Simplify Suite in a VDI Environment



Similar documents
Desktop Management, Profile Migration and Cross Platform Delivery. Technical Overview

Enterprise Solution for Remote Desktop Services System Administration Server Management Server Management (Continued)...

Benefit. Allows you to integrate RES PowerFuse with application virtualization technologies other than SoftGrid (e.g. Citrix XenApp, VMWare Thinapp).

RES PowerFuse Version Comparison Chart (1/9)

Enterprise Remote Control 5.6 Manual

An Analysis of Propalms TSE and Microsoft Remote Desktop Services

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

Citrix Access Gateway Plug-in for Windows User Guide

PROPALMS TSE 6.0 March 2008

CITRIX 1Y0-A14 EXAM QUESTIONS & ANSWERS

RES Workspace Manager 2012 SR2 Release Notes Fixpack

ThinPoint Quick Start Guide

App-V Deploy and Publish

Compliance series Guide to meeting requirements of USGCB

THE POWER OF GROUP POLICY

These guidelines can dramatically improve logon and startup performance.

PLANNING AND DESIGNING GROUP POLICY, PART 1

ProfileUnity Best Practices

Setting up VPN and Remote Desktop for Home Use

Quick Start Guide for Parallels Virtuozzo

FileMaker Pro 12. Using a Remote Desktop Connection with FileMaker Pro 12

2XApplication Server XG v10.1

2XApplication Server XG v10.6

Propalms TSE Deployment Guide

New Feature Guide TSE 7.0. Overview. 1. New TSE Desktop Client for Windows. Propalms Ltd. Published February 2013

2X ApplicationServer & LoadBalancer Manual

Networking Best Practices Guide. Version 6.5

LifeCyclePlus Version 1

Release Version 3 The 2X Software Server Based Computing Guide

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Virtual Desktop Infrastructure in

FileMaker. Running FileMaker Pro 10 on Citrix Presentation Server

Setting up VPN and Remote Desktop for Home Use

FileMaker Pro 11. Running FileMaker Pro 11 on Citrix XenApp

Remote Application Server Version 14. Last updated:

2X ApplicationServer & LoadBalancer Manual

Pearl Echo Installation Checklist

Hosted Service Tips and Troubleshooting

Migrating Exchange Server to Office 365

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

CODESOFT Installation Scenarios

2X ApplicationServer & LoadBalancer & VirtualDesktopServer Manual

Microsoft.Test-inside v by.ROD.239q

Citrix Application Streaming. Universal Application Packaging and Delivery Breaking Away from Traditional IT

Quick Start Guide for VMware and Windows 7

Global Image Management System For epad-vision. User Manual Version 1.10

MS-50255: Managing, Maintaining, and Securing Your Networks Through Group Policy. Course Objectives. Required Exam(s) Price.

AdminStudio Release Notes. 16 July Introduction New Features... 6

SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide

Course Outline. ttttttt

Remote Application Server Version 14. Last updated:

Deploying Dedicated Virtual Desktops in Hosted Environments

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Group Policy 21/05/2013

BULLGUARD BAckUp GUIDE

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows

Virtualizing the Desktop with ScriptLogic Desktop Authority

Upgrade Guide. Upgrading to EventTracker v6.0. Upgrade Guide Columbia Gateway Drive, Suite 250 Publication Date: Sep 20, 2007.

Using Logon Agent for Transparent User Identification

Windows Operating Systems. Basic Security

RELEASE NOTES. Release Notes. Introduction. Platform. Product/version/build: Remote Control ( ) ActiveX Guest 11.

Wyse vworkspace Supports Higher Education s Desktop Virtualization Needs

This document details the procedure for installing Layer8 software agents and reporting dashboards.

Release Version 4.1 The 2X Software Server Based Computing Guide

Installation Guide: Delta Module Manager Launcher

FAQ. How does the new Big Bend Backup (powered by Keepit) work?

CONNECT-TO-CHOP USER GUIDE

FileMaker Pro 13. Using a Remote Desktop Connection with FileMaker Pro 13

INSTALL AND CONFIGURATION GUIDE. Atlas 5.1 for Microsoft Dynamics AX

Virtual Application Management with Microsoft Application Virtualization 4.6 and System Center 2012 Configuration Manager

Goverlan Remote Control

SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide

Special Edition for FastTrack Software

HELP DOCUMENTATION E-SSOM INSTALLATION GUIDE

Hosting Users Guide 2011

Novell ZENworks 10 Configuration Management SP3

Administering and Maintaining Windows 7 Course 50292C; 5 Days, Instructor-led

WhitePaper CHOOSING THE RIGHT THIN CLIENT DEVICES, OS & MANAGEMENT SOFTWARE. What to look out for when buying thin client software and hardware

Citrix Provisioning Services Administrator s Guide Citrix Provisioning Services 5.1 SP2

Microsoft Terminal Server and Citrix Presentation Server Deployment Environments

Fundamentals, Security, and the Managed Desktop

Close Support Service Desk v Upgrade Guide

How to monitor AD security with MOM

Desktop Virtualization in the Educational Environment

Windows Server 2008 R2 Remote Desktop Services

Managing and Maintaining a Windows Server 2003 Network Environment

Administrators Help Manual

Product Review ControlUp

Augmenting VMware View Horizon (VDI) with Micro Focus Client Management

Desktop Virtualization Strategy

For Splunk Universal Forwarder and Splunk Cloud

TSPrint - Usage Guide. Usage Guide. TerminalWorks TSPrint Usage Guide. support@terminalworks.com

NetWrix USB Blocker. Version 3.6 Administrator Guide

Maximize the Productivity of Your Help Desk With Proxy Networks Remote Support Software

Desktop Authority and Group Policy Preferences

Transcription:

Simplify Suite in a VDI Environment Before jumping onto the VDI bandwagon, ensure a smooth transition. tricerat solves the problems you may face when transitioning to VDI. Andrew Parlette, VP of Product Development Adam D. Oliver, Sales Engineer Gary L. Weber, Simplify Profiles Developer Alicia H. Davis, Marketing Communication Manager tricerat, Inc. January 14, 2009

What is VDI? VDI (Virtual Desktop Infrastructure) is poised to drastically change the way companies run their desktops. In VDI, application workload is moved from a desktop at the user s workspace to a virtual desktop running on a central server. An endpoint is then used to remotely connect to this virtual desktop via a connection protocol such as RDP or ICA. Endpoints can be a fat client, a traditional desktop computer with a full version of Windows, or a thin client (a small piece of equipment running an embedded version of Windows, Linux, or a proprietary OS). Unlike a Terminal Server or Citrix Server environment, VDI provides a full desktop experience to users, as opposed to just individual applications. VDI environments have multiple advantages including increased security, reduced maintenance costs, and high scalability. However, before diving into a complete VDI makeover there are several things you need to think about. Why VDI? With today s concerns about data security, management simplification, and cost reduction, implementing a virtual desktop solution is very appealing. The use of thin clients as endpoints can greatly increase system security because all application processing and data caching happens on the virtual desktop, leaving no risk of compromising sensitive data if an endpoint is stolen. The reduced hardware requirements of a thin client allow the devices to consume very little power and keep the cost of the devices low. Instead of needing to refresh all physical user desktops to increase performance, administrators can continue to use the same thin clients and only upgrade the server hardware that is hosting the virtual desktops. The maintenance and expansion of a VDI environment is much simpler in comparison to a physical desktop environment. Corrupt virtual desktops can easily be destroyed and recreated by copying another working virtual desktop. In environments with multiple servers hosting virtual desktops, users can connect to any working server and not be affected by a down server. Expanding the capacity of a VDI environment can be done simply by purchasing another server or by upgrading hardware in a current server. Even with all the benefits VDI provides, the existing problems of user profile customization, machine settings management, and application lockdown will continue to plague organizations. On top of that, VDI can add complications to your printing. tricerat has a complete suite of products to attack and resolve these issues, allowing you to take full advantage of all a VDI environment has to offer. The User Profile Customization Problem Microsoft s profile solutions can be a double-edged sword. Users need customization options in order to execute their jobs with efficiency, yet too much freedom can lead to corruption problems

