Leveraging Desktop Virtualization for Enterprise Use

Published: May 16, 2007

by Ran Oelgiesser

VMware and Microsoft client-hosted desktop virtualization technologies have reached maturity. Today almost anyone can enjoy the benefits of running multiple operating systems simultaneously: one on the physical, native desktop, and one running within a virtual machine, leveraging the same CPU and hardware, with negligible performance degradation.

Today, client-hosted desktop virtualization is mainly found in development centers and quality assurance labs. However, many organizations are starting to realize what they can gain from virtualizing business users' desktops and laptops. The capability to encapsulate a desktop operating system and corporate applications into an independent package that works on top of any endpoint yields immediate, tangible benefits:

1. Hardware independence: enterprises can use one single image for all hardware models and setups
2. Isolation: provides a corporate-controlled virtual machine, sealed off from the host machine, simplifying application delivery even on unknown, unmanaged setups outside the corporate perimeter, and preventing corporate data leakage and external infections.

As VMware co-founder and chief scientist Mendel Rosenblum said during a recent VMworld event, "virtual machines [can] …provide a fundamental building block for mobility, security, and usability on the desktop."

Practical Applications for the Enterprise

Indeed, desktop virtualization presents a cost-effective value proposition to IT's pressing desktop computing challenges.

For example, desktop virtualization can be used to extend corporate desktops to unmanaged users. More and more users connect to organizations' networks and use corporate resources and applications from their unmanaged computers, including:

• Teleworkers (home users), whose workstyle is encouraged and considered vital to corporate disaster recovery and pandemic plans.
• Onsite guests (contractors and consultants) , who move in and out of the network, using their own, non-corporate laptop.
• Branch offices and outsourcers, who need to work with corporate resources and applications quickly and securely without having to switch to a corporate- managed desktop.

These diverse users can sorely challenge IT, whether it's to overcome conflicts with unmanaged setups, protect the corporate network from external threats, or prevent exposing corporate data to unauthorized users.

Desktop virtualization enables IT administrators to deliver a centrally managed, encrypted IT environment, containing any application or resource, and let users work with any desktop or laptop, online-offline, regardless of their operating system and setup. The isolated virtual IT environment is corporate-controlled and secured and connects to the corporate network; the unmanaged computer never accesses the organization, so nothing can affect or infect your network.

For ultimate mobility, IT administrators can hand out a full, corporate-controlled virtual desktop or a virtual appliance containing specific applications on a USB flash drive.

Managing and Securing Laptops

No IT administrator is immune to the complexity of managing enterprise laptops. Workforce mobility comes at a price: different hardware models complicate IT management; lockdown to improve stability and security "ties users' hands" and lost or stolen machines place corporate data at risk.

Desktop virtualization is the only technology that provide one solution for these issues:

• Removes corporate image dependency on laptop models and specific hardware by placing the corporate environment in a virtual machine.
• Enables IT to focus resources on the corporate setup and applications within the virtual machine. Down the road, responsibility of the physical asset may rests with a third-party vendor, minimizing enterprise support and maintenance costs.
• Locks down corporate environments to reduce costs and increase stability, without locking users out: they work flexibly on the laptop, outside the virtual machine - installing applications, watching a video, etc.
• Easily encrypt the virtual machine so that corporate data and resources are protected at all times.

Desktop virtualization also provides solutions for migrating to a new operating system and supporting legacy applications. Microsoft's Vista upgrade relegates many applications to legacy status. But nearly every organization will have some applications that need to remain running on Microsoft Windows XP or even an older operating system.

Leveraging desktop virtualization products such as Virtual PC 2007--delivered with Vista-- or VMware products, organizations can upgrade to Vista immediately, enabling users to benefit from these new operating system enhancements while maintaining the previous operating system version in a virtual machine for legacy applications. It's as simple as that.

Where Client-Hosted Desktop Virtualization Falls Short

Several key elements prevent client-hosted desktop virtualization from becoming a common solution for enterprise use:

1. IT administrators need a solution that accelerates deployment speed and enables efficient updates.
2. Management complexity. Desktop virtualization platforms only offer the ability to run a single instance of a virtual machine, but lack centralized control for enterprise deployment. IT administrators will embrace desktop virtualization if it provides comprehensive control; i.e., convenient, virtual machine creation wizards and version management, and centralized management for provisioning by business need, authentication, lifecycle control and policy enforcement.
3. Encryption and data protection. Despite the isolation inherent in a virtual machine, enterprises need an encryption solution to protect corporate data in case of loss or theft. They also require a dataflow control mechanism that allows or blocks data extraction via various channels (devices, network, files, printing and copy-paste operations) , ensuring that data remains in the corporate environment.
4. End-user "usability". Most business users would find a virtual machine "unfriendly": they're used to thinking: "I need to use X application." They're not used to being faced with virtual machine concepts, requiring them to change their work method and to toggle between the virtual machine and physical environments, boot-up the virtual machine, deal with peripheral configuration etc...

Third-party solutions available today can eliminate virtual machine training altogether. Offering a seamless user experience and enabling users to access virtual-machine applications from the host desktop or Start menu. Such solutions take care automatically of launching or closing virtual machines, updating the image file, dealing with peripherals and all that is necessary to ensure user productivity with client-hosted virtualization.

Client-hosted desktop virtualization has been around for awhile. It's not a new technology. What's new is what enterprises can do with it to transform the way they deliver, manage and secure corporate desktops. By picking the right technology, enterprises can streamline desktop computing for their diverse users.

Ran Oelgiesser is vice president product marketing for Kidaro, a provider of desktop virtualization solutions for the enterprise.

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot