Graham writes an interesting post where he compares the impact of slow login and slow applications.  It’s a good analysis and leads Graham to conclude that forced to choose he would go for slow login, because it’s predictable and infrequent and so can be proactively managed (ie do something else why you wait.

I’ve been mulling over the same issue – but without the nice graphics -when it comes to desktop and application virtualization, and I’m very keen to dig a bit deeper into the user experience impact of a collection of new technologies:

1. Virtualised applications add a small performance overhead
2. Streaming virtualised applications adds a significant overhead to launch time, especially in a VDI environment where caching is of limited value (although pre-caching in the image would be better)
3. Virtualization of the applications configuration and the users personalised settings adds a further overhead to launch times
4. WAN access to data adds a further overhead to application launch times
5. We’ve yet to quantify for many niche applications whether non-persistent VDI images (where only the roaming profile is persisted at logoff) are going to be slower, maybe because they cache for performance in the local profile and assume that the users local profile is going to be there tomorrow 99% of the time
6. Sharing server resources across many users, is likely to work out great on average, but I’m not 100% sure that it will be faster for peak CPU periods which often occur at application start-up
7. Most VDI deployments encourage users to logoff frequently and that’s likely to increase as the logon/logoff cycle is required in order to update the master image, not only does this affect a few of the points above, but it also makes detailed user state preservation very important – ie saving which applications, files, scroll locations, browser tabs, window positions etc the user has open and restoring them when the user logs back in. 
8. I dread to think how regular logoffs would impact my productivity, right now I logoff once ever couple of weeks, and it takes me at least 20 minutes to close everything down and open everything up again, if I had to do this every day – the least of my worries would be the time it takes for the OS to boot.

So one things for sure, in the new word of desktop, end user experience performance monitoring is going to be pretty important.

I had the chance to spend the morning being briefed by VMware on their current VDI offerings and their longer term roadmap, a lot of it is NDA but it’s useful to take a look at the broad themes and to contrast their approach to that of Citrix and to the issues we are seeing in the enterprise VDI market.

The good

1. The core hypervisor is clearly very mature and the most widely used for VDI.  However it seemed to me that the opportunities for VMware to further increase desktop density/core was pretty limited now, from now on we really need to rely on Moore’s law.
2. Memory over commit, this is a nice feature, to decrease memory costs, but my impression is that impact on overall TCO is pretty small
3. USB, VMware have written their own USB support, the team have tested a very wide range of USB devices, iPhones, iPods, Blackberries, Scanners etc – they all work, even though not many of them have yet made it all the way through the rigorous VMware QA process
4. Users who install apps, most VMware VDI customers today have a significant number of users who install applications.  The Citrix Provisioning Server model’s not really suitable for this, although there’s some very interesting third party activity around virtualising end user installed applications at the time the user installs them,  this would allow a users installed apps to roam with them from one pooled non-persistent PC to another, and potentially also into XenApp and Physical Desktops.
5. The Wyse multi media redirection extensions have been licensed to mitigate some of the limitations of RDP

The potential

1. The cloud – I was most impressed by the mid term potential of the cloud services capabilities.  More specifically the ability to describe the characteristics and SLA requirements for a Virtual desktop workload, and its associated infrastructure servers.  This would in theory allow us to have a general purpose VMware cloud onto which we could deploy virtual desktops as “just another workload” but with the confidence that all of our SLA’s would be met.  In this model as our environments scaled and performance characteristics changed over the years, we would just make metadata changes and the cloud would adapt to the changing workload automatically.

   The current approach is to have a server infrastructure that’s optimised for the virtual desktop workload at the physical level which is fine for now, but not so flexible in the long term. 

2. vmSafe,  I really like the idea of taking the anti-malware protection out of the VM and running it on the infrastructure.  Not only does this remove the need to keep running VMs up to date with changes to Antimalware signatures etc, but it should also be more efficient and make it much quicker to respond to a critical events.  However it’s only a nice concept right now.

