Chrome OS*-Based Devices in the Enterprise



Similar documents
Intel Media SDK Library Distribution and Dispatching Process

Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms

Intel Cloud Builders Guide to Cloud Design and Deployment on Intel Platforms

Power Benefits Using Intel Quick Sync Video H.264 Codec With Sorenson Squeeze

Intel Cyber Security Briefing: Trends, Solutions, and Opportunities. Matthew Rosenquist, Cyber Security Strategist, Intel Corp

Intel and Qihoo 360 Internet Portal Datacenter - Big Data Storage Optimization Case Study

Cloud based Holdfast Electronic Sports Game Platform

Intel Service Assurance Administrator. Product Overview

Version Rev. 1.0

Maximize Performance and Scalability of RADIOSS* Structural Analysis Software on Intel Xeon Processor E7 v2 Family-Based Platforms

Intel Identity Protection Technology Enabling improved user-friendly strong authentication in VASCO's latest generation solutions

How To Manage A Plethora Of Identities In A Cloud System (Saas)

Intel HTML5 Development Environment. Tutorial Test & Submit a Microsoft Windows Phone 8* App (BETA)

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems

Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities

Intel HTML5 Development Environment. Tutorial Building an Apple ios* Application Binary

Three Paths to Faster Simulations Using ANSYS Mechanical 16.0 and Intel Architecture

Solution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology

Intel Solid-State Drive Pro 2500 Series Opal* Compatibility Guide

Intel Identity Protection Technology (IPT)

Intel HTML5 Development Environment Article Using the App Dev Center

Intel Core i5 processor 520E CPU Embedded Application Power Guideline Addendum January 2011

Intel Internet of Things (IoT) Developer Kit

How To Get A Client Side Virtualization Solution For Your Financial Services Business

Intel Remote Configuration Certificate Utility Frequently Asked Questions

* * * Intel RealSense SDK Architecture

A Superior Hardware Platform for Server Virtualization

Intel HTML5 Development Environment. Article - Native Application Facebook* Integration

The Case for Rack Scale Architecture

Intel Desktop Board DQ35JO

with PKI Use Case Guide

Intel Desktop Board DG43RK

Accelerating Business Intelligence with Large-Scale System Memory

Intel Network Builders: Lanner and Intel Building the Best Network Security Platforms

Intelligent Business Operations

Intel Core TM i3 Processor Series Embedded Application Power Guideline Addendum

Creating Overlay Networks Using Intel Ethernet Converged Network Adapters

Intel Data Direct I/O Technology (Intel DDIO): A Primer >

Intel Network Builders

Mobility Manager 9.5. Users Guide

Tiny is the new BIG: Why go thin when you can go Tiny

Intel Retail Client Manager

Intel System Event Log (SEL) Viewer Utility

Intel Desktop Board DG41BI

Intel vpro Technology. How To Purchase and Install Symantec* Certificates for Intel AMT Remote Setup and Configuration

Intel Solid-State Drives Increase Productivity of Product Design and Simulation

Intel vpro Technology. How To Purchase and Install Go Daddy* Certificates for Intel AMT Remote Setup and Configuration

Leading Virtualization 2.0

Intel Desktop Board DG33TL

Intel SSD 520 Series Specification Update

System Event Log (SEL) Viewer User Guide

Solve BYOD with! Workspace as a Service!

Intel Desktop Board DQ43AP

How to Configure Intel Ethernet Converged Network Adapter-Enabled Virtual Functions on VMware* ESXi* 5.1

Intel Media Server Studio - Metrics Monitor (v1.1.0) Reference Manual

SAP * Mobile Platform 3.0 Scaling on Intel Xeon Processor E5 v2 Family

iscsi Quick-Connect Guide for Red Hat Linux

Software Evaluation Guide for Autodesk 3ds Max 2009* and Enemy Territory: Quake Wars* Render a 3D character while playing a game

Intel Platform and Big Data: Making big data work for you.

