Is VDI Still Viable?
It's easy to take potshots at virtual desktop infrastructure, but this embattled technology has plenty of time to become a formidable force.
Virtual desktop infrastructure (VDI) has an image problem compared to the cloud, its fellow top-of-mind, cutting-edge, hotter-than-hot technology. Everybody, it seems, wants the cloud and all its alluring possibilities, while VDI is scrutinized more closely and held to a higher standard. Perhaps that's happening because even though VDI is still an emerging technology, it does have a real-life base of users, which means its failures are more likely to be publicized, while the relative paucity of actually working private clouds means bad news is more easily contained.
Regardless of the reasons, VDI is embattled, both internally and externally, and that has some people asking: Is VDI still viable?
After the past three years of controversies, claims and counterclaims, CIOs and other IT executives have had plenty of time to familiarize themselves with this technology to the point where they're now asking hard questions about controversial topics such as intimidating up-front infrastructure costs, prohibitively complex operating environments and questionable security capabilities.
Not all the answers are comforting, and that has had a chilling effect on some users. As noted by Simon Bramfitt, founder and principal analyst for Entelechy Associates LLC, "The high capital cost of VDI solutions has caused some pain for early adopters and I've spoken to quite a few people who have killed VDI projects at the pilot stage due to high costs, but who are now reconsidering that decision and looking to restart projects based on the understanding that costs will fall significantly in 2012."
In order to gain some tangible perspective, it's useful to consider market research results from Gartner Inc. indicating that the VDI penetration rate is currently at about 2 percent of the enterprise desktop space, a number Gartner expects to reach 10 percent by 2014. Clearly, this market is still in its formative stages, which means there's no crystal ball that can forecast its future.
In this environment of uncertainty, the leading vendors are attempting to distinguish themselves and consolidate their positions, while the ever-expanding ranks of newcomers are struggling to gain a toehold that will give them enough time and resources to either make a breakthrough or catch the eye of a wealthy suitor who's willing to buy them rather than reengineer their products.
A VDI Skeptic Weighs In
Dave Bartoletti, a senior analyst with Taneja Group Inc., is a VDI skeptic who says the technology's expense is the biggest obstacle to its success. (Bramfitt disagrees, saying the biggest barrier is ignorance of desktop virtualization products from companies other than Citrix Systems Inc., VMware Inc. and Microsoft.) Bartoletti supports his position by citing the experience of a large financial services organization that went in the hole because it had to accommodate a fractured support team in order to support its VDI installation. This was because the desktop people had different skills than the server teams in the datacenter, and the server teams wanted to use VMware View to virtualize everything back to the datacenter and own a large amount of infrastructure with many Windows images that could be served out to endpoints.
The desktop team disagreed, saying they wanted to use Citrix for application virtualization because it was a cheaper management option. They were willing to maintain a large number of Windows desk-tops as long as they were streaming the right apps. They also preferred locking down the environment on an application-by-application or file-by-file basis, rather than locking down an entire Windows container. Not surprisingly, the desktop guys thought that the server guys were looking to aggrandize themselves by amassing a needlessly large infrastructure with hundreds of servers.
Although Bartoletti says, "I haven't seen the compelling infrastructure savings," he acknowledges that there are user organizations that say they're saving money because they stopped buying expensive PCs and moved to comparatively cheap, but highly functional, thin clients from companies like Wyse Technology Inc. These users are willing to risk the possibility of a downgraded VDI user experience in order to reach their primary goal of saving money.
Chris Wolf, a research VP for Gartner's IT Professionals service, says that the cost of a virtual desk-top is typically 1.4 times that of a physical PC because of the expenses associated with back-end infrastructures, storage requirements, power and cooling in the datacenter, and management software. On the positive side, thin clients based on the ARM processor -- which is usually associated with small devices such as mobile phones -- are emerging and will likely drive down thin-client pricing to the sub-$200 range, which will more closely align the costs of virtualized desktops with physical PCs.
"Desktops are very expensive to maintain," Wolf states. "It's more of an [operational expenditure] problem that people are faced with, and that's where the value of the virtual desktop can really shine. That's where you can see the ROI typically in three to five years."
So how can users gauge how much it will cost them to implement VDI, and how can they balance the up-front infrastructure costs with the perceived downstream financial and productivity benefits? Wolf says that situation is extremely difficult to quantify, especially in the case of productivity benefits. However, Gartner has customers who have claimed that with virtual desktops, they're getting an extra 5 percent to 10 percent of productivity out of their users, because they know when their users are logging in to their iPads at home, or on the train ride to work, in order to finish something on a company application that would have otherwise been delayed.
