If you've already virtualised the servers in your data centre, desktop virtualisation may seem like the next logical step. But businesses are finding that the benefits of hosted virtual desktop technologies are more nuanced. The advantages may be harder to quantify and harder to justify based purely on traditional ROI calculations.
So, how do you calculate and quantify those advantages, choose the right technology and build out a successful hosted virtual desktop infrastructure (VDI)? We asked consultants, analysts and users who have been there to report on what works, what doesn't and how you can learn from their experiences. The first place to start, they say, is with a clear-eyed understanding of the potential benefits.
The gains you should expect from hosted desktop virtualisation projects are very different from what accrues from server virtualisation. While server virtualisation produces visible savings by consolidating physical server hardware and increasing resource utilization, most shops will find that hosting virtual Windows PCs requires a greenfield build-out of new infrastructure in the data centre.
But that hasn't stopped some IT shops from exploring the options.
When it comes to hosted virtual desktops, many organisations are already kicking the tires. "Most of my customers are asking about it, if not going to a proof of concept," says Scott Mayers, a principal director at Align, an IT solutions provider focused on the financial services and retail industries.
"2011 is the year when a lot of those concepts will mature into actual deployments," says Ian Song, an analyst at IDC. But so far, he adds, most deployments are still fairly small scale. The market research firm projects that only about 13.5 million out of 400 million PC shipments this year will be VDI implementations, just over 3%. By 2014 that number will more than double, to 34 million, accounting for nearly 7% of the market.
Song expects the trend to eventually top out at about 15% to 18% of all enterprise desktops. Gartner's figures are even more conservative. "While it's a big opportunity, we believe that only 10% to 12% of the installed base of PC users will actually use it over the next two to three years," says Mark Margevicius, an analyst at Gartner. It's a technology that needs to be chosen for the right use cases, he explains.
While VDI is at the top of the hype cycle today, there are many flavours and options. For example, you can choose a "persistent" desktop, where every user gets his own dedicated, fully customisable installation of Windows residing within a hosted virtual machine, or go with the more efficient "non-persistent" VDI model, in which many users' virtual desktops are spun up from a single, common cookie-cutter disk image.
There is no one-size-fits-all solution. "Every group has its own set of requirements and parameters," so a different mix of technologies may be appropriate for different groups within an organisation, says Steve Kaplan, vice president of the data centre virtualisation practice at infrastructure services provider INX. And for some applications, the technology simply doesn't make sense.
The cost of deployment has been coming down also, although the upfront investment in data centre infrastructure is still high. "We don't envision hosted desktops being less expensive than a PC, from a capital investment standpoint," Margevicius says. He puts the total cost at about 1.3 to 1.5 times what IT would pay for a traditional PC deployment. "The initial capital investment is the limiting factor for our clients," he says.
On the plus side, desktop virtualisation's benefits include better security, operational efficiencies and faster restoration in the event of a business outage.
Given all that, how do you navigate through the process? Consultants and users recommend a cautious, methodical approach. Here are some considerations as you move from a review of the basic value propositions and potential use cases into pilots and actual deployments.
Understand the basic value propositions
Client virtualisation strategies are often built around three drivers, says Gartner analyst Chris Wolf:
- Security. Client virtualisation lets companies meet compliance or regulatory requirements, since no applications or data reside on the local machine, everything is managed on the server side.
- Business continuity. If a client device fails, the user can log in elsewhere and pick up where she left off.
- Operational efficiencies. These include easier management of centralised resources, and the ability to provision new virtual desktops and deploy applications and updates faster. "If there's an issue, it's easy to whip up another virtual session instead of swapping out physical hardware," says Align's Mayers.
Mick Slattery, global lead of workplace enablement services for Accenture and Avanade, says that without another infrastructure move, it may be hard to justify the capital outlay required for VDI all by itself.
The Co-operative Group, the United Kingdom's largest retailer with food, pharmacy, travel and other interests, has so far moved 900 of its 19,000 employees onto Windows XP virtual desktops, and it plans to step those up to Windows 7. "It's the slickness of doing it I like," says technical architect Ian Cawson, comparing the XenDesktop VDI to his traditional software distribution tool, Altiris, for distributing massive updates across all 2,500 of Co-operative's locations. "Altiris would kill the network" in terms of bandwidth, he explains. "And we don't have to reimage."
