Monday 17 October 2011

Virtual Desktops

Last week I attended a seminar in London on virtual desktops given by the excellent Brian Madden.  It was a really interesting seminar and confirmed our own strategy of waiting a few years to implement virtual desktops.  We have excellent desktop management based on a traditional thick client model using Altiris tools from Symantec.  We are starting to look at virtual desktops, but will concentrate on traditional desktop management aproaches for now.

It was interesting to see that virtual desktops are not just about VDI (virtual desktop infrastructure).  In fact they encompass several different tools and technologies.  Virtual desktops can involve any combination of application virtualisation, user virtualisation (central profile management), operating system streaming (OSS), desktops hosted in the data centre (VDI) and  virtual machines (VMs) running on PCs.

Brian explained how he had been wrong last year that virtual desktops would be widely adopted as part of the Windows 7 migration.  Instead IT departments realsied that Windows 7 was complicated enough to deploy without moving away from a traditional desktop management model to a new model based on virtual desktops.  Despite this people are starting to play with virtual desktops and are creating mixed models for desktop management.  For example VMs on laptops can be a great way to cope with laptop management for mobile users, user virtualisation can optimise management of users profiles and application virtualisation can reduce effort in managing a subset of desktop applications.  A new world of desktop management is evolving where IT departments use a broad range of tools and technologies, including virtual desktop approached, to look after PCs and applications.

Brian was not convinced that virtual desktops where cheaper than traditional desktop management methods.  Indeed he argued that it was a more expensive approach which means that you need to think carefully about the benefits that you want to achieve before deploying.  Having said that, deployng virtual desktops to a subset of users can meet certain challenges in a cost effective way.  For example locking down laptops which travel a lot can be frustrating for the users, but deploying a locked down VM and protecting University systems, still allows the users to do what they like with the base laptop.  The VM runs separately and provides access to University systems but does not give the user adminsitrator rights, whilst the rest of the laptop operating system and applications can be customised to the users' desire.  The VMs on the laptop can be managed manually or using some kind of centralised management tools such as Virtual Computer or Quest vWorkspace.

User virtualisation is an area of increasing interest.  This allows IT departments to centralise management of user settings and deploy them to different devices, operating systems and applications.  this means that a given user can have a similar user experience across different devices, e.g. PC, laptop, tablet and smartphone.  It also allows different levels of user permissions at an application level of granularity so that users can be allowed to make changes to some applications, but not others.  Segmentation of user profiles means that sub-components can be restored when problems arise rather than blowing away and recreating the whole user profile.  Segmentation also allows loading of user settings when they are required, i.e. operating systems loaded at login, but application user settings not loaded until user opens a given application, which can result in performance improvements for log in times.  Two user virtualisation suppliers that presented at the seminar where AppSense and Immidio.

The virtual desktop infrastructure (VDI), i.e. desktops hosted in the data centre piece began by asking the question 'should desktops move into the data centre?' and only then 'which technology should I choose?'. 

The advantages of moving desktops into the data centre are easier management (desktops closer to me therefore no need to visit sites or wait for PCs to be turned on), easier access (similar experience for user on each client), performance (similar speeds  no matter the power of the client hardware), and security (no data stored locally and policies controlled centrally).  The disadvantaes of moving desktops into the data centre are poor graphical performance (although bandwidth has increased so to has load from the aplications and users), complexity of client peripherals (i.e. desktop has moved to the data centre but not the peripherals attached to the client), poor service when offline (without a network connection there is no desktop, mobile broadband can help, but often gives very poor performance with desktops in the data centre), and data centres are expensive (when compared to running Windows on a PC).  If you decide to move desktops to the data centre then you need to ask which tecnnology should I use, VDI (virtual desktop infrastructure) or TS/RDS (terminal services/remote desktop services)?

The pros and cons of VDI are: expensive, good for highly customised personal images, allows resource optimisation, allows power down of servers when demand is low, easy staffing (uses regular O/S), and support physical to virtual (P2V) transfer for rapid delpoyment.  The pros and cons of TS/RDS are: cheaper, good for shared/locked down images, canot relocate sessions (i.e. poor resource optimisation), cannot power down TS servers when demand is low, need specialist systems administration skills and traditional desktop management skills.  All in all this points to using VDI and TS/RDS for different things.  VDI is edging ahead for full desktop management, but TS/RDH still remains a strong tool for application deployment.  As always with virtual desktops you need a mixed portfolio of tools and techniques to meet the needs of your end users.   
I hope taht you have found this high level introduction useful.  I am feeling my way around these new ideas, but I am sure other are in the same boat, so hopefully it will save you some time getting into this complex field.