The stuff I’m not so sure about

1. The protocol – One of my biggest concerns, currently VMware are taking a variety of approaches, using and extending RDP and then also supporting the PC over IP protocol from Teradici both in software and hardware.  My initial impression is that it’s going to be a long time before VMware has a protocol story that’s as flexible and performant as Citrix has with ICA. In our case where we have a very wide variety of use cases to support, Citrix allows us to use one protocol for all of them.
2. The broker – improved in that it now supports access to anything that supports RDP, including physical blades, terminal servers and distributed PCs – however there’s no ICA support or Wake On Lan support for distributed desktops that makes it only useful in a few scenarios.
3. Bare Metal (type 1) hypervisor – I like the idea of a client side hypervisor, I can see that within a year we will have PC’s with all the characteristics of thin clients (low power, no moving parts, cheap, secure, stateless etc) but to which we can stream the OS  (we can already “stream” everything else), however these don’t really need a hypervisor – Citrix provisioning server can do this to physical “thin PCs” now and seems a very good solution, even better when it gets integration with Wan Caches. 

   Where I do see client side hypervisors being popular is the employee owned notebook PC, unfortunately the first release of the VMware bare metal hypervisor will only support a singe VM, so it’s not going to be that attractive for employee owned use cases, also its likely to only support a small subset of laptops, most likely also requiring vPro, and these are likely to be too expensive for employee purchase.

4. Offline VDI – VMware has another (Type 2) client side hypervisor solution, currently available as an experimental release.  This works on the idea of the user having a Physical PC and a VDI PC and then when they need to go on the road they can “check  out” the VDI PC – download it to their Physical PC and then check it back in at some later date.  I’ve always been a bit surprised by this use case, mainly because almost all the VDI deployments I see are for locked down PCs. 

   For a locked down VDI PC – the whole virtual PC image doesn’t flow down to the client, only the users apps, config and personality, and all that needs to flow back up is the users personality.  The config can flow to the client using something like AppSense which can also copy the users personality back to the server as well.  The users apps can flow down to the client device using Application Streaming.  This just leaves the Virtual machine itself, in the locked down use case it’s always the same master image the flows down to the users PC, nothing gets copied back.  So this is really Operating system streaming and caching, similar to virtual app streaming and caching.

   The benefit that VMware has is a solution that works for locked down and non-locked down PCs and its available now.  However the more elegant model is where we dynamically compose the users offline VDI PC from separate OS, App, Config and personality streams and then persist just the Personality back on the server.  Why’s this more elegant?  because it allows us to use the same, apps, config and personality to dynamically compose physical PCs, client and server hosted virtual desktops, and Terminal Server Apps and Desktops.

   Final thought though is that VMware approach will also be easy to extend to user data, sitting in a virtual disk, so whilst I have some concerns over it’s elegance, it’s a pragmatic approach.

5. Cloning, the new cloning support is a big improvement, but I still feel that cloning at the storage layer is a better idea.  For example the Offline VDI stuff doesn’t currently work with the View Composer cloning technology, however I’m guessing that it would work just fine if the cloning were done by the storage infrastructure.   

   I’m also pretty amazed by products like ILIO from Atlantis that looks to the hypervisor just like storage, but actually does amazing image management behind the scenes. 

6. Thinstall, I think ThinStall has some great use cases, but the fact that it doesn’t support dynamic caching in the virtual machine makes some use cases problematic, particularly the Offline VDI and OS streaming ones.  Also it seems to me that precaching virtualised apps in the Citrix provisioning server image would probably be faster than thinstall “streaming” from a network file system, but I’ve no lab results to support that view
7. User personalisation, VMware personalisation ideas are currently focussed on Virtual Machines.  I like the AppSense/Res approach that allows for the users personality to be injected into physical desktops, client and server hosted virtual desktops and terminal servers/XenApp.
8. Configuration, I’ve not seen anything from VMware around OS/User and App configuration

