Three flavours of client-side virtualisation
Set your operating systems free
Talk about virtualisation often centres on virtually hosted desktops, in which the entire desktop is run on a back-end server. But this is by no means the only way to operate.
Amid all the other options, such as application virtualisation and offloading computational tasks onto rich clients, there is one model that is altogether different: client-side virtualisation.
Many users want the features offered by different operating systems. Perhaps your users’ favourite office apps are Mac-based but one integrated development environment is available only on Windows.
Forensics experts might be happy with Windows but may need some vital tools that are available only with BackTrack, the ethical hacker’s Ubuntu distro. Developers may need to have access to IE6 in addition to IE9.
These people need portability and performance. Your ethical hacker will find sitting in a car outside a client’s office cracking a WiFi network very difficult if all his tools are hosted on his company’s server.
Sometimes you need the combination of flexibility and the performance benefits of running things locally
Sometimes you need the combination of operating-system flexibility and the performance benefits of running things locally.
Client-side virtualisation does this, and it comes in three main flavours: type one and type two hypervisors and application-layer virtualisation.
A type one hypervisor sits directly atop the hardware, with no operating system underneath it. The hypervisor serves as the interface between the virtualised operating systems on top of it and the hardware.
Conversely, a type 2 hypervisor requires an operating system to sit below it and controls the virtualised operating systems sitting on top of it.
King of the jungle
Type 1 hypervisors are relatively rare beasts. Citrix offers XenClient, a bare metal hypervisor, but most client-side hypervisors are type 2.
Microsoft’s type 2 client-side virtualisation solution is Virtual PC, which enables users to run multiple versions of Windows on a host PC. It also features Windows XP Mode, which helps XP-based applications run more easily on Windows 7.
Virtual PC officially only supports versions of Windows 7, although users have been known to install other operating systems with it. Its real benefit comes with MED-V, the enterprise desktop virtualisation product that just went into version 2. This enables administrators to better control the use of virtualised desktops on a Virtual PC platform, including managing policies for virtual machines.
Ian Moulster, product manager at Microsoft, says that client-side virtualisation can be a useful way to delineate access to desktops for security or compliance purposes, or if employees want access to their personal PCs and corporate desktops on the same machine.
"It works well if the machine is supplied by the employer. But it needs to be quite a powerful machine for it to work," he says.
There are alternative client-side virtualisation products. Sun Microsystems (now Oracle) offers its client-side virtualisation system VirtualBox for free under a GPL licence. This provides the ability to install any operating system atop the hypervisor platform and runs on Windows, Linux, Mac and Solaris.
VMWare offers VMWare Player, a hypervisor designed to play virtual machines on a Windows desktop, while its VMWare Fusion supports Mac users.
Competitor Parallels makes extensive use of common files in virtualised containers. A developer running multiple copies of Windows in Parallels, for example, will find many files common to the base operating system shared between the different containers.
How is all this stuff licensed?
Moulster explains that organisations with software assurance can have up to four copies of Windows running in virtual machines on a single qualifying PC. Otherwise, they need to buy Virtual Desktop Access (VDA) at $100 a year.
"People expect that if they buy a machine with Windows 7, or have volume licensing, it gives them the ability to run Windows 7 on a virtual machine but it doesn’t," he warns. "You need VDA."
Now for the third option. Application or software virtualisation keeps the operating system on the desktop and abstracts the applications.
Symantec's Endpoint Virtualisation Suite, which includes software virtualisation technology acquired from Altiris, uses virtual software packages to insert a software shim between the application and the system registry, leaving the operating system unchanged. It enables users to install different versions of the same browser, for example.
Microsoft’s answer to this is App-V, which came from the acquisition of Softricity. This streams applications to the desktop and leaves them installed in a virtualised package so they can be easily removed or replaced.
Overall, client-side virtualisation can be an interesting prospect for corporate users who require flexibiity and power in one package.
After all, what is the point of walking around with that funky, shiny, high-performance laptop if all you are ever going to be running on it is an RDP session? ®
Sponsored: 2016 Cyberthreat defense report