1EMC CONFIDENTIAL—INTERNAL USE ONLY Bugs – From Finding to Preventing Jacky Guo.
1EMC CONFIDENTIAL—INTERNAL USE ONLY. 2 End User Computing In The Post PC Era Tom Twyman Sr....
-
Upload
leslie-fletcher -
Category
Documents
-
view
222 -
download
3
Transcript of 1EMC CONFIDENTIAL—INTERNAL USE ONLY. 2 End User Computing In The Post PC Era Tom Twyman Sr....
1EMC CONFIDENTIAL—INTERNAL USE ONLY
2EMC CONFIDENTIAL—INTERNAL USE ONLY
End User Computing In The Post PC Era
Tom TwymanSr. [email protected]
3EMC CONFIDENTIAL—INTERNAL USE ONLY
Agenda
Where Are We?
Keys To Success – People / Process
Keys To Success – Technology
Wrap Up & Next Steps
4EMC CONFIDENTIAL—INTERNAL USE ONLY
Ubiquitous Access
5EMC CONFIDENTIAL—INTERNAL USE ONLY
Recognizing users are working differently
Diverse AccessU.S. Employees Survey 37% use do-it-yourself tech97% carry > 2 devices
Diverse Devices2010 Shipments Tablets + Smartphones > PC2015 shipments1.1B cell phones, 300M tablets
Diverse Apps2015 Mobile App Market: $38B
Sources: Morgan Stanley 2011, Gartner 2011, Forrester 2010, Pew 2011
6EMC CONFIDENTIAL—INTERNAL USE ONLY
Consumer Technology is driving ITApp StoresUsers provision and install their own apps…within app store guidelines & protection
Application UpdatesApplications are updated through the App Store…by the End User, and not IT
7EMC CONFIDENTIAL—INTERNAL USE ONLY
Access to dataUnsecure Unsanctioned File
Access and Sharing
Unsanctioned Access
File Servers
Users are frustrated with their file-sharing experience and are less productive
Leveraging multiple unsanctioned services to meet needs
Internal Users
8EMC CONFIDENTIAL—INTERNAL USE ONLY
Flexible Application Delivery
Deliver just an application
From the cloud
9EMC CONFIDENTIAL—INTERNAL USE ONLY
Where it’s going…
Desktop Service
App Catalog Service
Data ServiceSecure
Universal AccessUsers, Application,
Data Policies
Mobile
Entprs
Win
SaaS
Win
Entprs
Simplify Manage Connect
UniversalServices Broker
10EMC CONFIDENTIAL—INTERNAL USE ONLY
This is dead and gone. Let it go.
11EMC CONFIDENTIAL—INTERNAL USE ONLY
Agenda
Where Are We?
Keys To Success – People / Process– Your Organizaton– Your Users
Keys To Success – Technology
Wrap Up & Next Steps
12EMC CONFIDENTIAL—INTERNAL USE ONLY
Why?
Understand that the WHY is just as important as the HOW
The use cases for transformation are the key to success…base your decisions on what’s good for YOUR organization
This is the hard stuff...
13EMC CONFIDENTIAL—INTERNAL USE ONLY
Kills projects before they start
Kills projects after they start
You will need executive sponsorship
But your users are asking for it!
Keeps everyone focused on the prize
Go in with the right expectations…There is NO CAPEX SAVINGS!
You can’t build it like “regular” VMs
Focus on end-user experience
The experience WILL CHANGE!
Bottom-up approach won’t work…
14EMC CONFIDENTIAL—INTERNAL USE ONLY
All in good time…
Avoid the Traps….Thin Clients
$$$$Other Toys
It’s all academic - until…The Great Protocol Debate
Don’t just kick the tires…The Proof of Concept
This is not your father’s vm…Choice of Disk
15EMC CONFIDENTIAL—INTERNAL USE ONLY
What’s driving VDI Adoption? Executive Order
Windows 7 migrations
Security and compliance challenges
Consumerization of IT
Consolidation of desktop management
Flexible Workforce
Reduction in support personnel
Work-from-Home and Telecommuting Initiatives
Disaster Recovery and Business Continuity
16EMC CONFIDENTIAL—INTERNAL USE ONLY
3
• How can we simplify desktop management?
