|RSS | MY PROFILE | PRIVACY|
Vol. 30, #8 - May 20, 2013 - Issue #930
This week's newsletter is all about VDI (virtual desktop infrastructure) with a guest editorial by The Other Mitch (Mitch Garvis). The focus of his editorial is on the question: Why VDI? That's the kind of question I like: short and sweet. Reminds me of what Billy Crystal's character said in response to the question "Who is this guy?" at the gathering of the wise guys in the movie Analyze This:
Who I am?
Who I am? Who am I?
"Who am I?" is a question for the ages.
That's one we're all searching for, to find out who I am...
So go sit down now and enjoy The Other Mitch's ramblings concerning VDI.
You want a fresh one?
The PC is dead… long live Tablets! Phones! Interactive walls! Dogs that run Android and cats that run iOS! You can work from wherever you want, however you want, and be six times more efficient on one sixth the effort.
Ok, so maybe of the demise of the PC are somewhat exaggerated… with six hundred million devices running Windows 7 and who knows how many still running Windows XP we are a far cry from making funeral arrangements. However there is no denying that the device landscape has changed drastically over that past few years; for IT Professionals whose ultimate goal is not only system uptime but also system security Pandora's Box has been opened… and just like that old myth there is no way to close it again.
We have spent the past few years watching our industry evolve. The balance of power has shifted from the IT Pros to the End Users. No longer can we give respectable employees 'just any old PC that we have lying around;' they expect, nay demand the latest and greatest. In the span of a decade we have shifted from huge tower PCs with CRT monitors to sleeker systems with flat screens, to laptops, to BYOD. The world changed and there is nothing that we can do about it.
A salesman went to see the IT Manager for his company about a year ago with his shiny new toy – the latest tablet to hit the market – and asked if he could configure it to work with corporate network. The company laptop that he had been lugging around for two years still worked perfectly of course, but this was lighter (and of course cooler). Unfortunately for the salesman the company had a policy against unsecure and unmanaged devices on the network, so he was turned down.
Not thirty minutes later the IT Manager was called into the CEO's office. "That salesman is responsible for thirty percent of this company's sales. Your IT department accounts for about twenty percent of our costs. Do you see a correlation between keeping him happy and keeping you happy?"
Here's the problem: More and more end users want to be able to use their own devices for work; this poses some interesting possibilities to companies, who are lured by the potential cost savings of not having to supply devices, or at least not as many or as often. Unfortunately you cannot take device management away from IT and expect them to maintain infrastructure security to the same extent that you have when they control everything… or can you?
Fortunately you can… but it does require a new way of thinking… or rather returning to a very old way of thinking.
Working remotely is not a new concept… we have been doing it since the early days of mainframes where operators would sit at dumb terminals and the computations would happen on a back-end server. It was easier then – all you needed was a terminal connected to an RS-232 port. We got away from that model in the days of PC and x86 servers, opting to leverage the power of the PC and use the servers for file storage and a whole lot more… now that most of our day to day computing was de-centralized the servers could… serve.
Of course the entire world did not shy away from centralized computing; Citrix has carved out a very solid niche for themselves delivering remote desktops. When I studied for my Windows Server 2000 certifications I had to learn what we called Terminal Server Math – a simple formula really where we calculated the resource requirements of the base operating system of the terminal server plus the resource requirements of each session… say, 128MB of RAM for the host, plus 64MB of RAM for each connected user meant that a server packed with 512MB of RAM could host six sessions:
(64 x 6) + 128 = 512MB.
Since those days we have seen incredible improvements in technology. Server RAM is no longer measured in megabytes but rather gigabytes and terabytes. At the same remote delivery technologies such as Citrix, Microsoft, and others have focused on resource compression and sharing so that we have viable options to deliver more with less, whether the delivery be applications or full desktops.
Of course, those same users who want to use their insecure devices are not going to settle for a lesser user experience in their remote applications and desktops, and so we cannot get away with just the bare minimums; and so we add graphical processor units (GPUs) to our servers, and rely on the providers to optimize bandwidth so that our users get the same graphics, audio, and video experience from a back-end server as they would get locally.
For years Citrix had a lock on the best VDI experience solutions with Xen Desktop and Xen Apps. In recent versions the Citrix Receiver has allowed our end users to use modern Windows operating systems and applications on all manner of unmanaged devices, from iPads and iPods to Linux and Blackberry and yes, even unmanaged Windows devices. It delivered them securely and reliably, and did so regardless of the endpoint or even the WAN link speed. Citrix and Microsoft announced a cooperative partnership a few years ago, whereby Citrix and Microsoft combined for a 'better together' solution for delivering applications and virtual desktops.
