Desktop virtualisation is the latest in a long line of terms used to describe what began as “terminal emulation” on early PCs. The basic idea is that a relatively under-performing small computer can be used to access a complete applications environment, which is actually running as a discrete session on a large system in a centralised location. This can result in lower costs, greater efficiency, improved manageability and improved security – since everything is really operating at the central location, and client systems don’t require much processing power at all. In some cases, for example, the client might actually be a mobile phone or a PDA. Of course, the technology has evolved considerably since those early days, and there now exists a wide variation under this rubric. It is being noticed again through virtualisation features being included in the new Vista operating system and, at the hardware level, with Intel’s new VPro technology. However, most of the basic features and possibilities have been available for some time. Windows has had various forms of desktop sharing, and basic Linux capabilities include multiple desktops on a single machine, to instantly change the individual working environment. As well, there is VNC an open source client server desktop system somewhat like Microsoft Remote Desktop Sharing, only slightly more flexible (particularly in heterogeneous environments). Desktop virtualisation provides a way to cut costs and improve security and manageability through centralisation. It can also permit added flexibility for remote access situations, including use of PDAs to operate complete desktop environments; splitting workloads between dedicated workstations, and the like. It can also be used to quickly install new operating systems, a factor which has become more important with the Vista rollout. IBM is an advocate of virtualisation as a means of addressing the manageability and flexibility issues surrounding our increasingly complex IT infrastructures. “Desktop virtualisation, at its simplest, permits separation of the users' desktop IO peripherals (screen, keyboard, mouse, etc) from the processing power used to drive them,” says Gary Elmes, IBM’s marketing manager for hardware and software brands. It can: • Allow the processing power to be centralised, to ease system management. • Allow resources to be shared. This can help to reduce costs quite significantly. • Enhance user mobility. Users can access "their" desktop from a wide range of physical devices from any location where network access to the data-centre can be established. • Aid flexibility. Provisioning a new user, for example, can be completed in a matter of minutes, rather than hours or days. “We encourage our clients to think in terms of "virtualise everything", and we are one of the few vendors capable of helping organisations to realise that approach across their infrastructure," Elmes says. Virtualisation is a starting point for infrastructure design philosophy, and the question of how best to virtualise specific parts of the infrastructure – servers, storage, desktops, etc – becomes subservient to the overall philosophy.” IBM is a strategic partner with all the main players in desktop virtualisation, including VMware, Citrix, and ClearCube. It provides the server hardware and system management software required to build a complete solution. IBM also provides design, implementation and support services for desktop virtualisation. “Desktop virtualisation has been around for at least 15 years,” says Elmes. “From a technology point of view, current changes are evolutionary rather than revolutionary. The main players are all refining their offerings to make them increasingly relevant to a larger segment of the market. Within the marketplace, though, two competing forces are at work. On the one hand, virtualisation generally has reached ‘critical mass’ over the last year or so and is now becoming mainstream, where previously it was limited to early adopters. On the other hand, alternative paradigms such as portals and web-based applications are also beginning to offer similar and competing value propositions. (IBM Workplace is probably the most complete implementation of this alternative approach.) Right now, it's not clear how these alternative paradigms will play out in the market. One thing that is clear, though, is that the traditional fat-client approach is very much under threat.” “Virtualisation cuts desktop sprawl, and allows a more secure connection to applications,” says Philip de Greve, senior technical specialist for Unisys. He says desktop virtualisation is seen as including three types of technology: • Desktop virtualisation for multiple desktops on a workstations (such as using Microsoft’s Virtual Desktop Manager Powertoy). • Running a virtual machine inside a host operating system on the workstation and accessing its desktop from a client. • Using virtual machines running on a server, with remote access to those desktops “For resellers, the opportunity lies in consolidation. For developers, desktop virtualisation is a huge asset," de Greve says. "It becomes possible to run a workstation and make changes to code, then immediately revert the workstation to a previous state. Desktop virtualisation also allows enterprises and SMBs to just provision basic machines for the workstation. By simply providing access to a virtual machine, they can have a personal desktop up and running immediately." Intel has a built virtualisation technology into its Core 2 Duo desktop processors and has shipped millions of virtual-ready