Comparing Application and Desktop Virtualization Technologies. Comparing Application and Desktop Virtualization Technologies

Virtualization Technologies

Presented by:

James Engelhard

mindSHIFT Technologies, Inc.

Ben Di Marco

Heenan Blaikie LLP

Table of Contents

Application Virtualization

What is Application Virtualization? Advantages of Application Virtualization

Comparing Application and Desktop

Virtualization Technologies

Advantages of Application Virtualization Virtualization Technology – Vendor Offerings

Desktop Virtualization What is VDI? Vendor Offerings

What Problems Does a VDI Solve? What Problems Still Exist? What New Problems are Presented? Sample Solution Architecture

Comparing Application and Desktop

Virtualization Technologies

What is Application Virtualization?

Application virtualization is an umbrella term that describes software

t h l i hi h i t bilit bilit d tibilit f

technologies which improve portability, manageability and compatibility of applications by encapsulating them from the underlying operating system on which they are executed.

A fully virtualized application is not installed on the workstation in the traditional sense, although it is still executed as if it was. Instead, the application is fooled at runtime into believing that it is directly interfacing with the original operating system and all the resources managed by it when in reality, it is not.

Virtualization Technologies

What is Application Virtualization?

In a normal computing environment, applications are installed

directly into the operating system. Since they all write to shared

system files, applications will often conflict with one another – often

leading to system crashes and instability

leading to system crashes and instability.

Comparing Application and Desktop

Virtualization Technologies

What is Application Virtualization

With application virtualization, each application runs in its own

protective runtime environment, isolating them from each other and

the underlying OS.

y g

Comparing Application and Desktop

Virtualization Technologies

What is Application Virtualization?

There are 3 approaches to application virtualization:

Standalone:

Applications are encapsulated in a single executable These executables can run instantly from USB CDROM or local Applications are encapsulated in a single executable. These executables can run instantly from USB, CDROM or local disk. The applications can also be deployed using a management tool such as Microsoft SMS.

Streaming:

Applications are encapsulated in a single file and are located on the network. When starting the application only the blocks needed to run the application are copied to a local drive (cache). When additional features of the application are used, additional blocks are copied to the local cache. Streaming can be available for standalone virtualized applications accessed from the network or when the virtualized applications are presented with a locally installed agent.

Centrally controlled access:

Virtualized applications are distributed through a central deployment tool. A locally installed agent is required. The applications can be deployed (executables are copied locally) or shortcuts to the applications (located on a

network-Virtualization Technologies

Advantages

Leverage and enhance existing infrastructure and management tools. Applications will no longer have to be installed on the clients Applications will no longer have to be installed on the clients Conflicts between applications are a thing of the past It eliminates the need for regression testing

It is possible to use different versions of applications simultaneously Support for Web, Client-Server and Server Based Computing applications Fast roll-out and upgrade of applications

Comparing Application and Desktop

Virtualization Technologies

Application Virtualization – Vendor Offerings

There are three serious developers of application

virtualization technology

virtualization technology.

Microsoft Application Virtualization

VMWare ThinApp

Citrix XenApp

Comparing Application and Desktop

Virtualization Technologies

Microsoft Application Virtualization

Microsoft Application Virtualization (also known as App-V; formerly Microsoft

SoftGrid) is the Application Virtualization solution from Microsoft. The architecture is composed of the following layers: The architecture is composed of the following layers:

Microsoft Systems Center Virtual Application Server, also called SoftGrid Application Server, which hosts virtualized application packages and streams them to the client computers for local execution.

Microsoft SoftGrid Application Virtualization for Desktops, also called SoftGrid client, is the client side runtime which requests the application server to stream the application and executes the applications locally. SoftGrid Management Console, the management tool to set up, administer

Virtualization Technologies

Microsoft Application Virtualization

Microsoft Application Virtualization is composed mainly of two components

-SystemGuard and SoftGrid Sequencer.

SystemGuard tracks and analyses configuration repositories and resources SystemGuard tracks and analyses configuration repositories and resources

used by the application and intercepts the use of these resources, redirecting them to the virtualized instances of the resources.