• How can we standardize desktop images?
• How quickly can we move to Windows 7?
• How do we extend the hardware lifecycle?
• Do we let users bring in their own devices?
• How do we make our mobile workforce more productive?
Why are WE Moving to VDI? Desktop management complexity• Backup for 47,000+ desktop devices
• Ensure security patching compliance
• Thousands of user-installed applications create performance and compatibility issues
Old desktops and OS• Average PC is 3-4 years old & under-
powered
• Windows XP is in extended support
• Annual cost of refresh > $20M
Poor user experience• No choice of platform
• Limited ability to provide “anywhere, anytime” universal access
1
2
17EMC CONFIDENTIAL—INTERNAL USE ONLY
The 5 W’s
Who? What? When Where? Why?
Understand your use cases– Who is getting which application?– From Where?– When?– On which Devices? ? ??
?
?
18EMC CONFIDENTIAL—INTERNAL USE ONLY
Developing the Solution
Use Case(s)
Application Mapping
Policy / Governance
Capability Requirements
Solution Stack:- Broker- App delivery / presentation- Protocol Choices- Stateful / stateless- Et cetera…
19EMC CONFIDENTIAL—INTERNAL USE ONLY
Agenda
Where Are We?
Keys To Success – People / Process
Keys To Success – Technology– Deconstructing the Desktop– Infrastructure– Operations
Wrap Up & Next Steps
20EMC CONFIDENTIAL—INTERNAL USE ONLY
Deconstruct the Desktop
Let your app(s) dictate image strategy
The best image is one that’s empty– Virtualize everything possible– Use the Network for user data and application settings
User Data
Operating System
Applications
21EMC CONFIDENTIAL—INTERNAL USE ONLY
User Data
“Conscious” and “subconscious”
User Data– Re-directed folders, home shares– Enterprise Data Portals (DKO/AKO)
Persona management– R0@m1ng Pr0f1le$! (bad word)– VDI integrated and third party solutions
22EMC CONFIDENTIAL—INTERNAL USE ONLY
Infrastructure
Compute
Network
Storage
23EMC CONFIDENTIAL—INTERNAL USE ONLY
Compute best practices
Go back to Assessment
Determine Usage Matrix, characteristics
Desktop to Core ratios
Cluster HA considerations
Memory is king
24EMC CONFIDENTIAL—INTERNAL USE ONLY
Network Considerations
Latency = The Enemy
Bandwidth
Display Protocol considerations
Security (VLANS, ACLs)
Continuity and Recovery
25EMC CONFIDENTIAL—INTERNAL USE ONLY
The Storage Dilemma
• Most people think of storage in terms of capacity
• You need to think of storage in terms of performance
• Size doesn’t matter… as much
• Do it right the first time
• Virtual desktop performance should be as good or better than a physical PC
26EMC CONFIDENTIAL—INTERNAL USE ONLY
Consider Delivery Type• Thick, persistent desktops
• Consume same space as physical
• Easier to size, mostly based on capacity
• Thin, non-persistent desktops
• Based on common image
• Massive space savings = consolidated IO
• Harder to size, based on performance
• Use the right drives in the right place
• Mega cache for reads… and WRITES
27EMC CONFIDENTIAL—INTERNAL USE ONLY
IO Profiles• Reads AND Writes?
• What is the average desktop Read/Write IO profile?
