Before moving to any type of desktop virtualization, IT pros must consider network connectivity, management and security.
Watch the network: Most desktop-virtualization tools have some kind of remote presentation protocol to reduce the hit on the network: Remote Data Protocol for VMware, Independent Computing Architecture for Citrix Systems and Simple Protocol for Independent Computing Environments for Qumranet. In addition, some tools, such as Pano Logic's Virtual Desktop Solution, integrate such features as WAN acceleration. Still, moving every desktop to a central server and provisioning from there is bound to bog things down a bit.
When network performance problems crop up, they can be deal-breakers, especially for centrally hosted Virtual Desktop Infrastructure (VDI) scenarios. Such was the case at the University of Maryland in College Park, says Jim Maloney, network applications manager at the school. After conducting a six-month pilot of Sun's virtual desktop software running atop VMware ESX, he didn't get network buy-in right away.
"We found that the most important thing is that if you don't own the network, you need to be talking to the network people," Maloney says. "You need to make them understand what you're going to do and what impact that will have. If you don't, you can run into trouble."
Mitchell Ashley, CEO of Converging Network and a Network World Microsoft Subnet blogger, agrees. "You have to make sure your network is capable of doing this, because it could suddenly be dealing with a huge load," he says. "What if no VoIP calls get made at 9 a.m. because all these virtual PCs are booting up?" he asks.
Brace yourself for management headaches: At the University of Maryland, the evolving desktop environment now includes Sun VDI, traditional Citrix thin clients and regular desktops -- which makes management tough. "Right now, we use three separate management consoles," Maloney says. "It's somewhat of a nightmare putting reports together for our executives on what we're using and what we're doing."
Most desktop-virtualization vendors recognize the nascent management problems and are working to address them. For example, start-up VDIworks offers a tool that lets users manage physical and virtual PCs from the same console, while Microsoft's Enterprise Desktop Virtualization (MEDV) will integrate with its Virtual Machine Manager software, enabling similar capabilities. Credit Suisse, an early user of VMware VDI, built its own management software and since has spun it out as a commercial tool from a start-up called DynamicOps.
"We wanted provisioning of virtual machines and the management of their whole life cycle to be automated, and most of the tools didn't really have that layer of management," says Brad Novak, managing director of end-user platforms at the bank's London office. "We also wanted a tool to be independent and be able to work with multiple virtualization technologies, so we wouldn't have to rebuild our provisioning environment if we introduced or changed the hypervisor. So, we ended up building our own."
Anticipate security unknowns: Centralized desktop images might seem easier to secure than traditional, physical desktop setups, but they may hold unknown risks. "Early adopters not only can get bitten because the security products aimed specifically at desktop virtualization haven't been released yet, but also because they're just now learning what the security issues are," Ashley says. "Hackers aren't going after virtual PCs and virtual servers yet, because there isn't a big enough bang for their buck. But as more of it goes virtualized, they'll make that shift. Today there isn't one big security concern about virtualization in part because we're still learning about the challenges."