1. This was a very difficult session to follow, so the following notes are not that great
2. Multi-media virtualization
1. to any end point, over the ICA channel
3. Apollo
1. Streaming media
2. 3D graphics
4. Remote audio/video extensions, not in XenDesktop – but it is supported with the Linux Wyse thin client
1. At some time in the future this will run on virtual machines, rather than physical machines with a GPU
5. key to the above is:
1. inspecting the end point
2. inspecting the app
3. inspecting the network
4. then decide how to deliver the experience
6. 3D graphics
1. Server side GPU’s
2. Server side rendering units
7. Accelerated bitmap remoting
1. directX, OpenGL, WPF, Flash and Silerlight
8. Realtime communications
1. VOIP over ICA seems to work ok
2. Softphone on demand

1. Challenges
1. How do I ensure that users get their own personalised workspace
2. How do I ensure that end user productivity impact is minimised during the migration
3. How do I deal with some continued use of some local applications
4. How do I ensure that my Virtual machines continue to be up to date
2. This list of challenges seems to be very RES specific, perhaps that’s not surprising
3. The workspace can be modified based on:
1. Who you are
2. Time of day
3. Location
4. Whether you have a token
4. What is a workspace
1. Personalisation, apps desktop, environment, portability, location sensing – with RES this is downloaded just in time
1. Seems to require you to manually figure out what needs to be persistent between sessions.  if you have 4500 applications that’s a complex job.
2. Security, Applications, files and folders, local disks, access to removable drives, IP connections
1. seems to be very similar to group policy, but had the benefit of a common set of policies across operating systems.  Not sure whether it depends on the client device being domain joined, if not that would be an advantage as well
2. more granular than GPO in some areas at least
3. nice feature that allows a USB key to be used as a rule that can govern anything else, for example the ability to run a particular application can be linked to the presence or absence of a USB key
3. Reliability, logon performance, session, cpu, memory, logoff
4. Administration
1. delegated admin, building blocks and templates, usage reporting, license metering, analysis and audit
5. Integration
1. Uses variety of databases
2. Integrates with Active Directory
3. Workspace integration between apps delivered locally and apps delivered by presentation server or xen desktop
4. Runbook automation, using Wisdom – this seems to be a distributed systems management product – simillar to BMC Configuration manager or SCCM
1. detects when snapshots are being used, when they are rolled back etc.  so that the cmdb maps to the actual configuration of the client, even if a snapshot rollback occurs, it will reapply lost changes.

Delivered by Steve Maytum – VP – End user platforms

1. Today
1. 54,000 managed XP desktop, two builds.  Modified the Gina to add a “borrow” button to RDP to a CPS environment or RDP to the users desktop PC,  this is similar to what CSC have done, but my modifying the GINA they have a solution that doesn’t force a locked session to logoff – nice!
2. 15,000 managed laptops
3. 4,500 applications
2. Investing in
1. 50 unmanaged PCs
2. 300 thin client devices
3. 3,200 virtual workstations
4. 700 seamless published applications, 4,500 concurrent users
5. 70 streamed apps
6. Lots of Blackberries
3. Investment banking is all about agility and power and speed of delivery, 140 changes a week
4. Private banking is about protection of data and stability, 2 big changes a year
5. Drivers
1. Cost reduction
2. Strategic sourcing
3. Increasing remote offices
4. Mobile and nomadic users
5. Home working
6. Availability of power and heat, green – in some building they are not able to deliver any more power to the buildings
7. Business continuity
8. Regulatory requirements
9. What their peers are doing
10. Consumer experience & user capability is driving a need to raise the bar
11. Increase in technology capability
6. Remote access security framework
1. A NAC check provides control over what you have access to, using an SSL VPN –
2. EPA Factory is used for the end point analysis
1. Service pack
2. AV running and have a signature that’s less than 2 weeks old
3. Personal firewall running
4. New version being developed to provide information on geographical location, whether they are at the PC console or remoting to it, checking for password protected screen savers
3. Pass
1. Access to your PC via RDP
2. Local printing
3. Line of business apps
4. Long inactivity timer
4. Fail
1. Just access to email and office apps, plus a softphone
2. Short inactivity timer
5. Citrix Access Gateway – Advanced Edition sits behind an SSL VPN
6. RSA SecureID
7. Citrix web interface used
8. Most users just use Citrix to provide access to their existing desktop PCs using RDP tunnelled through ICA
9. They have lots of users apparently who bring in their personal laptops and rdp to their desktops
7. Success so far
1. 8,738 user connections a day
2. After 6PM 1.26 years of work gets done every night
3. At the weekend 3.33 years or work gets done
4. Total of 500 years of productivity
5. Peak usage is 9PM and 7000 users on a sunday
6. Number 1 requested service
8. End state
1. Citrix PS desktop – 112 sessions per blade
2. VDI desktop – 40 desktops per HP C Class blade
3. Trader private blades
4. SoftGrid for application streaming
5. IGEL thin clients
6. Traditional PCs with app streaming
7. Thin offices
8. Remote users
9. Considering putting all the clients on a “dirty” network and do all client – data centre access over an SSL VPN
9. Interesting point that I’ve made myself many times
1. yesterday – business demand outstripped technology opportunity
2. now – technology opportunity has exploded, way beyond business demand or even businesses availability to keep up

