The devilish details of desktop virtualisation
- 28 September, 2008 22:00
Faced with a massive PC refresh at a price tag of US$1.8 million, Jack Wilson instead rolled the dice on virtual desktops three years ago. The enterprise architect at Amerisure Insurance didn't just dabble in the nascent technology, he enacted a sweeping change, replacing all 800 PCs with Wyse thin clients and a server infrastructure that hosts 800 Windows workspaces -- a feat that took eight months and, critically, struck at the heart of worker productivity in a services-dependent industry.
Wilson had to rethink his entire infrastructure, from servers and storage to the network and its points of potential failure. He had to convince employees to give up their powerful PCs and embrace thin clients. And he had to deliver a solid return on investment to his bosses. Essentially, Wilson gambled that desktop virtualisation wasn't just a fad but the future.
Today, Wilson basks in the limelight of success. "I've been in IT for 30-plus years and had a lot of really great ideas, but none of them actually worked out as well as I had thought," Wilson says. Desktop virtualisation "is the only thing I've done that has exceeded my expectations."
Bold companies such as Amerisure have embarked on the desktop virtualisation journey, navigating uncharted waters and steamrolling toward a fuzzy future. Yet most are reaping the cool benefits of the technology today. Amerisure, for instance, expects to save a few million by avoiding next year's traditional PC refresh cycle as well as one in 2012.
The virtualisation buzz
The term "desktop virtualisation" generally refers to centralising desktop applications inside a datacenter. These applications can be hosted on a traditional server farm and delivered to remote users via Citrix or Windows terminal services, or in the case of VDI (virtual desktop infrastructure), they can be run in Windows virtual machines on a VMware server. End-users simply launch a browser on a thin client -- or any PC, for that matter -- and access their desktops over the network. Regardless of how you centralise the desktops, the essential benefits remain the same: Virtual desktops are easier to manage, provision, and secure than PCs.
On the dollar-savings front, Forrester Research estimates that desktop virtualisation costs around $860 per user (plus any required network upgrades) to deploy, which is less than the cost of a PC. Amerisure reaped not only these PC savings but additional benefits as well. Help-desk calls, for instance, have decreased by 80 percent because thin clients rarely run into trouble. The cost of rolling out a new desktop operating system, such as Vista, is cheap with virtual desktops but a major hit on the balance sheet with PCs.
Another bonus: Wilson no longer frets about virus-laden PCs infecting his network or hackers stealing data from PCs. "I'm not worried about catching something off a laptop because I'm just borrowing the laptop's screen and keyboard," he explains. "In a traditional VPN model, it would be a problem because you would be connected to my network."
Companies are drawn to desktop virtualisation for a variety reasons. Lifetime Products, a manufacturer of polyurethane tables, sheds, and basketball hoops, chose desktop virtualisation for its inherent data protection aspects. Desktop virtualisation ensures that all of Lifetime's product-design data and other intellectual property remain safely locked inside its datacenter in Utah, even though engineers scattered here and abroad work daily on new designs.
Last year, Natixis Capital Markets virtualised workstations for 30 employees (out of 400) to give them server-level reliability and horsepower. Natixis deploys virtual instances of desktops on servers inside its datacenter for its army of traders. "If some traders ran apps locally on their workstations, then they wouldn't be able to do anything else on them," says Drew Hiltz, CTO of Natixis in the United States.
Slow from the starting gate
Despite all the buzz around desktop virtualisation, there are signs of tepid adoption. In a recent survey, only one out of four respondents was using desktop virtualisation; one in five said it would be a year to three years before they'd deploy the technology; and 37 percent said they weren't interested at all.
Why all the hand-wringing? The fact is, desktop virtualisation has a few technical blind spots that it still needs to cover. Graphics and streaming video don't work well on a virtual desktop without significant (and costly) network upgrades. "If you have high-graphic apps, this is going to be a kludgy environment to work in," Wilson says.
Certain applications also don't run smoothly on a virtual desktop, while some software licensing even forbids their use. "There are vendors selling applications who still want to resist," says Hiltz. "Vendors play with licensing models to squeeze more dollars out of you. I can't run Bloomberg on a virtual desktop based on the language of the licensing, even though technically I could."
Both Hiltz and Wilson worry that virtual desktop users will drain datacenter resources. Part of the problem is that users feel resources are unlimited in the virtual desktop model. Another issue is that management tools are not yet up to par, in terms of controlling CPU and memory usage for every employee. "I'd like to be able to throttle a user down," says Wilson. "While vendors say they have this ability, that's not really true yet."
