39
Centralizing Desktop Management VISION 2008 November 13, 2008 Bill Oyler Systems Engineer St. Croix Solutions, Inc. [email protected]

VMware Virtual Desktop Infrastructure

Embed Size (px)

Citation preview

Page 1: VMware Virtual Desktop Infrastructure

Centralizing Desktop Management

VISION 2008November 13, 2008

Bill OylerSystems Engineer

St. Croix Solutions, [email protected]

Page 2: VMware Virtual Desktop Infrastructure

The Desktop Dilemma

IT Requirements:Manage desktop images easilyManage different types of devices Provide secure, continuous accessManage legacy and modern appsLow management costs

User Requirements:Personalized desktopsAccess from anywhere/any deviceApplications all work with each otherRich application interface

Page 3: VMware Virtual Desktop Infrastructure

The Nature of the Desktop is Changing

Page 4: VMware Virtual Desktop Infrastructure

Cost & Security Are Driving PC Alternatives

“Which aspects of the traditional client PC environment aredriving your interest in alternatives to traditional PCs?”

3%

19%

20%

37%

46%

49%

52%

0 10 20 30 40 50 60

CostsSecurity

Management/PatchingRemote Access

Electricity Usage

Energy ConsumptionOther

Base: 565 PC decision-makers at North American and European enterprises (multiple responses accepted)

Source: Enterprise and SMB Hardware Survey, North America and Europe, Q3 2007. Forrester Research, Inc.

Page 5: VMware Virtual Desktop Infrastructure

Virtualization is the Solution

Virtualization enables Isolation, Encapsulation, and Mobility.Run different operating systems side by side.Run legacy applications alongside modern applications.Move OS, apps, desktops to different devices.Separate user data and applications from hardware.

Application Virtualization

Machine Virtualization

User / Data

VDI = Virtual Desktop Infrastructure

Keep user experience familiar!

Page 6: VMware Virtual Desktop Infrastructure

The Rise of Virtual Desktops

—Brian Gammage and George Shiffler IIIAugust 8, 2007

“By the end of 2010, all new PC deployments will be virtualized.”

Page 7: VMware Virtual Desktop Infrastructure

Meeting the Challenges of the Desktop

Challenges

Operating Costs

Fewer field engineersShorter help desk callsSmaller hardware refresh

Lower Costs

Page 8: VMware Virtual Desktop Infrastructure

Challenges

User data in data centerSessions SSL encryptedDesktops are isolated

Security

Operating Costs

Security and Compliance

Meeting the Challenges of the Desktop

Page 9: VMware Virtual Desktop Infrastructure

Challenges

No software conflictsAutomated patchingRapid deployment

Management

Operating Costs

Security and Compliance

Management

Meeting the Challenges of the Desktop

Page 10: VMware Virtual Desktop Infrastructure

Challenges

Access from any locationFamiliar user interface

Flexibility

Operating Costs

Security and Compliance

Management

Flexible Access

Meeting the Challenges of the Desktop

Page 11: VMware Virtual Desktop Infrastructure

Challenges

Reduce power consumption by switching to thin clients/laptops

Power

Operating Costs

Security and Compliance

Management

Flexible Access

Power

*Butler Group, “Infrastructure Virtualization”, September 2007

Meeting the Challenges of the Desktop

Page 12: VMware Virtual Desktop Infrastructure

How Customers Use VDI

Centralize, Replace, Upgrade PCsReplace traditional PCs with centralized virtual desktops for better control and easier upgrades (i.e. XP > Vista > Windows 7).

Disaster Recovery & Business ContinuityProvide continuous availability of desktops to users no matter where they are located.

Simplify Call Centers, Training Centers, SchoolsDynamically allocate and de-allocate desktops for large groups of mobile users. Easily and securely accommodate temporary users and visitors.