1. XenDesktop running Vista
2. Client is running XPe
3. Showed AutoCad, great 3D model rotation using 5mb/sec
4. Vista 3D flip worked fine
5. WPF 3D app – patient records system – worked fine
6. Call of duty game – worked ok
7. Full screen video worked well too
8. Still working on high quality audio
9. Works on Citrix desktop spec appliance

I’ve had a day at iForum and feel ready to make a few comments on the reality of XenDesktop compared to the position presented by Citrix so far. 

First off though I will say that I am impressed by the vision that Citrix presented, the coherence of the vision and the relative openness of the eco system that surrounds it. 

I’m not so impressed by the details of their current implementation and the messaging that surrounds it,  but I would have been if the messages had been just slightly moderated and developed in the more technical sessions.  I’ve made some points about the marketing in a previous post so I won’t repeat them here.

By XenDesktop I really mean the Citrix Desktop Delivery Controller (DDC), it’s integration with the Access Gateway (CAG), the XenServer  Virtual Machine Manager (VMM) and the Provisioning Server (PVS).

In summary I like the DDC and the CAG a lot, I like PVS in principle for users who don’t need to install applications and right now I don’t see much to differentiate XenServer.

Some bold claims were made for the XenDesktop, I may have got the wording slightly wrong, but I’m right in principle:

1. It’s like a new PC every day
2. XenDesktop is applicable to 55% of workers, ie “office workers”

I want to work through these messages and try and get my thoughts straight:

It’s like a new PC every day

The assumption is that a new PC is great and that a new PC every day is even better.  The supporting evidence for this is that a PC gets slower over time, because new versions of applications consume more resources and just because of PC entropy.  If I get a new PC or just rebuild an existing one the world is rosy.  Comments:

1. It’s true that PCs do slow down with time, because new apps and web pages consume more resources.  But how does XenDesktop help?, most cost models show servers being replaced every 5 years and PCs being replaced every 3 years so that in 3 years time I will have a fast desktop again, but a slow XenDesktop for another two years. 
2. It’s true that PCs do tend to slow down with time, but speed up following a rebuild, but in my experience that’s because when I rebuild my PC I forgot to put half the applications back on it that I’ve accumulated over the year[s].  I then spend a very frustrating few weeks trying to find and install perhaps the most important 50% of these apps and by the time they are all reinstalled I’m back to the slow PC.  So there are two scenarios
   1. If I have a locked down PC and can’t install anything then PC’s don’t slow down and so “having a new PC every day” makes no difference, because the new PC is exactly like the old one
   2. If I don’t have a locked down PC and all my changes don’t get persisted from day to day, then I’m going to be really annoyed because one things for sure.  I hate getting a new PC because the first thing I have to do to it is to install all my apps and utilities and configure it, and I don’t want to do that every day.
3. A new PC every day also assumes I logoff every day, since the only way that I pick up changes to the image with PVS is to reboot this seems reasonable.  However this is incredibly unproductive,  it’s true that years ago people did close down every application at the end of the day and shutdown their PC, now though its just a quick suspend and resume.  At the end of my day I will often have 20 browser tabs open, and 10 applications running, if I have to close all of these down and open them all up again to the same state that will cost me 15 minutes a day off the bottom line, that will wipe out any TCO benefit for sure.  In my personal case I restart/logoff my desktop once a month, it runs Vista 64 and its rock solid.