Desktop virtualisation adopters say these concerns aren't even the toughest hurdles when deploying the technology. They point to the need for massive infrastructure upgrades that wreak havoc on ROI, resistance from managers who are wary of hitching workers' productivity to a live Internet connection, and pushback from end-users who don't want to lose control of their workspaces.
Sweeping infrastructure upgrades
Wilson's infrastructure upgrades included a retooling of his network's points of failure. He used to have two T1 lines at every location, yet twice a year, AT&T would go dark and take out both of them. This wouldn't work in a virtual desktop environment, where "our base assumption is that you will always be connected," Wilson says. "Generally speaking, if you aren't connected, there's very little you can do anyway. Maybe you can write a Word document or work on an Excel spreadsheet, but even then you'll likely need to connect to a file server."
And so Wilson replaced a dedicated T1 line with cable or DSL (depending on the location) and added a Cisco router. Now he says he has three levels of redundancy on different technologies. Also, Wilson added 10 quad-core Dell servers running Citrix XenApp (formerly Presentation Server).
Lifetime installed a powerful MPLS (multiprotocol label switching) mesh network to accommodate the fast transfer of images its engineers needed to work on over thin clients. "Since virtual desktops are mostly used for WAN applications, make sure that your bandwidth and, more importantly, your latency are as low as possible," advises John Bowden, CIO at Lifetime.
Fast storage is another important factor for reducing latency. Fortunately for Natixis, the company had just bought high-end storage from EMC for its SAN. "Reliable, fast storage is key," says Florent Soland, manager of Windows services and virtualisation at Natixis. "If you don't have it, it's going to take a lot more time to provision a workstation, and the end-user performance will be very bad."
Infrastructure upgrades throw a monkey wrench into the ROI that desktop virtualisation was sold on. Add up the expense of new SAN storage, servers, virtualisation software, a connection broker, and thin clients, among other costs, says Soland, "and it's more expensive to roll out 100 workstations in a virtual desktop infrastructure than 100 desktop workstations today -- we're still not there yet."
Au contraire, says Wilson. The reason ROI suffers, he says, is that most companies transition only a part of their workforce to virtual desktops. Indeed, Natixis plans to move 80 percent of its workforce to virtual desktops over the next couple of years. Lifetime's target is only 20 percent. This means they must support two computing models, contends Wilson.
"If you do this piecemeal, then you're only adding another layer and making the stack deeper and more complex," Wilson says. "The key is to deploy this strategically across the board." (To be fair, Natixis cites desktop virtualisation concerns, such as licensing and apps that don't work well on virtual desktops, as barriers to a wholesale transition.)
My workspace, your server
Everyone agrees, though, that getting end-users to embrace virtual desktops is the greatest hurdle fronting the technology -- that is, removing the "personal" out of the PC in the employee mindset. In fact, when Soland first brought the concept of desktop virtualisation to his boss, Hiltz's initial fear was that users would balk. After all, angry employees and productivity loss are death knells for any technology.
Soland solved this problem by making Hiltz a beta user. Soon Hiltz realised that a virtual desktop looked and acted the same as his old PC, except that he couldn't put a picture of his children on the screen's background. Natixis traders also liked the virtual desktops because they suddenly had more processing power. Moreover, Natixis didn't replace their powerful workstations with thin clients -- traders could still work offline using applications running locally. "We didn't use thin clients," says Hiltz. "A thin client without a network connection is a boat anchor."
It's important that end-users feel like they are getting something out of the deal, says Wilson. That's why he gave employees 19-inch monitors, the largest screens available at the time. And he touted desktop virtualisation's biggest end-user benefit: the ability to work anywhere. Now Amerisure employees can work from home a couple of days a week.
Still, many people view laptops as a tether to their personal lives -- not just for work -- and shun the locked-down, thin-client world order. But Wilson sees desktop virtualisation as an enabler for them. "I can see a day within the next three to five years when I will hire someone, and he'll say, 'I don't want you to supply me with anything; I just want to connect my MacBook to your environment,'" Wilson says. "Our environment will totally do that, and it'll lower my costs even further because I won't have to provide him with a thin client."
Road bump ahead?
Infrastructure upgrades and cultural acceptance are two game-killing guns leveled at desktop virtualisation. But there are other technical wrinkles that still need to be ironed out, says Doug Dineley, InfoWorld Test Center executive editor. There's no question that the environment serves up a host of benefits, such as better security, he says, but the jury is out when it comes to potentially hampering worker productivity.
Dineley feels that end-users will need a way to work offline on a virtual desktop -- a way to check out a virtual machine and work on files without a network connection, a la Google Gears. "As we get further along, I suspect we'll start hearing some horror stories," Dineley says, "like unintentional denials of service that bring the blood of users to a boil."