The consumerisation of the client is exactly what St. Luke's Health System is addressing. The healthcare provider has a pilot under way that delivers a virtualised Windows 7 desktop to doctors on personal iPads that they bring to work. In this way, they can access clinical applications that provide patient information as they move from room to room.
In fact, IT can no longer ignore the increasing clamour of requests to provide access to corporate resources from smartphones, tablets and other consumer-owned devices. As the pressure to accommodate such devices continues to mount, Slattery sees client virtualisation as an "interesting first step."
"It allows IT to maintain a level of control and security and still meet the users' needs," although, he says, "you do have some presentation issues" when deploying a virtual desktop or desktop application to a tablet or smartphone screen.
Desktop virtualisation may be a good way to eliminate the need for laptop computers that travel between home and office, if users already have a PC or thin client in each location, says INX's Kaplan. "Virtualisation follows them around," he says.
The retail chain Rent-A-Center, for example, recently launched a desktop virtualisation pilot. KC Condit, senior director of information security and support, hopes to avoid having to give laptops to the 425 store managers who travel to as many as eight stores each week. Instead, he hopes to equip those managers with a hosted virtual desktop that's accessible from a home computer or from a thin client in any store.
Rent-A-Center's virtualisation pilot, based on XenDesktop, could become a secure access method for hundreds of contractors, temps and business partners and it may set the stage for the company's ultimate goal: getting out of the business of issuing and supporting client hardware. "This paves the way for a bring-your-own-computer model, which is what I want for contractors this year and employees next," says Jai Chanani, who as senior director of technology services and architecture at Rent-A-Center also worked on the networking and data centre infrastructure designs for the project.
Chanani isn't the only one with that vision. "We're enabling the business to let people use their own devices," as long as Citrix has a Receiver client for it, says Cawson at The Co-operative Group. "We will allow BYOC this year for iPads," he says, just as soon as Citrix releases Version 13 of its Receiver client. Support for other devices will follow.
Some organisations are looking for green benefits. For example, Align has a large financial services customer that uses high performance PCs for real-time trading. The client is considering replacing a second, general purpose PC on each desk with a virtual desktop and thin client to save both space and power. "It's not just the power on the trading floor, but also the heat associated with those PCs," Mayers says.
The Co-operative Group chose thin clients instead of full-fledged PCs for 90% of the desktops in its new head offices, which come online in 2012. It expects to reduce annual desktop maintenance costs by about $2.4 million and energy costs by about $800,000.
Some retail customers are replacing ageing Windows XP-based point of sale registers with virtual desktops and thin clients. "We hook up a credit card machine and scanner and have them controlled by corporate without putting any PCs in store locations," Align's Mayers says.
Just make sure the equipment you have is supported by the virtualisation vendor. Steven Porter, CIO at Touchstone Behavioral Health, uncovered just this issue during a recent pilot with VMware View. Staff in the field had USB-powered signature pads attached to their laptops, and the VMware client mistook this device for a mouse. Although the manufacturer of the signature pad has a workaround, Porter says it's clunky.
"I don't think I could get my end users to use it," he says. "That was a deal-breaker."
Once you've figured out the appropriate use cases, INX's Kaplan recommends creating a project definition document that clearly states the business reasons behind the project, as well as the benefits and expected ROI. "When you hit the inevitable hurdles, like when the assistant to the vice president breaks down because he can't print and wants to get rid of this VDI stuff, you'll have this touchstone you can go back to."
Hosting virtual desktops is about separating the physical personal computing device from the Windows operating system and applications, which normally run on top of it, and moving it into the data centre, where it can be more easily managed. Vendors offer several variations on this theme.
Understand the technology options
The most popular technology today for desktop virtualisation is VDI. This is exemplified by VMware View, in which instances of Windows XP or Windows 7 run within virtual machines that are separated from the underlying physical server host. This separation happens by way of a layer of software, such as the VMware vSphere Hypervisor. That software lets each virtual PC think it has exclusive access to the hardware, while serving as the traffic cop for all requests to the shared hardware underneath it.
Of course, you can define desktop virtualisation more broadly, as a way to remove the Windows desktop environment from the physical PC and host it in the data centre. This idea has actually been around since Microsoft introduced Terminal Services (now Remote Desktop Services) with Windows NT 4.0 back in 1996.
