LAS VEGAS -- Sacking the old PC in favor of desktop virtualization is starting to grow and the information technology managers taking the lead on that trend offered some perspectives on the networking and security challenges it brings.
More on VMworld: What's hot at VMworld this year
General Mills can be considered a pioneer in use in VMware's desktop virtualization software View, having chosen VMware View 4.6 more than a year ago for its first desktop virtualization project (the most recent version is View 5.0), announced this week. A need for rapidly providing a facility in India with computing power was a factor in deciding to try desktop virtualization, as well as establishing a flexible user space "where you go in, there are chairs and you work," said Chad Erickson, senior virtualization architect at General Mills, who spoke on the topic of desktop virtualization during the VMworld Conference.
Today, about 7% of General Mills' roughly 18,000 desktops have been virtualized, mostly those for overseas, with control over them maintained at headquarters in Minneapolis.
Going over a wide-area network to provide desktop virtualization to end users can be a bandwidth challenge, and user applications have to be carefully provisioned and "tuned" so as to not lead to performance degradations. So far, it's worked well enough that there's no plan to switch over to Windows-based PCs.
"There's no 'blue screen of death'," Erickson said. "It just works." It's easier to control a desired desktop corporate image on desktops in terms of applications, he said.
When it comes to security, it's necessary to encrypt View-based desktop virtualization traffic directed between central headquarters to other sites. General Mills found in its own network, it got better performance by removing WAN accelerators because they were not adapted for virtualization.
In a session entitled "Lesson Learned in Deploying 3,000 Virtual Desktops," Jeff O'Connor, technical engineer for the Australian Securities & Investment Commission, said the virtualization project carried out for what's the Australian equivalent of the U.S. Securities and Exchange Commission has gone fairly smoothly.
There is a lot to learn about planning bandwidth and memory provisioning to make sure the user application experience is a positive one. But when things go wrong, the pitfalls can be widespread outages of hundreds of View users, though that problem has largely diminished as the Australian regulatory agency gains more experience with thin-client desktop virtualization.
O'Connor said anti-virus provisioning remains problematic because scans, if not randomized and scheduled for work off hours, create significant performance problems. He said he hopes a new generation of products, such as agentless antivirus for virtual desktops, will eliminate what some call "anti-virus storms" as a concern.
In a separate session at VMworld, Ryon Packer, an executive on Dell's virtual-desktop-as-a-service team, pointed out desktop virtualization is largely not an argument in favor of saving money.
"People think it's like server virtualization — that's layering software on top of hardware," Packer said. But desktop virtualization typically mean retiring older PCs and replacing them with an entirely new construct based on thin client hardware, new software, bringing wholly new network and software-management concerns for IT staff. And that means taking on new expenses, he said. "You can't get a bunch of cool, new stuff and have it be cheaper," he said.
He said one main benefit of desktop virtualization is banishing the kind of out-of-control application use on the employee desktop today where it may be possible to download any kind of application. Desktop virtualization offers a way to separate the employee's personal computer use from the work computer, he emphasized, adding this is a boon both to the IT and security teams in any organization.
The argument for desktop virtualization can be made that it could allow an organization not to spend on some types of security controls, such as endpoint encryption. But a desktop virtualization project has to start with a patient analysis of where this kind of capability is really needed since in some cases, it's not the best fit for some jobs or the best use of resources, he concluded.