Download docx - Host Virtual Desktop

Running head: Final Paper for CTO – Hosted Virtual Desktop (HVD)1

A Student Paper

Submitted for

Chief Technology Officer (CTO 13-02)

National Defense University iCollege

Henry J. Costa11 March 2013

This paper or presentation is my own work. Any assistance I received in its preparation is acknowledged within the paper or presentation, in accordance with academic practice. If I used data, ideas, words, diagrams, pictures, or other information from any source, I have cited the sources fully and completely in footnotes and bibliography entries. This includes sources that Ihave quoted or that I have paraphrased. Furthermore, I certify that this paper or presentation was prepared by me specifically for this class and has not been submitted, in whole or in part, to any other class in this Universityor elsewhere, or used for any purpose other than satisfying the requirements of this class, except that I am allowed to submit the paper or presentation toa professional publication, peer reviewed journal, or professional conference.This is not a draft, and is submitted for grading to satisfy in part the

Hosted Virtual Desktop (HVD) 2

requirements for this course. In typing my name following the word 'Signature', I intend that this certification will have the same authority andauthenticity as a document executed with my hand-written signature.

Signature ___H. J. Costa____________________


Introduction

The Marine Corps will evaluate in a pilot program that will;

start small, scale fast and think big to bring an enterprise

hosted virtual desktop (HVD) capability to all Marine Corps users

in support of DOD Cloud Computing and Marine Corps Private Cloud

Environment (PCCE) strategy on the Marine Corps Enterprise

Network (MCEN) see Figure 1.

Figure 1 - MCEN OV

This HVD capability will be implemented, initially in a pilot

proof of concept (POC), and eventually transitioned to a service

on the MCEN level using the Marine Corps Enterprise Information

Technology Services (MCEITS). MCEITS is the flagship program

that will incrementally execute all PCCE Enterprise Services.


This HVD service will be implemented within the PCCE and

eventually provided by the MCEITS via software as a service

(SaaS) and infrastructure as a service (IaaS) cloud components,

see Figure 2.

Figure 2 – MCEITS Architectural Operational View

HVD is aligned to the DOD Cloud Computing strategy which is to

implement cloud computing as the means to deliver the most

innovative, efficient and secure information and IT services in

support of the Department’s mission, anywhere anytime on any

authorized device. (Takai, 2012). Similarly, the Marine Corps

PCCE strategy outlines enterprise access to applications and data


to all Marines, in garrison and forward deployed environments

through Marine Corp’s programs and initiatives. (Nally, 2012).

Eventually MCEITS’ cloud environment will host applications and

provide federated HVD services in a fashion that enhances the

operational capabilities and effectiveness of a Joint Information

Environment.

New Technology Description

HVD is a cloud like solution that utilizes a network server for

all processing and storage needs. The user’s desktop is hosted

virtually on a network server rather than on a conventional

computer with a central processing unit and hard drive, thus

allowing HVD to centrally manage all of a user’s applications,

files and computer processing on a server versus the hard drive

of a conventional computer.

This capability is usually enabled by a either a thin client and

or a zero client, as for the Marine Corps implementation, zero

clients will be based on the current NMCI provided zero client

solution using either a VMware or Microsoft Virtual Device Access

(VDA) software, see Figure 3.


Figure 3 – Example of Marine Corps Zero Client

HVD will operate on Windows 7 operating system and be used with

the Marine Corps Enterprise Disk Service (MCEDS) baseline that

will include the appropriate Windows 7 VMware View or Microsoft

VDA application. Currently the Marine Corps is transitioning all

assets to Windows 7 and creating a baseline image for Windows 7

with an estimate completion of all current assets under Windows 7

by the end of this fiscal year (October 2013).

HVD will be offered in the Service Catalog as a combination of

offerings to include: core end user service on the Windows 7


baseline image using VMware View or Microsoft VDA on all

government furnished equipment (GFE), downloadable application

for personal computers, with the remote access capability.

Additionally there will be Zero clients that will replace all

existent desktops as illustrated in Figure 1.

