Time to move on desktop virtualization?

Call it a minimalist approach to desktop computing. Next month, the Navy will kick off a 7,500-seat virtual desktop deployment in which desktop images will be streamed from regional data centers to zero clients, devices that are even thinner than thin clients in that they lack a full-blown operating system. The phased rollout will put zero clients on Navy desks in the Washington Navy Yard, San Diego and Pearl Harbor over the course of the year.

The project will simplify administration, reduce support costs and boost security, said Capt. Shawn Hendricks, program manager of the Naval Enterprise Networks Program Office. Hendricks oversees the Navy Marine Corps Intranet and its successor, the Next Generation Enterprise Network.

“There’s a big benefit in the lower cost to maintain these...devices,” Hendricks said of the virtualized desktop approach. “Not to mention that the devices themselves, right out of the box, are effectively plug-and-play machines that cost a fourth of what it costs to deploy desktops and laptops.”

There’s a potential downstream benefit as well. The virtual desktop architecture could pave the way for a bring-your-own-device (BYOD) strategy. Although the Navy has not embarked on such a policy, virtualization could make it a viable option, Hendricks said.

The Navy’s approach to desktop virtualization mirrors developments at other government agencies. Public-sector IT managers from Alaska to Florida cite reduced administrative costs and burdens and the security of greater centralization as the initial project drivers. Those factors piqued interest in earlier waves of thin-client and server-centric computing. This time, however, the ability to prepare for a BYOD environment has emerged as an additional incentive.

Why it matters

Ease of administration and enhanced security continue to motivate technology adopters and keep desktop virtualization on the IT map.

The government of Orlando, Fla., is in the midst of deploying Chromebooks, laptop PCs that run Google Chrome OS. The devices let users access Google Apps and will also afford access to virtual desktops. The latter capability stems from Ericom Software’s HTML5 client, AccessNow. It lets Chromebook users tap into Microsoft Windows applications, which are delivered as VMware View virtual desktops.

“We like the ease of administration,” said Rosa Akhtarkhavari, Orlando’s CIO. “We will be able to utilize resources in a different way and more strategically than having [technicians] driving all around the city, managing and fixing desktops.”

In addition, keeping data off the client device allays security concerns, Akhtarkhavari said.

Samuel Simmonds Memorial Hospital in Barrow, Alaska, runs a virtualized desktop environment using zero clients from NComputing. The facility operates under a contracting agreement between the Indian Health Service and Arctic Slope Native Association.

Adam Smith, an information systems administrator at the hospital, echoed Orlando officials’ sentiments: Virtualization helps with administration and security.

“We are no longer chasing our tails,” Smith said, noting that the hospital’s small IT staff no longer has to perform updates, upgrades and cleanups on 200 PCs. And the security workload is less onerous because the NComputing devices lack USB ports and CD/DVD drives.

Desktop virtualization can also support a move to a BYOD environment because the infrastructure that centrally manages and deploys desktop PCs and applications to thin clients can transmit them to employee-owned devices, including smart phones and tablet PCs.

Joe Brown, president of Accelera Solutions, said he believes improving device management and boosting data protection remain the most common reasons for pursuing desktop virtualization. But he added that agencies are starting to recognize other capabilities that virtualization can bring, including support for a BYOD environment.

The Navy could take desktop virtualization in that direction. “There is no reason that we shouldn’t be able to use a home computer with a [Common Access Card] and get to the resources securely,” Hendricks said. “Obviously, there are other things we have to sort out before we make [BYOD] a policy across the network, but it will help us get there.”

The fundamentals

Desktop virtualization comes in a number of flavors. The most popular varieties at the moment are application virtualization and virtual desktop infrastructure (VDI). Application virtualization centrally manages apps and distributes them to desktops, where they run via the locally installed operating system. A VDI hosts a user’s desktop as a virtual machine running on a central server. Applications, operating system and data all reside in the data center.

Sudhir Verma, vice president of consulting services at Force 3, said BYOD has reinvigorated VDI adoption. “VDI started to grow and hit a plateau,” he said. “Then iPads and mobile devices started to come into the workplace. Users started to demand access to their own devices, and that has...accelerated the pace of VDI adoption.”

Now you can add zero clients to the list of virtual desktop devices. They provide display capability, network support and an operating system just big enough to load remote desktop software, such as VMware View or Citrix Systems’ XenDesktop.

Brown said early zero clients ran into problems supporting directly connected devices and providing multimedia capabilities. But in the past two years, vendors have introduced additional client-side support for major-brand peripherals and Defense Department smart cards, he said, adding that multimedia capabilities have also improved.

Zero clients could reduce the costs associated with an organization’s hardware acquisition and energy consumption. According to Smith’s calculations, a zero client device costs the organization $150 while a PC costs $900. Furthermore, the hospital’s virtual desktop deployment reduced energy consumption by 89 percent.

The hurdles

Industry and government executives say agencies seeking to deploy virtual desktops should make sure their IT infrastructure can handle the technology. Network bandwidth and latency will determine the quality of the end-user experience and become especially important if plans call for resource-intensive content, such as high-definition video.

Storage is another important consideration because virtualization shifts the burden from local hard drives to centralized devices.

Travis Howerton, chief technology officer at the Energy Department’s National Nuclear Security Administration, said VDI can be a strain on storage-area networks. He pointed to the prospect of thousands of users arriving at work and all booting up their thin clients at the same time. The resulting “boot storm” could crash a SAN.

“If you go in blindly and not think about this, it is going to bite you,” Howerton said.

Solid-state disk storage is one technology that can optimize SAN performance and help organizations weather boot storms.

Virtual desktop adopters should also focus on software management to get the most out of their investment. “You need to limit the number of images” to achieve operations and maintenance savings, Howerton said.

For example, an organization might maintain a standard desktop image for office workers, a .NET developer image and a Java developer image, Howerton said. The idea is to have as few images as possible rather than maintaining an image for each individual user.

“If you don’t control your images, you won’t get any savings,” he added.

Another potential obstacle is assembling an IT staff that is prepared to run a virtualized environment. “Many organizations try to use their existing staff without helping them get trained,” Brown said. “If they don’t have the right people to support the tools, it will be a challenge, to say the least.”

Brown suggested evaluating IT employees to see whether they have the skills to support desktop virtualization and then arranging training sessions accordingly.

Verma said IT managers will need to pull together the different skill sets necessary to effectively manage a complex, virtualized environment. He said a desktop expert steeped in Active Directory group policies might lack knowledge of VMware on the back end. Conversely, a server virtualization and storage expert might be unfamiliar with Microsoft group policies.

“You have to converge that together,” Verma said. “You may have to have two or three skills merged into a single person.”

Next steps: Opening the door to anywhere computing

Desktop virtualization can transform how employees access the IT resources they need to do their jobs, creating opportunities for new work arrangements. As your agencies’ plans crystallize, here are some other steps you should consider taking.

1. Get to know your users.

Agencies testing desktop virtualization will want to assess the end-user experience before proceeding. In its limited deployment of virtual desktops, the Navy is using a software tool that will measure network latency, application use and other performance factors of several thousand of its current desktop PCs. Once the zero clients are installed, officials will take measurements again. The comparison will help them decide which types of users are good candidates for zero clients.

2. Expand your options.

To move to a bring-your-own-device strategy, industry executives say organizations can use their virtualization infrastructure without modification. But agencies might want to add other technologies to round out BYOD support, such as mobile device management and software containerization.

3. Reinvent the workforce.

Once virtual desktop technology is in place, agencies can look beyond the initial objectives of improved management and security to ways that desktop virtualization can spur efforts to support workforce mobility, including telecommuting, continuity-of-operations plans and BYOD policies.

About the Author

John Moore is a freelance writer based in Syracuse, N.Y.

Reader comments

Wed, Mar 7, 2012 Paul

In fewer words, I think the issue here that always gets ignored is COOP. The moves I've seen being made in DoD IT are not encouraging. In the move to consolidate, it is forgotten that redundancy exists for a reason. We need to be able to access a wide range of resources regardless of the conditions. Right now, there are some redundancies in place that if one location is removed, I can ad hoc some information from other sources. Consolidation threatens that ability. The old adage, never put your eggs in one basket, is paramount when it comes to maintaining key missions under the worst possible scenarios.

Tue, Mar 6, 2012 Arty Boston

Some of these "virtualization" proponents are 'way too glib. In fact, this is an issue between centralized and distributed architecture, and the application, network, user requirements, hardware, software and performance requirements for each user and each application will dictate the best architecture. To blandly state that a centralized architecture will give you a big benefit without looking carefully at your environment is asking for a massive, career-ending fiasco. Some marketeer at a hardware manufacturer started this fad of calling the ability to run several environments on one server "virtualization." It is not -- a virtual machine is an exact emulation of one computer on another. It uses fantastic amounts of resources, and is something no-one would want to do except for computer designers. The discussions of "virtualization" in this and other popular literature refers to the practice of running layers of old software on new machines to avoid the need to update the software. This is a stop-gap approach and everything should be upgraded to native on the new hardware as soon as possible. Failure to do it over a couple of generations will just about guarantee the performance of the new hardware will be degraded to the old hardware level by the layers of emulation that the machine will have to run. "Virtual desktop" is a similar misnomer. What is actually happening is the local CPU & disk is being exported back over the network to the server farm. This may be very far away if the outfit has also been moving to the "cloud" -- really, time-sharing. Failure or overload in the local network and/or the Internet will leave the enterprise high and dry. As mentioned in the article, applications and users that require versatility, heavy compute, and advanced display will be SOL with a "virtual" desktop. That's almost everyone in a hospital environment. And from the little I can see of the other potential conversion systems in the article, most of them will be putting their users up the creek with out a CPU or disk drive, too. Take the wicked witch's advice: "These things must be done very carefully -- or you'll spoil the magic."

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above