• 20% Reads, 80% Writes
• Cache considerations should include writes
28EMC CONFIDENTIAL—INTERNAL USE ONLY
Read IOPS
• Technologies help with read IOPS
• Array based cache• RAM based, SSD Based
• Host based cache• PCIe, Hypervisor caching
• Storage tiering• Master image on SSD
29EMC CONFIDENTIAL—INTERNAL USE ONLY
Write IOPS
• Handling write IOPS is trickier
• In general you need to build out the number of spindles to support write IOPS
• Don’t forget the RAID type caveat
• SSD writes are slower than reads but still fast
• Sizing for write IOPS is probably the most critical area
30EMC CONFIDENTIAL—INTERNAL USE ONLY
Solving the storage barriersBalancing COST and PERFORMANCE
• What governs $/client and user experience?▪Handling more IOPS with less LATENCY
• How do we solve that?▪Intelligent Mix of Dynamic Tiering and Drive Types
31EMC CONFIDENTIAL—INTERNAL USE ONLY
NL-SAS/SATA
SAS
Solid StateFlash drives
Tiered StorageFully Automated Storage Tiering (FAST)
Intelligently migrate chunks data between multiple tiers of disk
Keep “Hot” data on the best performing storage, “Cold” data on the most cost effective storage
32EMC CONFIDENTIAL—INTERNAL USE ONLY
Dynamic Read & Write Caching• FAST Cache enables you to architect for the
NORM…not the PEAK
• Lower the cost of the infrastructure without decreasing the performance or user experience
• Leverages EFD (Enterprise Flash Drives) to act as a “Cache” for READ and WRITE activity
• Accommodate VDI Performance AND Capacity Requirements
33EMC CONFIDENTIAL—INTERNAL USE ONLY
Operations
Don’t drag your current process forward
Integration begets:– Simplicity– Transparency– Efficiency
34EMC CONFIDENTIAL—INTERNAL USE ONLY
Cloud InfrastructureVMware vSphere
Vmax | VNX | Isilon Cisco | HP | IBM | DellCisco | Brocade | Juniper
Backup / RecoveryCloud Storage
Archive / Rich MediaMulti-Site Cloud TechnologiesAvamar | Networker | DataDomain | DPA AtmosRecoverPoint | SRDF | Vplex
35EMC CONFIDENTIAL—INTERNAL USE ONLY
“Where Does Integration Happen?”
FCFCoEiSCSIArray APIs/Mgmt
vCenter
VAAI SCSI cmds
ESX Storage Stack
Datamover
Vendor-specific vCenter Plug-In
View VMware-to-Storage relationshipsProvision datastores more easily
Leverage array features (compress/dedupe, file/filesystem/LUN snapshots)
VI Client VM
Storage Array
VMFS NFS
NFSclient
Network Stack
VMware LVM
HBA Drivers
VSS via VMware Tools Snap request
SvMotion requestVM provisioning cmdTurn thin prov on/off
Standards-based VAAI SCSI command support
vStorage API for Multi- pathingNMP
NFS
NIC Drivers
vStorage API for Data Protection (VADP)
Vendor Specific vStorage API for
SRM
SRM
VM object Awareness
in array
Co-op
Co-op
Vendor-specific VAAI NFS operation support
VASA Module
NFS VAAI Module
iSCSI/FCoE SW Vendor-specific VAAI block module
36EMC CONFIDENTIAL—INTERNAL USE ONLY
Integration Delivers Management Simplicity
VAAI OFFLOAD
10XENABLES UP TO
FASTER PROVISIONINGMORE VMs
LESS NETWORK LOADLESS HOST LOAD
FASTER REPLICATION
EMC VSI Makes vCenter“EMC Array Aware”
EMC Arrays Natively Are“VM-aware”
STORAGE TO VM VM TO STORAGE
MANAGE END-TO-END
37EMC CONFIDENTIAL—INTERNAL USE ONLY
EMC PowerPath
Monitoring and Management
EMCPowerPathMultipathing
Data EncryptionPowerPath Migration Enabler Virtualization
Nondisruptive array migrations
SAN
Hypervisor
PowerPath
SERVICECONSOLE
HBA HBA HBA HBA
SAN
38EMC CONFIDENTIAL—INTERNAL USE ONLY
EMC vSphere Integrations.Better Infrastructure Efficiency.
Easier Storage Management.
Stronger Security.
Better Deployments.
Greater Expertise.
39EMC CONFIDENTIAL—INTERNAL USE ONLY
Datacenter Management
Cloud Infrastructure
Self Service Consumption Multi-Tenancy and Chargeback
Service Catalog
VMware vSphere
Vmax | VNX | Isilon Cisco | HP | IBM | DellCisco | Brocade | JuniperUnified Infrastructure Manager
Vblock
Backup / RecoveryCloud Storage
Archive / Rich MediaMulti-Site Cloud TechnologiesAvamar | Networker | DataDomain | DPA AtmosRecoverPoint | SRDF | Vplex
Datacenter Automation Layer
Federated CMDB
Portal
Monitoring / Alerting
40EMC CONFIDENTIAL—INTERNAL USE ONLY
Open APIs
The Cloud Management StackAutomation / Orchestration
Store
Network
Compute
Virtualization
Orchestration
Service Catalog
Portal
EMCUIM
vCloud Director
Tidal
newScale
AtriumOrchestrator
Service RequestManagement
myServices
vOrchestrator
vServiceManager
CA ProcessOrchestration
CA ServiceCatalog
Open A
PIs
Array Element Mgr
Net Element Mgr
Comp Element Mgr
Virt Element Mgr
VMware Cisco BMCCA
IT Orchestrator
EMC
41EMC CONFIDENTIAL—INTERNAL USE ONLY
Open APIs
vC
ente
r Opera
tions S
uite
Open APIs
The Cloud Management StackService Assurance and Compliance
Store
Network
Compute
Virtualization
Orchestration
Service Catalog
Portal
EMCUIM
vCloud Director
Tidal
newScale
vOrchestrator
vServiceManager
Open A
PIs
Array Element Mgr
Net Element Mgr
Comp Element Mgr
Virt Element Mgr
VMware Cisco
IT Orchestrator
EMC
vC
ente
r Opera
tion
s
vC
ente
r Capacity
IQ
vC
ente
r Con
fig M
gr
vC
ente
r Charg
eback
SC
A
Auto
Perf G
rapher
NC
M
vFa
bric
IT O
pera
tions In
tellig
en
ce
Watch
4N
et
42EMC CONFIDENTIAL—INTERNAL USE ONLY
Cloud Infrastructure
Multi-Tenancy and Chargeback
Service Catalog
VMware vSphere
Vmax | VNX | Isilon Cisco | HP | IBM | DellCisco | Brocade | JuniperUnified Infrastructure Manager
Vblock
vShieldEdge
vCloud Director
Backup / RecoveryCloud Storage
Archive / Rich MediaMulti-Site Cloud TechnologiesAvamar | Networker | DataDomain | DPA AtmosRecoverPoint | SRDF | Vplex
vCenterChargeback
vCloudAPI
vCloud Service Manager
vCenterOrchestrator
vCloudConnector
Cloud Application Platform
vFabricSpring Cloud Foundry
End User Computing
View ThinApp Zimbra MozyProject Horizon
Legacy Apps
SAPMS Oracle
Data Analytics
HadoopGreenplum
43EMC CONFIDENTIAL—INTERNAL USE ONLY
EMC Consulting
EMC Education
Cloud InfrastructureVMware vSphere
Unified Infrastructure Manager
vShieldEdge
vCloud Director
Avamar | Networker | DataDomain | DPA AtmosRecoverPoint | SRDF | Vplex
vCenterChargeback
vCloud Service Manager
vCenterOrchestrator
vCloudConnector
Cloud Application PlatformvFabricSpring Cloud
Foundry
End User Computing
View ThinApp Zimbra MozyProject Horizon
Legacy AppsSAPMS Oracle
Data AnalyticsHadoopGreen
plum
vCloudAPI
Vblock
44EMC CONFIDENTIAL—INTERNAL USE ONLY
The Build your Own Cloud Model
45EMC CONFIDENTIAL—INTERNAL USE ONLY
The Converged ModelHypervisor to Storage in One single supported unit
46EMC CONFIDENTIAL—INTERNAL USE ONLY
Vblock Fastpath desktop virtualization platform
Enterprise-class,1000s of Users Price TransparencyAutomation Facilitates
Rapid DeploymentSupport: Simple,
Seamless, Smart
47EMC CONFIDENTIAL—INTERNAL USE ONLY
Data
How do we protect the company?
