How to cut management overheads with VDI
Not that easy, actually ...
On the face of it, a virtual desktop infrastructure (VDI) should make desktop operating systems easier to manage. After all, if an organisation’s desktops are all on one server, then they should theoretically be easier to reach and manipulate. But can desktop virtualisation really help to relieve the management burden?
Hardware management definitely becomes easier in a virtualised desktop scenario. With rich clients running operating systems locally at the user’s desk, a technician could find themselves called to a user’s desktop to solve a hardware-based problem that only physical interaction can fix.
“Hardware updates in general can be time consuming in some environments,” says Robert Rutherford, MD of QuoStar Solutions, an IT consulting firm. If a company has 7,000 machines across 40 offices that need a memory upgrade to support a new piece of software, that could rapidly escalate costs, he muses.
Security is another long-standing management burden for desktop and laptop machines. Companies still routinely fail to encrypt laptops, only to have them disappear on trains or in cabs, or to be stolen directly from offices. Centralising operating systems can make it easier for staff to keep track of data, but the devil is in the detail.
Are employees accessing those virtual desktops using rich clients that enable data to be copied from one desktop to the other? If so, then you’re largely back where you started. If, however, you’re using truly thin clients, which don’t have hard drives, or CD/DVD drives, and which aren’t capable of copying data to a USB key, then that cuts down on your attack surface.
Patch management might be doable over the wire, but it can cause trouble, especially if those patches need to be revoked later. A centrally managed set of virtual images can be easier to patch, especially if desktops are stateless and reinstantiated each time. Working from a single gold image (or a small number, if different images are needed for different groups of users) makes the implementation and revocation of patches more manageable.
Similarly, software upgrades can be easier to implement, because they only need to be managed at a central point. “Because you’ve invested with mainframe style technology, the transition from, say, Windows 7 to 8, or from Office 2010 to 11 will all be centrally managed,” says Matt Mould, VDI practice consultant at EMC Consulting.
As with any enabling technology, desktop virtualisation also introduces some potential downsides. Companies implementing it must plan for these if they are to stop then from offsetting the reductions in management overhead that exist in other areas.
Microsoft’s study of VDI costs found that while some costs such as deskside support visits shrunk, others increased. The more complex infrastructure associated with a VDI environment needed more engineering skills, and a higher degree of monitoring, it pointed out. Staff also had to deal with a greater number of escalated support calls, which bit into the management and support budget.
Virtual machine sprawl
“A virtual desktop environment pushes bottle necks around an IT infrastructure like nothing else, because it touches as all the main elements, including storage, network, applications and security,” warns Rutherford. This means that IT staff must be properly trained in administering the new infrastructure.
Virtual machine sprawl can create significant problems for staff inexperienced in managing virtual environments. The ability to provision new virtual machines easily can make it tempting to create them on a whim, in response to, say, a developer’s request, or for a temporary contractor who may be gone in a week.
Being able to keep track of these virtual machines and kill them so that ghost machines aren’t left lying around on the server is an important part of the management task.
Richard Blanford, managing director of Fordway, an integrator, points out that stateless desktops can be a big bonus here. “Users prefer stateful desktops but that gives IT a headache because it's like having 500 different desktop PCs but it's like sitting on the same virtual server,” he says.
The bottom line for IT departments considering desktop virtualisation is that while it can introduce management savings in some areas, there will always be a trade-off. An organisation’s potential management savings will depend largely on how well-managed its existing non-virtualised desktop infrastructure is.
In many cases, companies will find quick and effective changes that can still be made to traditional desktop systems before they need to push ahead with innovations such as virtualised desktop infrastructures. When they do finally take the plunge, they will substitute management challenges at the desktop for different ones in the data centre. ®
Sponsored: Becoming a Pragmatic Security Leader