Dynamic Workspace openline Uw betrouwbare en innovatieve partner voor uw technisch ICT domein Consultancy Managed Services Servy Kitzen Principal Consultant Servy.Kitzen@openline.nl
Agenda From Traditional to Dynamic Workspace Design Virtualisation Workspace: Client Hypervisor Coffee Break Virtualisation OS: OS Provisioning Virtualisation Apps: Application Virtualisation / Streaming Virtualisation User settings: Personality Virtualisation Printers: Driver-free Printing Questions
Workspace Problem / Need Problem Current traditional workspace design cannot provide growing dynamic need of organisations: Too dependent on constraints from local hardware (hardware differences, hardware not compatible with new OS versions) Too dependent on possible (unwanted) conflicts between applications Too many applications which must be managed (are we not managing too much?) Too slow in change process because of complex procedure (procure, design, build, test, distribute, maintain, retire) Need: Workspace must be dynamically build based upon menu choices: Which OS (XP, Vista, 7)? Standard applications, custom made applications, private applications? Company workspace (Desktop / Laptop), BYOC (Bring Your Own Computer) or both?
Traditional Workspace Design Many dependencies Personality Operating System (Print)Drivers Hardware
Dynamic Workspace Design Separate hardware and OS Personality Operating System (Print)Drivers Now: OS Provisioning / VDI / SBC 2010+: Client Hypervisor Hardware
Dynamic Workspace Design Separate application and OS Personality App Virtualisatie+Streaming Operating System (Print)Drivers Now: OS Provisioning / VDI / SBC 2010+: Client Hypervisor Hardware
Dynamic Workspace Design Remove Personality, Make it Portable Personality App Virtualisatie+Streaming Personality Operating System (Print)Drivers Now: OS Provisioning / VDI / SBC 2010+: Client Hypervisor Hardware
Dynamic Workspace Design Remove Printdrivers Personality App Virtualisatie+Streaming Operating System (Print)Drivers Drivers Now: OS Provisioning / VDI / SBC 2010+: Client Hypervisor Hardware Print Drivers
Dynamic Workspace Design DataCentric Solution Connectivity DataCenter A Datacenter B Site Failure Replication
Dynamic Workspace Design Modulair concept is key!
Dynamic Workspace Design Main choices OS Provisioning Citrix Provisioning Services for Datacenters and Desktops VMware View Composer VDI Citrix XenDesktop 4 VMware View 4 Client Hypervisor Citrix XenClient VMware Client Virtualization Platform
Dynamic Workspace Design Main choices Application Virtualisation+Streaming Citrix Client-side Application Virtualization VMware ThinApp Microsoft App-V Personality AppSense Management Suite with Personalisation Server Driver-free Printing tricerat SimplifyPrint Bundle / Screwdrivers
Client Hypervisor Concept!
Client Hypervisor Concept! Intel vpro
What is it?: Client Hypervisor What is it? Hypervisor technology for the user client (Laptop / Desktop): Still no live products (from main vendors), items mentioned below are expectations from market, not hard promises from manufacturers! Bare metal (type-1) hypervisor Like VMware vsphere, Citrix XenServer, Microsoft Hyper-V but made for the user client Creates independency from client hardware to the OS image OS image portable between incompatible hardware devices With using best possible method to use existing client hardware with highest experience factor Specials are mainly in Multimedia aspects (audio, video, webcam, voip etc) expected next to Wireless (Radio Control), Power Management CPU, MEM, HD, NIC are already known to handle by manufacturers OS image can adapt variations in underlying hardware (CPU cores, MEM size, )
Client Hypervisor What is it? Creates possibility to run n OS images concurrently on user client If n will be > 2 is unknown at this stage Real Security layer between Work and Private OS Image (not running on top of but beside) including Encryption of OS images (+time bombing) Will deliver direct (live) switch possibility between the several OS images If not delivered it offers the same as Dual Boot, not expected Might deliver application integration / sharing / publishing between OS images Your Client hardware must be able (CPU-type, enough MEM) to run Client Hypervisor A Hardware Compatibility List or minimum specs sheets is expected Think like you need enough power to run f.i. XP next to Win7 concurrently Expected to deliver centrally managed / controlled images next to privately managed / controlled
Client Hypervisor What is it? Centrally managed / controlled Your company defines OS image including security rules OS image based on central, reusable & anonymous image OS, including Windows embedded Apps, are available next to Apps delivered in other methods Installed in OS image Delivered via ESD Streamed as virtual App Published through SBC Published on Web... Expected to deliver several hosting (integration) methods Client hardware: offline VDI when travelling / not connected to office using checked out / synced image delivering best experience Server Hardware: online VDI when client hardware is not available (Thin Client, Internet Cafe, KIOSK PC) delivering somewhat degraded experience
Client Hypervisor What is it? Privately managed / controlled You define OS image! Security rules can be enforced by your company with NAC / NAP techniques Only accept on LAN if up-to-date patched, antivirus enabled and up-to-date, local firewall enabled... You define what Apps are installed! Only one hosting method wise: Client hardware Hosting on server hardware is (technically) possible but is that your goal?
