What is your current Desktop strategy? part 1 – VDI options compared

If you are currently evaluating or planning to evaluate VDI (Virtual Desktop Infrastructure) solutions for your businesses it can be hard to know where to start, with various vendors currently offering mature solutions that will all meet the majority of businesses VDI requirements.  These include;

– Citrix Xendesktop

– Citrix VDI in a box

– VMware View

– Microsoft VDI

– Quest vWorkspace

When tasked with looking for a VDI solution for your company the first thing you should do, indeed the first thing you should do for most if not all projects, is understand the requirements from the solution.  For something like this that may be adding quite a lot of new functionality and future options to the business, this is likely to incorporate some of the usual solid requirements such as;

–         Number of users

–         Performance and scalability

–         Ease of management

–         Interoperability with existing user and management applications

–         Integration with existing infrastructure

–         …

In addition to the ‘solid’ requirements there will likely be a lot of potential ‘requirements’ that are effectively potential benefits the solution could bring to the business such as;

–         Improved data security

–         Improved resilience of the workstation environment

–         Improved agility of the workstation environment

–         Enabling BYOD

–         Improved productivity

–         Enabling ‘work from anywhere’

–         …

The next thing to do is to assess the various VDI products on the market in order to choose the best one for your environment.  Given the variety of solutions available, some Hypervisor independent, some dependant, some easier to manage and deploy, some with lower costs it can be a daunting and more importantly resource intensive task to assess and test all of the viable options.

This is where the very helpful and impartial ‘VDI smackdown’ from the guys at PQR comes in.  This document is kept reasonably up to date with version 1.3 released earlier this year.  This can be found here;

http://www.pqr.com/images/stories/Downloads/whitepapers/vdi%20smackdown.pdf

Note – free registration may be required to download the PDF.

The white paper covers topics including;

–         Desktop virtualisation concepts

–         Pros and cons of VDI (virtual desktop infrastructure)

–         Comparison of the different VDI vendors solutions and their features.

Overall this document is well worth a read if you are planning to embark on a new or upgrade VDI project or indeed if you just wish to learn more about VDI and the features currently available.

An upcoming post will cover some of the areas I think need to be considered when creating you virtual desktop strategy.

K

Consumerism of IT 2..

Following from my previous post covering briefly what consumerism of IT and Bring Your Own Device (BYOD) are, I’ll now cover some of the things these trend mean for ICT departments.

For any IT business or IT department that thinks they do not need to consider the impacts of consumerism and BYOD – Think again!  Regardless of perceived business benefits such as cost savings or flexibility, or even the side benefits around the improved security and management of utilising VDI to centralise business owned user computing resources, as BYOD becomes more mainstream it will become and expected benefit / perk rather than the exception.

As an example of how this is already becoming more mainstream; several large companies such as IBM and Citrix are embracing this trend and have well established BYOD programs.

Ask yourself, do you want to attract the best talent? If the answer is yes then you need to ensure the working environment you offer is up there with the best of your competitors.  This includes offering things like BYOD programs across mobiles, tablets, laptops etc. and / or offering a wider variety of consumer type devices such as tablets and smartphones.

The challenge, as is often the case, will be to understand how these changes and trends can be harnessed to provide both business benefits and create an attractive working environment while still ensuring the security of your and your customers data and maintaining a stable and manageable ICT estate.

BOYD and consumerism of IT can and will make sweeping changes to how IT departments manage and provision user devices.  Whether this is due to supporting a wider variety of devices directly, or from relinquishing some control and embarking on a BYOD program, there will be changes.  What they are will depend on the route your company takes and how mature your company currently regarding technology such as desktop virtualisation and offering functionality via web services.  If you currently have little or no VDI type solution and most of your application access is via thick or dedicated client software the changes are likely to prove very challenging.  On the other hand, if you are at the other end of the scale with a large and mature VDI (Virtual Desktop Infrastructure) deployment along with most applications and processes being accessed via a browser, then the transition to more consumer or BYOD focussed end user IT will likely be relatively straight forward from a technical standpoint.

Without sounding like a broken record (well hopefully) the first thing you need to do before embarking on any sort of BYOD program is to get the right policies and procedures in place to ensure company data remains safe and that there are clear and agreed rules for how any devices can be used, how they can access data, how access, authentication and authorisation are managed, along with the companies requirements around things like encryption and remote wipe capabilities.

NIST (National Institute of Standards and Technology) have recently released an updated draft policy around the managing and securing mobile devices such as smartphones and tablets.  This policy covers both company owned (Consumerism) and user owned (BYOD) devices.  This can be used as a great starting point for the creation of your own policies.  It’s worth noting that NIST highlights BYOD as being more risky than company owned devices even when the devices are the same.  The policy draft can be found here;

http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf

Once you have the policies in place you will need to assess the breadth of the program, this must include areas such as;

–         Will you allow BYOD, or only company supplied and owned equipment

–         Which devices are allowed

–         Which O/Ss and applications are permitted; this should include details of O/S minor versions and patch levels etc.

–         How will patching of devices and applications be managed and monitored

–         What levels of access will the users and devices be permitted

–         What architectural changes are required to the environment in order to manage and support the program

–         How will licenses be managed and accounted for

–         What are the impacts to everything from the network (LAN, WAN and internet access) to applications and storage to desk space (will users have more or less devices on their desks) to the provision of power (will there be more devices and chargers etc. on the floors)

This is by NO means an exhaustive list, the point of these posts is to get you thinking about what is coming along, and whether your company will embrace BYOD and the consumerism of IT.

CIO.com recently ran an article titled ‘7 Tips for Establishing a Successful BYOD Policy’ that covers some similar points and is worth a read;

http://www.cio.com/article/706560/7_Tips_for_Establishing_a_Successful_BYOD_Policy

There are several useful links from the CIO article that are also worth following.

It would be great to hear your thoughts and experiences on the impacts of consumerism and BYOD.

K

Some 2012 projects / plans

Following on from my brief overview of progress during 2011 I thought I would share some of the projects I’ll be undertaking during 2012.  This will give anuone reading this blog an idea of some of the likely content that will appear during this year on top of general thoughts and some book reviews.

1. Complete my masters, which assuming I have passed my most recent module means choosing and completing my project.  Based on the university schedule the bulk of this will be completed between April and September.  Now to decide on a topic!

2. Lead (co-chair) the Cloud Security Alliance – Security as a Service working group through the delivery of the planned implementation guides covering each of the categories detailed in the white paper we published in 2011.

3. Become a lot more familiar with the Xen hypervisor, in addition to the VMWare products in order to better assess virtualisation options for both desktops and servers.  This is for a combination of reasons around expanding my knowledge and better understanding the options around Xen (open source and Citrix variants) and VMWare and the various virtual desktop solutions.  Also with people like Amazon and Rackspace using Xen it must be worth a closer look..

4. Having recently done some study around secure coding I’ve been prompted that I should probably brush up my scripting skills, so I plan to put a little time into Perl this year.

…  Likely a few other things will be added around architecture, potentially some further study / research, databases and security, but these have yet to be finalised and I need to be realistic about what I’ll achieve this year.  I’d rather do less well than try to do too much and not be satisfied with the results!

Expect to see blog posts on the above topics throughout this year, feel free to email or comment if there are any specific areas you would like detailed blog posts on.

K