It’s 2012, and now that several years of “This is the Year of VDI!” have come and gone, we can finally say that VDI is gaining momentum in legal. According to the 2011 ILTA technology survey nearly 20% of firms have implemented VDI (either XenDesktop or View) and nearly 40% are researching or testing it. Kraft Kennedy provides technology consulting, implementation, and support services to the legal community, and we’re seeing client firms take a variety of approaches – leveraging VDI as a more robust replacement for traditional remote access solutions like Remote Desktop Services and XenApp, implementing VDI for subsets of users with common application requirements, and going “all-in” – using VDI as their exclusive method of delivering desktops. We’re also seeing increased interest in VDI through informal conversations with clients and in formal RFIs/RFPs.
Properly implemented, VDI allows firms to realize benefits including standardized yet flexible user environments, increased administrative efficiency and reduced operating expense, increased agility relative to changing business needs, improved disaster recovery capability, and ability to extend the life of aging desktop hardware and/or utilize low-cost PC or thin/zero client replacements. Not properly implemented, VDI can have CFOs and COOs wondering why in the world they ever considered it, and where they might find a new IT manager and technology integrator, quickly. Being somewhat of a VDI evangelist, and having done my fair share of remediation work, I’ve found that like most things the difference between success and failure depends on proper planning. I’ve also found that planning VDI is much more complex than most people realize, and with that in mind this post discusses various elements and considerations associated with the infrastructure piece, or the “I”.
Before we go there, however, let’s stop for a moment and discuss the desktop piece, or the “D”, as this is a critical topic as well. Generally speaking VDI desktops are dynamic, meaning that the operating system, applications, user data, and user environment settings are combined when a session is launched. Law firms have complex requirements in this regard, due to the sheer number of applications most firms run, the dependencies and integration among them, and security concerns. A full exploration of these topics is beyond the scope of this post, but as firms plan moves from Windows XP to Windows 7, or upgrades to key productivity apps like Microsoft Office and document management systems, they should ensure they fully understand them and plan accordingly. The “I” is worthless if the “D” isn’t planned and executed properly. Moving on…
As mentioned above, this post seeks to frame the big picture relative to the infrastructure piece – to describe the various elements and considerations. It is not intended to provide the “right” answer, if such a thing exists, as this depends on a variety of factors that vary firm-to-firm. That said, consider the following list as discussion and decision points during the planning process, or topics to dive deeper into during a planning workshop.
Citrix XenDesktop and VMware View are the dominant players in the VDI space but it’s worth noting that Windows Remote Desktop Services and Quest Workspace Desktop Virtualization (formerly vWorkspace) are out there too, especially given the new enhancements in Windows Server 2012. It’s also worth noting that Citrix offers VDI-in-a-Box, which provides a self-contained, scalable environment that reduces or eliminates many of the items discussed below, but not without some tradeoffs. That said, since 100% of the VDI deployments we’ve seen in legal have been XenDesktop or View the remainder of this post focuses on those two products. In any event, it’s important that firms understand and consider the following:
- The features, editions, and costs associated with each product.
- Product components and associated resource and licensing requirements.
- Availability of clients on various platforms (Windows, Mac, iOS, Android).
- Performance in various bandwidth / latency conditions.
- Administrative and maintenance processes.
Secondary Application Delivery
VDI can mean many things, but in the context of this post I’m considering only pooled or streamed non-persistent desktops. One goal in this scenario is to make the environment look as personalized as possible for each user, and another is to maintain as few master images as possible to improve administrative efficiency. Considering these goals together, a question arises regarding how to handle core vs. secondary applications. Specifically, what should be included in the base image and what should be delivered externally via Citrix XenApp, VMware ThinApp, or Microsoft App-V. That said, it’s important that firms understand and consider the following:
- Pros and cons associated with including or excluding an application from a master image.
- The features, editions, and costs associated with XenApp, ThinApp, and App-V.
- Product components and associated resource and licensing requirements.
View only supports vSphere so View users have an easy choice (or no choice at all, depending how you look at it). XenDesktop users, on the other hand, have options as XenDesktop supports XenServer, vSphere, and Hyper-V. XenDesktop includes XenServer so this may appear to be an easy choice, but it’s important to note that vSphere is the dominant player in the infrastructure virtualization space, Hyper-V is a distant second, and XenServer is essentially non-existent. This means that skilled XenServer admins are hard to come by, and in most cases implementing XenServer means you’ll have two virtual infrastructure environments to manage – XenServer for VDI and vSphere or Hyper-V for everything else. This isn’t ideal from a number of perspectives, including administrative efficiency and resource allocation/utilization. Also, regarding the belief that “Citrix runs better on Citrix,” based on practical experience I can say that isn’t the case.
