Post on 24-May-2015
description
1
March 22, 2011
Ohio DODD’s Approach to VDI Success
2
Why VDI Now?
3
Why VDI Now?
Distributed Workforce• Outsourcing & off-shoring• Mobile & remote workers
Security, Control of PCs• Patch compliance• Security
Rising Cost of PC Management
• Deployment• Support
Hardware Management Complexity
• Many makes & models• Refresh cycles
4
Why VDI Now?
- Desktops are Enterprise Infrastructure
- As distributed end-points, desktops are hardest to secure, manage and maintain
- Enterprise IT is faced with a massive desktop refresh cycle
- IT budgets are under pressure
Non-hardware/software costs dominatetotal PC costs
Hardware and software make up less than30% of total PC total cost of ownership
Source: Gartner Research
Physical desktop TCO
5
Why VDI Now?
Low Resource UtilizationSoftware Compliance Risks
Heterogeneity High Management Costs
Security Threats
Data Theft Virus / Malware
Phishing Hacking
Admin Inefficiencies
Upgrades Patches
> 70% of TCO ($6,800* / user/ year) )
Threat of Licensing Audits!!
Internal
External
-IDC
*Gartner
The desktop is the least utilized resource on the
network!
Too tactically focused
-IDC
Need for preventive/ proactive measures
6
• Provide users with a VDI experience that is equal to or better than what they have today with their Personal Computer
• Securize, Stabilize, Standardize, Centralize, Optimize and Operationalize• Management and Support• Costs• Support Resources• Backup• Data • Power• Software• Etc.
• Life Cycle Management – it was time for us• What’s old is new….timing is everything• Develop an agile infrastructure (cloud)
Project Objectives & Benefits
7
• Persistent, Semi-persistent and Non-persistent
• Turning Personal Computers into manageable Business Computers
• Same desktop from anywhere
• Doctors, Nurses, Executives, Back-office, IT, Food Services, Maintenance, Housekeeping, Guest, etc.
Use Cases
8
Project Details• Capitalize on innovation
• A purpose built environment vs. a utility or add-on• Seamless integration• Doesn’t lock you in• Reduce complexity without reducing flexibility – keeps it
simple
• Critical elements – typical project critical success factors• Level of non-technical complexity depends on current
environment/situation
• Critical technologies• Servers – availability and scalability (HP C7000)• SAN – IOPs (Whiptail and Compellent)• WAN – bandwidth and optimization
Layering: The Key to 98% Desktop Virtualization
State of Ohio DODD Webinar
VDI Point Tool Approach: Cost & Complexity
OS / ImageManagement
Storage Footprint
Application Management
Profile Management
Client Management
What’s Needed: Simplicity & CompletenessStorage• Footprint reduction• Storage tiering• Local or shared
OS / Image Management• Single image management• Image sharing• Version control• Rollback
Application Management• Any application• Versioning• Rollback
User/Machine Personalization• Local profile utilized• ALL settings retained• Data and Apps stored separately• User-installed apps supported
Unidesk: Desktop Layering Innovation
C:
The Best of Persistent & Non-Persistent VDI
Persistent:custom foreach user
Non-persistent:stateless and managed by IT
Isolate OS, Applications and User
Create or Patch Underlying Layers Once
Personalization Layer is Sustained
Layer Versioning for Instant Repair/Rollback
Two Patent-Pending Technologies
CacheCloud™
Windows: Read-Only
Personalization: R/W
App 1: Read-Only
App 2: Read-OnlyC:
Composite Virtualization™
Antivirus
Print Drivers
CacheCloud™
Windows: Read-Only
Personalization: R/W
Application 1: Read-Only
Application 2: Read-OnlyC:
Composite Virtualization™
CachePoint VM
Storage Savings WITH User Personalization
Windows (shared)
Personalization 1
App 1 (shared)
App 2 (shared)
Personalization 2
Personalization 3
UnideskManagement
ApplianceVirtual appliance serves GUI, maintains policy &
configurationAdministrator
UnideskMaster CachePoint
Virtual appliance stores common layers
UnideskCachePoint
Virtual appliance stores only the layers need by
desktops it hosts
End Users
Unidesk Topology
Host1
Host2Personalization Layer Backups