This software served up hosted Windows applications within terminal sessions, with Windows Server functioning as the underlying multiuser operating system. Citrix has extended that approach to include the presentation of a simulated Windows desktop operating system environment using RDS/Windows Server.
In both cases, the connection methodology is similar: A physical client (either a thin client or personal computer running special client software) exchanges keystroke, mouse and display information with a simulated Windows desktop running in a terminal session, or a Windows virtual machine residing on a back-end host.
The technology has improved since those early days of server-based computing. Today the performance is faster than ever, the user's virtual desktop can include whatever level of personalisation that company policies allow, and in the RDS model, users can work within a complete virtual desktop environment rather than pick from a slim menu of virtualised applications.
Hosted desktop virtualisation
You virtualise the entire Windows desktop environment, including applications, and host them in the data centre. The user then interacts remotely with the hosted virtual desktop by exchanging keystroke, mouse and video screen updates with it.
Vendors offer two approaches based on the VDI model. Under the first option, the persistent VDI design gives every user his own virtual desktop that runs within a virtual machine on a back-end server. Each user gets his own virtual desktop that spins up from a unique, dedicated virtual machine image file containing a full install of Windows. The user owns the image, and any changes that he makes to it will be saved.
The second option presents a "non-persistent" virtual desktop, which gets spun up on demand from a common "golden" image file and serves multiple users. When a user logs out, any changes made to the virtual desktop disappear.
Citrix presents a third option: Its "hosted shared virtual desktop" follows its XenApp/Presentation Server (server-based computing) model by offering up a simulated Windows desktop in an RDP session on Windows Server.
In cases where organisations were already using XenApp for application delivery, some IT departments have decided it would be more cost effective to roll out XenApp as a platform for hosted shared virtual desktops rather than build a new infrastructure for VDI, says INX's Kaplan. Technically, however, he doesn't consider it to be a virtual desktop technology, since users are really running a shared Windows Server operating system, not a native Windows XP or 7 desktop operating system hosted within a virtual machine.
"While it is possible to do almost anything with XenApp that one can do with VDI, it can become very complex and burdensome. That is why it never took off as a mainstream desktop replacement solution despite the overwhelmingly compelling economics," Kaplan says. "At the root of the problem, you have Windows Server being used in a way it was never designed for."
Most of the Citrix virtual desktop deployments he's seen to date have used Citrix's XenDesktop to host non-persistent VDI desktops, he says.
Going with the approach of nonpersistent virtual desktops saves on back-end management and infrastructure costs, since the approach uses a few golden image files rather than one for each user, and that takes up less networked storage space.
When users log out, their virtual desktops can be shut down. But it's more typical to keep the virtual desktops in a suspended state so that users can get up and running more quickly when they log back in. In fact, for non-persistent virtual desktops, administrators may keep a pool of virtual machine sessions running or in a suspended state all of the time so that new users can get up and running quickly after logging in.
Before rolling out VDI, slow boot-up times on older PCs were one of the biggest user complaints, says Kevin Summers, CIO at Whirlpool. Now, early users of VDI are finding that they're up and running more quickly. "Employees aren't as frustrated," he says.
You can virtualise individual applications, using products such as VMware's ThinApp, Microsoft's App-V or Citrix XenApp, and then deliver those into a virtual desktop or stream them down to a physical PC on demand and have them run locally. "Application virtualisation is really software distribution done in a different way," Accenture's Slattery says.
The technique also promotes stability and eliminates application conflicts by isolating the application from other Windows apps as well as from the Windows operating system. No changes are made to the registry or other settings, so this mechanism can be used to, for example, run two versions of the same application side by side, or to avoid compatibility issues when running an old Windows XP application on top of the Windows 7 operating system.
User state virtualisation
Finally, there's personalisation: Virtualisation of each user's personal settings, such as wallpaper and other configuration preferences, by storing that data in roaming user profiles or by using third party tools from vendors such as AppSense or RES Software.
Some third party tools can store more granular operating system and application settings and even one-off programs. Then the basics are loaded into a plain vanilla non-persistent VDI session or a hosted shared virtual desktop session at runtime. The rest of the settings and information, such as Word macros, are streamed on demand as needed so users can get up and running more quickly.
