VDI Infrastructure: Citrix vs. VMware
Whether you're a CIO performing a cost-benefit analysis or a systems engineer looking at switching to another platform, deciphering the differences between solutions is often challenging. In the VDI space, this can be quite cumbersome.
Often, marketing teams change solution names as soon as the market gets acquainted with the previous name. Add to that new features being introduced semi-annually and quickly; you see the VDI market experiencing a high rate of change.
To assist with this challenge, I'll guide you through the basic infrastructure components of VMware and Citrix's VDI solutions and discuss how they compare.
Architectural Core Components
Regardless of whichever solution is discussed, the VDI space typically requires five base components:
A hypervisor that allows access to the benefits of virtualization
A brokering service to delegate the available resources to the end user
A provisioning technology to scale the environment by copying an existing machine's setup
A web-front end to provide authentication and access to the resources
An external gateway to ensure secure external access to the internal resources
Each vendor's product is a little different, but they accomplish the same goals functionally. Collectively, these five components integrate to provide a solution whose end goal is to provide access anywhere, anytime, on any device. That's the entire VDI pitch in five words.
Terminology to Know
We'll want to start with establishing some terminology for synonyms often used in the VDI space. Let's get the product name cleared up, as both have undergone a renaming in the past few years. What was previously known as VMware View was changed to VMware Horizon View and is now labeled VMware Horizon.
Similarly, Citrix XenApp and XenDesktop have been redubbed Citrix Virtual Apps and Desktops. Version numbers are normally included at the end of these naming conventions, with VMware following a typical numbering pattern (e.g., 7.11) and Citrix following Microsoft's lead with the concatenated year-month model (e.g., 1912).
Consider the chart below your pre-appendix for any comparable terms and use it as a reference as we continue.
Feature | Citrix | VMware |
Broker Service | Delivery Controller | Connection Server |
Provisioning Tech | Machine Creation Services | Linked Clone |
Web-Front End | Storefront | Connection Server |
Gateway | NetScaler Gateway | Security Server or Universal Access Gateway |
Administration Console | Citrix Studio | View Admin Console |
Base Images | Master Images | Replicas |
Group of Machines | Machine Catalogs | Pools |
Group of Publishing Servers | Delivery Groups | Application Pools |
Machine Types | Random Non-Persistent Static Non-Persistent Static Persistent | Floating DedicatedDedicated |
Assigning Users | Assignments | Entitlements |
Citrix Virtual Apps and Desktops
Hypervisor
Citrix's documentation touts an impressive list of compatible hosting solutions. This list includes Citrix Hypervisor (formerly XenServer), VMware vSphere, Microsoft Hyper-V, and the up-and-coming Nutanix Acropolis for on-premise deployments. In the realm of cloud competitors, Citrix supports the two big 800-pound gorillas in the market: Amazon AWS and Microsoft Azure.
Brokering Service
The brokering service for Citrix comes in the form of the Delivery Controller. The Delivery Controller is responsible for:
Communication with the hypervisor to create and update machines
Communication with the database to store and retrieve assignments and entitlements of resources
Communication with the downstream servers to ensure the availability of the resources
Administrators interact with the Delivery Controller through either (1) Citrix Studio (a GUI-based console) or (2) Citrix Powershell SDKs. This is where roughly 80 percent of a Citrix administrator's time is spent.
Provisioning Technology
Citrix's long-standing provisioning technology is called provisioning services, more commonly called PVS. PVS is a solution that provides great scalability by enabling virtual machines created on the hypervisor to network boot via a separately installed Citrix Provisioning Server that streams the requested boot image across the wire.
To give an example of how this may be beneficial, consider that a machine could essentially boot without any disk attached and store all its changes in cached memory, effectively consuming zero disk space (note: this is an extreme case. Often, PVS VMs include an attached disk for disk writes or overflow of disk writes from memory cache).
The secondary option for Citrix provisioning is Machine Creation Services (MCS). MCS allows users to duplicate an existing VM configuration by combining the base image, a snapshot, and some MCS magic to create and re-roll an effective new machine with the same configuration but a new independent identity.
To do this, MCS effectively takes a copy of the combined base image and snapshot, combines it into a master image, and copies that master image to each storage repository that the hosting environment has access to.
From there, the new VMs are spun up, referencing that master image as a read-only disk, and additional disks are attached. The first additional disk is known as an identity disk and provides the machine with its static new identity (think computer name, SID, etc.). The other disk attached is a differencing disk, which serves as the temporary repository for any changes made to the VM's existence.
Both of these technologies have their merits, but beware, both also have their drawbacks.
For PVS, yes, you can save on the storage I/O, and it scales beautifully, but you will put all your hopes into the network, not hiccupping one bit. With MCS, you will have increased resiliency from network hiccups but may be unable to scale to the proven 2500 VMs that PVS can do due to I/O constraints.
Web Front-End
Every application needs some way for its users to interact with it. For Citrix, this is known as Storefront, which is responsible for
Handling user authentication
Communication with the delivery controller to enumerate user assignments
Storing users' resource subscriptions.
Individual configurations of Storefront are called Stores, and they are configured to pull assignments from one or many delivery groups. Citrix supports various access methods via Stores, including anonymous authentication, domain authentication, domain + security token, SAML authentication, smart cards, and certificates.
After users authenticate, they are presented with a listing of their available resources, as pulled from the delivery controller's records. As they frequent specific resources or manually favorite them, a memory of their selections is cached as a subscription to provide a consistent experience.
External Gateway
Citrix's external gateway is the Citrix Gateway (formerly Netscaler Access Gateway), a component of the Citrix ADC (formerly Netscaler ADC). It is a hardened web proxy for authenticating external access requests and relaying connections to internal resources.
More than your typical web proxy, the ADC combined with the Gateway is often considered the proverbial Swiss army knife of networking. They perform a range of tasks including:
Content switching,
Load balancing,
Web-app firewall,
SSL offloading, and
VPN services.
The gateway comes in various packages, including a virtual appliance with a software license to scale its throughput to physical appliances similarly scaled to size with an optional FIPS-compliant configuration.
Overall, the external gateway is a beast and often requires a Network/Security Administrator or someone with skills outside your typical Citrix Administrator's role.
VMware Horizon View
Hypervisor
Considering VMware is the leading virtualization platform in the market, it's nice that with VMware Horizon View, you're allotted free licenses for vSphere. That being said, it's really the only option for on-premise deployments, as other hypervisors are not supported.
On a bright note, VMware does have a Horizon Cloud offering, which provides some flexibility by enabling Microsoft Azure, Amazon AWS, and IBM Cloud as public cloud vendors.
Brokering Service
In Horizon View, the View Connection servers are the brains of the operation. Similar to the delivery controllers of Citrix, the View Connection servers perform the following roles:
Handling and Storing the entitlements of resources
Communication with the downstream resources to ensure resource availability.
You'll likely notice we left off the communication with the hypervisor portion — and for good reason. Depending on which provisioning technology you choose, this piece may be handled by a different part of Horizon View. As a side note, it's ideal that the View Admin console is completely HTML-based, so there's no need to install a separate console for administration.
Provisioning Technology
Horizon View comes with two provisioning technologies: linked clones and instant clones. Linked clones greatly resemble the same architecture outline of Citrix as the MCS provisioning technology mentioned above. Like Citrix, MCS uses base images and snapshots to create read-only master images prepped and attached with additional disks to provide the VDI experience and linked clones perform this same operation.
It does this via parent VMs and snapshots to create replica VMs with similarly attached disks for storing identity and tracking changes. It's important to note that Linked Clones depends on an additional software component known as view composer.
View composer must be installed separately from your View Connection servers and as an intermediary between the View Connection server and the hypervisor. Its job is to ensure resource availability by controlling when resources are created, destroyed, and recomposed (a fancy term for freshly wiped and rebuilt).
Web Front-End
The View Connection server also handles the internal web front end. Interestingly, this service supports domain authentication, SAML authentication, domain + token authentication, and smart cards.