With Windows Server 2012 and System Center 2012 Microsoft has taken a step in the right direction toward an independent complete solution. However with all of the advancements to the Remote Desktop Services stack in the latest product release, there are still several use cases for the 'better together' solution, including manageability, and the elusive off-line VDI and virtual apps that Microsoft still doesn't offer – at least not without marrying App-V and the Client-side Hyper-V in Windows 8. However as I mentioned Citrix and Microsoft play very well together, and the 80-80 position that Microsoft has for years still leaves room for innovative ISVs to succeed in the Microsoft ecosystem.
The XP Legacy
As we get closer and closer to the official retirement of Windows XP – possibly the most successful operating system in the history of the industry, but even Babe Ruth got old and stopped hitting home runs – companies are realizing that twelve-year-old works better for scotch than for operating systems, and are finally deploying Windows 7 and Windows 8 to their desktops. Whatever will become of our legacy applications that cannot run on the latest and greatest OS? VDI might be a good solution for those applications as companies work to find solutions going forward – running legacy and unsupported applications is no way to run a company long term, but in the meantime delivering Windows XP applications from either a virtual machine or a Remote App is a good stop-gap measure.
What about the little guy?
Until recently discussions around virtualization were mainly for larger organizations. With the near-commoditization of virtualization more and more SMBs are delivering virtual solutions, but they still mostly shy away from VDI. Why? They spend enough money on server management, and the laptops they buy are more than sufficient to do the job. However in a lot of cases 'doing the job' isn't enough. Even smaller companies rely on IT security to ensure their survival. To open a sensitive document on an infected or otherwise unsecure computer can fatally compromise data. VDI solutions allow those SMBs to reduce costs by allowing their end users to work in a secure sand-boxed environment on an otherwise unmanaged device. Of course since the VDI systems never actually leave the datacenter they are easier to manage, monitor, patch, and secure than mobile devices, managed or otherwise.
Pooled or Personal?
All users are not created equal, and thusly their virtual desktops will not be. However you may have 100 call-center workers in your organization whose needs are identical to one another. For cases like these all of the VDI choices allow you to create a base disk with a master (or gold) image, and then build a pool of virtual machines that are refreshed back to that master (clean) image. For users with unique needs – special software for example – they are given a personal machine. Both users access their VMs the same way, but depending on the credentials their logon is routed appropriately.
Viewing the Horizon
While the bulk of this piece has focused on Microsoft and Citrix, there are other third-party providers in the VDI market, including the virtualization heavyweight champ VMware with their View/Horizon offering. While VMware is still an excellent offering, their reluctance to play well with others coupled with the premium price tag associated with their products – and the fact that there are much more economical alternatives that produce equivalent and even superior solutions – makes me wonder how many well-informed IT Pros would give these products serious considerations for the desktop environment. Of course there are shops that are 'in bed' with VMware on the datacenter side who prefer their solutions, as well as shops that shun Microsoft for whatever reason. However in an environment where the virtual product delivered is Windows, and the primary management infrastructure is System Center, it is hard to imagine that VMware will not fall to third place in the coming year – this on virtual desktop and application delivery side, and not on the server virtualization field where their reign may be waning but it still solid.
After decades of de-centralized computing it is going to take more than iPads to get companies on board, but as with most technological advancements it will be a decision made in the board room and not in the IT department; CxOs are starting to see the benefits – both economic and security – to VDI, and as they do they will mandate their IT Managers to look into it. As with so many advancements in our industry we as IT Pros cannot hinder progress because of a legacy mindset, lest we find ourselves unemployed, replaced by forward-thinking pros who understand that none of the decisions that are made about IT are actually technological, but rather economical in nature.
Rather than trying to stave off the inevitable, embrace it. For the first time an IT Pro using Windows Server 2012 and Windows 8 can deploy both Remote Desktop, Remote App, and even VDI infrastructures in a lab environment in a matter of minutes.
Of your production environment will require a lot more planning – security certificates, licensing servers, firewall ports and so on. However that first test deployment will all but eliminate the fear of the unknown… and it will take as little as an hour.
If it hasn't yet then know that virtual desktops are coming soon to an environment near you. Accept it, appreciate it, and embrace it. Your job will get easier when you do!
