Feeds

New desktop, new DV strategy

A refreshing approach to desktop virtualisation

  • alert
  • submit to reddit

SANS - Survey on application security programs

Desktop virtualisation With the economy looking a little rosier, companies are coming round to upgrades that have been on hold for longer than usual. As they refresh the corporate desktop, should they be looking at desktop virtualisation too?

Mark Bowker, analyst at Enterprise Strategy Group, thinks IT decision-makers can minimise headaches and maximise gains by tackling their desktop refresh and virtualisation in tandem. “The two projects should be considered together. Companies should at least be having that discussion, and ultimately could find that desktop virtualisation streamlines the whole Windows 7 migration,” he says.

This is an appropriate time to consider desktop virtualisation. According to IDC, worldwide PC sales rose by 14 per cent in 2010, and while the rise is predicted to be overshadowed by consumer-focused tablet sales in 2011, the likelihood is that enterprise sales will still be relatively strong. Windows remains the operating system of choice for the enterprise, and Windows 7 and Windows server 2008 are designed to work together to make desktop virtualisation easier.

Server-side virtual machines are unable to make use of specialised hardware at the client level

Windows Server 2008 R2 includes a radical overhaul of the Terminal Services technology in previous versions. The new version, called Remote Desktop Services, is offered as a specific server role to offer access to specific applications, or to a whole Windows desktop, either from within the corporate network or over the internet.

Services within this role include a connection broker that manages load balancing and automatic session reconnection to help optimise server performance. There is also a virtualisation host that integrates with Microsoft's Hyper-V hypervisor, either providing a personal virtual desktop to each user or offering shared access to a pool of virtual desktops.

There are also several features in the Remote Desktop Client software that connect to Windows Server and that light up only when used on Windows 7. Among security features, the Remote Desktop Gateway service can be configured to authenticate and authorise a client in the background after a configured session timeout is reached, without disturbing the user. It can also update clients with the latest software patches when in a virtualisation session.

Other goodies include support for multiple monitors (up to 16) and bitmap acceleration to improve the display of graphics-intensive applications. Heavy users of audio can also benefit from device redirection, so that they can send the sound input device on the client to the virtual desktop. This comes in handy for voice recognition and audio recording.

One of the features in Windows Server 2008 that make desktop virtualisation easier is RemoteFX from Calista, a company Microsoft acquired in January 2008. “It’s about making the client as easy to use as possible,” says Ian Moulster, a product manager at Microsoft who specializes in desktop virtualisation.

RemoteFX was included as part of Remote Desktop Services in Windows Server 2008 R1 SP1 and Windows 7 SP1. “It virtualises graphics cards at the server end, allowing virtual machines to share and make use of the graphics processor,” says Moulster.

Typically, server-side virtual machines are unable to make use of specialised hardware at the client level. This can be problematic for companies with graphics requirements, for example in areas such as computer-aided design or in academic applications where data visualisation is key.

Moulster adds that the technology also leads to computational efficiencies in the server room because the server hardware doesn’t have to work as hard to emulate graphics performance as required by desktop applications. “RemoteFX lets you take the load off the CPU at the server end and gives you a slicker front-end interface,” he says.

Other advantages include dynamic memory. In the past, IT administrators have had to allocate a specific amount of RAM for each virtual machine that they instantiate. This can make management burdensome for them when the number of virtual machines rises sharply as more users come online. Many employees may require more than one virtual machine for different purposes, leading to “virtual sprawl”.

Dynamic memory allows an administrator to set a nominal level of memory for a virtual machine and then use the hypervisor to allocate memory dynamically as it runs, according to computational demand.

This can produce significant memory savings and therefore a reduction in upfront capital expenditure, Moulster says. He adds that companies normally allocate about 1Gb of memory for Windows 7 when not using dynamic memory, which may be a waste. “In tests, we found that when you allocate a nominal 512Mb of RAM most of the virtual machines averaged out at 750Mb of RAM,” he explains. “That gives you a 40 per cent increase in the density of the virtual machines that can run on the server, improving cost effectiveness.”

No matter what desktop operating system you end up using, it may be worth considering some form of virtual desktop integration or application virtualisation at the server level as you roll out a new desktop environment. But be sure to size the server accordingly, and be prepared to make capital investments in the data centre to support the increased load. For optimal results, you may need to allocate some IT budget at both ends of the LAN. ®

SANS - Survey on application security programs

More from The Register

next story
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
Sony battery recall as VAIO goes out with a bang, not a whimper
The perils of having Panasonic as a partner
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.