"Roaming profiles give users the flexibility to roam between [devices] and preserve the user experience," says Gartner's Wolf.
Personalisation tools offer the best of both worlds. They allow users of non-persistent virtual desktops to maintain a customised work environment while administrators enjoy the efficiencies that come from maintaining a small group of shared virtual desktop image files. For this reason, says Gartner's Margevicius, "this will be the key technology for most customers over time."
"Customers ignore personalisation at their peril," says INX's Kaplan. Not all users need a personalised desktop, he adds, but in some corporate cultures, deployments that fail to accommodate this demand won't succeed.
The lesson here, says Gartner's Wolf, is that many different pieces of operational software, including management tools and desktop antivirus software, will need to be tied into your desktop virtualisation solution, so selecting the right products is critical. "There will be a high exit cost" for making the wrong choice and then having to backtrack, "so don't rush into a bad decision," Wolf warns.
IT organisations often perceive the different options as competing solutions, says Gartner's Margevicius, but the technologies are actually complementary. One approach may be better suited than another for a given use case, but two or more technologies may also be used together to create solutions that more closely address the needs of specific groups of users.
For example, an IT organisation might deploy a virtual desktop to the user with Microsoft Office installed in it, and deliver other programs onto the virtual desktop using application virtualisation. The user sees a unified desktop environment, while IT improves stability by avoiding application-induced conflicts.
How a hosted virtual desktop infrastructure meshes with the rest of your data centre depends on what you already have for back-end infrastructure and what your plans are for your virtual desktops.
Calculate the implications for IT infrastructure
IT organisations that have already been down the virtualisation road with servers have a leg up. They should be able to leverage at least some of their existing licence agreements, as well as management tools, network equipment, networked storage and other infrastructure.
Virtual desktop architectures, which transmit graphics as well as keystroke data and mouse clicks, can tax your network, says Slattery. "If you have a lot of branch offices or home users who don't quite have the network performance you need, that may guide your decision." On the other hand, if you already have a virtual server environment and the network to support it, you may not need to invest as heavily in new switches and other networking equipment.
"Storage is also a concern because you're moving off relatively cheap disk on the desktop to a back-end SAN," says Align's Mayers. "Your cost per gigabyte is increased."
Management tools are a still a work in progress, says Gartner's Wolf. "I ask clients, if they have to add another five tools to manage their virtual desktop environment, which ones are they able to take away that they used previously? Typically, the answer is none." The most popular tools may be able to plug into enterprise management frameworks from Microsoft, IBM and others. But the integration work is unfinished, Wolf says.
Antivirus software is another hidden cost, says Wolf. Installing traditional desktop antivirus software into each virtual machine taxes CPU cycles and disk I/O. While McAfee and Trend Micro now offer special purpose virtual antivirus appliances, most IT organisations are waiting for the second generation product before committing to it, Wolf says.
"The net result will be that you will be running fewer desktops on physical servers than you planned for, and you can imagine how that snowballs," Wolf explains. "That means more servers, more storage ports and the cost of supporting virtual desktops can go up as a result."
In other words, if you're running fewer virtual desktops on physical servers than you had planned because of the antivirus software and other gear needed to support those desktops, that means you'll need more physical servers. But there's no rule of thumb for this in terms of X number of servers to support Y number of virtual desktops, because there are too many variables, such as the number of applications installed in the image.
Slattery is less concerned about management tools, storage and other infrastructure, which IT already knows how to deploy and manage efficiently. "The biggest challenges come down to licensing," he says.
Check your licences
IT needs to factor in licensing costs for virtualisation software and infrastructure management tools, but the wild card is what it will cost to migrate all of those Windows licences off physical hardware and onto virtual desktops.
The total cost depends on your existing licensing agreement. Users already paying for Microsoft's Software Assurance for Windows get the rights to create up to four Virtual Desktop Access (VDA) images for a given user's Windows-based desktop, laptop or tablet computer.
"Any device covered by Software Assurance gets the grant rights. Others, such as thin clients, require the purchase of a separate VDA licence," says Gavriella Schuster, general manager of Windows product development.