The takeaway here is that firms planning VDI shouldn’t consider it in a vacuum, but rather how it fits into a larger infrastructure virtualization strategy. With XenDesktop in particular, firms should consider the following:
- The features and costs associated with XenServer, vSphere, and Hyper-V.
- Existing and planned hardware resource allocation and utilization.
- Administrative skill set.
Securing network access is a broad topic, but for purposes of this post I’m considering how to secure client connections to VDI infrastructure. Like the hypervisor section above, View users have an easy choice (no choice) as View includes a single option – View Security Server. Also, like the section above XenDesktop users have options, including the following:
- Citrix Secure Gateway.
- Citrix Access Gateway (a.k.a. NetScaler Access Gateway).
- Citrix NetScaler w/Access Gateway Enterprise Edition.
It’s important that firms considering XenDesktop understand the capabilities and costs associated with these products, how secure client access for VDI fits into a larger security strategy, and with NetScaler in particular how various features like load balancing can be utilized for other projects.
Provisioning refers to the ability to deploy multiple virtual machines that utilize a common base image. Continuing the trend, View users have an easy choice (no choice) as View (Premier) includes a single option – View Composer. Also, as usual, XenDesktop users have options. XenDesktop includes Machine Creation Services which functions in a manner similar to View Composer, and Provisioning Services which does not. Provisioning methodology has a significant impact on hardware requirements, particularly storage, and can dramatically affect performance and end-user experience. Many VDI implementations have failed because provisioning and storage weren’t planned or implemented properly. That being the case, it’s critical that firms understand how these technologies work, and in the case of XenDesktop, which option is most appropriate.
Storage is generally considered to be the most critical infrastructure component related to VDI. Specifically, we’re concerned with whether the storage can accommodate the IOPS virtual desktops require, not only during steady-state operation, but during boot and logon storms as well. As noted above, many VDI implementations have failed because IOPS weren’t accurately estimated or planned for, resulting in poor performance and scalability, poor end-user experience, and significant costs to remediate. Recognizing these concerns, storage vendors and 3rd parties have developed caching, deduplication, and cloning enhancements that improve VDI storage performance and efficiency. All that said, it’s important that firms understand and consider the following:
- The relationship between provisioning methodology and storage requirements.
- Required IOPS for the planned environment – steady state, boot, and logon.
- Performance capability of current or planned storage hardware
- How native or 3rd party enhancements like caching, deduplication, and cloning can improve performance and efficiency.
The question we’re trying to answer here is “how many VDI VMs can I fit on a hypervisor host?” The answer depends on CPU and RAM, and it’s important that firms understand and consider the following:
- CPU and RAM requirements for virtual machines.
- CPU cores vs. speed.
- Hypervisor overhead.
More is always better, but for firms with limited bandwidth seeking to support clients across a WAN it’s important to understand and consider how acceleration technologies like Riverbed and Citrix Branch Repeater benefit thin client traffic.
Ensuring a VDI environment is properly licensed is a project in and of itself. Given the various components and various options for each, and the fact that vendors have changed licensing requirements over time and may have incentive programs in place, it can get complex in a hurry. Accordingly, it’s important that firms understand and consider licensing requirements for the following:
- The VDI product itself – XenDesktop or View.
- Secondary Application Delivery – XenApp, ThinApp, or App-V.
- Hypervisor – XenServer, vSphere, or Hyper-V.
- Microsoft – servers and desktops.
In conclusion, proper planning is essential in VDI deployments and the infrastructure piece in particular is quite complex. Simply answering the question “How much will it cost?” requires a thorough understanding and analysis of the items above. Kraft Kennedy provides VDI planning services to assist firms with this process, implementation services to ensure various components are installed and configured properly, and health check and tune up services for existing deployments. VDI aside, we’ve assisted firms of all sizes in planning and deploying nearly 40,000 Windows 7 desktops through over 60 projects, maintain an application vault consisting of hundreds of packaged applications, and have dedicated management consulting, infrastructure, client systems, support, and content management practices. Contact firstname.lastname@example.org for general information, or email@example.com for VDI-specific information.
Jeff Silverman is a Citrix Certified Integration Architect and VMware Certified Professional.