Virtual Desktop Infrastructure and Server Based Computing:

Similar documents
Ericom AccessNow for Microsoft RDCB

Mobile Access Security & Management Managed and Unmanaged Mobile Access to Windows Applications and Virtual Desktops from Smart phones and Tablets

3. Connection Requirements In order to make a connection, you must know the following: Type of emulation needed in order to connect to the host. Metho

WHITE PAPER. BYOD Here to Stay, But Organizations Must Adapt

The Business Case for RDP Acceleration:

PowerTerm. Quick Reference Guide. Contents. 1 PowerTerm Requirements

The Business Case for RDP Acceleration: Resolving the user-experience barrier to Terminal Services & VDI deployments

IT Implications of BYOD in the Cloud Era

VDI or Not to VDI. That is the Real Question. A research paper from Netvoyager plc

Technology Infrastructure

PowerTerm WBT Terminal Emulator

VMware Enterprise Desktop Solutions. Tommy Walker Enterprise Desktop Specialist Engineer Desktop Platform Solutions

Enhanced Protection and Manageability of Virtual Servers Scalable Options for VMware Server and ESX Server

VMware Enterprise Desktop Solutions: What s NEW with VMware View 3. John Hinkle Professional Services Practice principal February 18 th, 2009

Managing IT Complexity Managing the Physical and Virtual world from a Single Console

Enhancing VMware Horizon View with F5 Solutions

Enterprise-class desktop virtualization with NComputing. Clear the hurdles that block you from getting ahead. Whitepaper

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

PCI DSS Compliance. White Paper Parallels Remote Application Server

The Most Reliable Operating System Just Had a New Virtual Release OpenServer 6V

How Parallels RAS Enhances Microsoft RDS. White Paper Parallels Remote Application Server

VMware Overview VMware Infrastructure 3: Install and Configure Rev C Copyright 2007 VMware, Inc. All rights reserved.

Virtualization manager

Goverlan Remote Administration Suite

An ESRI White Paper June 2009 ArcGIS Server and Virtualization

VNC Connect security whitepaper. Cloud versus direct with VNC Connect

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

WHITE PAPER SEPTEMBER VMWARE vsphere AND vsphere WITH OPERATIONS MANAGEMENT. Licensing, Pricing and Packaging

for Windows 2000 Servers. Application server software for enterprises to compete in the digital economy.

Copyright Jetro Platforms, Ltd. All rights reserved.

HySecure Quick Start Guide. HySecure 5.0

Transitioning to Leostream from HP SAM

VMware Horizon View. Read more VMWARE solutions. Contact Us MicroAge.com

Cloud versus direct with VNC Connect

Integrating NComputing Virtual Desktops with Citrix and VMware. April 21, 2010

Session W-06. Brian Lauge Pedersen Technical Solutions Professional - Datacenter

Thin Desktop - The business case for using a PC or Thin Client as the user access device in a virtualization deployment

ACCESSING INVESCO WINDOWS CITRIX RECEIVER CONFIGURATION

The Red RepoRT: MAKING DESKTOP VIRTUALIZATION A REALITY. The Benefits The Approaches. The Challenges The Services VOL

Adopting a Least Privilege Approach with Windows 8

BlackBerry Enterprise Identity

7 Things ISVs Must Know About Virtualization

TECHNICAL WHITE PAPER AUGUST 2017 REVIEWER S GUIDE FOR VIEW IN VMWARE HORIZON 7: INSTALLATION AND CONFIGURATION. VMware Horizon 7 version 7.

Financial Services Solutions

Configuring OneSign 4.9 Virtual Desktop Access with Horizon View HOW-TO GUIDE

Alliance Key Manager A Solution Brief for Technical Implementers

[TITLE] Virtualization 360: Microsoft Virtualization Strategy, Products, and Solutions for the New Economy

Pump Solutions Group CASE STUDY. The Whitewater gateway and the Veeam software work very well together to improve VM data protection.

