Feeds

How to cut management overheads with VDI

Not that easy, actually ...

Security for virtualized datacentres

On the face of it, a virtual desktop infrastructure (VDI) should make desktop operating systems easier to manage. After all, if an organisation’s desktops are all on one server, then they should theoretically be easier to reach and manipulate. But can desktop virtualisation really help to relieve the management burden?

Hardware management definitely becomes easier in a virtualised desktop scenario. With rich clients running operating systems locally at the user’s desk, a technician could find themselves called to a user’s desktop to solve a hardware-based problem that only physical interaction can fix.

“Hardware updates in general can be time consuming in some environments,” says Robert Rutherford, MD of QuoStar Solutions, an IT consulting firm. If a company has 7,000 machines across 40 offices that need a memory upgrade to support a new piece of software, that could rapidly escalate costs, he muses.

Burden-some

Security is another long-standing management burden for desktop and laptop machines. Companies still routinely fail to encrypt laptops, only to have them disappear on trains or in cabs, or to be stolen directly from offices. Centralising operating systems can make it easier for staff to keep track of data, but the devil is in the detail.

Are employees accessing those virtual desktops using rich clients that enable data to be copied from one desktop to the other? If so, then you’re largely back where you started. If, however, you’re using truly thin clients, which don’t have hard drives, or CD/DVD drives, and which aren’t capable of copying data to a USB key, then that cuts down on your attack surface.

Patch management might be doable over the wire, but it can cause trouble, especially if those patches need to be revoked later. A centrally managed set of virtual images can be easier to patch, especially if desktops are stateless and reinstantiated each time. Working from a single gold image (or a small number, if different images are needed for different groups of users) makes the implementation and revocation of patches more manageable.

Similarly, software upgrades can be easier to implement, because they only need to be managed at a central point. “Because you’ve invested with mainframe style technology, the transition from, say, Windows 7 to 8, or from Office 2010 to 11 will all be centrally managed,” says Matt Mould, VDI practice consultant at EMC Consulting.

As with any enabling technology, desktop virtualisation also introduces some potential downsides. Companies implementing it must plan for these if they are to stop then from offsetting the reductions in management overhead that exist in other areas.

Microsoft’s study of VDI costs found that while some costs such as deskside support visits shrunk, others increased. The more complex infrastructure associated with a VDI environment needed more engineering skills, and a higher degree of monitoring, it pointed out. Staff also had to deal with a greater number of escalated support calls, which bit into the management and support budget.

Virtual machine sprawl

“A virtual desktop environment pushes bottle necks around an IT infrastructure like nothing else, because it touches as all the main elements, including storage, network, applications and security,” warns Rutherford. This means that IT staff must be properly trained in administering the new infrastructure.

Virtual machine sprawl can create significant problems for staff inexperienced in managing virtual environments. The ability to provision new virtual machines easily can make it tempting to create them on a whim, in response to, say, a developer’s request, or for a temporary contractor who may be gone in a week.

Being able to keep track of these virtual machines and kill them so that ghost machines aren’t left lying around on the server is an important part of the management task.

Richard Blanford, managing director of Fordway, an integrator, points out that stateless desktops can be a big bonus here. “Users prefer stateful desktops but that gives IT a headache because it's like having 500 different desktop PCs but it's like sitting on the same virtual server,” he says.

The bottom line for IT departments considering desktop virtualisation is that while it can introduce management savings in some areas, there will always be a trade-off. An organisation’s potential management savings will depend largely on how well-managed its existing non-virtualised desktop infrastructure is.

In many cases, companies will find quick and effective changes that can still be made to traditional desktop systems before they need to push ahead with innovations such as virtualised desktop infrastructures. When they do finally take the plunge, they will substitute management challenges at the desktop for different ones in the data centre. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Oi, Tim Cook. Apple Watch. I DARE you to tell me, IN PERSON, that it's secure
State attorney demands Apple CEO bows the knee to him
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Monitors monitor's monitoring finds touch screens have 0.4% market share
Not four. Point four. Count yer booty again, Microsoft
Hey, Mac fanbois. HGST wants you drooling over its HUGE desktop RACK
What vast digital media repository could possibly need 64 TERABYTES?
In a spin: Samsung accuses LG exec of washing machine SABOTAGE
Rival electronic giant tries to iron out allegations
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.