For users without Software Assurance or who want to use a thin client, an iPad or a device other than a Windows-based desktop, laptop or tablet, it's a different matter. "Microsoft does not permit the Windows desktop operating system to be licensed away from the physical machine," says Margevicius at Gartner.
"It requires you to purchase a separate VDA licence [per virtual desktop], and that's $100 per year" per virtual desktop. Microsoft's RDS client licences, required for XenApp, cost a bit less, in the range of $75 to $85 for a perpetual licence. This is because the user is sharing a single instance of Windows Server rather than running a full instance of the Windows desktop operating system, Microsoft's Schuster says.
"Because it's delivered on a virtual machine, Microsoft charges more," Margevicius says. "This is a very sore point with Microsoft customers."
In response, Schuster points out that "the VDA license includes many more rights than a standard Windows licence." And while Software Assurance requires that the user has purchased an OEM Windows licence with the physical client device, VDA does not. Further, Schuster explains, the VDA licence provides customers "with special use rights, and it gives them access to training and deployment services as well as the rights to the next Windows release."
This was a sticking point for Touchstone Behavioral Health, which does not have Software Assurance. Porter says he already pays for each Windows licence twice: once for the instance that ships with every laptop, and once for his enterprise agreement or VDA licence. He estimates total client licensing costs for Windows and virtualisation client software at about $300 per year per seat. He'd like to see concurrent licensing. "The vendors strong-arm me into buying more seats. They're nickel-and-diming me to death," he says.
But if you're doing only application virtualisation, Microsoft's product in this category, App-V, can be fairly inexpensive because Microsoft makes it available through its Software Assurance licence agreements. The typical annual cost in that scenario is generally in the range of $5 to $10 per seat, Margevicius says.
Licensing issues can also derail a client virtualisation project if you outsource support of your desktops to a managed service provider, Accenture's Slattery warns. "Your vendor might not have envisioned this sort of solution, and that may delay you or cause you to re-open an agreement," he says.
Finally, a Windows 7 migration can change the math when it comes to incremental licensing costs, since you may have to buy new licences anyway. "We have customers at Align who don't have Software Assurance who say, 'If I have to buy an operating system anyway to upgrade to Windows 7 and new desktops to support it, maybe that justifies looking into this,' " says Mayers.
And if you're also upgrading Microsoft Office, virtualisation may make that upgrade process easier if you don't already have an efficient, automated software distribution mechanism.
Before embarking on a client virtualisation project, IT can increase the chances for success by shrinking the application portfolio, says INX's Kaplan. "Do you really need five different versions of a spreadsheet program out there?" he asks. "Probably not."
Rationalise your applications
The Co-operative Group's Cawson says the grocery chain's IT staff used AppDNA's AppTitude tool to evaluate the suitability of each of the company's 1,400 applications for virtualisation. The tool also ranked the difficulty of consolidating or eliminating programs that had issues running in a virtual desktop environment. Some of the more difficult ones were dropped, and multiple versions of productivity applications such as Adobe Photoshop were consolidated.
So far, Cawson has packaged 200 applications for virtualisation and discarded 100 others. The former are streamed into XenDesktop virtual desktops using App-V. Ultimately, Cawson hopes to cut the total application count by nearly half, to between 750 and 800.
As for the applications you do keep, be sure to check that your software vendors will support the products in a virtual client setting, INX's Kaplan suggests. Finally, going forward, he says, "make it an organisational requirement" that all RFPs sent to application vendors mandate support for desktop virtualisation.
Build the business case and ROI
Expected savings on PC refreshes may be outweighed by the considerable investment you'll need to make to create a consolidated back-end infrastructure, processing, network, storage, to replicate what your users were doing on their local PCs. And while there are hard cash savings to be had from a VDI initiative, it very much depends on your current client and back-end infrastructure, whether you're up for a PC refresh anyway, and how well you manage the PC infrastructure you already have.
Even in applications where client virtualisation technologies make sense, project scale can affect ROI. "Between 100 and 200 desktops is where you start seeing some of the savings," says Mayers.
Costs to implement a virtualised client environment can vary widely, depending on current infrastructure. But for an organisation that already has an established virtual server environment and the infrastructure in place to support it, expect hosted desktop virtualisation deployment costs to fall somewhere in the ballpark of $800 to $1,600 per desktop, Mayers says. That will vary, he cautions, based on your actual virtual desktop configuration, the server and storage systems used, and the tools chosen for antivirus, personalisation management, backup and recovery and other management tools.
