To address the increasing cost and complexity of managing dynamic IT environments organizations are trying to understand how to adopt virtualization technologies. The value proposition and “killer app” are quite clear in the data center, however less attention has been given to the opportunities for endpoint virtualization. Even though there are multiple methods to address client-side virtualization; hosted virtual desktops (HVD), bare-metal hypervisors, local and streaming virtual workspaces and a range of options that layer on top of and between them all, such as application virtualization, portable personalities, and virtual composite desktops, there is still a tremendous amount of confusion and even more misconceptions about the benefits of client-side virtualization than with server virtualization. The major architectural flaw in almost all of these solutions is they remain very back end and infrastructural heavy, which reduces the benefit of cost-reduction and lower complexity.
Unlike server virtualization, which drove adoption from the bottom up, that is from the hypervisor and then through the other stacks, adoption of endpoint virtualization technologies is moving top down, that is starting with single applications within an existing OS. Application virtualization adoption will accelerate over the next 12-18 months with Gartner life cycle management analyst suggesting that it will be included in the majority of PC life cycle RFP’s in 2010 and beyond. Workspace/Desktop virtualization will follow over the next 24-36 months, as will the endpoint virtualization infrastructures. The adoption of both workspace/desktop and endpoint virtualization infrastructure will align with organizations desktop refresh cycles. Considering the average is between 3-5 years and considering that many are looking at desktop refresh to support Vista, although it probably only has about a 10% market adoption, and Windows 7, it is conceivable that we will begin seeing accelerated adoption of desktop and infrastructure virtualization over the next 24-36 months as organizations rethink their current systems management processes and technologies.
Let’s look at the 4 client/desktop virtualization models I believe will become the most prevalent over the next 3-5 years…
The concept is fairly straight forward, using a packaging technology an organization develops a virtual application, this can be done by diffing a gold-image pre and post install of an application – such as is the case with Thinapp – in which the virtual “container” includes all elements of the application, including emulated registry settings, file system calls, etc. The benefits center on software distribution, perceived licensing and software asset management cost reduction and improved application compatibility.
Extending the concept of application virtualization to an entire desktop or workspace. Users will enjoy multiple applications, user/system/security settings and other aspects of their workspace provided through a virtual container. The virtual container, in some cases, isolated from the non-virtual workspace will enable IT to secure a corporate workspace and allow a user workspace to be less secure, or more importantly isolated from the more secure and critical corporate workspace. All virtualization still occurs within an existing OS and doesn’t negate the need to properly maintain the health and security of the original computing platform, however additional people, process and technology will be required to also support the virtual / desktop workspace environment as well.
PC Type-1, baremetal Hypervisors
The reality of hosted virtualization solutions, and in this case I am using the term hosted to refer to virtualization technologies that are provided within an existing OS. Application virtualization is a virtual application delivered to and run within an existing OS environment, although from within a virtual container. Desktop and workspace virtualization is a virtual desktop/workspace delivered to and run within an existing OS although from within a virtual container.
In both cases the virtual environments rely on the operating system to provide and coordinate shared hardware resources and both are at the mercy of operational failures and system compromises for availability. There is no question they provide benefit, however if we can move to a virtual infrastructure with virtual machines delivered to a desktop we could provide an abstraction layer between the hardware and the various virtual machines and more importantly abstraction from the virtual machines and the operating system itself.
VDI and The Problem With Current Server Hosted Virtual Desktop Architectures
Virtual Desktop Infrastructures (VDI) promise to radically change systems and security management at lower cost and better efficiency then is possible with current technologies. Show of hands – who would like to do more with less? Yeah me to, but let’s dig into what this would actually entail.
Although the vendors will claim increased performance, improved security and more effective management the reality is that the infrastructural costs of deploying virtual desktops can be significant, in many cases it would require a complete infrastructural overhaul or a move to thin-clients and it would require us to accept that we can no longer support or in some cases allow remote, mobile computers.
Hosted virtual desktops, thin-client computing models, centralizing desktop management into a datacenter and solutions that require heavy back-end infrastructure and perfect implementations of Active Directory are doomed to fail. So tread carefully when a C-level exec or overzealous IT administrator returning from a boondoggle weekend with VMWare returns proclaiming the end of the traditional desktop is here and VDI offers nigh-invincible security and systems management attributes.
So the vendors promise that we can stream desktops through highly efficient compression algorithms, or that the remote worker will be supported through a check-in / check-out of a new shiny OS every time they return to the office or have a broadband connection, but in the meantime you would need to either use the same systems and security management technologies employed today – which negates the efficiencies and cost savings purported to be the main benefits – or you would need to accept that remote, mobile, intermittently connected computing devices are simply not managed or secured until they return to HQ. What? Isn’t that just network access control (NAC)? which didn’t work and has crashed faster into the trough of disillusionment than the US financial services industry.
The model for server virtualization is all about consolidation and centralization, and it has shown tremendous benefit although there are still many myths, miconceptions, and half-truths about virtualization but would centralization and consolidation offer the same benefit to the desktop environment? Are most organizations willing to return to the a thin-client model? Can one provide always-on, ubiquitous broad-band connectivity with QoS to support remote and mobile users? Do you believe that we are moving to more remote, intermittently connected computing devices or are we moving to a more centralized and perimeterized computing model? The answer is simple and obvious if you spend any time dealing with the user population of the majority of medium to large sized organizations.
The reality is that we are moving to a more globally distributed computing model with many remote, intermittently connected computing devices that have the ability to not only access corporate resources located within the corporate HQ, but also corporate applications hosted by a 3rd party or delivered as a service from a 3rd party. Couple this with an increasingly sophisticated knowledge worker who will demand local computing power and it becomes obvious that thin-client computing models would only work in specialized industries such as banking or kiosks where there is a corporate mandate to disallow any form of personal computing, where there are very few required applications and where there is no need for supporting mobile users. But that is a small segment of the professional user population
Bottom Line: In some select situations client-side virtualization does hold promise for improved efficiencies, lower cost and improved security and systems management. It has benefits for software distribution and OS deployment models, but until the industry understands that we will not return to thin-client computing models and centralized management is antithetical to every current trend in client computing we will not see widespread adoption of VDI no matter what VDI vendors claim.