By Yuval Shavit, Features Writer
Server virtualization is a fairly new technology that's already broken into the mainstream, but servers aren't the only computers that can benefit from virtualization. If your clients have already virtualized some servers and are comfortable with that technology, they may want to consider virtualizing employees' desktops as well. In this installment of our Virtualization Projects Hot Spot Tutorial, we'll examine the benefits of desktop virtualization and a few different ways of implementing it.
As every IT administrator knows, managing employees' desktops and laptops can be a huge hassle. Even with management tools to help, applying patches to the operating system (OS) or even upgrading applications can be a time- and labor-intensive task. Desktop virtualization can alleviate that by allowing administrators to provide just a few virtual machine (VM) images, or templates for VMs, which all employees use. Other benefits of desktop virtualization include increased security and a way to let employees control their computer environments while also allowing IT to lock down business-related functions.
The fundamental technology behind desktop virtualization is similar to server virtualization: An administrator creates a VM image file that contains a computer's operating system, drivers, applications, files and settings. A virtualization engine then runs the VM, which behaves as if it were a regular,nonvirtualized computer. The physical computer running the VM, called the host, can either be the user's computer or a centralized server.
Although it is still a fairly new technology, the success of server virtualization is prompting many companies -- and systems integrators (SIs) -- to look into the benefits of desktop virtualization. Companies that look into desktop virtualization have typically already gotten into server virtualization and are familiar with products from VMware, Citrix and Microsoft, which all factor into desktop virtualization, said Barb Goldworm, president of Focus Consulting, a research firm based in Boulder, Colo.
Management and security with desktop virtualization
One of the most significant benefits of desktop virtualization is that it gives IT administrators an easy and centralized way to manage employees' computers. Instead of each computer being separate, administrators create just a handful of VMs or VM templates for different roles within a company. For instance, a company may create one VM for each worker in a call center and another for each sales representative. These VMs would include not just the operating system, but also any applications and drivers the employee would need. Such deployments work best where many employees need essentially the same functionality.
For example, some colleges are looking at desktop virtualization as a way of handling upgrades quickly between semesters, said Ty Schwab, founder and senior consultant of Blackhawk Technology Consulting LLC, a Eugene, Ore., IT consultancy. Colleges only have about two or three weeks from the end of one term to the beginning of the next, which is not typically enough time to update every computer lab across campus without downtime interfering with the academic schedule. By installing new, already patched VMs on computers, colleges can upgrade computer labs within three to five days instead of three to four weeks, Schwab said.
Desktop virtualization also makes it easier to get new computers up and running, said Scott Gordon, sales engineer at ActivSupport, a San Bruno, Calif.-based networking consultancy. Many computers need custom drivers to work properly, and setting these up can be time-consuming. With desktop virtualization, the VM being pushed to the new computer would already have the appropriate drivers installed, Gordon said.
Because the VM is abstracted and separate from the computer's hardware and other VMs, security is one of the major benefits of desktop virtualization. In many organizations, there is a natural tension between employees who want to have a desktop environment they can control and install applications on, and IT staff who would prefer that computers be locked down and kept safe from malware and attacks that might compromise company information.
Desktop virtualization lets computers run a locked-down VM for business operations on top of an open system, giving users and IT staff the best of both worlds, Schwab said. Since VMs are just files, they can also be encrypted to protect sensitive company information. This approach is especially helpful if an employee is working from home or over a VPN, Gordon said.
Server-hosted vs. client-hosted desktop virtualization
Desktop VMs can be hosted either on a server or on the user's PC. Both enjoy most of the same benefits of desktop virtualization, but which one makes sense for your client depends on several factors, such as how mobile its employees are and whether it wants to virtualize everything on the computer or just the business-related functionality.
In a server-hosted configuration, the VM is executed on the server and the client connects to it and displays the results. This is similar to the thin client model that dominated before desktop PCs came to businesses, although the client itself doesn't have to be thin; a fully-loaded laptop could run its own OS and connect to the hosted VM on top of it. VMware's Virtual Desktop Infrastructure (VDI) provides a model for server-hosted desktop virtualization, and San Jose, Calif.-based Wyse Technology is one of the leading thin client vendors for this approach.
Server-hosted desktop virtualization has advantages as well as disadvantages. If the employee's computer is a thin client, your customer can save costs by consolidating hardware resources onto the server, just as in server virtualization -- a thin client is much cheaper than a full-fledged desktop or laptop. Mobile or remote employees can also connect to their desktop from anywhere in the world if they have a fast enough connection and a computer capable of connecting to the server's VM, Schwab said. But that connectivity also raises security concerns, since that connection is going straight to your client's data center, he said. And of course, any employee who can't connect to the server won't have access to his work computer.
Client-hosted VMs don't have the hardware consolidation benefits of desktop virtualization, but because the VM image and virtualization engine are kept locally on the employee's computer, they can be run anywhere and don't require a high-speed connection to the server. But this approach preserves the other advantages of desktop virtualization, such as the ability to sandbox business-related functions and the ability to manage VMs more easily.
If your client's main concern is to protect and manage the applications its employees use -- and not the whole operating system -- you may want to look at virtualizing just those applications. In the final installment of our Virtualization Projects Hot Spot Tutorial, we'll look at application virtualization and a related technology, application streaming.