Virtual Insider

Blog archive

Why XenDesktop on vSphere?

I am constantly asked this question when designing a virtual environment: Why vSphere and not XenServer? Isn't "Citrix on Citrix" a better choice? Why vSphere? The answer is simple, when designing a virtual infrastructure; I take into account not just what this virtual infrastructure will do for desktops, but what it will do for servers as well. I am looking to simplify and maximize the investment for the organization I am working for. vSphere delivers unparalleled performance, coupled with all the features that an enterprise needs for both servers and desktops.

I am a strong believer in combining best-of-breed software. That's how we have always designed and built all systems for our organizations, but let's break it down:

vShield Endpoint This feature is crucial for desktop virtualization. It allows us to offload the anti-virus functions from the individual VM to a a virtual appliance. Without vShield Endpoint, you would have to load an anti-virus agent in each VM, a method that requires significant storage horsepower, especially when anti-virus is updating or scanning.

There have been attempts by various anti-virus vendors to randomize how the scans take place, and how the updates are applied, in order to minimize the effect on storage and maximize the user experience. These efforts, while very welcome, are not enough. vShield Endpoint liberates these VMs and as such has a significant performance increase effect and a significant cost reduction from a storage need perspective. Sure, the anti-virus appliance comes at a cost, but it's nowhere near the cost of storage that you would need if you had to do it without this appliance.

Memory Management vSphere 4.1 has four different types of memory management techniques. Now granted, when designing a DVI environment, we don't design with memory management in mind. Still, it does help to know that you can always count on these technologies in the event that a host should go down or memory is scarce for any reason. It is also important to be able to provision memory temporarily or unexpectedly.

Security VMware places a significant important on security. Its software has been EAL4+ certified since June 2008. Its ESX 2.5 product was certified EAL 2 in 2004. The importance of EAL, which stands for Evaluation Assurance Level, is that it certifies that a product was methodically designed, tested and reviewed in compliance with the international standard for computer security. XenServer 5.6 is EAL 2 as of 2010. While this certification does not mean XenServer is less secure than vSphere (I am not implying this by any means), you still have to take all the necessary measure and best practices, and it does show that VMware emphasizes security a lot.

The importance of security with virtual desktops is twice the importance of servers, given the number of virtual desktop that could potentially exist. Furthermore, one should note that while physical desktops were less secure, they were decentralized; and so compromising a single desktop may not have been a big issue. Virtual desktops are centralized and in the datacenter; thus, properly securing them is imperative. It is worth noting here that Microsoft's Hyper-V has been EAL4+ certified since 2009, which demonstrates that Microsoft takes security very seriously, especially from a hypervisor perspective.

In addition to all this, VMware also has the VMSafe API, which partners can leverage to build secure applications into vSphere.

Storage Integration Almost every storage array in existence either currently has or will soon have support for VMware's vStorage APIs for Array Integration. VAAI offloads many resource intensive tasks to the storage array, thereby significantly enhancing performance while reducing host overhead. Citrix, also has a similar technology known as StorageLink. While some may argue that StorageLink is better than VAAI, the fact of the matter remains that only a handful of storage arrays support StorageLink. I do think this number is bound to go up, especially if Citrix extends StorageLink to Microsoft's Hyper-V.

Better Virtual Networking vSphere's virtual networking is rock-solid with many features that are missing with other hypervisors, notably network traffic shaping, per VM resource shares, QoS, support for high I/O Scalability via direct drivers and more…

All this being said, I don't want this to sound like I am slamming Citrix XenServer. I am merely stating why I typically recommend XenDesktop on vSphere. I get asked this question more often then not and I felt compelled to share my reasoning for recommending this. XenServer is a fine product with a bright future, but I have to recommend to my customers a solution that will address not only their desktop virtualization needs but also their server virtualization needs, while integrating as tightly as possible with storage and leveraging virtual networking to the fullest.

Posted by Elias Khnaser on 01/24/2011 at 12:49 PM


Subscribe on YouTube