Network Prerequisites for Deploying Cloud Access Manager

When you deploy a Cloud Access Manager deployment to a new domain with no existing virtual network the script generates the required resource groups and system infrastructure automatically. For information on what Cloud Access Manager generates see Azure Resource Groups. If you are deploying Cloud Access Manager connected to an existing domain controller and virtual network, then you will also need a virtual network in Azure which has:

  • Access to the domain/domain controller you wish to connect to.

  • Three subnets:

    • A subnet for the Cloud Access Connector. This subnet needs to allow for inbound access for public IP’s generated in the subnet. This is where the PCoIP security gateways will be deployed and they have a public IP each.

    • A subnet for the Cloud Access Manager application gateway. Based on Azure rules, this subnet can only be populated with Azure application gateways. The application gateway must be able to deploy with a public IP address.

    • A subnet for the remote workstations. This subnet needs to be routable from the Cloud Access Connector subnet, plus needs any other desired internal access such as to domain controllers, file shares, and internal application servers. Network interfaces in this subnet do not need to create public IP's for Cloud Access Manager.

  • You will need to be able to provide the resource ID of the virtual network, as well as the names of the subnets.

Network Security Configuration

For more information on the Public IP inbound port numbers, outbound access to the remote workstation subnet, domain controller and internet access, see the Network Security Configuration section.