The use of this capability is cited by Gartner to be consumed by

three types of users (Federica Troni, 2012).

Task User – they only use a small set of applications,

typically low processor and memory intensive.

Knowledge Users – they use a range of application and

productivity tools to create rich documentation and

presentations.

Power Users – they use specialized applications for

planning, modeling, development and graphical manipulation.

From a network perspective, HVD can be deployed using a number of

connection protocols that have different bandwidth requirements

and performance characteristics. The network protocol that will

be considered and integrated within the MCEN is the PC over

Internet Protocol (PCoIP) protocol required for VMware View or


Microsoft Virtual Device Access (VDA) implementation (Nathan Hill

M. A., 2012). The PCoIP is used by VMware View for Version 4 and

supported by Microsoft Virtual VDA. Eventually, this PCoIP

protocol will need to be validated under the DISA Unified

Capability (UC) standard prior to DOD implementation.

Over the past two to three years, the Marine Corps has made

substantial investments and change to their wide area transport

which is critical to the employment of HVD. Additionally the

Marine Corps is working with DISA on engineering MPLS type

services under the DISA Subscription Services (DSS) which will

support the network performance warranted by HVD, Gartner

recommends round trip delay between edge routers and

organizations of between 40 -100 ms. (Nathan Hill N. R., 2013)

Additionally as DISA develops the DSS and Unified Capability (UC)

baseline and original equipment manufacturers (OEM) under the

Unified Master Gold Disk (UMGD) incorporating commercial clients

such as the Microsoft Surface Pro support and functionality of

HVD capabilities will increase. The HVD environment provides

another advantage of access via 4G networks using thin clients


either GFE or bring your own device (BYOD) assets with equipped

with HVD capability. This strategy supports DOD Cloud Computing

strategy - deliver the most innovative, efficient and secure

information and IT services in support of the Department’s

mission, anywhere anytime on any authorized device.

Impact of New Technology on Organization

This HVD technology will be transformational to the Marine Corps

as we move from the contractor owned and operated (COCO) to

government own and operated (GOGO) environment. Under GOGO,

Marine Corps needs to do more with less and align threatened

fiscal and manpower resources in developing a more secure GOGO

environment to face the foreseeable monumental fiscal constraints

and cyber-attacks on the MCEN. HVD will enable this better

centralized management concept to enable better network

management, user support and cyber defense in support of the GOGO

MCEN. With HVD, base operation support to the user is optimized

which is a critical capability for our GOGO implementation. The

Marine Corps will need to maintain and improve current user

support levels with less fiscal and manpower resources. In


respect to Network management and cyber defense, HVD enables the

service and network management desks to fix and defend machines

at the server level maximizing remote transactions and minimizing

visits to the users and assets. HVD will streamline service

delivery and network management operations which is critical to

MCEN’s future. Additionally, this capability reduces risks,

protects data, maintains data integrity and enables rapid patch

deployment. Finally under full operational capability, HVD is

capable of a Network Continuity of Service performance that will

improve data availability and reliability in the event of a

disaster. These are all characteristics of a hosted virtual

environment. (Mark A. Margevicius, 2012).

Secondly, HVD capability will accelerate application migration to

PCCE and allow the Marine Corps to bring integrated IA as

services under the MCEITS. Additionally, HVD will allow better

data integration between Manpower, Logistic and Training PCCE

services and start to collapse on the many interoperability and

authoritative walls that have slowed down Big Data initiatives.


Finally this capability will enhance the Cyber protection and

allow faster employment of patches and vulnerabilities across the

MCEN. Additionally, HVD will allow streamlined operations and

faster responses to government directed actions minimizing cyber

vulnerabilities currently encountered for prolonged durations due

to required local work at the desktop.

Technology’s Relationship to Mission, Vision, Goals and fit with

Enterprise Architecture

This technology can be the harbinger service that closely ties

with not only the Marine Corps vision of Knowledge Workforce but

the DOD vision of how to deliver the most innovative, efficient

and secure information and IT services in support of the

Department’s mission, anywhere anytime on any authorized device.

