1.Virtual Desktop Infrastructure The New Desktop Experience by Ed Meanan VMware Staff Engineer, Chicago CISSP, VCP, ITIL foundation practitioner Spring 2007 NetworkingTraining SeminarMay 3, 2007 Grand Bear Lodge Utica, IL

2. Agenda

• VMware Technology Overview

• VMware Desktop Virtualization Products

• VMware ACE 2 Enterprise Edition

• VMware Virtual Desktop Infrastructure (VDI)

• Q&A

3. What is Virtualization? Hardware Application Operating System With Virtualization Without Virtualization

• VMware provides hardware virtualization that presents a complete x86 platform to the virtual machine

• Allows multiple applications to run in isolation within virtual machineson the same physical machine

• Virtualization provides direct access to the hardware resources to give you much greater performance than software emulation

4. VMware is the Leader in Virtualization Technology

Founded

Total Employees

Number of Users

Key Partnerships

# Channel Partners

Customer Profile

Operating Structure

1998 1,600+ Independent EMC subsidiary 4+ Million 1,800+ Intel, AMD, HP, Dell, IBM, SUN 90% of the Fortune 100 5. The VMware Product Line Converter VirtualCenter VMotion Consolidated Backup Dist Resource Scheduler VMware High Availability HostedServerVirtualization Bare-Metal Virtualization HostedDesktopVirtualization SecureDesktop Environment 6. VMware Infrastructure Key Solutions / Use Cases Server Consolidation and Containment Eliminate server sprawl by deploying systems into virtual machines Test and Development Rapidly provision and re-provision test and development servers; store libraries of pre-configured test machines Enterprise Desktop Secure unmanaged PCs.Alternatively, provide standardized enterprise desktop environments hosted on servers.Business Continuity Reduce the cost and complexity of business continuity by encapsulating entire systems files that can be replicated and restored onto any target server Infrastructure Provisioning Reduce the time for provisioning new infrastructure to minutes with sophisticated automation capabilities.Legacy Application Re-hosting Migrate legacy operating systems and software applications to virtual machines running on new hardware for better reliability 7. VMware Desktop Solutions

1. Assured Computing Environment (ACE)

2. Virtual Desktop Infrastructure (VDI)

SecureDesktop Environment VDI Core technology 8. When will you need ACE?

1.Control encryption, locked down ports and devices

2.Capture Easily snapshot and move between known desktop image states for quick recovery

3.Isolate Easy to provision various difference desktop machines with complex security policies

4.Mobile Take your desktop in a portable media i.e. USB thumb drive

5.Streamline Minimized provisioning time and create easy to deploy standard desktop images

9. ACE V.2: Components 10. Virtual Desktop InfrastructureVDI leverages Virtual Infrastructure 3and a remote control protocol such as RDP to provide users access to a remote desktop. Thin Client or PC Virtual Infrastructure 3 Server 11. VDI Benefits - Centralization

Close to IT Operations

• Desktops are located in the Data Center close to support staff.

• Management tools can access desktop VMs over high-speed local networks for patching and maintenance.

Application Performance

• Close proximity to servers maintains application performance, regardless of where the client is located

Security

• All data resides on a secure network inside the corporate firewall.

• Remote users only view data - it never gets transferred to insecure devices which might be lost, stolen, or hijacked.

12. VDI Benefits - Compatibility

Real Desktop Operating Systems

• Virtual Machines run Windows XP just like physical hardware so applications work normally without modification.

• Applications can make system level changes such as registry writes and DLL replacements where necessary

• Existing corporate desktop configurations can be easily imported.

Isolation

• Each Virtual Machine runs separately, so a crashed VM or a poorly behaving application does not affect other users on the same server.

• VDI is suitable for developers because any type of change can be made to a VM without affecting other users.

13. VDI Benefits Virtualization

Homogenous Virtual Hardware

• All Virtual Machines use the same virtual hardware.

• One base image can be used for many different VMs driver management is greatly simplified.

• Templates can be created in Virtual Center to aid rapid deployment of new Virtual Machines

VDI is Virtual Infrastructure

• VI3 Servers and Virtual Center are the core components.