Goverlan Remote Control v7 vs. Microsoft Remote Assistance

CommandCenter Secure Gateway

Certeon s acelera Virtual Appliance for Acceleration

VMware Horizon FLEX 1.5 WHITE PAPER

VMware View. John Mah Systems Consultant HP: +60 (12) VMware Malaysia

Overcoming Remote Desktop Challenges with

Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

CASE STUDY INSIGHTS: MICRO-SEGMENTATION TRANSFORMS SECURITY. How Organizations Around the World Are Protecting Critical Data

Parallels EMEA Partner Roadshow Parallels Virtualization Portfolio how can I get my piece of the virtualization cake?

BUILDING the VIRtUAL enterprise

Windows Server 2003 Migration with Citrix App and Desktop Delivery

Microsoft DirectAccess

Visualize I/O Connectivity for VMware vsphere

Release Notes. Accops HyWorks SSO Client Release. HyWorks SSO Client v

Storage Considerations for VMware vcloud Director. VMware vcloud Director Version 1.0

Get Ready for the Revival of Large Data Centers

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES

A comprehensive security solution for enhanced mobility and productivity

Kaspersky Security for Virtualization Frequently Asked Questions

Dell helps you simplify IT

Optimizing and Managing File Storage in Windows Environments

WHITE PAPER PernixData FVP

Demo Lab Guide vworkspace

ATEMPO UNITED BACKUP EDITION DATA PROTECTION

ARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018

CLOUDLENS PUBLIC, PRIVATE, AND HYBRID CLOUD VISIBILITY

Why Datrium DVX is Best for VDI

Cavium FastLinQ 25GbE Intelligent Ethernet Adapters vs. Mellanox Adapters

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

TECHNICAL WHITE PAPER DECEMBER 2017 VMWARE HORIZON CLOUD SERVICE ON MICROSOFT AZURE SECURITY CONSIDERATIONS. White Paper

IBM Internet Security Systems Proventia Management SiteProtector

Citrix XenDesktop 4 Proof of Concept

<Partner Name> <Partner Product> RSA SECURID ACCESS. VMware Horizon View 7.2 Clients. Standard Agent Client Implementation Guide

VMware Mirage Getting Started Guide

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

High Availability for Citrix XenDesktop

Network printing challenges? UniPrint is your solution.

Intermedia s Private Cloud Exchange

An introduction to the VDI landscape

Alliance Key Manager A Solution Brief for Partners & Integrators

REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: VMWARE IDENTITY MANAGER ARCHITECTURE

Virtualization Support. Real Backups of Virtual Environments

User Survey Analysis: Next Steps for Server Virtualization in the Midmarket

Go Cloud. VMware vcloud Datacenter Services by BIOS

Reduce costs and enhance user access with Lenovo Client Virtualization solutions

One Release. One Architecture. One OS. High-Performance Networking for the Enterprise with JUNOS Software

Parallels Remote Application Server

Prompta volumus denique eam ei, mel autem

5 Best Practices for Transitioning from Legacy Voice to VoIP and UC&C

Frequently Asked Questions

Transcription:

WHITE PAPER Virtual Desktop Infrastructure and Server Based Computing: Comparative Highlights Ericom Software Ltd. November 2006

Table of Contents Purpose... 3 Virtual Desktop Infrastructure VDI... 3 VDI vs. SBC... 4 Managing User Access... 5 User Authentication and Single Sign-On... 5 Centralized Management and Control... 5 Application Publishing... 6 Summary Making the Best of VDI... 7 Page 2

Purpose VMware s Virtual Desktop Infrastructure (VDI) is a relatively new method of implementing centralized computing. This white paper presents a brief overview of VDI and compares it to Server Based Computing (SBC), the current widely recognized method for implementing centralized computing. This paper highlights several advantages that VDI has over SBC, which may establish as a viable alternative to SBC. However to achieve this, several VDI limitations and shortcomings must be addressed. This white paper explains these limitations and discusses how they may be addressed utilizing solutions and technologies that are currently available for SBC. Virtual Desktop Infrastructure VDI Virtualization is one of the hottest trends in IT, and VMware s Virtual Desktop Infrastructure (VDI) is the latest hot topic of that trend line. The concept behind VDI is straightforward: instead of installing users desktops on local computers, why not host these desktops inside virtual machines that are running at a data center? The users then access these desktops from a local computer or a thin client, using a remote presentation protocol such as RDP or VNC. This consolidation provides multiple advantages compared to local desktops, such as improved security, easier management, regulatory compliance, disaster recovery and reduced maintenance costs. These benefits and, in fact, the entire operational model of VDI are very similar to Server Based Computer (SBC). Indeed VDI can be used in scenarios where previously SBC would have been the preferred option. Copyright 2006 VMware, Inc. Page 3