SoftGrid sequencer is the server side component which packages an

application for virtualization and streaming. It analyzes the application for the resources that it requires and creates the SystemGuard runtime environment that it will require. It also packages specific DLL files that it might require at the client side.

Comparing Application and Desktop

Virtualization Technologies

Microsoft Application Virtualization

Comparing Application and Desktop

Virtualization Technologies

Microsoft Application Virtualization Advantages

Real-time centralized administration of application licenses

Sequencer uses “Active Watch”, which ensures that only the application code needed is transferred. As a result, applications will start up quicker for the user

Low overhead (~2%) of SystemGuard on client

Disadvantages

Applications that are directly incorporated into the operating system, such as Internet Explorer and Windows Media Player, cannot be virtualized. IE plug-ins, however, can be virtualized. Applications needing product activation that use hardware characteristics cannot be virtualized. When the application is started on another machine, the hardware characteristics will have been changed.

Applications using advanced functionality such as COM, DCOM or DDE (enabling components to communicate) must be sequenced together, or parts of it must be made available in the source OS.

Virtualization Technologies

VMWare ThinApp

ThinApp - is the Application Virtualization platform solution from VMWare which

allows for the deployment of complex software as a self-contained EXE file which can run instantly without installation from any data source.

ThinApp requires no pre-installed software on physical or virtual PCs and no new ThinApp requires no pre installed software on physical or virtual PCs and no new deployment infrastructure or management tools.

ThinApp packages applications in familiar formats (.MSI or .EXE) that can plug into existing infrastructure for software license management, deployment, audit and compliance.

The core of ThinApp is the Virtual Operating System, a small light-weight component which is embedded with each “ThinApped” application. This VOS merges a virtual system environment with the real system environment.

Comparing Application and Desktop

Virtualization Technologies

The ThinApp Virtual OS consists of the Virtual File system (VFS), and Virtual Registry (VREG).

The VOS works exclusively in user mode. It y can run applications in managed and unmanaged Windows environments without requiring elevated security rights.

Comparing Application and Desktop

Virtualization Technologies

Virtualization Technologies

VMWARE ThinApp

Advantages

Client- and Server-less: No client or agent installation is necessary on the host PC.

There is one secure executable: which contains the virtualized application and the associated files and registry data

associated files and registry data.

Various ThinApp runtimes can run simultaneously and be used on the same platform: ThinApp is the only virtualization solution that offers support for multiple

simultaneously deployed ThinApp clients on the same PC.

Portable Deployment: Application and user specific settings can be used completely

from a removable storage medium (USB stick/DVD/CD-Rom).

Add or Remove program integration: Virtualized applications are reproduced in the

“Add or Remove Programs” control panel function.

Application Link – Free-flowing communication between interdependent virtual

applications. Application Link allows interdependent applications to communicate with one another (such as Java, .Net, IE, Office) to eliminate conflicts, reduce application size, and maintain continuity and tracking of software licenses.

Comparing Application and Desktop

Virtualization Technologies

VMWARE ThinApp

Disadvantages

Application licensing management is not present: the enforcement of application Application licensing management is not present: the enforcement of application

licensing policies is not yet possible with ThinApp.

No central management platform or console.

Application streaming via the internet is not possible: The streaming of

applications via the internet whereby only the necessary data is sent and secured via SSL is not yet possible.

Comparing Application and Desktop

Virtualization Technologies

Citrix XenApp

Citrix XenApp, a member of the Citrix Delivery Center product family,

is an end-to-end Windows application delivery system that offers

b th li t id d

id li ti i t li ti

both client side and server side application virtualization

Applications are managed in a centralized application hub, but are

streamed to the user’s machine and run in an isolation environment.

Applications become an on-demand service which is always

available and up to date.

Client Side caching technology makes the application available even

when not connected to the network

Virtualization Technologies

Citrix XenApp – Client Side

Client Side - How it Works:

Comparing Application and Desktop

Virtualization Technologies

Citrix XenApp - Client Side

Record, Download and Play

Record – Applications are packaged using the Profiler, which determines the

components and the system resources the application requires and then defines a set components and the system resources the application requires and then defines a set of rules for running the application in isolation on the endpoint device. The resulting package is a standard cabinet (.CAB) file that is transparent and is easy to work with and debug.