XenDesktop is applicable to 55% of workers

This is a key figure.  The logic goes as follows:

1. 15% mobile
2. 30% XenApp desktops
3. 55% XenDesktop users

My view Citrix should have made clear that this is a long term goal, not a current reality.  Lets examine the positioning:

1. XenDesktop is distinguished from XenApp primarily by the fact that office workers need to personalise their desktop environment.  There are six main areas where personalization takes place:
   1. The roaming profile
   2. The local profile
   3. The user hive of the registry (persisted as part of the roaming profile)
   4. The system hive of the registry
   5. Program files
   6. Windows directories
2. XenDesktop doesn’t currently deliver a [cost effective] solution for persisting any of these personalisations.  Windows roaming profiles and a myriad of third party solutions for profile/environment management do support effectively “roaming profile” persistence
3. All of these roaming profile persistence technologies were invented to work with XenApp and are being re-envisioned as solutions for XenDesktop
4. So personalisation is not really a reason to use XenDesktop, and since this is the key criteria for positioning XenDesktop and not XenApp as applicable to the 55% of office workers is there another reason?  I think there is but its not really specific to Xendesktop:
   1. Virtual client PCs have higher levels of application compatibility than Windows 2003/8 server – less relevant with Application Virtualization
   2. Virtual client PCs can leverage the existing management infrastructure being used to manage the physical desktop environment – Citrix dismiss managing Virtual PCs using these legacy management tools though
   3. Virtual client PCs have a slightly improved fidelity of UI than 2003/8 server – no business case could be built around this difference
5. Finally XenApp is cheaper than XenDesktop and so far as I can tell it’s implementation of SpeedScreen and support for multi-media is better than XenDesktop.  I feel Citrix need to work harder on getting their positioning straight on this.  My feeling is:
   1. Citrix need to make clear that this positioning is strategic, and will reflect relative investment priorities within Citrix in XenApp vs XenDesktop
   2. Citrix need to recognise that customers are going to make long term (5 year) investment decisions in servers and licenses and that these will drive them to the cheaper XenApp unless there is a case to do differently
   3. Citrix need to recognise that for any office worker who does need to install applications or makes changes to the operating system configuration XenDesktop doesn’t provide a cost effective solution and start talking about their roadmap for addressing this
   4. I also feel that although its not as strategic, it does make sense today for office workers who need VDI and need to personalise their PCs to just boot them virtually, but then manage them as if they were physical PCs.  You don’t get the nice conceptual separation of apps, personality and OS, but as I’ve explained above that doesn’t work well anyway with XenDesktop and legacy management is cheap and easy.

Quite a few issues here, but no show stoppers for Citrix, they are on the right path, messaging just needs a little work.  of course these are just my quick personal notes, not some details analysis.

I’ve gained a new respect for marketing since working with some of my colleagues in CSC recently.  However for me marketing needs to work towards 3 key goals:

1. provide a framework that’s allows for complexity to be reduced at a high level, but then gradually decomposed to lower levels of detail
2. help people with a common need discover common services and solutions that meet that need
3. improve the quality of decisions
4. provide names that reduce confusion

Overall I score Citrix pretty highly, perhaps 7/10

The framework – 9/10

Citrix did pretty well here.  The framework seems to have two dimensions, first there is the lifecycle, which goes:

1. Delivery controllers
2. Gateways
3. Repeaters
4. Receivers
5. All of the above essentially connect to a delivery network

Its nice and simple, maps well to the real world and has the nice analogy of the delivery of TV. 