VDI vs. SBC When comparing VDI to SBC two significant differences become apparent. The first difference has to do with how user sessions are managed on the server. With SBC, multiple users connecting to the same Terminal Server access multiple sessions running within the same Operating System (OS). In contrast, with VDI, each user accesses a distinct OS instance having a single session running inside a unique virtual machine. Multiple virtual machines run on top of the same Hardware Virtualization Layer, such as VMware ESX Server. This difference provides VDI with several advantages over SBC: With VDI each user can have a totally customized and personalized desktop, with a unique set of installed applications and configurations. With SBC users share a common set of application per Terminal Server, and there are limitations on personalized configurations. VDI sessions are much more isolated than SBC sessions. Many of the adverse session interactions that can occur on a Terminal Server simply cannot happen on VDI. Overall this makes VDI more robust than SBC. The same session isolation characteristics make it possible for VDI to host applications that are not compatible with SBC, or behave poorly in an SBC environment. It is possible to mix several operating system types or versions within a single VDI environment. For example some desktops can be Windows Vista, others will be Windows XP or even Linux. Recent advances in virtualization technologies enable VDI to provide these advantages without incurring extraneous costs in terms of scalability and performance. The second difference between VDI and traditional SBC has to do with the maturity of these two approaches. SBC has been around for over a decade. Thus, IT has a good understanding of the requirements of such implementations. Several companies provide products that satisfy these requirements, making SBC both applicable and desirable. VDI, on the other hand, is a new technology and there are few off-the-shelf solutions available to provide equivalent functionalities. As a result, organizations often attempt to implement VDI simplistically, utilizing only the basic virtualization infrastructure and without considering the additional requirements for an affective enterprise solution. This results in partial solutions that do not provide all the expected benefits, or worse, in failed implementations. Fortunately, it is possible to enhance properly designed SBC solutions to support VDI. In doing so VDI can instantly gain all the capabilities that are available for SBC, such as centralized management, load balancing remote printing and more. These solutions and products make VDI an applicable alternative to SBC. In fact, such solutions can be used to implement enterprise-wide access architectures which utilize both VDI and SBC in conjunction, providing the best of both technologies. Let s further examine some of these required capabilities: Page 4

Managing User Access On its own, VDI is like having numerous PCs installed at a central location. Individual users then access those PCs remotely over a network infrastructure. An obvious issue that must be addressed is how to associate each user with an appropriate virtual desktop. An overly simplistic approach, which is nonetheless used by some organizations, is to provide each user with a specific IP address or computer name of a virtual desktop. This approach results in wasted server resources since idle sessions must be kept active so that users can connect to them. In addition, performance degradation can occur due to imbalanced server usage. The appropriate approach is to leverage the fact that in most organizations, users do not require totally individualized desktops. Instead, most users belong to particular groups that require similar or identical desktops. By adding the capability to provide load balancing of pools of identical virtual machines, users will be directed automatically to available desktops on the least loaded servers. A solution that implements this approach can provide performance and enhanced scalability. In addition, managing a limited set of pools of identical desktops is much easier than managing a huge number of individual desktops. User Authentication and Single Sign-On In order to assign users to appropriate desktop pools, users must be identified prior to the actual desktop logon. A specialized broker is required that identifies and authenticates users before they are assigned to specific desktops. Once identified, a user s group association in a Directory Service can be queried to determine the appropriate desktop pool for that user. An additional benefit of this approach is that the broker can add enhanced authentication policies, such as RSA SecurID, thus improving system security. An effective implementation of such a broker needs to support single sign-on so that the user is not required to manually sign on to the virtual desktop after signing on to the broker. Instead the user needs to be signed on to the virtual desktop using the same identity automatically. The broker can also implement single sign-on from the user s local PC, so if the user was authenticated at that point no additional sign-ons will be required at all. Centralized Management and Control One of the most important SBC enhancements is a centralized console for managing an environment consisting of multiple servers and supporting numerous users. Such consoles make it possible to apply configuration changes across the entire environment, monitor user activity on any server and control active sessions. VDI requires, but currently lacks such a console, without which, it is either difficult or impossible for VDI to implement centralized management capabilities on its own. Moreover, without an appropriate management console, VDI management may become more tedious and in fact more difficult, than managing individual PCs. However, integrating an access management broker enhances VDI with the centralized console capabilities required for performing these important administrative functions: Page 5