The ROI from Optimizing Software Performance with Intel Parallel Studio XE

Intel Desktop Board DG31PR

How to Configure Intel X520 Ethernet Server Adapter Based Virtual Functions on Citrix* XenServer 6.0*

Intel Desktop Board DG41TY

Intel Virtualization Technology (VT) in Converged Application Platforms

RAID and Storage Options Available on Intel Server Boards and Systems

VMware End User Computing Horizon Suite

An Overview of Samsung KNOX Active Directory and Group Policy Features

Intel Desktop Board D945GCPE

Intel Management Engine BIOS Extension (Intel MEBX) User s Guide

Intel Media SDK Features in Microsoft Windows 7* Multi- Monitor Configurations on 2 nd Generation Intel Core Processor-Based Platforms

RAPID EMBEDDED LINUX* DEVELOPMENT

VMware Horizon FLEX User Guide

Intel Embedded Virtualization Manager

Intel Retail Client Manager

Revision History. Revision Revision History Date

Intel Desktop Board DG41WV

Cloud Service Brokerage Case Study. Health Insurance Association Launches a Security and Integration Cloud Service Brokerage

NVIDIA GRID 2.0 ENTERPRISE SOFTWARE

Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms

Accelerating Business Intelligence with Large-Scale System Memory

System Image Recovery* Training Foils

Configuring RAID for Optimal Performance

Vendor Update Intel 49 th IDC HPC User Forum. Mike Lafferty HPC Marketing Intel Americas Corp.

Intel Small Business Advantage (Intel SBA) Release Notes for OEMs

Intel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms

Intel Desktop Board D945GCPE Specification Update

Intel Simple Network Management Protocol (SNMP) Subagent v6.0

How To Reduce Pci Dss Scope

SafeNet Authentication Service

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

VMware Virtual Desktop Manager User Authentication Guide

VMware Horizon FLEX User Guide

Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities. John Skinner, Director, Secure Enterprise and Cloud, Intel Americas, Inc.

Intel Identity Protection Technology with PKI (Intel IPT with PKI)

Android App User Guide

Transcription:

White Paper Client Virtualization Enterprise Mobility Chrome OS*-Based Devices in the Enterprise Being Able to Access Windows* Applications from a Chrome OS Client Significantly Increases their Versatility for Business Users Executive Summary Technology research company Gartner predicts 5.2 million Chromebooks* will be sold in 2014, an increase of 79 percent over 2013. And Chromebook sales are expected to nearly triple by 2017 1. Most Chromebooks are sold into the U.S. education market segment; the adoption of Chrome OS-based devices in the enterprise is much slower. This might be related to concerns regarding application availability, manageability, and security and the complexity of adopting yet another platform into the IT infrastructure. There may also be reservations about hosting business data in the public cloud. But Chrome OS devices can also be used for accessing nonpublic cloud based applications and data and even legacy apps. The latter has been recently enabled by joint ventures of Google and VMware and Citrix, which announced Chrome OS support for its application and desktop virtualization technologies. Having the ability to access Windows* applications from a Chrome OS client significantly increases the versatility of those devices. Business customers now basically have three ways of utilizing Chrome OS (Table 1). Google Chrome Apps for Business and Web Apps This is the classic Google solution for business. Using Google Apps for Business and other Web applications such as Salesforce.com*, for example, provides businesses with a cloud-based working environment that suits many companies IT requirements and scales from a few users up to tens of thousands of users. This is an excellent option for companies with an IT strategy that is based on a cloud Table 1. Three Ways of Using Chrome OS* first model and with few to no legacy applications. It requires companies to adopt the Google ecosystem and accept that business data is stored in the public cloud. Chrome OS clients can run two different kinds of applications: Web apps, which run in the Chrome Web browser and typically only work when connected to the Internet Chrome apps, which are stored on the device and can often be used in offline mode Public Cloud Private Cloud Hybrid Model Chrome OS* and/or Web apps Web and/or virtual remote apps and desktops utilizing thin client model Combination of public and private cloud model