and lax work production. Contrary to some opinions, desktop virtualization will not solve the problems user profiles currently have on physical desktops. There are a few different profile choices native to a Windows Server environment that attempt to handle your particular situation. 1) Local Profiles Cannot follow user from machine to machine 2) Roaming Profiles Uncontrolled growth 3) Mandatory Profiles No customization 1) Local Profile: Stores any user customizations on the desktop running the session. During logon, there is no need to copy the profile from a network location, resulting in fast user logon. However, the profile is local to this desktop and will not follow the user if they change desktops. Also be aware that any time a user logs on to a desktop for the first time, they will have no settings. Each desktop now contains a different profile making it impossible to manage user customizations. In VDI, users connect to any available virtual desktop and will constantly need to reapply and customizations. 2) Roaming Profile: Stores all customized settings to a shared network location. This allows any desktop to copy the user s profile during logon so their settings are available on every desktop. At logoff the profile is copied back to the network location, maintaining the most current copy of user settings on the network. There is no way to control what profile information is saved. This causes the profile to grow very large, increasing both logon and logoff times. At best, administrators can use group policy to manage a text list of folders in the profile to be omitted from the profile. Profile corruption during logoff can also bring work to a halt as Windows may be unable to replace the registry file at logoff, causing the network copy to become corrupt or deleted and consequently losing all settings. 3) Mandatory Profile: Like a roaming profile, a mandatory profile stores all settings on the network. The key difference is that a mandatory profile never copies back to the network location at logoff and therefore never changes. Since a mandatory profile does not change, there is no growth in size, resulting in fast logons. This greatly improves user productivity and eliminates the profile corruption possible in roaming profiles. However, any customization a user makes is lost since the profile cannot be altered which may impede a user s ability to work optimally. In choosing a profile format, using local profiles forces administrators to assign a user to a specific virtual desktop, negating the benefit VDI brings in easily deleting and creating virtual desktops when needed. This leaves administrators picking between a roaming profile with uncontrollable profile growth or a mandatory profile with complete lack of customization. While this choice may maintain the status quo for the user experience, addressing the profile issue will improve user productivity and reduce maintenance of the environment. The ideal solution is a mixture between the roaming and mandatory profile without the disadvantages of either.

tricerat s Simplify Profiles offers a robust and efficient hybrid solution, allowing an administrator to have complete control over what sections of a profile are saved. The user's profile is kept to a minimum size, logons are optimized, and tools are provided to manage the profile data. tricerat includes the Profile Migration Utility to Full customization Minimal logon and off times Central management point using Simplify Console Robust storage of user customizations easily migrate existing profile settings into the database. Profile corruption becomes a thing of the past, greatly reducing administrative overhead. Users are configured with a small mandatory profile which contains only a few basic user settings. When a user logs on, the mandatory profile is copied down from the network, any Active Directory group policies are applied, and then Simplify Profiles steps in. Using the Simplify Console, administrators can add different types of objects that are applied during logon and logoff. There are three object types in Simplify Profiles. 1) File Operation Objects: Consist of copy, move, rename, and delete. Operations can be performed on files or folders and support wildcards and environment variables, such as %USERNAME%. These objects can be used to copy Application Data folders to a central server store instead of redirecting the entire Application Data folder. Any application delays due to applications hitting a redirected Application Data folder can be eliminated. 2) Registry Operation Objects: Can create keys and values in the registry. A key can also be marked Save/Restore. At logoff this key, and all sub-keys if selected, will be saved to the database. This data will be restored at logon. Only the data specified by the administrator is saved, reducing overhead and keeping logon times to a minimum. tricerat s trireg utility can be used to browse all registry information saved in the database. Using trireg, any application data can be deleted or modified by the administrator. 3) Policy Objects: Drive mappings, drive restrictions, explorer restrictions, and folder redirections are all policy objects. Drive mapping entries are added directly to the registry, eliminating any excess logon time due to net use commands. Drive restrictions can both hide and prevent access to any drive letter. Explorer restrictions can prevent changes to the desktop environment like drive mapping and accessing security settings on folders and files. Simplify Profiles goes beyond what is available in group policy by allowing redirection of eight profile folders. This hybrid solution brings administrators what the Microsoft solutions lack. It s no longer a matter of all or nothing. Administrators can have a robust solution that eliminates profile issues in the current environment and optimizes the logon process. tricerat s Profile Analysis Tool (PAT) can be used to break down folder size within a profile, identifying folders that have grown excessively large. PAT can locate local, roaming, mandatory, terminal server, and cached