Download – The application package is published to a regular network file share. No

proprietary tools or storage systems are required. Authorized users can start streaming the application simply by clicking on their desktop icon. The application is cached locally, but it is not installed. It runs in isolation, without interfering with other applications on the same device.

Play – Applications behave just like they were installed locally, but without any of the

problems of installation. Files are saved locally and individual settings are preserved. Every time the application is run, it checks for errors or updates and delivers them automatically. The application is managed centrally, but can be used when it is disconnected from the network.

Comparing Application and Desktop

Virtualization Technologies

Citrix XenApp – Server Side

Virtualization Technologies

The application user interface is delivered to the end user virtually by passing only screen pixels, keystrokes and mouse actions between the client and server over the network. This is done without the need for pushing actual data or software, increasing security — especially for users connecting from an extranet or from the internet.

This virtualization technology, combined with having both client and server components running together in the data center, typically results in less bandwidth use and faster application performance. During this process, 100% of the application’s logic (for both client and server components) executes on the server and, regardless of whether it is Windows, UNIX, Java or Web based, the application can now be accessed from any device or location over any network.

With XenApp application virtualization technology, users access applications running on the server the same way they would if the applications were running on the local device (e.g. through desktop icons or the start menu) making this process transparent.

Comparing Application and Desktop

Virtualization Technologies

Citrix XenApp

Advantages

Centralized administration: applications are offered to the end user transparently as

a service and their usage can be tracked and monitored Reports can be created a service and their usage can be tracked and monitored. Reports can be created. Centrally Administered License management

Support for Web and Client-Server applications Good integration with other Citrix solutions.

Caching Ability: Application is cached locally but not installed so it loads faster on

start-up.

Comparing Application and Desktop

Virtualization Technologies

Citrix XenApp

Disadvantages

High initial investment:However, for existing Citrix Server users, Citrix has a lower TCO due to the overlap with the existing Citrix Access Infrastructure. No application Interconnectivity or Binding: Virtualized applications, which are isolated, cannot be connected to each other.

Virtual Services: Applications which include the installation of a service cannot be

Product Application Streaming Installfree Bridge Softgrid Appstream ThinApp Virtual Application Studio Company

Latest version 4.5 1.0 4.2 5.2.2 SP1 4.0 6.0.218

Release date March 8th 2007 April 7th 2008 July 2nd 2007 December 4th 2007 June 27th 2008 March 1st 2008

Stand‐alone

Virtualized applications can run on clients without agent locally  installed.

Streaming Technology

No Yes No Yes Yes Yes

Launch the application instantly from a remote location. The first  blocks needed to start the application are locally cached on the client.  When more features are used, more blocks are cached. Centrally controlled access Management software is included that can manage authorization on  application delivery. Agent locally installed on the client is required. Off‐Line Usage Applications can be launched even when a user is off‐line (for example  on a laptop). The streamed application is completely cached locally. Application Interconnectivity / Binding Virtualized applications, which are isolated, can be connected to each  other. For example, .NET 2.0 framework is packaged once.  Applications that needs .NET framework connect to the virtualized  .NET package. Executes in user‐mode only There is no interaction with the kernel of the OS. Therefore,  applications cannot crash the OS. License Management Can the usage of the applications be controlled? How many licenses do  you have of an application and how many times is the application  (concurrently) in use? Tracking and reporting The usage of applications can be tracked and monitored. Reports can  be created. Memory consumed by runtime What is the impact of the virtualization layer on memory usage? Size of runtime What is the size of the runtime of the virtualization layer? No

Yes Yes Yes Yes Yes Yes

Yes Yes

Unknown 1060 KB Unknown Unknown 400 KB 400 KB approx. 15% extra Unknown

Yes Yes

400 kB

Yes No Yes Yes No No

Unknown

Yes Yes

Yes No Yes Yes No No

Yes Yes

Unknown < 2MB

No Yes No No Yes No

Yes

Yes Yes Yes Yes Yes Yes

Yes No

Company

16‐bit application supported (only run on 32‐bit OS) No No Yes No Yes No

64‐bit application supported No No No No No No

Windows 2000 Yes No Yes Yes Yes Yes

Windows XP Yes Yes Yes Yes Yes Yes

Windows Server 2003 (TS) 32‐bit Yes Yes Yes Yes Yes Yes Windo s Ser er 2003 (TS) 64 bit Yes Yes No No Yes Yes

