” will disable the virtual channel connection failover. Alternatively, Fallback Mode will be used if a direct connection cannot be established. You can also disable the VMware Blast channel by using this key.
  • It is important to understand that disabling UDPBridge will disable the function of forming out-of-band connections between the plugin and the VDI Client as well as forcing connection attempts to be made using the virtual connection if a direct connection cannot be established. There will be a Fallback Mode if a connection is not established.

How is VDI traffic protected?

For UDP connections, regardless of optimization configuration, all in-meeting traffic is encrypted using 256-bit AES-GCM encryption, regardless of whether it was optimized or not. Failure override methods use TLS 1.2 encryption for media connections.

The plugin connects to the VDI client and all communication in between is encrypted either through an intrinsic virtual connection, or through an out-of-band UDP connection.

What ports are required for using the VDI Client?

In order to meet connectivity needs with the VDI Client over the standard client, no special networking configurations are necessary. These configurations can be found in the guide for configuring the firewall and proxy services.

If you are interested in Direct and Channel Optimized modes, please refer to the UDP Connection Establishment section.

Windows Defender Firewall considerations

During the installation of the VDI Client MSI package, the Windows Defender firewall opens UDP ports 7200-17210 to ensure that plugin connectivity can be established. In order to maintain the functionality of the Windows Defender firewall, companies that utilize the Windows Defender firewall but customize the UDP port range by using registry keys must update these parameters in the Windows Defender firewall.

How to get started with VDI statistics in the Zoom desktop client

VDI plugins can only be detected and installed in the remote client when a compatible VDI plugin is installed and detected in the remote client.

When you are using the Zoom meeting client for VDI and you do not see a VDI tab, check your remote client to make sure that a VDI plugin has been installed. There must be an equal or less version of the plugin than that of the VDI client that is being used. Additionally, there may be a requirement in group policies that a minimum version of the VDI plugin must be installed. The help desk can assist you with this requirement.