Regular backups of desktop personalization layers for
recovery purposesUnidesk Virtual Desktops
Unidesk-composited desktops hosted on
existing VMware infrastructure
See How Easy VDI Can Be
© 2009 VMware Inc. All rights reserved
Confidential
VMware View – Enabling manageability and mobility like never before
23
Modernizing the Desktop – A Managed Service Model
Persona
Applications
Operating System
Centralized Management
DesktopDelivery
ModernDesktop
24
Modernizing the Desktop – VMware Vision
Mobile Desktop Mac Thin Client Offline iPad
Desktop Cloud
Cloud Desktop Management
• Image Management
• SLA• Provisioning• Maintenance• Policy• Security
Cloud Desktop Infrastructure • On Demand
Resources
• Availability
• Scalability
• Performance
vCenter – Policy-based Management & Automation
vSphere – Platform for Cloud Infrastructure
View – Desktop Computing via Cloud
OS Apps Persona
Personalized Access across Devices
Desktop Application Portal
25
VMware Partner Unidesk Shares the Same Vision
“Dynamic desktop composition represents an advance in client management technology and can accelerate growth for virtual desktops where the ability to personalize the user experience is needed. Unidesk’s layering technology is an innovative example and we look forward to collaborating to modernize the desktop experience for VMware View and VMware vSphere customers.”
- Scott Davis, CTO, Desktop Virtualization, VMware
26
Customers Modernizing More Desktops with View and Unidesk
27
Key ComponentsBuilt on reliable vSphere platform
vCenter Server
View Connection Server
View Security Server
Now supports PCoIP!
View Client
Offline Client available for special use cases
Overview of the View Architecture
vCenter
CentralizedVirtual Desktops
MicrosoftActive Directory
View Connection Server
View Security Server
View Client
DMZ
PCoIP
28
View Security Server Security Features
• Native support for PCoIP added in View 4.6
• Recommended for DMZ deployment or environments with separated networks
• Only authenticated users can gain access through it
• Can ensure that virtual desktop access is only possible for authenticated users. The only desktop protocol that can enter the data center is on behalf of authenticated users
• Ensures users can only access resources (virtual desktops) they are authorized to access
• Zero administration
• Offloads the HTTPS processing and all desktop protocol traffic away from the View Connection Server
• Multiple View Security Servers are used for scalability and HA with loadbalancers
• Support for RSA SecurID and smartcards
View Security Server
29
Operating System
ThinApp – application virtualization
Features
• Decouple applications and data from OS
• Agent-less architecture
• Wide platform and application support
• Plug into existing application management tools
• Deliver ThinApp virtual applications asUnidesk layers for automated deployment,version control, and rollback
Benefits
• Simplify Windows 7 migration
• Enable application mobility and easier access
• Minimize the number of OS images managed
• Eliminate application conflicts
• Enable the use of multiple versions of thesame applications
Application Application
Operating System
VOS VOS
Application
sandbox
Application
sandbox
App Files App Files
30
vShield Endpoint Integration
Improve performance and effectiveness of existing endpoint security solutions
Offload AV activity to Security VM (SVM)
Eliminate desktop agents and AV storms
Enable comprehensive desktop VM protection
Centrally manage AV service across VMs with detailed logging of AV activity
Partner Integration through EPSEC API
vShield Endpoint Included with the VMware View 4.5 Premier bundle
VMPersonaAPP
OSKernelBIOS
VMPersonaAPP
OSKernelBIOS
VMPersonaAPP
OSKernelBIOS
SVM
OS
VMware vSphere
AV
Hardened
Introspection
31
Thank You!
Q&A
Please feel free to contact the speakers directly :
• Kipp Bertke, State of Ohio DODD, Kipp.Bertke@dodd.ohio.gov
• Robbert Murray, State of Ohio DODD, Robbert.Murray@dodd.ohio.gov
• Ron Oglesby, Unidesk, roglesby@unidesk.com, Twitter:@RonOglesby
• Matthew Honigford, VMware, mhonigford@vmware.com