View connected users and active sessions Monitor VM server activity Locate which VM server a user is connected to Remote control a VM state: reboot, suspend, stop Provide remote assistance and support, including session shadowing Etc. In addition to real-time management capabilities, such access management consoles may provide logging and auditing features. This allows the organization to continuously monitor user activity over time, and is often a requirement for regulatory compliance. Application Publishing As its name implies, VDI is currently used almost exclusively to provide remote access to entire desktops. Providing the capability to publish individual applications from VDI significantly enhances the capabilities of that platform. Application publishing enables: Overcoming application conflicts by allowing the user to access multiple applications that cannot reside on the same desktop Providing On-Demand access to required applications without installing them on all the desktops. This can also reduce licensing costs Leveraging local client capabilities by allowing the user to run applications both locally and remotely Effective application publishing requires support for Seamless Windows so the remote applications are properly integrated into the local desktop. This allows the user to easily and naturally use multiple applications residing on several desktops, both local and remote. For the users to access published desktops and applications, an easy-to-use Graphical User Interface (GUI) is required. For SBC, this GUI is often implemented as a Web Interface or a local application that displays the icons of applications and desktops available for a particular user. The user can then easily launch such desktops and applications by clicking on the appropriate icons. These icons can also be placed on the user s local desktop for immediate access. There are numerous additional SBC related features that are also relevant for VDI. These features include: Secure remote access, including single point of entry, server-side certificates and more Local printing and access to local peripherals Portal integration Page 6

Summary Making the Best of VDI VDI has the potential to realize the benefits of centralized computing beyond what is currently provided by SBC. In order to deliver on this potential VDI needs to be significantly enhanced beyond the basic concept of hosting virtual desktops on servers. Properly applying solutions and technologies that have evolved for SBC to VDI can provide these required enhancements. Ericom is very interested in receiving your feedback to this paper, and knowing what other white paper topics would be useful to you. Please write to WhitePapers@ericom.com Page 7

About Ericom Ericom Software is a leading provider of Enterprise-Wide Application Access Solutions. Since 1993, Ericom has been helping users access enterprise businesscritical applications, enabling access to applications running on a broad range of Microsoft Windows Terminal Servers, legacy hosts and other systems, and providing concrete business value by helping organizations realize the benefits of their IT investments. With offices in the United States, United Kingdom, EMEA, India and China, Ericom also has an extensive network of distributors and partners throughout North America, Europe, Asia and the Far East. Our expanding customer base is more than 30 thousand strong, with over 6 million installations. Visit http://www.ericom.com for instant downloads of free product demos and compelling case studies. North America UK & Western Europe International Ericom Software Inc. Ericom Software (UK) Ltd. Ericom Software Ltd. 231 Herbert Avenue, Bldg. #4 11a Victoria Square 8 Hamarpeh Street Closter, NJ 07624 USA Droitwich, Worcestershire Har Hotzvim Technology Park Tel +1 (201) 767 2210 WR9 8DE United Kingdom Jerusalem 91450 Israel Fax +1 (201) 767 2205 Tel +44 (0) 870 2000 176 Tel +972 (2) 591 1700 Toll-free 1 (888) 769 7876 Fax +44 (0) 870 2000 179 Fax +972 (2) 571 4737 Email info@ericom.com Email info@ericom.co.uk Email info@ericom.com 2006 Ericom Software Ltd. Ericom and PowerTerm are registered trademarks of Ericom Software Ltd. Other company brands, products and service names are trademarks or registered trademarks of their respective holders. Page 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback