Virtual desktop infrastructure (VDI) is one of the hottest topics among CIOs, and for good reason: It can be a critical step in optimizing your virtualization strategy. If you've been there, done that with server virtualization, the simple extension of VDI will help you squeeze a bit more virtualization ROI. When you moved to server virtualization, you already loaded almost all of the components required for desktop virtualization: shared storage, clustered host servers, hypervisor , hypervisor management software and so on.
Danielle and Nelson Reust
Once you have successfully virtualized servers, it's a hop, skip and a jump to full virtualization of the desktop. The most critical is the system that assigns a specific virtual desktop to a given end user. Then, depending on how deeply you want to dive into VDI, you may need a few additional components.
In most cases, organizations opt for a hybrid VDI system first. This system would include the following virtual desktops:
- Traditional dedicated virtual remote desktops for task workers. The user accesses the same single, dedicated virtual machine that includes the information and preferences. This virtual machine takes a significant amount of storage space since it usually grows with use.
- Volatile virtual remote desktops for information workers. Each time a user logs on, the system grabs a clone of a seed machine, adds the required applications -- usually in a virtual format -- then adds the user's profile through user-state virtualization. This is the best model for informational workers since the machine disappears when the user logs off the VDI. However, to support this model, you need applications in a virtual format (a virtual application engine of some sort). You'll also need to enable user-state virtualization. In most cases, VDI systems will include the necessary components to support this model.
- Traditional dedicated desktops. Used to be, organizations deployed desktops to the hard disk of a physical computer. With Windows 7, you can package the operating system into a virtual hard drive (VHD) and run it directly from the hard disk. The advantage is that the OS is now neatly packaged into a single file -- one that is also supported as a virtual machine -- and can be moved from computer to computer with much more ease than an OS deployed directly to the hard disk.
Whether you choose to use a hybrid model or not, you'll find that VDI delivers on its very best promise: It enables users to access their workplace from any device. This device can be a desktop in the office, a home computer, a thin client, a smartphone, a tablet device and so on -- any device that supports remote connections. Since VDI relies on remote connections to access the virtual machine running the desktop, you can use any device that can support a remote connection to log on to the workplace. That's right: You're paving the way to engaging a Bring Your Own Device initiative.
You'll soon find this is the feature that end users like most from VDI: anywhere access to the information and tools they need to get their work done. And once they have this feature, theyâ€™ll never want to go back.
Securing the virtual remote desktop
Remote access will be as secure as your password policies. Thousands of mobile devices are lost every year. If users rely on an iPad to link to their workplace and they lose the iPad, a malicious user will potentially have access to your network. You need to keep your own network safe when you think VDI and mobile devices. By using a hard-core defense strategy, you provide multiple layers of protection for your network. At bare minimum, you need the following:
- Password-protected mobile devices. Ensure that all mobile devices are locked when not in use and require a password to unlock them.
- Complex passwords for logons. We all know that users tend to pick easy-to-hack passwords: don't let your users get away with it. Also ensure users cannot save passwords in their logon applications by disabling automatic logons.
- Remote wipe capabilities. Make sure you can wipe any lost device. You'll want to remove user information but also make sure you can erase the remote connection application as well.
- Rewards for returns. Use an anonymous reward service -- many are available online -- to offer remuneration for returning a lost device.
- Personalized power-on screens. Make sure your user information and information for returning the device is on the mobile device's power-on screen so that lost devices are easily returned.
VDI is on its way. You can be sure that when your end users realize how powerful a virtual desktop infrastructure can be, they will want VDI on their mobile devices and won't stop clamoring until they get it.
Your virtual remote desktop end users won't be the only ones to get what they want. By moving to VDI, you'll greatly reduce your desktop administration overhead and finally get full control over this area of systems management. However, a smart CIO will also protect the devices on which his users access their workplaces. Being proactive does not guarantee your safety, but it should increase your certainty in the long run. Everyone wins when you enable VDI.
The real question remains: Are you ready to be the most popular senior leader in the organization? We thought so.
Danielle and Nelson Ruest are IT experts focused on virtualization, continuous service availability and infrastructure optimization. They have written multiple books, including Virtualization: A Beginner's Guide for McGraw-Hill Osborne, and MCTS Self-Paced Training Kit (Exam 70-652): Configuring Windows Server Virtualization with Hyper-V for Microsoft Press. Contact them at firstname.lastname@example.org or email@example.com.