OS Provisioning Target Device 1 Standard Image Mode Target Device 2 Provisioning Server Network Storage A Target Device 3 On reboot, a clean Any single session vdisk changes is image is streamed down streamed are not written to many back target to to the target devices. devices. the base vdisk.
OS Provisioning Disk Write-backs Disk write-backs are stored separately for each target device Target Cache Device File Cache File Provisioning Server Network Storage A Server-Side Disk Cache Device-Side RAM Disk Cache The All writes write-back are place cache When The write-back the image cache is in file streamed a write-back can be place down cache on file can be place the on in file. the the to PVS server hard drive the device target hard RAM. device drive. or network storage.
OS Provisioning Managing User Data Cache File Target Device Network Storage User Data User Data Things Tools: like: My Roaming Documents Profiles Desktop Hybrid Profiles Wallpaper Folder Redirection Start Menu There are tools These available tools help with you store machine and personalization configure the user including workspace Roaming outside the Profiles, write-back Hybrid cache. Profiles and Folder Redirection.
OS Provisioning Managing OS switch made easy
OS Provisioning Managing OS switch made easy
OS Provisioning Managing OS switch made easy
Application Virtualization & Streaming What is it? Method to use a (Windows) application on a OS (PC, SBC) without having to install this application and by using the local resources (CPU, MEM, HD, NIC) to run it By using a agent which creates a virtual isolated environment and can stream parts of the application or the whole application to the OS Can be used side-by-side with existing ESD!
Application Virtualization & Streaming Virtualized applications can reduce the cost of testing, packaging and supporting an application by 60%. -Gartner Research Inc., TCO of Traditional Software Distribution vs. Application Virtualization, Brian Gammage, Mike Silver, Terrence Cosgrove, Mark Margevicius, April 16, 2008 Over the next 2 to 5 years over 50% of medium to large enterprises will adopt application virtualization, -Gartner Research Inc., Strategic Planning for Application Virtualization, Ronni Colville, Terrence Cosgrove, May 16, 2008
Application Virtualization & Streaming Advantages No/less installations of applications needed (clean, light, almost modular workstation) Application can easily follow user on different windows based devices (no pre-install needed, only login) Increased stability Faster provisioning of packages, in both preparation and rollout Rollback and Updates are very easy (replace files central server) Use different versions of the same application side-by-side
Application Virtualization & Streaming Advantages Reduce testing effort to real desired functionality of the application together with the functional interactions with other applications No/less application conflicts Reduce need for local admin rights, enhance security (admin only in stream, not on OS) Consolidation of SBC servers (less silo s) Offline usage supported (local cache), time-bombed
Application Virtualization & Streaming Disadvantages Not everything can be virtualized (drivers, services, antivirus, VPN, hardware dependent like dongles, sometimes OS-integrated like IE & patches) New way of problem-solving, learning curve for IT-personnel Requires more initial knowledge of software dependencies, some Applications must be streamed together or need inter-dependencies organized (all major vendors can offer this!) More complex for Branch Offices / WAN if streamed to local client (distribution point needed and/or WAN optimizer)
Target Device 1 Application Virtualization & Streaming with Standard Image Mode (OS Provisioning) Isolation Provisioning Server Target Device 2 Isolation Network Storage A Target Device 3 Isolation Application Streaming Providing And Applications With the addition of through a unique can streaming isolation be application streamed on-demand stack per target to each device. target device
Case: customer wants roaming profiles for users and minimal maintenance for its Admins AppSense Environment Manager Small mandatory profile (fast logon) Personality AppSense Management Suite Maintain user / application settings (white list only) in central DB with offline mode support Settings will be dynamically just in time offered through streaming technology, no matter what (Windows) OS is used! Correct application settings can be easily restored during a live session (no logoff/logon required) by the Admin without disturbing other application settings Coming: User installed applications through Sandboxing, User Rights Management
Driver-free Printing tricerat Case: customer wants full printing functionality when offering printers on both x86/x64 OS without replacing printers or managing local printdrivers Older printers mostly do not support x64 OS at all or ONLY with limited functionality (when using Universal Printdrivers from manufacturer) Without tooling unplanned costly printer replacements could be needed Without tooling insourcing (with new yet unsupported printer types which need support) can be more costly and complex No drivers needed in several scenarios SBC, VDI, Client Hypervisor Enables easy, common central image to be deployed (without printdrivers) for these use cases
Driver-free Printing tricerat Centrally Managed: Easy Maintenance & Usage (De)Central printserver(s) which contains all printers as DB objects for each location Admin (not the user) controls which drivers to install, manage Printer objects are mapped to users at logon offering full functionality Based on AD group membership made by Admin High compression on WAN/LAN to Printserver (low bandwidth usage) Or not managed at all Local Client based Possible scenario for VDI/SBC Local installed printers will be automatically mapped to VDI/SBC session at logon High compression on WAN/LAN to Client (low bandwidth usage) Or combine both above options!
openline Uw betrouwbare en innovatieve partner voor uw technisch ICT domein Consultancy Managed Services