MokaFive Suite's Latest Lightens Admins' VDI Workloads
MokaFive Suite Release 3 BareMetal offers the unusual ability to update all workstations from a single image, while still allowing users to customize their systems.
As the notion of virtual desktops gathers steam, more companies are releasing products to help implement Virtual Desktop Infrastructures (VDIs). While MokaFive Inc. provides the typical ability to run a workstation image from a server, MokaFive BareMetal specializes in virtual desktops that will run on bare metal, instead of requiring an OS plus client software on the client machine.
This means that a user's OS, applications and settings can all be run from a flash drive or CD-ROM, with no changes to any existing OS that might be on the PC. Or, the installer can overwrite the existing hard disk contents so that the image automatically runs from the hard disk in all future instances. MokaFive offers the unusual ability to update all workstations from a single image while still retaining the ability to allow users to customize their systems.
The same image can be used for both the player and bare-metal scenarios, and images will work on Macs as well as Windows PCs, allowing Mac users to easily boot a Windows OS when needed for specialized applications. In addition to various flavors of Windows, Linux clients are also supported.
The system consists of three servers -- a management server, an image repository server and a database server -- plus a management console and client software that runs on each workstation. There's also an optional application gateway for clients that connect over the Internet, and a studio application that assists in creating the OS images. The parts can all run on a single server, or each can run on a separate server for scalability, and additional image replicas can be added at remote sites to reduce WAN traffic -- at no additional licensing cost.
According to MokaFive, a three-server setup can support 2,000 users, and potentially up to 15,000. MokaFive also makes the package available as a service.
[Click on image for larger view.]
|Figure 1. MokaFive allows you to deploy specific OS images to Active Directory groups or users.|
Installation is straightforward, as simple as a multi-tier application can be. The installer can include SQL Express if an existing instance of SQL Server is not available. The management server can connect to an existing Active Directory system to allow user authentication, or use an embedded server if desired. If you'll be using SSL to ensure security between the server and clients or players, you can either get certificates issued by a provider, or the installer will generate self-signed certificates.
Once the various parts are installed, the next step is creating a gold image of a workstation. This involves using an existing LivePC image, an installer disk for the required OS, or a conversion tool to turn an existing installed OS into a LivePC or VMware image. Once the OS and applications have been installed and packaged into an image, the image is then uploaded to the image repository and published through the management server. Once this is done, the image can be run through a player or downloaded and installed on a PC's hard drive. Alternatively, it can be run through other bootable media such as a flash disk, USB key drive or CD/DVD.
Built-in compression ensures that the boot image uses only as much space as absolutely necessary.
The installation of an image on a new PC takes about 20 minutes the first time for a bare-metal install (which is much less time than installing an OS and applications), and the player version can be up and running in less than five minutes. Once the image is downloaded and installed, it can run whether or not there's connectivity to the management server, because updates and policy changes are made the next time there's a connection to the management server. By default, the player is VMware Player, but MokaFive supports a wide variety of players, and the system can be configured to use any of them. The initial install can be done through a URL link, via an installer disk, or using Group Policy or other software-deployment tools.
Images can be based on previous images, so you could take an existing base OS image, add apps to it and publish the result as a second image, without having to reinstall the OS first. The Group Policy controls make it easy to deploy different images to different groups. The image utility enables image testing, which simulates the end-user experience without having to deploy the image to a physical machine. This improves troubleshooting and quality control.
Once images are deployed, users can modify them as desired, add applications and change OS settings (such as the desktop background, settings for folders or other OS behaviors). Even after the OS is changed by the user, any updates, patches, service packs or configuration changes made to the gold image by an administrator will be added to the image on every workstation. This considerably eases the work an administrator has to do to deploy OSes and patches. If there are conflicts between changes a user makes and changes an administrator makes to the gold image, the admin's changes override the user's changes.
Administrators can make changes by groups -- adding an application to all users in the graphics arts department, for instance. They can also roll all images back to a last-known good state if a patch turns out to cause problems. The images include drivers for all PCs and hardware supported by the OS, so even if there are a variety of PCs in the enterprise, they can all use a single image. A dynamic driver installer ensures that any graphics subsystem will work well, including ATI, Intel and Nvidia. Likewise, the latest solid-state drives are supported.
Administration is policy-driven: You can automatically join new PCs to a particular domain, assign home directories on specific servers, and ensure that users have access to the appropriate printer and other resources. Policies can be set at three levels: image policies that apply to all versions of the image, group policies that apply only to specific groups, and user policies that enable users to control some aspects of the OS configuration themselves. Remote desktop support is built in to ensure easy tech support.
Keep It Safe
The MokaFive Suite includes lots of security. Systems can be configured to automatically lock when in suspend or hibernate mode, and AES-256 encryption is built in. Laptops and other systems can be killed remotely, so that a stolen or lost laptop is disabled. Antivirus scanning is included, using the AVG engine.
Pricing starts at $150 per user per year, with volume deals available. Server infrastructure is unlimited: You can deploy multiple servers at no additional cost over a single server.
The price is very fair given the potential work savings for administrators. The MokaFive Suite offers the potential to combine the benefits of separate OS installs for end users with the benefits of a centralized image system for administrators. By making it possible to deploy images across multifarious PCs -- including those of remote users and even Mac users -- using a single image, the system provides admins with a great deal of flexibility in deploying a secure, stable environment to hundreds or thousands of users with very little effort. Plus, it avoids the lockdown that frustrates end users.
Logan Harbaugh is a freelance reviewer and IT consultant located in Redding, Calif. He has been working in IT for almost 20 years and has written two books on networking, as well as articles for many computer publications.