Contents Executive Summary................1 Google Chrome Web Apps for Business and Web Apps.....................1 Virtual Remote Apps and Corporate Web Apps`........................2 Hybrid Model......................3 Management of Chrome OS Client..3 User Settings......................4 Public Session Settings............4 Device Settings....................4 Network Settings..................4 A Few Words About Security.......4 Intel Architecture-Based Chrome OS Client Benefits.....................5 Summary..........................6 Although not all apps support offline usage, more and more do. In fact, Google announced that all Chrome apps must have offline support by the end of 2014 2. Developers are now encouraged to work on new versions of their apps that will eventually support offline usage. Examples of Chrome apps for business that support offline usage include: Gmail Offline* for reading and managing messages without an Internet connection Google Keep* for note-taking Google Docs* for creating and editing documents Web applications like Salesforce.com and Microsoft Office* Online, for example, currently do not support offline usage on Chrome OS clients and require an active Internet connection. Virtual Remote Apps and Corporate Web Apps Both Citrix and VMware announced support for Chrome OS. Citrix certified a number of Chrome OS devices, which are listed in its Citrix Ready* marketplace 3. VMware s HTML Access with VMware Horizon* View 6 and Citrix s HTML 5 Receiver* both provide access to backend hosted virtual infrastructures through the Chrome Web browser. In addition, Citrix released a native Chrome OS receiver (Citrix Receiver* for Chrome 1.4), which supports direct access to system resources including printing, audio, video, and other benefits above and beyond the HTML 5-based Citrix Receiver 4.These solutions enable Chrome OS clients to access virtualized Windows desktops and applications that are noncloud/non-web-app enabled. Companies using these solutions have two options: Using Windows servers or desktops in their data centers Renting virtualized Windows desktops or applications from service providers offering desktop as a service (DaaS) and/or software as a service (SaaS) services VMware vcloud* Service Provider Partners (VSPPs) or Citrix Service Provider Program Partners (CSPs) are most likely the right contacts for such offerings. While Windows and Linux*-based clients support media redirection, Chrome OS clients do have some limitations when it comes to redirecting digital media computations from the server to the client. Neither the Citrix HTML 5 receiver nor the new native Receiver for Chrome support media redirection (see the Citrix Receiver feature matrix here). Therefore, all digital media coding and decoding must be done in the data center, which can put a significant load on the server CPU, especially if there is no GPU support available. Video playback, especially HD video playback, may not be possible in VDI environments with Chrome HTML 5 receivers accessing servers without GPUs. Tests in the Intel Labs with Citrix XenDektop* 7.1 and HTML 5 Receiver* 1.2 using a remote PC infrastructure revealed that only clients capable of running receivers with media redirection support (Windows clients) were capable of successfully playing back MPEG4 videos, both HD and non-hd videos. With GPU support in virtualized environments, those issues should go away. 2

There are two major options to bring GPU support into servers: add a graphics card that is supported in VDI environments or deploy servers with CPUs that have the GPU integrated on the chip, such as servers based on the Intel Xeon processor E3-1200 series, for example. These integrated GPUs can significantly increase the number of users supported per server when access to digital media is required. Knowledge workers, for example, demand digital media access because the usually run applications like PowerPoint*, use PDF files, watch Adobe Flash* videos, and attend Webcasts that include digital video. Hybrid Model The hybrid model is simply a combination of the other two models to allow users to access Google Enterprise* services in the public cloud as well as virtualized application and/or desktops through the thin client compute model. Businesses using Microsoft Lync* should be aware that there is currently no practical solution to enable collaboration between Google Hangouts* and Microsoft Lync users. This can be a major issue for corporations requiring seamless collaboration of Chrome OS and Windows users. Independent of the usage model, an important aspect of using Chrome OS clients in business is how to manage those devices. Management of Chrome OS Clients The Chrome Management Console is Google s cloud-based tool for managing Chrome devices. It allows IT to configure security settings and install applications for individual devices or groups of devices from a single, central, Web-based portal. Devices can be auto-enrolled when a user logs in, creating a zero-touch deployment experience. Once a user is logged in, Chrome OS devices are automatically configured with the designated apps and network and other settings without any manual IT intervention. Chrome device management is available for Chrome OS devices purchased directly from Google or from an authorized reseller. Managing Chrome devices from third parties requires a management license purchased from the Google Chrome Devices for Business or Education sales teams. On October 8, 2014, Google announced a new licensing model that includes support and device management for an annual fee of USD50 per device per year 5. Chrome device management enables IT to configure Chrome features, set up network access (e.g., VPN and Wi-Fi), and pre-install Chrome apps and extensions. Settings can apply to organizational units or an entire company. Policies can be enforced or allow users to change default settings after the provisioning process. Policies are applied at login and periodically synchronized. Devices can only be managed if they are part of a domain and users must have a Google or a Google Apps* account. Large enterprises can use Google Apps Directory Sync* 6 to synchronize user data between an existing LDAP directory (e.g., Microsoft Active Directory*) and the Google Apps directory. This does not solve the issue of having to manage Chrome devices and their users separately from other devices and users stored in the existing enterprise active directory. Figure 1 shows Google's Chrome Management Console (admin.google.com) for managing user, public session, device, and network settings. Figure 1. Google s Chrome Management Console 3