External Gateway
VMware View offers two external gateway options: the traditional security server and the newly released Universal Access Gateway (UAG). The Windows-based security server is the legacy solution that requires one-to-one pairing with each View Connect server.
The alternative is a Linux-based virtual appliance known as the UAG. The UAG can be set up to connect to multiple View Connect servers, eliminating the need for one-to-one mapping. As with VMware's vCenter, the market trend is moving toward Linux-based appliances that can be more easily deployed. Expect new feature sets limited to the UAG, ultimately leaving the legacy security servers in the dust.
Citrix vs VMware: Which to Choose
Now that the stage has been set let's get to the fun part: comparing the Citrix and VMware VDI infrastructures.
Hypervisors
Citrix clearly does a better job catering to a more diverse pool of hosting solutions. However, do consider that this is a calculated tactic by VMware. VMware's target here is to gain market share with its sector-leading technology, ESXi, and to ensure stability and consistency within the VDI experience.
Brokering Service
For the most part, a brokering service is a brokering service. The only caveats to this would be potential add-on alternatives or services that can be attached that would make a significant impact. For Citrix, there is Citrix Director, which provides a single web-based administration page for both helpdesk- and administrator-level tasks.
Think of this as a basic environment health status page combined with some helpful troubleshooting tools to diagnose and interact with user sessions. In addition, load index evaluation can be figured via Citrix Policy, which gives the Director Insight into a machine's resource strain and potential overutilization.
As for add-ons, Horizon View doesn't come bundled with a comparable toolset. However, if you consider combining two alternative resources—internally developed Horizon Helpdesk Utility and vRealize for View—you'll have your solution.
Provisioning Technology
Each solution has two options in this arena, but we can disregard Citrix's MCS and VMware's Linked Clone solutions, as they are relatively identical in approach. That leaves us with PVS versus Instant Clones, two very different technologies. As with any decision of this sort, the answer will always come down to two simple words: "It depends."
In terms of speed, consistency, and scalability, both of these solutions have been proven to handle the workloads thrown at them. The real consideration here still remains whether you want to rely on your network or your storage.
Web Front-End
While very similar, I'd have to give the blue ribbon to Citrix, as Storefront provides more granular control of how you want your user experience to look and feel. In addition, Citrix has an administration console dedicated to the configuration of Storefront, whereas making changes to the View Connection interface follows a more primitive approach to locating and editing configuration files. It's not a big deal, but seeing some advances here would be nice.
External Gateway
This is a hard one. With Citrix, you get more than just an external gateway; the drawback is that those features may cost you additional licensing, manpower, and training. On this note, NetScaler's learning curve is quite steep and doesn't exactly lend itself to non-network individuals. So, beware.
On the other hand, VMware's Security Server is pretty straightforward for newcomers. Similarly, the UAGs are even more accessible to deploy with a few clicks to import the appliance and answer a few Hogwarts-level wizard questions. It's one of those double-edged swords: do you require complexity or simplicity?
The Final Verdict
Choosing between these two solutions depends on what's most important to your business. Citrix was the first-to-market in the application virtualization space and, for many, is considered the tried-and-true application virtualization solution.
With this comes years of development, which has afforded Citrix a plethora of configuration options that will most certainly meet your needs. When they decided to take on desktop virtualization, those years of experience transitioned well. Citrix Virtual Desktops is a robust solution that can certainly meet any need you throw at it.
On the other hand, VMware wouldn't have entered the market if it hadn't seen a gap that Citrix wasn't filling. VMware recognized that the complexity introduced by all those options could be a limiting factor for those who just wanted to do VDI quickly. With Horizon View, there is very little maintenance or toying with in-depth configuration options that would otherwise have you scratching your head about the impact of selecting lossless or lossy graphics.
I can't help but think this is VMware's conscious decision to reduce the complexity of VDI and one of the leading reasons for their growing market share in this space. Forgive the expression we all hear from vendors every now and again, but Horizon View just works. And sometimes, that's all we want as IT professionals.
delivered to your inbox.
By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.