Feeds

Skinning the DV cat

Not all approaches are created equal

  • alert
  • submit to reddit

Business security measures using SSL

Desktop virtualisation The IT sector is at once innovative and cyclical, throwing up new technologies that are updated variations on hoary old ones.

Virtualisation is a good example. Server virtualisation has taken the industry by storm in recent years but IBM was already doing this with its mainframe platform in the 1960s. Similarly, in the early days of computing employees used dumb terminals to access server resources and in the early 90s, driven by HTML and browser applications, the concept re-emerged in the form of thin clients.

Now, it has been upgraded again. Desktop virtualisation can offer the best of both worlds: desktop functionality combined with server-based management. But not all desktop virtualisation strategies are equal. Different models offer different advantages, depending on your objectives.

Here are some options.

1) Virtual Desktop Integration (VDI)

This is what many people think of when the terms “virtualisation” and “desktop” are used in the same sentence. It is the most functional but also the costliest option. VDI allocates a single virtual desktop – essentially a virtualised PC hosted on the server – to each user. Some users – developers running test environments, for example – may require more than one.

VDI gives similar capabilities as a local desktop although there are some limitations, for example in graphics and sound performance, or the management of certain peripherals. These issues are gradually being addressed through technologies such as RemoteFX. However, these environments will take a heavy toll on your server, and therefore on your capital investment, warns Richard Blanford, managing director of IT infrastructure specialist Fordway.

“We're seeing two or three times the number of Terminal Services sessions supported on the same server hardware as you would support for VDI,” he says. He estimates that only 15-30 per cent of users really need VDI. “Terminal Services needs less sophistication in the back-end infrastructure, too,” he adds.

2) Session virtualisation

If VDI is a many-to-many desktop virtualisation model, think of session virtualisation as a one-to-many model. In this environment, a number of users share a single operating system and set of applications. The single operating system means that only the users’ individual sessions are virtualised.

This is the right approach where ease of management is key. It can help to avoid virtual sprawl (under VDI, virtual desktops can multiply faster than orphaned socks in the laundry), and it can make licensing and compliance management easier.

The Terminal Services feature provided in Windows Server has always been a session virtualisation technology, but with the advent of Windows Server 2008, it has morphed into Remote Desktop Services and now features the ability to handle VDI virtual desktop pooling as well.

The main benefits of this architecture are streamlined desktop management, flexible access and simplified regulatory compliance.

3) User state virtualisation

Another option is to virtualise the users’ data by disassociating it from the operating system. Any Windows operating system that users log into will reference their profile to find out where their data is stored, and then present it as though it were on the local device. This “data” can include the wallpaper, icons on the desktop, documents, registry settings, and so on. Microsoft achieves this by using a mixture of roaming profiles, folder redirection and offline folders in case the user has to work without an internet connection.

4) Local operating system virtualisation

Instead of virtualising the operating system on the server you can virtualise it locally on the desktop. This can be done for various reasons and in several ways.

A company may allow employees to use their laptops for private purposes at home, but for security reasons may want to keep its own operating system separate from the user’s home one. Alternatively, a developer may want to run different versions of the same operating system, or different operating systems altogether, for technical reasons. Systems such as VMWare or Parallels can accomplish this.

Microsoft offers its Enterprise Desktop Virtualization (MED-V), a virtual PC system that sits atop the resident operating system and can run prior versions of it for application compatibility.

5) App-V

In some environments, it may not be necessary to virtualise the operating system; virtualising the application alone may be enough. This involves separating the application from the operating system so that the operating system’s registry and other resources remain unchanged.

Microsoft achieves this with App-V, which streams components of an application from a server, packaging them into a virtual application appliance on the local machine that is run, but never installed. This has several advantages. The application can be run offline when the server is not available. The fact that it does not change the underlying operating system makes it easier to maintain the stability of the local software image. And it improves manageability for the IT department, which can stream component updates to the local machine when a new version of the application is loaded.

6) XP Mode

Sometimes, virtualisation is necessary purely for compatibility reasons. When Microsoft made its leap from Windows XP to Windows Vista, it changed a lot of code. While it did its best to retain backwards compatibility, some poorly-behaved applications failed to function as hoped on Vista. To compensate, Microsoft developed XP Mode for Windows 7. This is a component of its Virtual PC software that includes a free, pre-installed version of Windows XP with Service Pack 3, designed specifically for backwards-compatibility under Windows 7.

How do you decide which virtualisation model is best for you? There may be no single solution, warns Blanford. “You should look at the user community and how it wants to consume its IT,” he says. “Then you sit down with the organisation and work out the best way to provision that, based on the cost dependencies and the installed base.” An IT department may find itself taking more than one approach to keep the majority of users satisfied. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Oi, Tim Cook. Apple Watch. I DARE you to tell me, IN PERSON, that it's secure
State attorney demands Apple CEO bows the knee to him
4K-ing excellent TV is on its way ... in its own sweet time, natch
For decades Hollywood actually binned its 4K files. Doh!
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
DARPA-backed jetpack prototype built to make soldiers run faster
4 Minute Mile project hatched to speed up tired troops
Hey, Mac fanbois. HGST wants you drooling over its HUGE desktop RACK
What vast digital media repository could possibly need 64 TERABYTES?
Monitors monitor's monitoring finds touch screens have 0.4% market share
Not four. Point four. Count yer booty again, Microsoft
In a spin: Samsung accuses LG exec of washing machine SABOTAGE
Rival electronic giant tries to iron out allegations
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.