mostly just some smart usage of VPN and stuff. But in the end, as long as one machine can connect to another via some mechanism, direct connect works fine, and no need for the complexity of CAC/CAM. They definitely have their place, just not in our current infrastructure.
The “HP 1Y Anyware Professional” subscription is the same thing as the “Cloud Access Plus” subscription, just renamed. That subscription also works if you want to run the latest versions of ZBoost Central now that the “free” license on HP Z workstations no longer works.
There are 5 components to a full Teradici / PCoIP deployment:
The 3 non-optional components:
- the Graphics Agent which you run on the workstation
- the Software Client which you run on the local machine you use to connect to the remote workstation
- the license server: this is basically “flexlm in the cloud”, but if you want you can run that locally (you can download an installer to run in a VM), and you can move your licenses freely between the cloud license server and one or more local server. Licenses are “per active connection”, so you can have the Graphics Agent installed and activated on as many workstations as you want, but can only have as many concurrent sessions as you have licenses
The 2 optional components (as long as you have local network or VPN connectivity, a Software Client can connect directly to a workstation running the Graphics Agent without needing these):
- The Cloud Access Connector is a server you run locally, it acts as a broker for connections between clients and workstations. If your clients are on the same network as the CAC (or you use a VPN to connect remotely), then the CAC is only used to establish the connection between the client and one of the workstations assigned to that user: after that point, the Software Client communicates directly with the Graphics Agent on the remote workstation. If you don’t use a VPN, then the CAC can also be used to establish a “VPN less” connection through the firewall. You can run multiple CACs behind a load balancer for performance / redundancy reasons. Currently the CAC requires a connection to Active Directory to allow users to login with their AD credentials. The CAC is typically installed by running a single installation binary, previously it ran on a Ubuntu VM, now on a Rocky Linux VM.
- The Anyware Manager is a cloud management console (but you can also run it locally) which is used to assign users to workstations. You can either do that from the web interface, or typically larger facilities will use the REST API to integrate this with their in house systems. If you run Anyware Manager locally, it gets installed on a Rocky Linux VM.
So if you want, you can have a full PCoIP deployment with all the components without any connection to the Internet, running all components locally. There is no separate licensing for the CAC or Anyware Manager, those are included with the per-connection subscription.
It’s not a simple system, and may not be appropriate if you only have 2-3 machines, but when you get to around 10 seats or more, you really appreciate the management infrastructure it provides.
5 Likes
Hey guys, looks like there’s a wealth of knowledge regarding teradici licensing here :). I’m starting a small vfx studio and will probably end up with hp anywere for remote access. I might be able to inherit some hp Z workstations from a studio that is shutting down. Is that true that the workstations older than 2023 have a permanent license attached? If so, is that true just for the old software or new versions as well?
In that case it would make more sense to buy an older machine just to get a perpetual license
Hey there, welcome. I don’t think that’s a very wise decision. The product is basically deprecated. HP Anywhere is the best performant option in a sea of tough choices.
You’d be far better off building a modern pipeline on modern hardware.
2 Likes
Thanks for the input! So that would mean the older licenses don’t apply to the hp anyware and only to zcentral which is being discontinued?
I would never make any decisions based on past or present licensing. It can change without much notice, and you may be left with the wrong trade-off. Companies constantly tinker with their licensing options, and often with limited regard to existing customers.
Instead, buy the hardware that will sustain and grow your business, and build a business where whatever the licenses cost is built into the business plan.
To some licenses for Flame and Nuke sound exorbitant. For others they’re paid off within a reasonable number of full-rate days and life goes on. It’s all in the business plan and the customers you can attract. Some ramp time notwithstanding.
1 Like
Ok you guys convinced me :). Last question before I go ahead with ho anywere. Have you guys compared it to parsec and jump desktop? Seem to be next best thing.
Not a direct comparison. But we used to be on Teradicci (pre-HP Anywhere merge) and switched to Parsec ~18 months ago. Admittedly we have a fairly simple setup with just one remote user. But Parsec has worked out great, price somewhat comparable ($120/yr), but the installation and usability is significantly better with Parsec. We also use Parsec to access systems locally if we just need to do something on another system rather than walking over.
Parsec is good on latency and audio, supports multiple screens and virtual displays, can handle Wacom but not USB control surface (you have to do those separately, if you need that). We combine it with VPN and MFA.
Though most importantly for your scenario - Parsec client runs on Linux, Parsec host only on Mac/Win. So you cannot use Parsec to remotely access a Linux Flame. For that we use RealVNC.
I hear good things about JumpDesktop, but never tried it.
1 Like
Thanks, thats good to know. My machines would be mostly windows hosts, but some servers will be linux, although it’s unlikely I’d need to access them through full-fledged streaming client like parsec. You mentioned you use parsec through vpn- what’s the reason? I mean parsec is aes 128 encrypted already. Although I think to be TPN compliant encryption must be at least aes 256.
Ps. Forgot one other major competitor Nice DCV!
Not for security, but to get around port blocking. Multiple mobile carriers (in my case ATT) block certain ports that prevent Parsec from connecting. When I’m on location and use my phone mobile hotspot to connect via Parsec it doesn’t connect. Using the Zero-Tier VPN solves that issue.
Not as relevant - in our previous use of Terradici we also used OpenVPN - for different reasons yet. A regular Terradici install requires (or at least used to) Active Directory. Which isn’t always available in a small studio. Our domains are hosted via MSFT360, but their cloud AD didn’t used to be compatible with Terradici. So we worked around that by direct connecting via VPN instead of the cloud configuration they now use. We also had the hardware card in our system with a separate network port for Terradici, which they have since discontinued.
Parsec works really well on Windows as a host (their original use case). You can use the virtual screen driver and don’t need physical displays on the system (you may need an EID dummy for boot depending on your system). If you want to show Parsec pre-login, so users can login with their credentials on the host system, you have to set Parsec up in the startup apps with a shared login. That’s if you use the regular users license, not the enterprise licenses. That’s how our remote artist uses her system. And I use it all the time to work on our Nuke system instead of sitting in front of it. Barely any difference.
1 Like