About Mitch Garvis
Mitch Garvis is a Virtual Technical Evangelist in the area of Windows Infrastructure at Microsoft. His well-known blog "The World According to Mitch" consists of the "day to day ramblings of an IT Professional, Trainer, and Community Leader" and is found at:
Mitch may be in trouble if I ever manage to secure perpetual, worldwide copyright to the word "Mitch" ;-)
Send us feedback
Got feedback concerning this issue's topic? Let us know at firstname.lastname@example.org
PowerTip: Use PowerShell to display easy to read security info
This week Microsoft Scripting Guy Ed Wilson shows how to use Windows PowerShell to display easy to read security access information for a folder.
Question: You want to use Windows PowerShell to check the security access rights for a folder. How can you do this?
Answer: Use the Get-ACL cmdlet, specify the path to the folder, and choose the AccessToString property. This technique appears here for the C:\fso folder on my computer.
Ed Wilson is the bestselling author of eight books about Windows Scripting, including Windows PowerShell 3.0 Step by Step, and Windows PowerShell 3.0 First Steps. He writes a daily blog about Windows PowerShell called Hey, Scripting Guy! that is hosted on the Microsoft TechNet Script Center; for more PowerTips Check out the Hey, Scripting Guy! blog.
Contact me at email@example.com if you have a tip you'd like to share with our readers.
Here's another announcement from the Microsoft Virtual Academy:
On-demand MVA Jump Start: Using VDI to Enable New Workstyles
Learn from Microsoft's virtualization experts through a recorded version of the MVA Live course: Using VDI to Enable New Workstyles, and hear about Microsoft-Citrix v-Alliance solution, watch product demos and get architectural guidance for building a Virtual Desktop Infrastructure (VDI).
"All glory comes from daring to begin." --William Shakespeare
Until next week,
Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at firstname.lastname@example.org and we’ll try to troubleshoot things from our end.
Get centralized backup and rapid recovery from bare metal including virtual environments with StorageCraft ShadowProtect:
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact email@example.com
PLANNING A WEBCAST you'd like to tell our 100,000 subscribers about? Contact firstname.lastname@example.org
Scott D. Lowe provides a detailed view at Virginia Western's implementation of VDI and some guidance for making good VDI decisions.
This pdf shows a VDI Storage case study based on Dell Gear but can be adopted to any other hardware vendor.
Brien M. Posey discusses various approaches to virtual desktop infrastructure and examines the advantages and the disadvantages of each approach.
Scott D. Lowe gives an overview of the major licensing and cost challenges when it comes to Virtual Desktop Infrastructures (VDI).
Scott D. Lowe looks at application presentation.
Thomas Shinder describes an important consideration when assessing the security of a virtualized environment: network security zoning.
In his blog post, Alessandro describes which roles are supported together with Microsoft Hyper-V in one installation.
This guide gives some insides about GPUs in a HPC environment.
A book tip for all of you who are interested in Hyper-V.
The podcast gives a good intro on Windows 8 Client Hyper-V.
Thanks to Florian Klaffenbach for providing some of the items in this section. Be sure to check out Flo's Datacenter Report:
The open source movement has continued to spread throughout many areas of the IT industry, and the cloud seems to be the next market to embrace it. Access this exclusive guide to learn more about the latest open source cloud platforms and the opportunities – as well as pain points – they introduce.
As organizations start to explore Desktop as a Service (DaaS) options, many are becoming familiar with the challenges associated with this trend’s licensing policies. Explore essential insights on DaaS in both the public and private cloud and learn how to avoid top licensing pain points.
Automation is a top priority for most IT pros as it offers significant benefits across the board; however, automating everything and anything can have negative consequences. Learn how extensive your automation strategy should be based on your organization’s size and needs
To ensure optimal security, IT pros must take advantage of all of the advanced security platforms available to them – like Microsoft’s free software download, Attack Surface Analyzer. Learn more about how this platform help’s minimize the risks involved in installing new apps on Windows computers.
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at email@example.com
A mysterious whirlpool near Dviete, Latvia swallows everything in its path, as if a plug has been pulled from the ground beneath.
"My Blackberry Is Not Working!" Ronnie Corbett and Harry Enfield star in this hilarious, fruity sketch from the BBC.
Sometimes they have their own animal behaviors, but sometimes these animals act just like us. Only funnier!
A kid in the park ask some grown-ups to help him with a jigsaw puzzle. See what happens when they put the pieces together....
Hungarian shadow-theatre company 'Attraction' leaves the Britain's Got Talent crowd and judges in tears.
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com
Ingrid Tullochis Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.