User Settings User settings (Figure 2) are a group of policies for Chrome device users within an organizational unit (e.g., allowing or blocking apps and extensions). Use it to reinstall apps and extensions and create private collections of Chrome apps for domain users in the Chrome Web Store. Public Session Settings Public sessions allow multiple users to share the same Chrome device without requiring a user to sign in with Google credentials. Examples of use cases for public sessions include hotel Internet access, business centers, and retail store kiosks. Device Settings Device settings control policies for enrolled Chrome devices within an organization. The policy applies to anyone who uses the device, even if the user is in guest mode or signs in with a Google account outside the organization. One important device setting is Auto-Update, which specifies whether or not Chrome OS devices automatically update to new versions of Chrome OS as they are re- leased. For security reasons, it is highly recommended to always automatically update to the latest version of the OS. Network Settings Network settings configure Wi-Fi settings for all of the Chrome devices enrolled in a domain, or for logged-in users from specific suborganizations within a domain. VPN settings can also be configured with these policies. Applied policies can be viewed in the Chrome Web browser using chrome://policy as the address. User policies affect all users signed into the Chrome browser with the Google or Google Apps account, independently of the platform being used. Device-related policies only affect users of Chrome OS devices, not those using Chrome on devices running Windows, Mac OS* or Linux. A Few Words about Security Chrome OS devices are highly secure. The OS: Protects itself from malware Does not allow users to install any software from unknown sources that interacts with the OS directly Uses an encrypted file system to protect data stored locally Updates the integrated virus protection system and protects apps from each other through a technology called sandboxing Features include: Verified Boot: Chrome OS is digitally signed by Google and pushed down to the device. At boot time, the device verifies that the OS is intact and has not been tampered with. If it detects any issues, it tries to repair itself and can fall back to the last known good version of the OS. Automatic Updates: The integrated virus protection stays up-to-date automatically. Chrome OS manages updates silently in the background. Figure 2. Example of Chrome User Policies 4

Sandboxing: Each Web page and application runs in a restricted sandbox environment. If one tab is infected, it is isolated from the other tabs so that it cannot infect other apps or data on the device. Encrypted File System: All stored data is encrypted and the encryption keys are saved in a trusted platform module (TPM). Because of that, removing the built-in storage device and attaching it to a different system does not provide access to stored data. Also, users cannot access data from different accounts, since every user has a protected storage area. One issue not addressed by local device security is privacy in the cloud. When businesses use the public cloud, much data (including private data) is stored in remote data centers. Besides securing this data from hackers, cloud service providers must also secure it both physically and legally. U.S.-based providers in particular might be obliged to breach European data protection and privacy laws with U.S. authorities seeking access to the data 7. Intel Architecture-Based Chrome OS Client Benefits The Chrome OS is based on Linux. Intel is one of the biggest contributors to the Open Source community in general, and to the Linux kernel in particular. More than 1,000 software engineers at Intel are spending their time working on Linux and Chrome OS to unleash the maximum potential of the Intel silicon. This includes performance, energy efficiency, and security optimization for the Intel platforms. The successful work of those engineers becomes apparent in industry benchmarks that show that Intel processor-based Chromebooks are leading in performance and energy efficiency. For example, Principled Technologies compared the enterprise performance of a Chromebook based on the Intel Celeron processor 2955U with a Samsung Chromebook that includes the Exynos* 5 processor (both dual-core) and came to the conclusion that the performance of the Intel Celeron processor-based Chromebook was at least 50 percent higher, while the battery 52% life was 58 percent better (Figure 3) 8. This, of course, means that users spend less time waiting because they can complete tasks faster and rely on the all-day battery life of their mobile Chrome OS devices. Intel has also measured the performance of Intel Core i3-4005 processors and a Samsung Exynos 5 Octa 5800 processor-based Chromebooks. Although the Intel Core i3 processor is a dual-core CPU and the Samsung Exynos has eight cores, the performance of the Intel processor-based device is significantly higher. This demonstrates that CPU performance does not depend only on the number of cores, but also on the underlying architecture. In other words, it s quality, not quantity that counts. Also, most applications today only use two cores. Some apps take advantage of up to four cores; a very few make use of more than four cores. But even those that use more than two cores, like Google s Chrome browser, run faster on Intel architecture. Table 2 summarizes the results of Intel's performance testing. Less Waiting to Manage a Marketing Plan 50% Less Waiting to Plan a Business Event Less Waiting to Draft 50% a Business Proposal Figure 3. Principled Technologies Benchmark Results 2 58% Longer Battery Life Browsing the Web Less Waiting to 51% Crunch the Numbers 5