• Virtualized Server and Desktop spaces can leverage the same hardware, architecture, and infrastructure.

• Automatic Load-Balancing and High Availability through VMware HA, DRS, and VMotion features.

14. Virtual Desktop Infrastructure (VDI) 15. VMware ESX Server

• ESX Server is a virtual machine platform with abare-metal architecture for highest possible performance

• Lean virtualization-centric VMkernel delivers complete control over hardware resources

• Supports dynamic allocationof computing resources

• Highly available, fault-tolerant and secure design

• Supports both scale-up and scale-out strategies

Datacenter-ClassVirtual Infrastructurefor Mission-Critical Environments 16. Virtualization Increases Hardware Utilization Before VMware After VMware Virtualization enables consolidation of workloads from underutilized servers onto a single serverto safely achieve higher utilization 17. Resource Pools

Failed server mean less resources not a failed application

Dedicated (virtual) infrastructure for each business unit; central IT retains control over hardware

Delegation of resource and virtual machine management down to the business unit

Management of an entire SOA application stack as a single entity

Aggregate collections of disparate hardware resources into unified logical resource pools Servers, Storage, Networking Business Unit Aggregate Resources Resource Pool 2 CPU 36GHz, Mem 58GB Priority HIGH Resource Pool 3 CPU 12GHz, Mem 22GB Priority LOW CPU 48 GHz, Mem 80GB Department A Department B 18. Network Virtualization

Simplify port configuration by utilizing a single configuration object across large groups of ports

Expanded port configuration policies including:

• NIC teaming policy(now per port instead of per virtual switch)

• VLAN tagging

• Layer 2 security

• Traffic shaping

Flexible virtual switches.

• Create Virtual switches with any number of ports from 8 to 1016

• Max number of virtual switches has been raised from 128 to 248

• Scale up to handle more virtual machines

Teamed Physical NICs Virtual Machines ESXServer Virtual Switch Virtual NIC 19. Ensure High Availability with VMware HA

Automatic restart of virtual machines in case of server failure

No need for dedicated stand-by hardware

None of the cost and complexity of clustering

VMware HA enables cost-effective high availability for all servers Resource Pool X 20. Resource Optimization with VMware DRS

Intelligent allocation of resources based on pre-defined rules and policies

Monitor utilization across resource pools

Optimize data center resources

• Dynamically adjust supply based on changing demand for resources

• Prioritize resources to the highest value applications

• Conduct zero-downtime server maintenance

Dynamic and intelligent allocation of hardware resources to ensure optimal alignment between business and IT Resource Pool Business Demand 21. Protect data with VMware Consolidated Backup

Centralized agentless backup for virtual machines

• Move backup out of the VM

• Eliminate backup traffic on the LAN

Pre-integrated with major 3rd-party backup products

Perform back up any timeCentralized Data Mover 22. VDI - The Building Blocks Enterprise Server Infrastructure The VMware Virtual Desktop Infrastructure VMware ESX Server VMware Virtual Center User Management (Connection Brokering / Session Management) Remote Access Protocol (RDP) VMwareVIM SDK Systems Integration Services Devices Operating Systems Desktops Laptops Thin Clients 23. VDI Where does each piece come from? Client Side Hardware Data Center Hardware VMware Software 3 rdParty Integration Layer Enterprise Server Infrastructure The VMware Virtual Desktop Infrastructure VMware ESX Server VMware Virtual Center User Management (Connection Brokering / Session Management) Remote Access Protocol (RDP) VMwareVIM SDK Systems Integration Services Devices Operating Systems Desktops Laptops Thin Clients 24. VDI Protocol Overview Remote Desktop Protocol (RDP) Virtual Network Computing (VNC) Independent Computing Architecture (ICA) Remote Graphics Software (RGS)

• • • Servers exists for almost every platform.

• • • Various commercial and free versions available

• • • Performance varies by implementation, no audio support.

• • • Standard Windows Remote Viewing Protocol (built-in for XP)

• • • Good performance, supports audio output.

• • • Viewers available for many platforms and as a browser plug-in.