profiles. Download the free Profile Analysis Tool from tricerat today at http://www.tricerat.com in the downloads section. Virtual Desktop Settings Virtual desktops are typically accessed through connection protocols such as the Remote Desktop Protocol (RDP) and PortICA (Citrix s ICA port for VDI). While these protocols have been greatly improved over the years, they can still suffer when many visual effects are used. If little network bandwidth is available, items such as menu fades, screen savers with heavy graphics, and the fading of the desktop during logoffs can greatly affect a user s desktop experience. Other settings such as adjusting automatic updates and turning off the Desktop Clean Up Wizard tool can also improve the user s desktop experience. Messy group policy configurations Connection protocols can be bogged down by heavy visuals Microsoft provides the ability to change many settings through group policy. Combining policies from different levels can lead to an organization unit nesting nightmare. Blocking inherited policies or making assignments at an individual user level is not possible. If a setting is not in group policy then it cannot be set and assigned, which leaves altering registry information via scripts as the only option. Simplify Profiles can be used to specify any desktop Easily modify any registry setting setting in the registry. Registry objects can then be Can be assigned at any AD level assigned to entire domains, organizational units, users, groups, computers, and more. Furthermore, administrators can deny any assignment that is inherited from a higher level. Since any setting that is in the registry can be provided, administrators are not limited to what is available solely in group policy. From one central point, an administrator has complete control over the user registry. The Printing Problem VDI environments can create a print driver headache of for Driver management headache an administrator. When client endpoints have locally No central management attached printers, drivers for each model will need to exist Unreliable universal print driver on the virtual desktop. The more virtual desktops in use, the more time consuming it is to maintain the environment. Universal print drivers like the one provided by Citrix is only a fallback measure that can frequently fail to detect a printer. If the printers in use are directly connected to the network, administrators have to add each one into a user profile. This lack of a central administration point makes printer additions and changes unnecessarily tedious. tricerat can eliminate the need to worry about driver management on virtual desktops. The ScrewDrivers technology is our universal print driver that eliminates the need for any other

printer drivers on the virtual desktop. The ScrewDrivers Server for XP & Vista is loaded on the virtual desktop image and the ScrewDrivers Client is installed on the endpoint. Upon logon, printer capabilities are passed to the virtual desktop and a copy of the local printer is created for the user. compatible with both 32-bit and 64-bit versions of Windows. 100% Guaranteed universal print driver Central management for network printers 64-bit compatibility ScrewDrivers is For network printer environments, the Simplify Printing Bundle can bring the ScrewDrivers technology to print servers. A small agent is installed on a printer server and a management console is used to easily assign printers to Active Directory domains, organization units, groups, users, and more. Both the Simplify Printing Bundle and ScrewDrivers offer users a custom file format to pass data to the endpoint or printer server. This TMF format compresses the print job far more than the standard EMF format. Locking Down the Desktop Blocking administrative rights from end users is a good way to start locking down a desktop. With the Software Restriction architecture of group policy, restrictions are Restart required to take effect Complicated group policy inheritance downloaded to a machine and then applied the next time a machine is started. Being a group policy, they are assigned at the Organizational Unit (OU) or domain level. Mixing group policies or nesting OUs to create the desired effect can be very complicated and time consuming. In addition, user desktops are not fully customizable and require administrators to manage shortcuts inside a user s profile to control the desktop experience. tricerat offers two products to lockdown and customize the desktop. Simplify Lockdown, like Software Restrictions, allows an administrator to specify either a banned or trusted list of applications. Applications can be identified by the filename or the filename and path. In addition it can Complete control over all processes Easily to assigned to most AD objects Can define valid child processes Provides complete customization of user s desktop include a hash on the executable or arguments used with the executable. When using a hash, each application object can contain multiple hashes, allowing one object to cover different versions of the executable. In addition, a separate list of trusted applications can be created on a per object basis for complete control over child processes. Using the Simplify Console, these objects can be assigned to Active Directory users, groups, OUs, computers, or be based on where the user is connecting. This gives the administrator far more flexibility and ease in assigning objects. Simplify Desktop includes an Explorer shell replacement called trishell that gives an administrator full control over what is on a user s desktop, start menu, and quick launch. This is done by using application objects in the Simplify Console and not by managing program shortcuts buried in a user s profile. It is possible to give users a desktop with only the icons for

the applications they need and eliminate all unnecessary shortcuts. These objects can be refreshed by a user mid-session, allowing an administrator to make instant changes. Ultimately, using the trishell with a banned or trusted list in Simplify Lockdown provides a more secure and customized user experience. Why tricerat? Administrators need a way to attack existing issues in order to make their VDI transition seamless. Using the tools available in Windows can complicate management and create a partial solution. tricerat s suite of products can resolve these problems, whereby reducing administrative overhead and maintenance costs. Simplify Profiles can give users customization, drastically reduce logon times, and give an administrator full control of virtual desktop settings. Simplify Printing can eliminate the driver management headache of endpoint attached printers and easily configure user network printers. Simplify Desktop and Simplify Lockdown can give complete control over the look of a user desktop and allow only authorized software to run. Whether you have a complete VDI environment or a physical environment in transition to VDI, the Simplify Suite will benefit your system. Visit http://www.tricerat.com today to download a fully featured 30-day trial of the Simplify Suite.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information