Desktop Transformation Steps for Migration to Virtual Desktop Infrastructure Virtualization has entered many enterprises at the data center level, targeting server workloads. The promise of higher workload densities per physical server, improved management, enhanced security, platform flexibility and lower operating costs has positioned virtualization as an essential data center tool. Many organizations who have completed their data center transformation are now eyeing their desktops for a similar transformation. Virtual desktop infrastructure (VDI) answers the call with its intrinsic ability to provision, protect and manage the desktop operating system (OS) independent of the underlying hardware. This whitepaper provides an overview of VDI, approaches, its advantages and a suggested process for migrating to a virtual desktop infrastructure. This paper will begin with answering an obvious question: What are the advantages of VDI? Advantages of Virtual Desktop Infrastructure The advantages of VDI emanate from four key characteristics:
Centralized desktop management Consolidated backup and recovery Enhanced flexible desktop security Platform flexibility
Centralized Desktop Management Traditional desktop environments employ a static and inflexible methodology for managing and provisioning desktops. Utilizing this methodology means endpoint hardware, which includes desktops and laptops, and operating systems are provisioned and managed in unison. The associated processes for managing traditional environments require IT to create a standard image for each endpoint type, including device drivers, common applications and the standardized desktop OS. The engineered image is then provisioned to the endpoint device via PXE (preboot execution environment) or via a desktop management application. Regardless of the delivery mechanism, IT is forced to support multiple images, each corresponding to a particular model and model variant within an endpoint family. Leveraging VDI to provision endpoints is different. VDI separates the OS from the desktop hardware similar to how server virtualization does. Separating the hardware from the OS enables a single standard Virtual Desktop Infrastructure: Steps for Migrating to VDI
1
image to be developed and deployed across multiple hardware platforms. Utilizing a single desktop image greatly simplifies image management as there are fewer images to manage; it simplifies image testing and validation, and it speeds deployments which can include wholesale enterprise OS upgrades. Consolidated Backup and Recovery With VDI, regardless of the variant, backup and recovery is a core capability embedded within the solution. With a high degree of granularity, administrators can specify the backup scheme, sometimes referred to as the backup policy, which governs:
Files to back up Backup file destination Backup intervals How long files will be available for restore Who is authorized to recover files
In traditional desktop environments, local backup and recovery is challenging. Many enterprises redirect certain directories at server shares. In these cases when the endpoint is not connected to the LAN, retrieval of documents can be a challenge forcing knowledge workers to either apply a workaround or do without. Often, knowledge worker workarounds cause data to reside outside of the centralized backup scheme. Succinctly, if data does not reside on the server, it isn’t backed up. To mitigate this challenge, third-party vendors have made available, backup agents that reside on the endpoint device. These are often expensive and only files opposed to the OS itself are protected. VDI natively protects the endpoint at the file and image level, in both the centralized and distributed models without the use of third-party agents. VDI enables the backup and recovery of user-created files at a fairly granular level. The level of granularity is associated with the embedded capabilities of the VDI solution itself as well as the amount of available data center storage. In the case of the image itself, snapshot technology is applied to protect the image at various points in time. Many vendors who specialize in VDI separate the backup of knowledge worker-created data and image-level data to optimize the protection scheme while providing a high level of file recovery granularity.
Virtual Desktop Infrastructure: Steps for Migrating to VDI
2
Enhanced Flexible Desktop Security Security is paramount for IT enterprises globally. Virtualization can securely share a single hardware footprint between multiple OSes where each OS is unaware of the other or that it’s virtualized. Following well-established networking and directory security rules in concert with the aforementioned separation establishes a platform for granular, multi-level security policies. Although out of the scope of this whitepaper, adding application virtualization to a VDI implementation enables an even higher degree of endpoint security. IT departments who provision environments for contract workers are especially sensitive to endpoints that reside outside of the firewall. The security threat IT is attempting to mitigate and the physical location of the knowledge worker are two major considerations to account for when choosing which VDI approach is the right one. Platform Independence Processors that support hardware-assisted virtualization have been instrumental in the broad adoption of VDI. It’s important to note that not all variants of virtualization require this type of processor intelligence. Where the workload is virtualized at the endpoint, this level of processor sophistication is essential. Where the workload is presented to the endpoint from a central location, a lower degree of intelligence is acceptable. VDI enables organizations to utilize a wide variety of endpoints, such as laptops and desktops generally in addition to various flavors of thin clients. The high degree of hardware flexibility VDI provides enables IT organizations to extend the life of existing hardware assets at a nominal cost. Doing more with less and adopting computing paradigms that prevent ‘ripping and replacing’ makes VDI attractive to cash-strapped IT departments globally. Virtual Desktop Infrastructure Approaches Two variants of VDI exist within the IT market: Centralized Distributed The centralized approach processes workloads at the data center or server level and presents them to endpoints within the enterprise. This approach relies heavily on a resilient server-virtualized compute
Virtual Desktop Infrastructure: Steps for Migrating to VDI
3
core, robust shared storage footprint with ample available IOPS, and a dynamically scalable network infrastructure. When planning an implementation of this type, correctly calculating compute, network and storage capacity is essential. If under-spec’d, read and boot storms can bring the environment to its knees with knowledge workers speed dialing the IT help desk. Because workloads are processed centrally, knowledge workers must be continually connected to the LAN, which makes presenting a VDI session over a WAN unrealistic. When knowledge workers are stationary and workloads are fairly predictable, the centralized approach can work exceptionally well. Workloads such as, lab environments, call centers or task workers can work well within a centralized VDI environment. The distributed approach processes workloads at the endpoint (E.G. desktop, laptop, etc.). The impact on the server core is minimal in comparison to the centralized approach for the following reasons: Workloads are processed at the edge Storage can be DAS or NAS Server virtualization is not a prerequisite
Storm Events Unpredictable high utilization can bring a seemingly resilient network to its knees. Read, boot or antivirus storms, commonly referred to as storm events, are best identified as recurring sharp peaks in demand for storage and server compute resources.
DAS vs. NAS Storage Direct Attached Storage (DAS) refers to a storage system that is directly attached to a server or workstation without a storage network in between. Network Attached Storage (NAS) refers to a storage system that operates solely as a highly specialized file server. Typically, NAS devices possess a set of highly specialized storage attributes such as embedded data deduplication, replication and enhanced data protection such as RAID DP and snapshot capabilities.
Similar to the centralized approach, images are created and managed centrally. In contrast to the centralized approach with knowledge workers tethered to the LAN, knowledge workers who utilize distributed VDI can roam freely. The obvious question is: When is their data synchronized? Endpoints are required to ‘check-in’ with the administrative server at configurable intervals. During check-in, all changed data is synchronized with the data store. Only the deltas are transmitted, making the bandwidth requirement minimal. Enterprises who lack a robust data network, shared storage, and have a mobile workforce with endpoints that have virtualization-enabled processors are prime candidates for the distributed model. Incremental Migration to VDI Many enterprises introduce VDI through an OS upgrade and/or a hardware refresh initiative. The first step in a VDI initiative is gaining an intimate understanding of the knowledge worker population. Gathering this Virtual Desktop Infrastructure: Steps for Migrating to VDI
4
deep understanding is integral when determining the appropriate VDI approach. Considerations to be cognizant of with respect to knowledge workers are:
Location of knowledge workers to the core network How knowledge workers attach to the network (wired or wireless) Job function requirements of knowledge workers Endpoint devices in use Operating systems in use Applications in use
Equally as important as understanding the intimate needs of the knowledge worker, is gaining visibility into the supportive infrastructure. Data points on, network capacity and storage utilization are critical when designing a supportive virtual desktop infrastructure. Designing a resilient network infrastructure requires visibility into network bandwidth utilization. At a minimum, network bandwidth utilization consists of understanding the protocols, applications, senders and conversations taking place on the network infrastructure. Equally as important as gathering usage data, is understanding the network layout in concert with how devices are connected to existing infrastructure. Leveraging the robust capabilities of WhatsUp Gold with WhatsConnected and Flow Monitor will make data collection and correlation easy. See how WhatsUp Gold helps you complete your VDI initiative: Objective
Gain visibility into network layout
Suggested WhatsUp Gold Product Use WhatsConnected to discover, map, inventory, document and gain visibility into the layout of your network Import WhatsConnected information into WhatsUp Gold and start the integral task of monitoring right away
Establish a baseline Analyze network utilization Solve ‘storm event’related problems
Use WhatsUp Gold with Flow Monitor to gain visibility into your network traffic to determine which protocols, applications, users and network conversations are consuming bandwidth Leverage Flow Monitor to baseline your network traffic for the purposes of being able to identify abnormal traffic conditions and/or if infrastructure changes have affected your network infrastructure
Virtual Desktop Infrastructure: Steps for Migrating to VDI
5
Regardless of the approach, VDI is not an all-or-nothing affair. Moreover, the two approaches can coexist in the same enterprise without issue. Enterprises who haven’t hardened their server virtualization footprint, have limited network bandwidth and have disparate knowledge workers can still take advantage of VDI for a nominal cost via the distributed approach. At a later date when their server and network infrastructure has matured, a centralized approach can augment the existing distributed architecture. Summary Virtual desktop infrastructure offers a number of advantages for enhancing the desktop management experience. As with any technology, VDI is not a one-size fits all proposition. There are enterprise environments where traditional desktop management will remain. VDI, however, is viable for a multitude of mainstream workloads and knowledge worker environments. In contemporary enterprises where endpoint availability is a measured metric, VDI is a viable tool for easing the burden of desktop management, while enhancing the availability of the knowledge worker computing environment. The path to VDI begins with a thorough evaluation of your infrastructure. WhatsUp Gold and its comprehensive suite of plugins can make your transition strategy easy.
Download your 30-day free trial of WhatsUp Gold today at: http://www.whatsupgold.com/products/download/network_management.aspx
Ipswitch, Inc. 83 Hartwell Avenue Lexington, MA 02421 Phone: (781) 676-5700 www.whatsupgold.com
Virtual Desktop Infrastructure: Steps for Migrating to VDI
6