Join common needs to common solutions – 5/10

Generally Citrix did well here, except for XenApp and XenDesktop.  Here the relative positioning of the two technologies was difficult to work out:

1. Superficially it seems easy
2. XenApp for apps and XenDesktop for desktops, but wait
3. XenApp is fine for task worker desktops, and that’s 30% of users, ok so far
4. 55% of users are positioned for XenDesktop – because those users need personalization, but hang on provisioning server only really supports personalisation that can be persisted in the profile – which XenApp supports anyway!  So doesn’t that mean that at least some of those 55% are candidates for XenApp!!!
5. That leaves 15% of people who are mobile, but one session later we are told that its projected that 30-50% of people will be mobile by 2010!!
6. Finally XenApp is a great solution for mobile workers who need access to enterprise client server and sometimes web apps but that’s not mentioned.

All this confusion would have been fixed if it had been made clear that this positioning is strategic, it’s not deliverable with the currently shipping products, but new innovation will make it real over time.  This is important because the client and server infrastructure we invest in for XenApp and XenDesktop is going to be with us for 4-6 years which means getting your strategic positioning right is key, since we are going to see perhaps 3 software updates on the same hardware. 

As to the mobility numbers my guess is that 15% need laptops and that the remaining 15-35% would be better served by a combination of XenDesktop, their personal desktop/laptop and a Smart phone.

The decision support – 3/10

(see also above)

I do like some of the messaging, examples being:

1. Separate OS from Apps from Environment
2. A new PC every day
3. Delivery centre not data centre

But I don’t like that even in the technical sessions they don’t really drill into the reality behind the message.  There tends to be little high level positioning, for example:

1. No discussion on timing, ie when some of the high level vision will be delivered to which use cases
2. No discussion of completeness, ie what doesn’t work – where are the limitations
3. No discussion of assumptions, that underly the message, but if not true for a customer might render the message irrelevant

I’m not going to pick through each of the messages here, but I will give an example of how they could have been improved – i’m making up the details!:

1. Timing,  lets take XenDesktop which is positioned as appropriate for 55% of users, Citrix could have made clear that this was their vision and said that the current product probably targets say 20% of those with the current release
2. Completeness, it wasn’t made clear that XenDesktop and XenApp whilst they both use ICA and both use SpeedScreen use different versions with different overlapping but distinct features
3. Assumptions, a new desktop every day assumes people logoff every day.  I routinely stay logged onto my desktop PC for 25 days at a time, I can’t imagine what logging off every day would do to my productivity!  Certainly it would wipe out any TCO benefit

The naming – 2/10

XenApp, XenServer, XenDesktop and netscaler are the key names it’s here that I’m less impressed:

1. I really like them as high level brands:
   1. XenServer
   2. XenApp
   3. XenDesktop
   4. NetScaler
2. I really dislike the confusion around the use of the brands:
   1. The brands are used to name suites, eg XenDesktop Standard, that contains products from the other suites/products/families
   2. The brands are named after the delivery controllers, but they sometimes include other delivery controllers, repeaters, gateways and receivers
   3. The suites contain products, but the suite names are also used in place of the product names, eg XenApp is used to describe Citrix Presentation Server and Application Streaming.  XenDesktop is used to describe the broker and the Virtual machine manager, and sometimes provisioning server
   4. The names are also used for families of products, ie several different NetScalers from $10K to $250K
   5. An names assume a single use, eg:
      1. XenApp is assumed to be about application delivery, but today it’s arguably applicable for more desktop delivery use cases than XenDesktop. 
      2. It’s my guess that it won’t be long before XenDesktop is used to deliver apps, competitor brokers already support this
      3. NetScaler is a delivery controller, but the same hardware includes gateways and repeater functionality