HVD mirrors the enabling characteristics of JIE – transition from

network to data centric solution, rapid delivery and use of

integrated services accessible by all means from anywhere,

interdependent information environment providing real time cyber

situational awareness scalable and secure (Dempsey, 2013). These


HVD characteristics not only fit to JIE but are in concert with

the DOD Cloud and Marine Corps PCCE Strategies and will be enable

MCEITS to showcase HVD as the premier SaaS and IaaS service with

the Department of Defense.

HVD will allow the Marine Corps in a fiscally constraint

environment to reduce risks of managing assets, protecting data,

while maintaining data integrity with increasing cyber threats

with an improved network continuity of services and disaster

recovery cloud approach in respect to the MCEN architectural

construct illustrated in Figure 1.

Additionally, the Marine Corps will purchase less hardware,

optimize our managed application baseline and provide better

service delivery to the users while saving money. Finally, HVD

can provide better balance with personal environments using with

BYOD assets in support of the MCEN and MCEITS architectural views

that will increase workforce productivity, increase savings and

provide a better cyber defense posture.


Description of Communications Plan and Change Management Plan

The Communication and Change plan strategy is a critical element

of this implementation and perhaps the most important. Strategic

influence not only to users (task, knowledge and power) but to

the developmental and operational communities is critical and

will require a cohesive plan that educates and directs the users

and user support communities. Figure 4, describes the series of

strategic communications to support the effort.

Figure 4 - Strategic Communications Planning

Current DOD JIE and Marine Corps Strategies decribed in DOD Cloud

Strategy and Marine Corps PCCE amply the goals in support of this


effort and will guide our plan. Addtionally, Marine Corps will

promulgate additional efforts such as a Business Case Analysis

(BCA) and 600 Day Plan in 2013. During the 2014, HQMC C4

Networks Plans and Policy will draft HVD Implementation Strategy

Plan and start POM 16 efforts in support of this HVD capability

under MCEITS.

In conjuction with the HVD Implementation Plan this headquarters

will start to develop Capability Production Documents (CPD) for

resourcing and acquiring the HVD services via MCEITS. In tandem

with the CPDs, HQMC C4 will participate in POM 16 Execution

review and provide oversight to the design packages routed

through the Entrperise Control and Configuration Board (ECCB) per

the Marine Corps Engineering and Testing Process Guide under the

management of PM Marine Corps Enterprise Services (PM MCES).

The oversight of this effort will governed by the Marine Corps

Enterprise Services management Governece Board (EMSGB) working

with PM MCES, see Figure 5.


Figure 5 - Marine Corps Enterprise Service Goverance Board

Technology Implementation Plan

The pilot will be executed and BCA will be completed by mid-year

2013 with the decision to go with either VMware View or Microsoft

VDA implementation. Analysis of the previous local and regional

pilots will also be part of final reports prior to enterprise

rollout. The planning assumption based on Gartner’s Seven Stages

to a successful HVD rollout, is that we are at the Pilot


deployment and rollout phase ready and have attributed a

Technology Readiness Level 7 as described in Appendix A (TRL

Level Definition Listing). Figure 6, shows the macro efforts

that will be needed to be specifically developed in the Technical

Implementation Plan in respect to the Marine Corps Technical

Delivery Lifecycle and will be discussed in respect to scope,

schedule and costs.

Figure 6 – Timeline Planning for HVD Implementation

Scope and Schedule


The scope of this effort is to provide this HVD capability to all

Marines, Reservists, Civilian Marines and Contractors in support

of the Marine Corps, see Table 1.

Users Task Knowledge Power TotalActive Marine

80,000 80,000 10,000 170,000

Civilian Marine

4,000 12,000 1,000 17,000

Reservists 10,000 29,000 1,000 40,000Contractors 5,000 3,000 8,000

94,000 126,000 15,000 235,000Table 1 – User Population for HVD

Cost Guidelines: The distribution of users is estimated at 7% Power Users, 39% Task Users, and 54% Knowledge Users.During the pilot we will provide a proof of concept for about 100

users mainly Knowledge with some powers and task users to provide

evaluation of the capability. Upon completion of Pilot and

submission of BCA and assignment of Program lead from PM MCES we

will move to regional cutovers with the enterprise implementation

targeted for initial operational capability by 2015.

