The virtualization of desktops, which shifts manpower costs from onsite support to server farms managed by automated network control centers, offers savings by operating a large number of virtual workloads per blade server. Administrators then can manage standard desktop images on clusters of blade servers to streamline security monitoring, access control and provisioning for every desktop.
Applying a conservative version of the Defense Department TCO model indicates that the five-year cost of 4 million desktops could be reduced from $46.7 billion to $30.8 billion using a gradual implementation schedule.
After five years, the cost of desktops would continue to shrink as devices are replaced by mobile wireless connections and by thin clients. With the addition of desktops from the Reserve forces, the National Guard, the service academies and contractors, additional savings could be realized.
As the control of desktops migrates to a few network control centers, more savings could be realized as existing server farms are consolidated through PaaS cloud operations. There would be, however, large capital expense for more powerful servers so that PaaS migration can proceed simultaneously with desktop virtualization.
Desktop virtualization, the primary cash generator for the next five years, improves business continuity and disaster recovery by activating automatic failover technologies. Such high-level reliability is needed because of the increased dependency of virtual desktops on central servers. This will require at least 99.9999 percent uptime for server clusters. These will have to depend on redundancy and not on hardware reliability to avoid downtime for individual desktops. Consequently, Defense Department PaaS data centers will be able to operate with less reliable, less expensive servers, but be able to achieve uptime by tolerating failures of redundant devices.
Desktop virtualization eliminates planned and unplanned downtime for delivery of high service levels. This is achieved by means of server redundancy and not by buying highly reliable servers. As a result, the current large penalty that ranges anywhere from 50 to 500 hours of email unavailability annually can be eliminated and counted as savings in administrative time. In addition, the load-balancing features of desktop virtualization make it possible to manage the storage capacity, which improves asset utilization.
Desktop virtualization reduces capital and operating system costs because the workload peaks can be dispersed across geographically separate regions while improving the sharing of spare capacity as the department workload migrates across time zones. It reduces the need for most of the local information technology administrative staff, as well as the contractor overhead at hundreds of server farms. It centralizes security management, makes real-time surveillance affordable and speeds up deployment of application upgrades and bug fixes.
The TCO calculations assume that the Microsoft desktop environment will persist for another five years. Upgrading from Windows XP to Windows 7 desktops can be included as a transition method for much cheaper open-source office solutions. Open-source cloud computing allows the department to place its operations with multiple competing vendors.
Added savings from open-source office solutions are large. The increased rate of adoption by personnel of a variety of consumer-grade wireless desktops will steer the department toward the installation of centrally managed PaaS solutions.
Perhaps the most important feature for enabling desktop migration is the ability to encapsulate legacy applications for migration into a standard PaaS setting. Encapsulation isolates applications from their underlying legacy environment, which includes the legacy operating system. Each legacy application can be packaged into a single executable code that runs completely isolated from all other applications and from every separate infrastructure.
With encapsulation application packages can be redeployed simply by moving individual icons that originate from different Windows platforms. Such a move would eliminate costly recoding and testing.
Desktop virtualization breaks the links that individual contractors have traditionally wedged into each application. The department must break up the contractor-controlled versions of operating systems, along with the dependency on unique hardware. Virtualization eliminates the need to manage custom-fitted environments for each end-user device. After desktop virtualization is in place, a network control center can take over and deliver as well as update every legacy desktop and applications in minutes. This lessens the tasks of load balancing, testing, provisioning and supporting applications and desktops.
Desktop virtualization changes the way information security is implemented. Instead of managers installing antivirus and anti-malware solutions on individual personal computers, great improvement in security assurance can be realized by offloading almost all of the protection software and firewalls to centrally managed servers.
When fully implemented on a large scale, the annual TCO cost per seat has been quoted to be as low a $300 per year, based on seven-year depreciation. In this way, mobile Defense Department personnel will be able to connect with their personal desktop from any place in the world, while keeping up consistent security access restrictions.
Desktop virtualization also makes it possible to work offline, such as during airline travel or while on a military mission. Consequently, the virtual desktops offer a seamless and completely scalable user experience far superior to what currently is available.
The department should be able to standardize on similar client computing platforms so that equipment can be re-used instead of being junked when it loses its local utility. When each platform would be tracked with globally traceable radio frequency identification (RFID) tags, the multimillion dollar inventory of computing devices will make is possible to manage more than $28 billion worth of capital assets.
Centrally managed virtualized desktops can extend the management of local physical assets to third-party support contractors. This can include access by public cloud providers to process workloads not requiring compliance with Defense security requirements. This can be done without sacrificing control over security policies or administrative privileges. By using centrally managed oversight support, contractors would have no control over user authorization or user network access.
Virtual desktops are only a part of a greater puzzle of how the department can migrate to its objective operating in a private PaaS cloud. The adoption of virtual desktops can take place only after "commodity" applications such as email, calendars and collaboration methods are reorganized for cloud operations.