Supported Infra

Comparing Application and Desktop

Virtualization Technologies

Windows Server 2003 (TS) 64‐bit Yes Yes No No Yes Yes

Windows Vista 32‐bit Yes Yes Yes Yes Yes Yes

Windows Vista 64‐bit Yes Yes No No Yes Yes

Windows Server 2008 (TS) 32‐bit No No No No Yes Yes

Windows Server 2008 (TS) 64‐bit No No No No Yes No

Terminal Server No Yes Yes Yes Yes Yes

Citrix Yes Yes Yes Yes Yes Yes

Company Packaging method How is the software packaged as virtual application? ‐ Streaming profiler: an installation is recorded in a stream ‐ JeOS: the application is installed in a mini‐OS ‐ Snapshot: a before and after snapshot is taken. All changes made  during installation are in the package ‐ MSI: The MSI installation file is analysed and compiled into a  package.  NO clean PC required If this is set to Yes then a clean PC is NOT needed for snapshotting a  new application because the technique used does not use the OS on  which the software is being captured. Packaging

Streaming Profiler Install in JeOS Streaming Profiler Snapshot or MSI Snapshot

No Yes No No No No Snapshot Company Save as EXE The virtualized application can be saved as an executable.  Save as MSI The virtualized application can be saved as a MSI. This MSI can be  distributed with various software deployement solutions.

No No No Yes Yes Yes

No Yes

Packaging

Yes No

No Yes

Comparing Application and Desktop

Virtualization Technologies

N/A Yes N/A Yes

Yes Yes Yes Yes Yes Yes

No Yes Yes

Yes Yes No Yes

Yes Yes Yes Yes

No Yes No No Yes No

Yes Yes Yes Yes Yes Yes

Com pany Embedded security on AD OU  Level (for standalone use) When a package is created AD authorization based on Active Directory  OU's can be im plemented so that only users that are authorized can  start the application. Virtual COM and DCOM Virtual applications access virtual COM  and DCOM objects in order to  keep the local OS clean. Virtual filesystem Virtual applications access a virtual filesystem  in order to keep the  local OS clean. Virtual registry

Yes Yes Yes Yes Yes Yes

Yes Yes Yes Yes

N/A Yes Packaging No No Yes Yes N/A Yes Virtual applications access a virtual registry in order to keep the local  OS clean. Virtual services Virtual services can be created for the virtualized application in order  to keep the local OS clean. Com pany Deploy to AD groups Assign the application to groups in Active Directory. Deploy to AD Domain / OU's Assign the application to an OU or Domain in Active Directory. Deploy to AD users Assign the application to a user object in Active Directory. Pre‐stream/cache to clients Ability to prepopulate a desktop or server with an application so it  loads faster on start‐up. Runs from  CD‐ROM Launch a Virtual Application from CD‐ROM. Runs from  HTTP Launch a Virtual Application from a webserver using HTTP. Runs from  network share Launch a Virtual Application from a fileshare (no agent needed). Runs from  USB

Launch a Virtual Application from a USB stick. No Yes No Yes Yes Yes

No Yes Yes Yes

Yes Yes No Yes Yes Yes

Yes Yes

Yes Yes

Yes Yes Yes Yes

No Yes No Yes

No No

N/A N/A

N/A N/A

Yes Yes No Yes N/A N/A

No Yes

Yes Yes Yes Yes

No Yes Yes Yes

Yes Yes N/A N/A Yes Yes Yes Yes Yes Yes Deployment Company Run without additional privileges Logged on as a default Windows User. Runs on locked down PC

For example on a kiosk‐PC where there is no agent available. No Yes No Yes

Yes Yes Yes Yes

Yes Yes Yes Yes

User Experience

Comparing Application and Desktop

Virtualization Technologies

Shell Integration out‐of‐the‐box

Shell integration is available without the need for any additional 

handling during the install/package process. Yes Yes Yes No No No

This comparison chart is courtesy of

virtualization technology experts Sven

Huisman and Matthijs Haverink of

www.qnh.nl

What is VDI?