Other consultants say that costs vary so widely that they couldn't even hazard a guess.
One thing almost everyone agrees on: Vendor ROI claims are grossly inflated. "Expect a three-year ROI at best," Wolf says. But there are real benefits and cost savings around the total cost of ownership for virtualised desktops versus that for full-on PCs. These savings come from IT process improvements and filling strategic needs ranging from security and compliance to bring-your-own-computer initiatives.
Michael Kamer, manager of technology integration services at St. Luke's Health System, says sales people pushed the idea that compared with the cost of buying new PCs, he could achieve operational savings of 40% with desktop virtualization, using a design built around XenDesktop. His own numbers, double-checked by a consultant, came in at about 9%. "So far, that has proved to be fairly accurate," he says.
"The ROI just wasn't there," says Porter at Touchstone. For his organisation, the benefits of its VMware View pilot were about better security, faster provisioning of new users and user self-service. "You've got to find those soft costs," he says.
"It's not cost savings I'm going after," says Whirlpool's Summers. "What's driving this goal is improved service." Because of ageing PCs and notebook computers, multiple configurations and a mix of software versions, boot times were slow and trouble ticket volumes were high. About 30% of all calls were attributed to desktop issues. The move to VDI has helped to address all of those problems, he says.
Rent-A-Center's Chanani estimates that costs for his project will be higher for the first three years due to back-end expenses, but he expects that to even out because client devices will last longer. Client virtualisation, he says, will reduce costs and increase shareholder value, because customer data never leaves the premises.
ROI also depends on how well the existing environment is managed. If the business buys expensive PCs and laptops every three years but has Microsoft Software Assurance and wants thin clients to replace the PCs, "you can show one whopping ROI," says INX's Kaplan. On the other hand, he says, "if you're using Altiris or some other push product in a well-managed environment and it works well, moving to VDI isn't going to save a lot of money."
Ease from pilot to deployment
After you understand the business imperatives, it's time to figure out the right technology. Do you need desktop virtualisation at all, or is application virtualisation enough? Should you follow the persistent VDI model, in which every user has a dedicated virtual machine, or follow a non-persistent model, in which virtual desktops are spun up as needed from a common, standardised set of disk images? Do you need to add personalisation to those non-persistent images, and if so, will the basics offered by Citrix, Microsoft or VMware do, or do you need more sophisticated tools?
The answer may be "all of the above." Different user profiles dictate different technologies. Bring the products in, test them against your needs and expectations and do a pilot, Accenture's Slattery suggests.
Summer says Whirlpool's VMware View pilot went on for 12 months before IT started rolling it out to 18,000 employees. He advises taking your time on both the pilot and deployment. "We had problems with the software, with applications and the network," he says.
Since working through those issues, Whirlpool has rolled out the VMware View Client to a few hundred desktops and will continue as client hardware is refreshed. "In 12 to 18 months, we'll have about 10,000 people on virtual desktops," he says.
The pilot will also set the stage for selling users on the project. "You want users who like new technology, who will tolerate [problems] and generate positive buzz," says Kaplan.
While the pilot will give you champions of the technology among the user base, that doesn't mean you should skimp on training, Kaplan says. "In a lot of IT departments, the user walks in and sees a thin terminal on their desk and that's their introduction to VDI. You'd better have a strategy to sell it to users and get them excited about it," he says. He suggests talking about features such as the ability to "roll back" a desktop after a failure, and the ability to interrupt a desktop session at work, go home, log back in and pick up where you left off.
Rent-A-Center did video training. "That was a big hit for us," Chanani says. But he underestimated the sense of security that people feel knowing that their Word documents and other data reside on a physical device that's in their possession. "That's more powerful than I imagined," he acknowledges. "We still haven't gotten over that yet, even though the virtual experience looks and feels just like a Windows desktop."
Ultimately, the key to success lies not just in making the business case, but in creating a "business pull" for the technology rather than an IT push, says Summers. He stresses increased productivity through features such as faster boot times, greater reliability, faster recovery times, increased security and the ability to have almost instant access to the virtual desktop from any location or any device with an Internet connection. "That's our whole strategy," he adds.