Sunday, August 19, 2012

The Deployment of Virtual Device Interfaces (VDI)

Desktop and smart-phone virtualization allows organizations to adopt a centralized approach to the management of the configuration of computing devices to greatly reduce costs. By decoupling the applications as well as data and operating system from devices, and by moving these components into a pooled center a streamlined, secure way to manage distributed devices is feasible. Computing devices can be then centrally managed and desktop customers can realize many benefits.

VDI can manage tens of thousands end-user devices from a centralized administrative interface from where it allows provisioning, conīŦguration management, connection brokering, policy enforcement, performance monitoring and application assignment. VDI increases security and compliance by moving data into a computing center, centrally enforcing endpoint security and streamlining security countermeasures processes. Most important, VDI makes it possible to install security services against “spear-fishing” attacks that otherwise would be undetected.

VDI offers economics advantages. Centralizing the infrastructure makes it less costly for IT staff to provision, maintain and monitor desktop images across their entire life cycle while decreasing support calls and reduce end-user downtime. The Total Cost of Ownership (TCO) of unmanaged computing devices is $5,795/year. The comparable cost for VDI devices is $3,310.  For instance, with the DoD population of more than 3 million devices suggests a potential direct cost reduction opportunity could be one billion dollars/year. When major savings from end-user costs (administration, training, repairs and downtime) are added that would increase the potential gains by $6.5 billion dollars.

For smaller firms the potential savings of $2,500,000/year could be realized for every 1,000 computing devices.

VDI delivers to users experiences across locations and devices over the LAN and WAN in terms of lower latency and much higher uptime reliability. Users can connect to the VDI environment a wide range of devices including desktops, thin or zero clients, and mobile devices. Mobile users can access their VDI desktops even if disconnected from the network provided that they re-synchronize their applications afterwards. A software configuration management console enables IT administrators to centrally administer thousands of VDI desktops from a single image for the management, provisioning and deployment.

VDI is installed on a virtual infrastructure, which includes virtual machine hypervisors and the management center to create and manage the virtual machines. End users open VDI Clients on endpoint devices to log in to their desktops, which are “views” of all virtual machines such as Windows desktops. Users can access their desktops from a variety of endpoint devices where VDI is installed such as Macintosh, Windows, and Linux computers, thin clients, zero clients, iPads, and Android-based tablets.

To install VDI, the following installations are necessary: Cloud network and storage connections; Microsoft active directory and domain controllers and hypervisors. The VDI Connection Server will then authenticate client users through the integrated Windows Active Directory, which connects the users to their virtual desktops. Users can also connect directly to the central desktop. For remote connections, a wide range of security servers will stand as protection between the clients and the internal network.

Each VDI virtual machine desktop has within it: an operating system; a VDI agent; the user profile (“persona”) and installed applications. From the VDI administrator console it is then possible to view all VDI components.

VDI ultimately requires the adoption of a standard protocol so that an organization can operate seamlessly with a single common platform from the desktop to the datacenter. That enables private and public cloud based desktop services across a variety of hybrid cloud services. Proprietary VDI protocols from firms such as IBM, Microsoft, Oracle and VMware offer VDI capabilities, which are, however, in most cases are not interoperable.

Installing the VDI environment could be a complex, multi-step process depending on the options: 1. The VDI host infrastructure must be installed. 2. Set up VDI view agents, inclusive of templates must be integrated. 3. Installing Microsoft Active Directory and Domain Controller services is necessary. 4. VDI composer database and SSL security certificates must be added. 5. VDI connection servers must be loaded to dedicated physical machines. 6. Configuration of VDI transfer software, such as Windows applications must be completed. 7. Desktop pools of hardware need to be set-up. 8. Security services require installation. 9. The entitlement of individuals to their respective desktops must be designated. 10. Network connections are required for customized configurations. 11. Personal profiles must be installed.

If VDI is getting installed into a private cloud that captures a wide range of existing configurations (Windows, Linux, etc.) the conversion will be costly and the payback will take a long time. If the VDI takes place after the migration to thin clients has already taken place, the conversion will be easier.
The adoption of VDI does not necessarily have to be made into a private cloud environment. It could be implemented as a hosted service that already includes VDI as a standard offering.

The current DoD policy to rapidly migrate thousands of diverse and customized configurations offers an enormous challenge. To achieve major cost reductions in short order will require directions from an enterprise architectural level and not from the standpoint of thousands of existing individual programs that will have to be harmonized.


For comments please e-mail