• • • Standard Citrix Protocol

• • • Excellent performance and bi-directional audio support

• • • Requires Citrix Presentation Server

• • • Best graphics performance

• • • Per-node Licensing required from Hewlett-Packard

25. VDI Architectures Basic Implementation

• A One-to-One relationship between endpoints and Virtual Machines is established

• End-users are assigned the hostname of a VM which belongs to them.

• Connections take place over an existing secured corporate network.

• Remote viewing of VMs is done through desktop RDP software or the built-in features of a thin client.

26. VDI Architectures Simple BrokeringConnection Broker

• End-users are given a web address on the corporate network for the connection broker.

• After authenticating, the connection broker provides a list of available resources to the end-user.

• The end-user establishes a connection directly to the VM using desktop or web-based RDP software, or through the built-in features of a thin client.

27. VDI Architectures Tunneled BrokeringConnection Broker Corporate Firewall

• End-users are given a public web address for the connection broker.

• After authenticating, the connection broker provides a list of available resources to the end-user.

• The connection broker links the end-user via an encrypted tunnel to the VM.

• The encrypted tunnel is a mini-VPN component designed to route only RDP traffic.

28. VDI Architectures Joint Citrix Implementation CitrixSecureGateway CitrixPresentation Server

• End-users are given a public web address for the Citrix Secure Gateway.

• After authenticating, the Citrix Presentation Server provides a list of published applications and desktops to the end-user.

• The Citrix Desktop Broker allows pools of Virtual Machines to be accessed as published applications.

CitrixDesktop Broker Corporate Firewall 29. VDI Architectures VMware Lab Manager VMware Lab Manager

• Developers are given a web address on the corporate network for the Lab Manager server.

• After authenticating, the Lab Manager provides a web interface for accessing and provisioning groups of Virtual Machines.

• Groups of Virtual Machines can be quickly deployed, linked into isolated networks, and destroyed when they are no longer needed.

30. VMware Desktop Ecosystem

VMware VDI Alliance partners provide hardware and software enhancements to the basic VDI solution.

Some examples

31. VMware Desktop Ecosystem

Additional VDI Alliance partners provide complete VDI solutions from the data center to the desktop:

32. VDI Partners Wyse

• Thin client hardware with a variety of models, capabilities, and price points.

• Years of industy experience on remote access products.

• Support for RDP and ICA on all models

• Simplified hardware model removes complexity form the users desk

33. VDI Partners Sun Microsystems

• Supports Sunray thin clients

• Robust infrastructure for external access

• AIP protocol is fast and provides remapping of other display protocols such as RDP, 3270, etc.

• Allows VDI to be part of a unified access solution.

34. VDI Partners Citrix

• Widely deployed in the application virtualization and server-based-computing space

• Supports Wyse S10 thin clients

• Robust infrastructure for external access

• Proprietary ICA protocol is fast and efficient

• Can be used as part of a joint implementation with VDI to resolve application compatibility issues.

35. Case Study:Kindred Healthcare

Business challenges

• • Mobile roaming solution for doctors & nurses

• • Bedside access to patient records & data

• • Ensuring HIPAA compliance

Technical solution

• • Thin clients from Neoware mounted on rolling carts, connecting wirelessly to virtual desktops

• • Hundreds of virtual desktops deployed on hosted ESX servers in VDI implementation

Why VMware VDI

• • Flexible secure access to sensitive data anywhere

• • Quick desktop provisioning & improved reliability

• • Enthusiastically adopted by demanding user base

• • Smart economics: desktops require less power andcan be deployed as needed, centralized mgmt

Nurses and doctors dont really care about the underlying technology.They just want it to work, and help them do their jobs better.The fact that our users have so readily adopted our VDI-powered workstation on wheels shows that this solution really works for them.Laura Armistead Unix Support Team Manager 36. Case Study:IntelliRisk Management Corporation

Business challenges

• • IRMC performs collections & accounts receivable forall major banks & credit cards in U.S.

• • Time to market adding desktops for new customers

• • Desktop tasks were time-consuming & inflexible

Technical solution

• • Chose thin clients with RDP access to data center

• • Large virtual desktop deployment on hosted ESXservers in VDI implementation

Why VMware VDI

• • Easier administration of desktops anywhere in theworld from 1 central location

• • Reduced time to add new PC to