VMware VDI: Why a Virtualized Desktop is Better
Virtual Desktop Infrastructure (VDI) first appeared more than 15 years ago as a rudimentary experiment by some VMware customers. The reasoning was simple enough: IT departments were sick and tired of supporting the massive PC sprawl. There was a longing for the days of the clean-room mainframe that ran for years with nary a glitch.
Today, over a decade and a half of virtualization experience has yielded robust and manageable systems to replace that desktop or laptop with basically anything you have handy. Modern virtualization solutions are much more than a single piece of software. VDI solutions are more of a “delivery platform,” comprised of an entire suite that handles the virtual machines on the server, a thin client, network security, along with a host of management and monitoring tools.
VMware Horizon is Reliable
While other VDI implementations have come (and some have gone), VMware’s VDI platform, known as Horizon, still takes top honors for cutting-edge power and usability. The recent trend in VDI has been to transition away from premise-based data centers to the cloud.
Other VDI vendors have been slow on the cloud uptake, however VMware Horizon is at the vanguard, being the first VDI solution to reliably deploy to the cloud.
Training for Horizon can bring you up to speed on all that VDI has to offer. VDI is becoming so pervasive that the VMware Certified Professional 6 – Desktop and Mobility certification requires expertise with Horizon and VDI.
How Virtual Desktop Infrastructure (VDI) Works
The basic concept of VDI is easy enough to digest. A client machine connects to a remote server which provides a full operating system, software, storage and CPU cycles to handle all processing. This client can be just about anything: a purpose-built thin client, an outdated laptop, a web browser, even a mobile device. Who knows? Maybe someday we’ll even have VDI on the Apple Watch.
Under the surface, we need to recognize that there are two classic types of VDI, as well as some new twists on the concept. Persistent VDI is basically what all of us are accustomed to in a desktop environment. We install the software we need, drop icons where they are most useful, and arrange the start menu as we see fit. Each time we log back in, things reappear the way we set them up.
Non-persistent VDI is quite a different animal, but has its own important advantages worth consideration. In non-persistent VDI, all users share a single image which is reloaded every time someone logs in. It’s like getting a brand new clean installation each time you sit down to your PC. This means that user changes are not saved, which, in many situations can be a good thing. Users can go crazy changing whatever they want, then log out, log back in, and everything is back to how it started.
In addition to these two main classifications, we’re beginning to see further diversification in the VDI spectrum. For instance, individual applications can now be virtualized using VMware ThinApp or Citrix Virtual Apps. Both of these implementations allow apps to execute without regard to the desktop or underlying OS. This ensures their operation is more streamlined on mobile or Linux devices, for instance.
VDI Thin Clients Reduce Desktop Support
VDI came into existence primarily to reduce desktop support commitments. Thin clients are easier to manage than full blown PCs, and this can be a lifesaver for large organizations with thousands of desktops and laptops. The use of persistent VDI in large businesses allows for centralized administration of everyone’s computing environment and tight control over the hardware since it’s housed in a data center.
Persistent VDI makes it easy for employees to access what they need, wherever they are, using whatever device they have handy. Remember what we said about shaking up the IT department? For starters, we can throw out the playbook on mobile device management (MDM) and remote desktop access — both are largely obsolete in a VDI world.
As compelling as persistent VDI is for large businesses, organizations with computing labs, such as schools, may choose to utilize non-persistent VDI so that every logon receives a clean slate installation. In addition to being more user-proof than persistent VDI, the non-persistent variation also requires much less storage on the server, as each user accesses a shared image.
While the lure of thin clients holds big promise in most situations, some organizations have found that for their needs VDI doesn’t necessarily reduce IT’s overall footprint. Instead, it redirects IT resources away from desktop support and into the server, data center (or cloud), and network.
Large commitments in these areas are required for any organization that intends to deploy VDI, and some organizations may be better prepared to handle this than others. We also have to consider that software licensing hasn’t fully caught up to VDI usage scenarios, meaning that we need to carefully scan our license agreements before jumping on the VDI bandwagon. But for organizations that have the necessary infrastructure to implement VDI, it can truly be a game changer.
Virtualization Technology as Security Infrastructure
One of the more common use cases we’re seeing for VDI is in the area of confidentiality and security, particularly among military and government sectors. And for good reason. Consider the following:
- The possibility of local data loss or theft is eliminated, as all information is secure in the data center.
- Data is isolated from the possibility of ransomware or other encryption attacks.
- Data is available for backup and mirroring at all times.
- Unlike PC and mobile apps, centralized computing services are never out of view of IT administrators.
- The days of installing a legion of security safeguards on all PC’s, laptops, and mobile devices are over, as the VDI thin client manages most security considerations for us.
The concept is simple. While the data center protects data at rest, network security protects data in motion. The avenues of exploit are greatly reduced, therefore fewer resources need be committed to IT security. In fact, the current regulatory environment often dictates the use of VDI, as there is often no other viable method to achieve compliance, particularly in the healthcare and finance industries.
While all of this sounds amazing, it’s important to remember that client security can’t be completely ignored. For instance, zero day exploits could possibly compromise data while in use. Some would argue that this is a deal-breaker, but most organizations who have embraced VDI have found that their overall security is greatly improved while allowing for far fewer resources devoted to InfoSec.
For all the benefits virtualization provides, it doesn’t mean it’s a one-size-fits all solution. There may be times it simply isn’t a good fit for organizations.
Use VDI to Salvage Outdated Hardware
Organizations with a large but aging investment on the client side may choose to implement VDI rather than replace hundreds of PC’s and laptops. Older machines can be converted to thin clients, running only a rudimentary OS that supports a VDI client such as Horizon View, XenDesktop, or just an HTML5-compliant web browser.
From a hardware support perspective, the hard drive can usually be removed and the OS loaded from a USB stick instead. The system can be tightly locked down against security exploits by using the USB drive as a read-only device. User support is greatly improved as well, as VDI management tools allow support techs to easily see what’s happening with a particular login and help users in real time without the use of potentially insecure remote desktop applications.
There is another twist on the concept of salvaging hardware that many businesses are embracing. Rather than replace or repurpose outdated equipment as thin clients, they simply get rid of their equipment completely. Employers can choose to subsidize part of the cost for employees to bring their own devices, and simply run a VDI client on whatever equipment they choose to use. This completely eliminates the need to support client hardware at all.
The Bottom Line
During VDI’s 15+ years of maturation, most of its soft spots have been exposed and addressed. Today’s virtual desktop platforms have a high degree of refinement and are definitely enterprise ready. While there is some truth to the argument that VDI merely transfers resources from one IT team to another, organizations that are well-positioned for that transition have found that a VDI-based IT department is more effective, efficient, and easier to manage.