On the desktop, virtualization helping with security, management.
Baker Hill, an Experian subsidiary that provides IT services to the banking industry, has used virtualization technology for years.
Initially, the firm began using virtualization software from VMware to take control of a sprawling number of servers and workstations that were sucking power and becoming tough to cool, says Eric Beasley, senior network administrator at Baker Hill in Carmel, Ind. More recently, the firm has been looking at virtualizing its PCs and laptops.
But unlike with server virtualization, consolidation and management aren't the major issues. On the desktop, virtualization is under consideration to help with security.
Slice and dice desktops
Increasingly, enterprise customers are starting to look at slicing and dicing desktop CPUs, just as they are doing with server CPUs, to isolate and secure workloads on single physical systems. This approach to desktop virtualization goes beyond the more common practice, in which applications and workloads are hosted at a remote location for centralized management and remote access.
"Our professional-services folks have client data in their possession that typically is of a financial nature and private," Beasley says. "We were concerned that if Baker Hill were to have a laptop stolen that we would be held liable, because our laptops are unencrypted."
The firm began looking at encryption technology, but that approach required entire disks to be encrypted and seemed too bulky and time-consuming, Beasley says. Baker Hill decided on VMware Ace, VMware's desktop virtualization software.
With VMware Ace, Beasley can create isolated virtual machines - software files that contain an operating system, applications and related data - on single physical systems and then encrypt specific virtual machines, rather than encrypting hardware.
"So we can create virtual machines that have the tools that our professional-service folks need to manipulate and store data," he says. "The entire [virtual machine] is encrypted, not the entire disk. We figured there was no point in encrypting the underlying host operating system and things like e-mail."
In the proving ground
While the idea of carving single physical servers into multiple virtual containers that can be run and managed separately has become mainstream in most data centers, the technology is still in the proving ground on the client side.
"Desktop virtualization is about two years behind server virtualization," says Tom Bittman, a vice president and distinguished analyst at Gartner. "It's a completely different trend. While server virtualization is about saving money and consolidation, on the desktop it's much more about isolation, about being able to do different things on the same machine."
Flexibility and manageability are drawing more enterprise users to look at the technology. The goal is to create a more dynamic and efficient hardware environment. At the same time, a growing number of software vendors are rolling out desktop-virtualization offerings, which means end users should find better products and better prices in 2006.
Start-up Parallels, for example, introduced its workstation product late last year. Parallels Workstation is available for $49 per license, compared with $189 per license for VMware Workstation. VMware Ace, which is a lighter-weight, enterprise-focused version of VMware Workstation with more security and management features, is priced at $99 per user. In addition, late last year VMware introduced its VMware Player, which plays virtual machines, but can't create them. It offers that product for free in an effort to boost interest in virtualizing PCs.
Indicative of the growing interest in desktop virtualization, XenSource, which distributes and supports the open source Xen virtualization technology, has some virtualization pilot projects in place, but a desktop product probably won't be generally available until 2007, XenSource executives say.
"Desktop virtualization addresses security and management," says Scott Donahue, a vice president at Tier 1 Research. "In 2006 we'll start to see broader adoption of desktop virtualization as more products are introduced."
Chipmakers are putting virtualization technology into their hardware, which will make the virtualization software run better. Intel introduced virtualization technology in its desktop processors last year, and Advanced Micro Devices is expected to follow suit in the next few months.
Addressing unmanaged devices
In addition to securing data and applications on networked computers, end users also are looking at desktop virtualization to secure networks from unmanaged devices, such as PCs used by contractors or employees logging on to the corporate network from home. Beasley uses VMware Ace to create virtual machines that are deployed on unmanaged devices. Those virtual machines contain policies that restrict access to external drives and network connections.
"We can create rules saying that when a virtual machine is connected to our network, it can only speak to certain IP addresses or certain file servers," he says.
Cliff Hairston, a consultant with Fortress Computer Systems in Christchurch, New Zealand, virtualizes his client devices to create a more flexible environment where he says he gets better use of his hardware. He had been using technology from VMware, but recently switched to Parallels because of the cost savings.
Regardless of which vendor he uses, Hairston says virtualization gives him the ability to run his business on a tight budget. He says he can build up and tear down systems, without having to take entire PCs out of commission.
"For troubleshooting, it is invaluable to be able to have all of your operating systems start up at a moment's notice" on a single machine, he says. "The second place virtualization is ideal is prototyping. I can build, for example, an XP Pro system with software I know is going to cause problems in the real world. That way, I can, at worst, have to rebuild the virtual machine as opposed to sitting and rebuilding a real machine."
Learn more about this topic
Network World, 11/21/05
Network World, 10/17/05