Summary of Schedule Milestones:

2Q CY13 Establish SOW and get the Service Approved by ECCB for Pilot

use Start reporting on Network Baseline VM Ware View or Microsoft VDA to the MCEDS baseline Gather Specification metrics on Network capability ( 100 ms

latency – objective)


3QCY13 Start Pilot for (30- 45 Days) Finalization of Win 7 Transition Conduct MROC for the decision HVD way-ahead

4Q CY13 Establish POM 16 sustainment for HVD

CY 2014

Build capability across the MCEN Institute HVD service in the Service Catalog Start work with Software Developmental Organizations (TSO,

SAM and MCTSSA) for application alignment to HVD

CY2015 HVD IOC capabilities

CY2016 Full Operational HVD at MCEITS and eventual adoption as

JIE Service to DOD

CY2017 DISA DECC for sustainment of HVD capabilities across DOD

Costs

The Marine Corps will replace all desktops for the HVD Zero

client per our choice of access, to be evaluated during the pilot

between the VMware View and devices running licensing under the

Windows 7 OS with Microsoft Virtual Device Access (VDA) in HVD

images. PCs running Microsoft Windows registered under Software

Assurance (SA) or an Enterprise Agreement (EA) can access an HVD

Windows image at minimal cost, as foreseen with the current


Marine Corps Enterprise License Agreement with Microsoft. Any

other type of access device (VM Ware View) must be licensed under

Microsoft's VDA program. Microsoft's VDA license fees are

ubiquitous for software installed on any access device.

Microsoft's VDA provides roaming rights, so a user who accesses

the HVD image through multiple devices only needs to access one

(primary) license under the VDA program as identified by Marine

Corps for licensing under current EA conditions. Total costs are

summarized in Table 2 (Microsoft's VDA costs are separately

summarized); see appendix B for detail cost tables for Pilot and

Full Operations taken from the Hosted Virtual Desktop

Infrastructure Planner. (Federica Troni, 2012).

Implementation VM View Using Microsoft (VDA)

Acq. Cost Annual Fee

Acq. Cost Annual Fee

POC $247K $14.95K

$223K $11.5K

Full Operations $282M $30.6M

$240M $23M

Pilot cost in thousands and Full Operations cost in millions

Table 2 – HVD ROM Costs

Performance Measurement


We will use the EMSGB and the Information Technology Steering

Group (ITSG) governance bodies with established processes under

the Defense Enterprise Service Management Framework (DESMF) and

traditional portfolio management procedures to measure this HVD

capability. Measure performance will be reviewed in respect to

three domains; user acceptance of HVD, application migration to

HVD by functional application managers and cyber defense per

Gartner best practices (Natahan Hill, 2012).

User Satisfaction

Improve productivity Improve System boot times

Application alignment to the HVD standards

Reduce desk side support calls Reduce service calls Better alignment of data Faster Development times, use of Forge-Mil and Agile

Development

Cyber Defense

Increase data security Increase network defense posture Faster time to mitigations (Vulnerability Management)


Conclusion

HVD will be both a transformational and foundational to the

Marine Corps and DOD strategies and warrant speedy and focus

actions today in respect to implementation and resourcing. As

outlined in this paper, HVD does not only provide the user a

better experience, but allows the knowledge worker and Department

of Defense better integration of data and thus more timely

information sharing. Additionally, HVD aligns with Big Data

construct that allows an optimized and agile ability for the

Marine Corps to maintain an improved network defense posture and

support the cyber warrior. These tenants of putting mission

effectiveness, costs savings and cyber superiority are

cornerstones to any future implementation and are critical in

DOD’s respond to the future challenges. Lastly, this country

will face trying times in respect to creating efficiencies,


especially from a cyber-workforce and budget perspective, HVD

enables these efficiencies.