Virtual Desktop Infrastructure

It’s a brand – VMWare’s product is called VDI It’s a Technology Solution Consisting of Many Parts

Thin Client hardware / software environment Connection broker

Connection broker Pool of Virtual Machines Remote Presentation Protocol – ICA, RDP Other tools for creating, configuring, and managing VMs

An Isolated, Dedicated Operating System

Presented Across the Network via Remoting Protocols (RDP, ICA)

One to One, not Many to One

Virtual Desktop Infrastructure Model

VDI versus Server Based Computing (SBC)

VDI

SBC

Each User has Unique Instance of OS Users Share a Multi-User OS Dedicated Virtual Resources (CPU, RAM) Shared Physical / Virtual Resources Dedicated Virtual Disk Shared Physical / Virtual Disk Multiple Copies of Applications Single Installation of Each Application Unique Application Set Common Application Set

Complete Desktop Presented Remotely Applications / Desktop Presented Remotely Local Impact Widespread Impact

VMWare VDI

First To Market – Created The Term VDI Most Mature Offering And Hypervisor Considered By Many To Be The “Gold Standard” Citrix XenDesktop

Built On Xensource Open Source Project Started In 2002 Lightweight “Paravirtualization” Architecture Requires Virtualization Support In Hardware To Run Windows Most Mature Presentation Protocol - ICA

Microsoft Hyper-V

Newest Entry – RTM On July 9th, 2008 No Complete VDI Product, Virtual Infrastructure Only It Runs On Windows!

Hypervisors – Compelling or Commoditized?

It’s All About the Management Tools!

Complete Solutions

VMWare Virtual Desktop Manager (VDM) Citrix XenDesktop

Qumranet Solid ICE

Bolt-on Provisioning / Management Solutions

Provision Networks Virtual Access Suite (VAS) VDIWorks (ClearCube Sentral)

DynamicOps

Ericom PowerTerm WebConnect Server

What Problems does a VDI Solve?

Replaces expensive PCs with less expensive Thin Clients

Extends lifecycle, and thus reduces cost, of existing desktop

hardware

Rapid Provisioning and Deployment (Did I mention I need 5 new

p

g

p y

(

Desktops tomorrow morning?!)

Centralizes OS Management and Support – Reducing Support Costs

Doubles as a Secure Remote Access Solution

Enhances Data Security and Protection

Isolated as Opposed to Multi-User Environment Improves

Compatibility / Stability and Reduces Impact Potential

Offline Access

Interfacing with Local Devices – Scanners / Cameras / Printers

Multimedia Challenges – Bi-Directional Audio, Streaming Video

Weak Graphics Performance

Weak Graphics Performance

Graphics Intensive Applications might require traditional / bladed desktops

Each Virtual OS still needs to be maintained, though centrally

SMS (SCCM) Altiris, ZenWorks, LANDesk WSUS, Anti-Virus Updates

Desktop Authority, Group Policies, Scripting

What New Problems are Presented?

Offline Access

Massive / Costly Centralized Infrastructure Required

Does not Scale As Well as Multi-User Solutions

High Performance Network is Vital

High Performance Network is Vital

Data Migration – P2VD

Requires New Skills / Training

Sample Solution Architecture

Centralized Enterprise Storage (SAN)

Fast and Flexible Scalable, Highly Redundant De-Deduplication / Cloning

Host Servers

Blades / High Density Servers Fast Access to SAN Virtualized I/O

Hypervisor / VM Management

Many VMs across Many Servers Pooling of Resources / Hot Add Resources Live Migration

Connection Broker

Who Gets Which Machine Security / Identity Services Auto-Provisioning

Virtual Machines

Copies or Pointers? Templates Persistent or Temporal

Sample Solution Architecture

Applications

Part of Template VM (Image) Packaged and Deployed (AD / Zen / SMS)

Virtualized (Streamed / Traditional Application Presentation via SBC)

Settings & Data

Roaming Profiles

Locally Stored / Redirected to Network Temporary

Management

Patching / Updates Security / Anti-Virus