Citrix Helping Customers Save Money
Citrix, which is considered a co-leader in the VDI space along with VMware, agrees with Wolf that virtual desktops cost more than physical PCs, but claims its customers say the agility, access to mobile devices and overall productivity associated with "generic" VDI creates hard-dollar ROIs. The "generic" reference is important to Citrix because the company strenuously stresses the differences between its VDI and desktop virtualization products, all of which are bundled in the company's XenDesktop product. Generic VDI as described by Citrix is defined as hosting a desktop OS within a virtual machine (VM) running on a centralized server hypervisor in a datacenter, while desktop virtualization is based on server-based shared desktops running remote desktop services (RDS), XenApp or Terminal Services and delivering applications to users. Citrix's ability to offer both of these desktop technologies puts the company in a strong competitive position.
Given the immaturity of this market, however, Citrix realizes that it must offer cost-efficient products if it is to maintain its competitive position against VMware, and to a lesser degree, Microsoft. Microsoft is gradually increasing its VDI market share based on the growing acceptance of the relatively economical Hyper-V and its implications for Windows 8.
The key to delivering cost-efficient products is reining in the cost of shared storage, and Citrix is doing that for XenDesktop with IntelliCache, a feature of XenServer designed to make hosted VDI deployments more cost-effective by enabling customers to use a combination of shared and local storage that increases performance and decreases network traffic. With IntelliCache, the local storage caches the master image from the shared storage, which reduces the amount of reads on the shared storage. For shared desktops, writes to the differencing disks are written to local storage on the host and not to shared storage.
The company also offers Citrix Personal vDisk 5.5, which was known as RingCube vDesk VDI Edition until Citrix bought RingCube. Introduced along with XenDesktop 5.5, this transplanted product reportedly makes it easier for customers to deploy highly personalized virtual desktops at a substantially lower cost. It accomplishes this by storing a single copy of Windows centrally, and combining it with a personal vDisk for each employee's personal apps, data and settings, enhancing user personalization and reducing storage costs.
According to Citrix Vice President of Product Marketing John Fanelli, Citrix also cuts customer costs with its FlexCast delivery technology, which was created to allow IT to deliver any type of virtual desktop in a VDI environment to any user on any device. As such, it facilitates a blended deployment model in which customers deploy VDI desktops alongside shared desktops, reducing storage requirements.
Fanelli says some of these same technologies increase server scalability, allowing more users on a server. For example, he refers to Citrix's multimedia redirection capability, which enables a local device to render the media, making the server more scalable and saving money by reducing the demand for additional servers.
Saving Money with VDI at Texas A&M
Bob Paulson is CIO at Texas A&M University, where he presides over a VDI installation serving 1,100 employees and 6,600 students. The installation features 250 non-persistent VMware View images for student use, 4,000 PC endpoints and 97 virtualized servers. A year ago, Paulson was looking for a way to deal with an aging PC base. He considered the value of a refresh schedule, but it was too expensive. He then evaluated virtual desktops as a way of extending the life of his PCs, and liked what he saw.
Paulson picked View because he already had the 97 virtual servers running VMware, and View gave new life to his old PCs by enabling them to connect to servers as thin clients. This saved a lot of money because it was so much less expensive than buying new PCs and going through all the work and expense of migrating to them from his legacy infrastructure. He realized additional savings by gaining administrative rights that enabled him to lock down all PCs, including those that were previously administered by individual users or workgroups.
"We had unmanaged desktops out there and a high total cost of ownership, whereas with VDI, they have to log in, and we can take care of it centrally on the server and add more applications when they're needed," Paulson notes. "This way we have a much better total cost of ownership."
He's a former Remote Desktop Protocol (RDP) user who gave it up in favor of PC over IP (PCoIP), which he says is greatly improved and no longer requires a 10Mbps connection.
"To provide the same local-type functionality, factor and usage, we can now provide that with the 3G connection on my iPad," Paulson says. "I have nearly the exact response time off my image as I do sitting at my desktop with a gig connection to the network. There's an advantage in that to us."
Asked if he's realized a hard-dollar ROI on his View investment, Texas A&M Associate CIO Robert Miller says that's difficult to determine because the point at which the ROI becomes actual is a moving target. By that, he means it's difficult to assess increases in software applications, such as updates. He compares the ROI process to leasing a car, saying one way or another, he's going to be paying a certain amount to support end users physically or virtually. "I'll just throw a number out here -- say $300 per student or per access per year -- and that's what we're going to be paying no matter what," Miller explains. "The easiest way for us to get after that number is to define what we can afford on a yearly basis and what we can provide for the customer, which is certainly moving faster toward virtual deployment."
Complexity has come with the IT territory since day one, and early adopters have always been under the gun when implementing new technologies, so VDI isn't unique in that sense. Still, the complexity issues relating to VDI are persistent, and along with high costs have been cited as major factors in decisions to hold back on some first-time implementations. The end result is a certain amount of user reluctance to go forward with deployment plans.
No such reluctance has occurred with Texas A&M's View system, according to Miller, who says the enhanced management he has experienced with the implementation has been the system's No. 1 benefit. He lauds the ability to manage all aspects of desktop images, including responding quickly to any changes. "From our perspective, the response to the customer and certainly our response on the administration side have greatly improved with the deployment of virtual desktops," he declares.
Senior systems administrator Jesus Hernandez concurs, saying: "From my deployment perspective, it's 10 times faster to deploy 20 more machines. Think configuration, think software base -- standard software that they all have to share -- and then maybe custom applications. That takes way, way less time than having to actually physically go to a user's office and take CDs and run them from there."
Gartner's Wolf describes the complexity issue in more problematic terms, saying providing shared desktop images at scale is a daunting challenge -- and made more complex, for example, in the case of user customizations, such as plug-ins, which require an application-personalization layer capability available from vendors such as Citrix, Unidesk Corp., MokaFive Inc. and AppSense.
Upgrading networks is a frequent VDI requirement. This includes ensuring that endpoints are provided with sufficient bandwidth, Wi-Fi networks are updated to accommodate iPad users, and additional network access control for connecting personal devices to separate physical networks is pro-vided.
Horror story: Wolf describes a customer who assumed it didn't have to support client-based personal PCs in bring your own computer -- BYOC -- environments, thinking it was up to individual owners to support their own personal devices. The customer in question had some 8,000 seats deployed for its call centers, 2,000 of which were on Windows 7. On a Patch Tuesday earlier this year, the Windows 7 update broke the VMware View clients and 2,000 call center workers went down.
"So on a Tuesday morning, they literally lost 25 percent of their call center," Wolf says. "For them, it was a disaster, and to make matters worse, the mechanism to distribute a notification or to patch the users was company e-mail, but it was being accessed through Outlook via their virtual desktop client."
Digging Deep into Management
VDI and server-based computing are both key ways to connect users with the many traditional Windows applications that are going to be around for a long time, but Wolf says vendors such as Unidesk really shine in more complex management environments where users have moved beyond simply converting physical desktops into virtual desktops, and are looking to achieve meaningful TCO savings. This requires rethinking the way desktops, users and applications are managed.
The question users must ask themselves is: What's the most efficient way to deploy and centrally manage applications, application updates and the entire desktop lifecycle? The answer, Wolf says, is to closely scrutinize some of the layered approaches available from MokaFive and other companies offering products that are distinctly different from those of mainstream management vendors.
The challenge for these innovative vendors is holding their own against industry heavyweights that don't want to see their model succeed. "If I'm a storage vendor, I don't want organizations with thou-sands of users all sharing this common desktop image, and just using some technology up in the software stack to segment users and give them the customizations that they need," Wolf says. "I'd rather give every user a dedicated image just like I did in the physical desktop world, and simply sell you terabytes upon terabytes upon terabytes of storage to keep all that together."
Security issues are constant companions to new technologies, and VDI is no exception. Referring to VDI security points made by Bromium Inc. exec and former Citrix Data Center and Virtualization CTO Simon Crosby in a blog that went viral last October, Bartoletti says Crosby was describing a bifurcated VDI security environment in which the first segment is characterized by a large number of files and applications on a fat Windows desktop environment that's focused on access control and strong password protection. When that model is split, data and applications are stored in a datacenter and served via remote connections, which is theoretically more secure than the fat Windows desktop model, Bartoletti says.
However, more people are looking at that data on endpoint devices that still have to be secured, so it can be argued that this strategy adds another layer of security. Bartoletti says Crosby's point was simply to point out that the VDI architecture does not solve a security problem.
Bartoletti complements Wolf's comments and adds a new twist to the security story by saying the major security weakness in almost all large companies is their e-mail system. The companies have to provide their employees with it, and they can't be too restrictive when it comes to the kinds of attachments they allow. However, if they become too permissible, the floodgates can open.
"So I can attach an Excel spreadsheet with sales performance numbers to an e-mail, and there you go," he states. "Even though you're doing it through a locked-down corporate desktop, those are the types of security holes you've got to patch. Theoretically, it sounds more secure because people don't have a file written to the endpoint that they're carrying around. In reality, if they open up that application remotely, they can look at a document, access their e-mail, cut and paste between the two windows, and you have a big security hole." Once again, the point is that VDI doesn't inherently resolve security challenges.
Miller says View allows him to turn PCs into zero clients for security purposes. "We can lock down a PC once; we can strip out any applications that are required to run any services; we can essentially dumb down the desktop to more of an embedded-type application, which greatly reduces the need to stay on top of that from a security standpoint," he notes, adding that zero clients in the field boot only to the virtual desktop image.
At this point in time, VDI is still maturing, and it's still too early to tell how it will evolve. On one side of the discussion, there's a dearth of compelling financial models outside of call centers, where workers sit in front of dedicated machines, working on a very limited set of applications. On the other side, VDI installations are thriving at large financial institutions and in colleges and universities.
Thousands of CIOs can't be wrong, and Wolf says they want to talk about what this technology means to them. That bodes well for the unforeseen future, which is enough to stir the pot for now. VDI is clearly viable.