References

American Psychological Association (APA. (2010). Publication Manual of the American Psychological Association. Washington DC: American Psychological Association.

Dempsey, M. (2013). Joint Information Environment White Paper. Washington DC: Joint Staff - DOD.

Federica Troni, N. H. (2012). ToolKit: Hosted Virtual Desktop - Infrastrucutre Planner. Gartner for IT Leaders, 14.

Hill, N. (2012). Why and When to use Server Based Computing. Gartner, 7.

Lavelle, E., & Bushrow, K. (2007). Writing approaches of graduatestudents. Educational Psychology, 27, 807-822.

Mark A. Margevicius, N. H. (2012). Seven Stages to a Successful Hosted Virtual Desktop Rollout: Stage 3 POC. Gartner, 6.

Nally. (2012). Marine Corps Private Cloud Computing Strategy. Washington DC: Marine Corps C4.

Natahan Hill, F. T. (2012). Seven Stages to a Successful Hosted Virtual Desktop Rollout: Stage 1 Evaluate. Gartner, 12.

Nathan Hill, M. A. (2012). Hosted Virtual Desktop Licensing and Definitions. Gartner, 9.

Nathan Hill, N. R. (2013). How Hosted Virtual Desktop Impact the Network. Gartner, 9.

Takai. (2012). DOD Cloud Computing Strategy. Washington DC: DOD CIO.

U.S. Air Force. (2004, August). The Tongue and Quill. (Air Force Handbook 33-337). Retreived from http://www.e-publishing.af.mil/shared/media/epubs/afh33-337.pdf.



Appendix A – Technology Readiness Level Definitions

TRL 1 Basic principles observed and reported: Transition from scientific research to appliedresearch. Essential characteristics and behaviors of systems and architectures. Descriptive toolsare mathematical formulations or algorithms.

TRL 2 Technology concept and/or application formulated: Applied research. Theory andscientific principles are focused on specific application area todefine the concept. Characteristicsof the application are described. Analytical tools are developed for simulation or analysis of theapplication.

TRL 3 Analytical and experimental critical function and/or characteristic proof-of-concept:Proof of concept validation. Active Research and Development (R&D) is initiated withanalytical and laboratory studies. Demonstration of technical feasibility using breadboard orbrassboard implementations that are exercised with representativedata.

TRL 4 Component/subsystem validation in laboratory environment: Standalone prototypingimplementation and test. Integration of technology elements. Experiments with full-scaleproblems or data sets.

TRL 5 System/subsystem/component validation in relevant environment: Thorough testingof prototyping in representative environment. Basic technology elements integrated withreasonably realistic supporting elements. Prototyping implementations conform to targetenvironment and interfaces.


TRL 6 System/subsystem model or prototyping demonstration in a relevant end-to-endenvironment (ground or space): Prototyping implementations on full-scale realistic problems.Partially integrated with existing systems. Limited documentationavailable. Engineeringfeasibility fully demonstrated in actual system application.

TRL 7 System prototyping demonstration in an operational environment(ground or space): System prototyping demonstration in operational environment. System is ator near scale of the operational system, with most functions available for demonstration and test.Well integrated with collateral and ancillary systems. Limited documentation available.

TRL 8 Actual system completed and "mission qualified" through test and demonstration inan operational environment (ground or space): End of system development. Fully integratedwith operational hardware and software systems. Most user documentation, trainingdocumentation, and maintenance documentation completed. All functionality tested in simulatedand operational scenarios. Verification and Validation (V&V) completed.

TRL 9 Actual system "mission proven" through successful mission operations (ground orspace): Fully integrated with operational hardware/software systems. Actual system has beenthoroughly demonstrated and tested in its operational environment. All documentationcompleted. Successful operational experience. Sustaining engineering support in place.

Appendix B - Pilot and FOC Cost Estimate


Pilot Implementation Costs


Full Implementation Costs