Page 13: VMware Virtual Desktop Infrastructure

Current VDI Marketplace

VMware Infrastructure + VMware View + VMware ThinApp

Citrix Access Gateway + XenServer + XenDesktop + XenApp

Microsoft Windows 2008 + Hyper-V + Terminal Services

Microsoft Enterprise Desktop Virtualization (Kidaro) - 2009

Parallels Virtuozzo Containers + Quest Provision Networks Virtual

Access

VMware Infrastructure + Sun Solaris + Sun Ray Software + Sun Secure

Global Desktop + Sun Virtual Desktop Connector

VMware Infrastructure / Xen / Microsoft + VDIworks

Page 14: VMware Virtual Desktop Infrastructure

VDI Example in the Real World

NEC

12,000 desktops virtualized

TCO cut by 46%

Software deployment time reduced from 3 months to a

few hours

Only 3 support staff

20,000 desktops to be virtualized by end of 2008

Page 15: VMware Virtual Desktop Infrastructure

Typical Physical Desktop Build

App App App

UserData

Profile

IssuesHardware +

OS + apps are intertwined

New desktop = new hardware

Desktop image for each unique hardware combo

Applications don’t always interact well with each other

User data often ends up on local disks

Page 16: VMware Virtual Desktop Infrastructure

Management is Difficult on the Edge

App App App

Fixing a Broken Desktop =

Gain Physical Access + Salvage Usable Data +

Reimage + Patch + Customize + Return to User

Theft and Accidental

Loss

XX

Out of Date Virus Defs &

Missing Patches

Unique Hardware

Configurations

UserData

Profile

X

Page 17: VMware Virtual Desktop Infrastructure

Patching at the Edge

Average success rate for patching desktops = 60-80%Even worse over WAN to remote usersHow about powered off/sleeping devices?

Windows Vista SP1 1 GB+

Windows XP SP3 316 MB

Office 2007SP1 218 MB

Page 18: VMware Virtual Desktop Infrastructure

Store User Data & Profiles on File Server

App App App

Profile

File Server

UserData

Profile

Easy to backup & secureRequires fast network connection to server

Page 19: VMware Virtual Desktop Infrastructure

Store Applications on File Server

Profile

File Server

UserData

Profile

File Server

App

App

App

Application virtualization (i.e. ThinApp) enables applications to run directly from file server

Desktop = Hardware + OS

Page 20: VMware Virtual Desktop Infrastructure

Virtualize the Desktop!

Profile

File Server

UserData

Profile

File Server

App

App

App

Desktop VM has fast LAN/SAN access to file serversDecouple desktop OS from users & physical hardware

Page 21: VMware Virtual Desktop Infrastructure

Create “Golden Image” Desktop Template

Profile

File Server

UserData

Profile

File Server

App

App

App

VM Template

Minimal OS can be converted to a “golden image” templateNew VMs can be built rapidly

Page 22: VMware Virtual Desktop Infrastructure

Automatic Provisioning

Profile

File Server

UserData

Profile

File Server

App

App

App

VM Template

Spin up virtual desktops on demandSingle template for all users

Page 23: VMware Virtual Desktop Infrastructure

Connection Brokering (View Manager)

Profile

File Server

UserData

Profile

File Server

App

App

App

VM Template

Securely authenticate with Active DirectoryAccess desktop from any device

Also supports 2-factor authentication with RSA SecurID

Page 24: VMware Virtual Desktop Infrastructure

Thin Clients

Profile

File Server

UserData

Profile

File Server

App

App

App

VM Template

No need for “fat” PCsThin clients are finally feasible!

Page 25: VMware Virtual Desktop Infrastructure

External Users

Profile

File Server

UserData

Profile

File Server

App

App

App

VM Template

No need for VPN hardware/softwareView Manager in DMZ encrypts sessions using SSL

Page 26: VMware Virtual Desktop Infrastructure

Backing Up

BEFORE:

???

?

Profile

File Server

UserData

Profiles

File Server

App

App

App

VMTemplate

AFTER:

1. Backup file servers

2. Backup VM template(s)

Page 27: VMware Virtual Desktop Infrastructure

Disaster Scenarios

Desktop VMs are highly available in data centerMaybe even replicated to off-site data center

Users can access their desktops from any deviceHome Mac/PC, laptop, remote company site, etc.