clients. The new built in virtualisation technology requires a computer system with an enabled Intel processor, BIOS, virtual machine monitor (VMM) and, for some uses, certain platform software enabled for it. Functionality, performance or other benefits vary depending on hardware and software configurations and may require a BIOS update. “Virtualisation was originally introduced to run multiple sessions of an operating system, but the new desktop virtualisation models are solving other challenges in managing an enterprise client fleet,” says Sean Casey, Intel business development manager. “On the desktop, IT managers can create a virtual ‘service/management’ that runs independently of the user application area. The IT manager can then control the virtual desktop partition as a superuser behind the scene to the end customers. “A new area for desktop virtualisation is a SW or embedded firewall. A virtual "security" appliance can be loaded onto the desktop as a virtual partition intend of in the application area, reducing the foreground applications visible to the user. “ Intel sees virtualisation as an integral part of its technology roadmap and will continue to develop VT technologies. Future platforms will begin to look beyond the processor toward I/O system virtualisation. “Client software is available today,” says Casey “but the software market and solutions will continue to develop over time. For enterprise fleets, IT managers need to look ahead and start planning hardware for the software technology capabilities they would like to be able to deploy one to two years out. “ “We do ‘access infrastructure,’ says Adam Jaques, manager of advanced products, and strategic services for Citrix. “Desktop virtualisation is a currently a hot topic…what it is, how it works, and what it means. Desktop virtualisation is important for different reasons to different people. Users rely on desktops to get work done; the enterprise wants to improve user functionality; but IT is more interested in managing the desktop and providing security.” Citrix has a dynamic desktop virtualisation strategy, providing different users with different types of desktops. • Simple and fast (using the standard Citrix presentation server). • Personal and versatile – where the user needs a bells and whistles operating system, and is provided access to a virtual machine. The Citrix product does management and control at the back-end, and servicing at front end, giving the user access from anywhere. • High performance and powerful – users have dedicated machine in data centre. “We just released Desktop Broker for Presentation Server,” says Jaques. “This is the first production ready release, as an add-on for Presentation Server. It controls virtual machines and remote desktops. Within the year, a new product called “Project Trinity will” be released to gel the three types of desktop together.” Citrix has provided "published desktops " for some time, with each user logging into the server and getting a slice. “We have been doing this for 16 years,” says Jaques. “However, this form of virtualisation is not for everyone. Some require much more flexibility, such as those described as levels two and three. We have a set of products to enable a mixture of published desktops and instances of full desktops to which the user will be able to get access.” Key components of a desktop virtualisation environment are a hosting setup, which may be done through virtual machine products such as VMware, or Microsoft; or through the physical hardware itself. Next is access and management. This includes determining what virtual machines are running in the data centre, who can use them, what's available and so forth. This is the Citrix side. The Citrix side is also responsible for securing the connection between the client device and the VPN. Finally, there is the client device – which may be anything that can run an ICA (Citrix protocol) client. The other major part is the network. “There is an immediate importance to desktop virtualisation,” says Jaques. “Using Citrix and desktop virtualisation can aid in migration to the new Vista Operating System. Everything can be loaded and managed at a central location. This should be considered by resellers when they are looking at establishing the new environment.” Symantec views desktop virtualisation from a security point of view, particularly as an enabler of backup and recovery. Symantec offers virtual security solutions and virtual recovery solutions. Its virtual security solution installs an appliance in the new Intel platform, providing various levels of security in various applications. For example, it becomes possible to isolate the operating system from a security point of view to make it tamper resistant. A desktop virtual security solution permits containment and isolation of a threat on a desktop. “From an enterprise point of view, Symantec sees desktop virtualisation as bringing everything together to one central point of control and giving administration the advantage of using one set of tools across enterprise,” says Paul Lancaster, systems engineer for Symantec. “This allows managers to be more responsive in delivering services to the business and leveraging IT investments.”
Stories by Brian J Dooley
Spotlight on projectors
Digital convergence is not only a case of familiar devices coming together — the stereo, television, radio, DVD or VCR, electronic gaming system, PC and phone. But it is coming to the point where they can all talk to each other and to the outside world over a single line or wireless connection.