How do we protect the data?
How do we protect the solution?
48EMC CONFIDENTIAL—INTERNAL USE ONLY
De-duplicate data within and across VM files
Change-block tracking minimizes recovery time
File level recovery from image backup
Replication provides DR for backed up VMs
Resource Pool
VMware Virtualization Layer
x86 Architecture
Physical server
Virtual Machines
SANstorag
e
Avamarserver
Mount
= Avamar Software AgentPhysical Server
CPU USAGE NETWORK USAGE DISK USAGE
VMware Virtualization Layer
x86 Architecture
Resource Pool
Image-Level Backup
VM Guest OS Backup
= Avamar Software Agent
Protecting your data with EMC Avamar
49EMC CONFIDENTIAL—INTERNAL USE ONLY
Disaster RecoveryIm
age RecoveryFile
Rec
over
y
Simple
Automated
Application Integrated
Customer Recovery Challenges
50EMC CONFIDENTIAL—INTERNAL USE ONLY
ALWAYSON DESKTOP Logical Diagram
• Shared Applications
• Workload Generators
User authenticates and connects to Site ASite A Fails
XUsers' Session Drops/Fails
User is automatically connected to Site B
User re-authenticates
51EMC CONFIDENTIAL—INTERNAL USE ONLY
The “Oh No” Moment
(1) http://www.thesun.co.uk/sol/homepage/news/3637704/Missing-Laptop-with-86million-medical-records.html
“The computer vanished from an NHS building in the biggest-ever
security breach of its kind. […] A LAPTOP holding the medical
records of eight MILLION patients has gone missing. […] The
unencrypted laptop contains sensitive details of 8.63 million people
plus records of 18 million hospital visits, operations and
procedures.” (1)
NHS
52EMC CONFIDENTIAL—INTERNAL USE ONLY
Some Threats Mitigated, but others remain…Threats Solved with VDI?
Traditional Deployments?
Threat: Asset Identification(where are desktops?)
Threat: Real-time association of User to Desktop (visibility)
Threat: Lack of IT controls on Employee owned devices
Threat: User Data Privacy & Encryption (e.g. compliance & removable devices)
Threat: Provisioning Vulnerable Desktops
Threat: Desktop Configuration Compliance
Threat: Desktops as Servers
Integration of Endpoint to Security Ops Monitoring
?
?
??
?
53EMC CONFIDENTIAL—INTERNAL USE ONLY
Maintaining Security and Compliance
Clients
VMware Infrastructure
VMwarevCenter
Active Directory
RSA Archer Compliance Dashboard
RSA SecurID/CAC for remote
authentication
RSA SecurIDfor ESX Service
Console and vMA
RSA enVision log mgmt for:• VMware vCenter & ESX(i)• VMware View• RSA SecurID• RSA DLP• Active Directory
RSA DLP for protection of data
in use
54EMC CONFIDENTIAL—INTERNAL USE ONLY
Know Thy Users
Know Thy App
What Should you take Away?
How will you deliver?
What are your use cases?
Great Courage = Great Results!
Be bold! Embrace the change!
Know Thy DataHow Best to Protect the Data?
Know Thy StackRequirements Should Drive Technology
Know Thy SelfGo in with the right expectations…
55EMC CONFIDENTIAL—INTERNAL USE ONLY
Thank You!
Q & A
Next Steps
Wrap Up