Summary lished thin clients. Chromebooks seem to be an especially attractive replacement for mobile thin clients due to their low cost and zero-touch deployment support. Companies following a cloud-first IT strategy that are fine with hosting their data in the public cloud will find Chrome OS devices might be a good fit, especially if legacy apps are not big concern. If Microsoft Office is required, Office Online can be a solution. It provides free Web-based access to Word*, Excel*, PowerPoint*, and OneNote*, Chrome OS devices are still a minority in the enterprise, but IT departments are increasingly looking to see how they may fit into their requirements. With the announced support for Chrome OS in VMware- and Citrix-based virtualization environments, the versatility of those devices has increased. Chrome OS users can now access legacy Windows applications in the data center. IT has the option to use those devices as an alternative for their estabalthough only basic functionality is supported and users must be online. In summary, companies should experiment with Chrome OS devices in areas where it may make operational sense. The expectation is that Google will address current limitations over time and Chrome OS devices will eventually become totally enterprise ready. Learn more about getting more from your Chrome devices with Intel Inside. Table 2. Performance Testing: Chromebook Based on Intel Core i3-4005 Processor versus Samsung Exynos 5 Octa 5800* Benchmark Name Google Octane* 2.0 WebXPRT* 2013 WebGL* Multitasking* BenchmarkXPRT* What the Benchmark Does Measures the performance of rich Web applications (JavaScript*) such as online document readers and games. Measures how well a device handles Web browsing. It runs online tests that simulate things like photo effects, face detection, stocks dashboards, and offline notes. Web technology that brings hardware-accelerated 3D graphics to the browser as measured by Google Aquarium* (1000 FISH, view 1, all options enabled, lasers OFF, 30 seconds, FPS). Google Hangouts and document open. Open a document from the file system while a Google Hangouts session is running. Measure the combined application and document load time. Measure battery life based on user doing research on the Web, preparing presentations, and watching videos at 200 nts, 75db. Performance Improvement Up to 2.2X faster Up to 4.2X faster Up to 27 percent faster Up to 1.8X faster Two hours more battery life (7.9 versus 5.9 hours) 1 "Gartner Says Chromebook Sales Will Reach 5.2 Million Units in 2014," August 11, 2014, http://www.gartner.com/newsroom/id/2819917. 2 "Migrate Your Legacy Packaged Apps to Chrome Apps," June 30, 2014, http://blog.chromium.org/2014/06/migrate-your-legacy-packaged-apps-to.html. 3 Citrix Wordx App Gallery, https://www.citrix.com/ready/search/citrix?cat_g_ids[]=194. 4 "Receiver for Chrome 1.4," September 30, 2014, http://www.citrix.com/downloads/citrix-receiver/chrome/receiver-for-chrome-14.html. 5 "Chromebooks for Work: More Manageable for IT, More Powerful for Users," October 8, 2014, http://googleforwork.blogspot.com.au/2014/10/chromebooks-for-work-more-manageable.html. 6 "Google Apps Directory Sync," https://support.google.com/a/answer/106368. 7 "U.S. Search Warrant Can Acquire Foreign Cloud, Email Data, Judge Rules," April 28, 2014, http://www.zdnet.com/u-s-search-warrant-can-acquire-foreign-cloud-email-data-judge-rules- 7000028828/. 8 Findings by Principled Technologies as documented in Comparing Chromebooks for Enterprises (http://www.principledtechnologies.com/intel/chromebook_enterprise_0214.pdf) and Comparing Chromebooks for Small Business (http://www.principledtechnologies.com/intel/chromebook_small_business_0314_v2.pdf). INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. UNLESS OTHERWISE AGREED IN WRITING BY INTEL, THE INTEL PRODUCTS ARE NOT DESIGNED NOR INTENDED FOR ANY APPLICATION IN WHICH THE FAILURE OF THE INTEL PRODUCT COULD CREATE A SITUATION WHERE PERSONAL INJURY OR DEATH MAY OCCUR. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured usingspecific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information go to http://www.intel.com/performance. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked reserved or undefined. Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information. The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be obtained by calling 1-800-548-4725, or by visiting Intel s Web site at www.intel.com. Intel is a sponsor and member of the BenchmarkXPRT* Development Community, and was the major developer of the XPRT family of benchmarks. Principled Technologies* is the publisher of the XPRT family of benchmarks. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases. For more complete information about performance and benchmark results, visit www.intel.com/benchmarks. Copyright 2014 Intel Corporation. All rights reserved. Intel, Xeon, Celeron, Core, and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries. * Other names and brands may be claimed as the property of others. Printed in USA 1014/SL/SS Please Recycle

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information