Feeds

Three flavours of client-side virtualisation

Set your operating systems free

Secure remote control for conventional and virtual desktops

Talk about virtualisation often centres on virtually hosted desktops, in which the entire desktop is run on a back-end server. But this is by no means the only way to operate.

Amid all the other options, such as application virtualisation and offloading computational tasks onto rich clients, there is one model that is altogether different: client-side virtualisation.

Many users want the features offered by different operating systems. Perhaps your users’ favourite office apps are Mac-based but one integrated development environment is available only on Windows.

Forensics experts might be happy with Windows but may need some vital tools that are available only with BackTrack, the ethical hacker’s Ubuntu distro. Developers may need to have access to IE6 in addition to IE9.

Hacked off

These people need portability and performance. Your ethical hacker will find sitting in a car outside a client’s office cracking a WiFi network very difficult if all his tools are hosted on his company’s server.

Sometimes you need the combination of flexibility and the performance benefits of running things locally

Sometimes you need the combination of operating-system flexibility and the performance benefits of running things locally.

Client-side virtualisation does this, and it comes in three main flavours: type one and type two hypervisors and application-layer virtualisation.

A type one hypervisor sits directly atop the hardware, with no operating system underneath it. The hypervisor serves as the interface between the virtualised operating systems on top of it and the hardware.

Conversely, a type 2 hypervisor requires an operating system to sit below it and controls the virtualised operating systems sitting on top of it.

King of the jungle

Type 1 hypervisors are relatively rare beasts. Citrix offers XenClient, a bare metal hypervisor, but most client-side hypervisors are type 2.

Microsoft’s type 2 client-side virtualisation solution is Virtual PC, which enables users to run multiple versions of Windows on a host PC. It also features Windows XP Mode, which helps XP-based applications run more easily on Windows 7.

Virtual PC officially only supports versions of Windows 7, although users have been known to install other operating systems with it. Its real benefit comes with MED-V, the enterprise desktop virtualisation product that just went into version 2. This enables administrators to better control the use of virtualised desktops on a Virtual PC platform, including managing policies for virtual machines.

Ian Moulster, product manager at Microsoft, says that client-side virtualisation can be a useful way to delineate access to desktops for security or compliance purposes, or if employees want access to their personal PCs and corporate desktops on the same machine.

Mean machine

"It works well if the machine is supplied by the employer. But it needs to be quite a powerful machine for it to work," he says.

There are alternative client-side virtualisation products. Sun Microsystems (now Oracle) offers its client-side virtualisation system VirtualBox for free under a GPL licence. This provides the ability to install any operating system atop the hypervisor platform and runs on Windows, Linux, Mac and Solaris.

VMWare offers VMWare Player, a hypervisor designed to play virtual machines on a Windows desktop, while its VMWare Fusion supports Mac users.

Competitor Parallels makes extensive use of common files in virtualised containers. A developer running multiple copies of Windows in Parallels, for example, will find many files common to the base operating system shared between the different containers.

How is all this stuff licensed?

Moulster explains that organisations with software assurance can have up to four copies of Windows running in virtual machines on a single qualifying PC. Otherwise, they need to buy Virtual Desktop Access (VDA) at $100 a year.

"People expect that if they buy a machine with Windows 7, or have volume licensing, it gives them the ability to run Windows 7 on a virtual machine but it doesn’t," he warns. "You need VDA."

Shim shimmy

Now for the third option. Application or software virtualisation keeps the operating system on the desktop and abstracts the applications.

Symantec's Endpoint Virtualisation Suite, which includes software virtualisation technology acquired from Altiris, uses virtual software packages to insert a software shim between the application and the system registry, leaving the operating system unchanged. It enables users to install different versions of the same browser, for example.

Microsoft’s answer to this is App-V, which came from the acquisition of Softricity. This streams applications to the desktop and leaves them installed in a virtualised package so they can be easily removed or replaced.

Overall, client-side virtualisation can be an interesting prospect for corporate users who require flexibiity and power in one package.

After all, what is the point of walking around with that funky, shiny, high-performance laptop if all you are ever going to be running on it is an RDP session? ®

Providing a secure and efficient Helpdesk

More from The Register

next story
TEEN RAMPAGE: Kids in iPhone 6 'Will it bend' YouTube 'prank'
iPhones bent in Norwich? As if the place wasn't weird enough
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
iPAD-FONDLING fanboi sparks SECURITY ALERT at Sydney airport
Breaches screening rules cos Apple SCREEN ROOLZ, ok?
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
A moment of brilliance? UPnP for Internet of Stuff lightbulbs
Thus doth tech of future illuminate present, etc
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.