Page 28: VMware Virtual Desktop Infrastructure

VMware View = Complete Freedom

Profile

File Server

UserData

Profile

File Server

App

App

App

VM Template

Work from anywhereNo dependencies

Inherently scalableEasy backup, DR, BC

Page 29: VMware Virtual Desktop Infrastructure

Virtual Desktop Types

Individual Desktop:User manually assigned to dedicated, customized desktopIdeal for power users or specific configurations

Persistent Pool:Common template used to provision all new desktopsIndividual desktop assigned to user at first logon & subsequentlyIdeal for new deployments, new employees, and user customization

Non-Persistent Pool:Common template used to provision all new desktopsDesktops returned to pool after each useIdeal for kiosks, shift workers, visitors, students, standardization

Page 30: VMware Virtual Desktop Infrastructure

Client Access Methods

Windows ClientWindows application used to establish desktop connectionCan run on “stripped down” or “hardened” Windows OSSupports USB device redirectionCan run on:

Windows 2000Windows XP*Windows XPe* Thin ClientsWindows Vista* Supports Multimedia Redirection (MMR)

Page 31: VMware Virtual Desktop Infrastructure

Client Access Methods

Thin ClientsWindows Embedded-based

Windows CE

Windows XPe

Linux-based

Sun Solaris-based

Sun Ray

WYSE ThinOS-based

Supports USB & Multimedia Redirection

A few of the VMware VDI Alliance Thin Client partners:

Page 32: VMware Virtual Desktop Infrastructure

Client Access Methods

Web AccessWeb browser & Java used to establish desktop connection

WindowsWindows XPWindows Vista

Mac OS X

LinuxRed Hat Enterprise LinuxSuSE LinuxUbuntu

Page 33: VMware Virtual Desktop Infrastructure

View Manager

RDP Connection

SSL Tunnel

Builds SSL encrypted tunnel between user device and virtual desktop

Uses HTTPS (no firewall changes needed)

Directs users to appropriate virtual desktop using RDPHandles authentication with Active DirectoryMultiple View Managers can be deployed for load balancing and failover

Network outage does not cause data loss (users are reconnected)

Page 34: VMware Virtual Desktop Infrastructure

View Composer: Linked Clones

Cloned VMs “link” back to master VM rather than creating full copy

Speed deployment from minutes to seconds

Reduce disk usage

Patch master VM = all linked clones are patched

Conceptually like a point-in-time copy of master VM but with a separate identity

Can be powered on, suspended, snapshot, reconfigured independent of master VM

Page 35: VMware Virtual Desktop Infrastructure

Virtual Printing

No installation of printer drivers on desktop

All necessary printers automatically available

Printer traffic over network is highly compressed & optimized

Uses regular client printer driver rather than complicated server driver

Supports Windows 2000, XP, Vista (32-bit and 64-bit)

View Client

RDP

View Client

RDP

Page 36: VMware Virtual Desktop Infrastructure

ThinApp: Application Virtualization

Isolate application, DLLs, registry changes, unique data from OS

Agent-lessEntire application

environment becomes double-clickable file

Run application from a file share, USB stick, CD

Each user has own sandboxWide application support

• Windows NT, 2000, XP, 2003, Vista• 32-bit and 64-bit OS

Reduce storage costsReduce unique desktop imagesRun multiple versions of apps

Page 37: VMware Virtual Desktop Infrastructure

Offline Desktop (Experimental)

Clients View Manager VMware Infrastructure Don’t need

constant network connectivity

Check your virtual desktop in and out

VM stored encrypted

VM requires authentication & only runs on authorized computer When offline, virtual desktop runs natively on user’s computerWhen online, virtual desktop runs from VMware server as usual

Page 38: VMware Virtual Desktop Infrastructure

Reliability of Virtualization Platform is Critical

VMware Infrastructure is unprecedented for Reliability and Scalability

Page 39: VMware Virtual Desktop Infrastructure

Questions?

VISION 2008November 13, 2008

Bill OylerSystems Engineer

St. Croix Solutions, [email protected]