1. The network load balancer is going through a period of change
2. The concept of a load balancer is still relevant
3. However load balancers need to do more to earn their living, reducing cost, increasing security and optimising traffic
4. The load balancer of the future is best thought of as an Application Delivery Controller
5. Traditional role
   1. better utilisation of data centre resources
   2. high availability when front ending replicated application resources
   3. typically passive from the perspective of the application
6. Why the change
   1. 9 out 10 apps rolled out in 2008 are web based or have a significant web component
   2. My note – compare this with the number of apps used/installed by end users – I think we will see continued high use of client apps, trivial to the enterprise but important to the user
   3. often web apps are very network intensive, often 3x the bandwidth of the client server apps they replace
   4. facebook alone consumed more bandwidth in 2007 than the whole of the internet in 2000
   5. A 30 minute streamed video uses more bandwidth than 100 emails a day for a year
   6. Users are being pulled further away to their applications
      1. globalization, flexi working, branch expansion, mobility, web 2 etc
      2. security, compliance, consolidation …
7. Future role
   1. needs to understand applications, user usage patterns and network traffic
   2. they need to optimise performance, security and cost
   3. application functionality
      1. Load balancing, to minimise latency, distribute load, direct users to where capacity is available, to provide disaster recovery
      2. Content switching
      3. Attack protection, for example resisting a DOS attack, whilst still servicing real traffic
      4. Surge protection, prioritisation of traffic – for example checkout is prioritised above browsing
   4. application performance
      1. enabling compression, which browsers support but many applications don’t
      2. content caching, can often increase performance by a factor of 10 or more depending on app of course
      3. TCP optimisation, buffering, keep alive
      4. performance monitoring, edge sight for netscaler
   5. cost reduction
      1. TCP connection offloading
      2. SSL offloading, hardware SSL offloading reduces web server load by generally a factor of 3
      3. Content caching
      4. Example they reduced the number of web servers MSN europe had serving adverts from 80 to 8
8. 75% of investment is focussed on network security
9. 75% of attacks are at applications
   1. Cross sight scripting, SQL injection etc
   2. An application firewall is mandatory for PCI, ie credit card handling, Payment Card Handling Data Security Standard

Delivered by Sumit Dhawan – Senior Director – Desktop Virtualization Group

Key points:

1. Current desktop process is slow, complex, insecure and costly to maintain
2. Task workers 30%, Office workers 55%, Mobile workers 15%
   1. Office workers seems to me to be way to broad a classification
   2. Office workers are characterised as needing a “personalized” environment
3. Task workers
   1. Standard work environment
   2. Fast startup/low cost
   3. Data security
   4. Compliance and control
   5. XenApp is a great solution for these users
   6. Seems to me that this description above does apply to lots of office workers as well, even consumerized use cases.  In my case for example for enterprise applications – I would be happy with the above, so long as my client was a non locked down laptop
4. Mobile workers
   1. Frequent travel and offline work
   2. Unmanaged or lightly managed laptop
   3. XenApp is a great solution for these users
5. Office workers
   1. Mainly work in the office
   2. Inter office roaming
   3. Office day extenders
   4. Assumption that XenDesktop is the solution for these users
   5. Citrix believes XenApp is the way to deliver the apps to these users
   6. My concern over this positioning is that it also kind of assumes a person works at a desk, rather than someone else’s desk (shoulder to shoulder) or in a conference room or some other collaborative space
   7. 1st generation VDI – which maps to my maturity level 1 – has mainly been for customers who wanted to solve mainly security related issues, at least these were the projects that succeeded
   8. Lots of talk about the ability for users to personalise, for example installing Active X controls.  But no explanation as to where these personalisations get persisted if you are using provisioning server!
      1. Given this lack of a persistence solution, its unclear to me how XenDesktop differs from XenApp Presentation Virtualization
   9. Discussion of the slow degradation of windows desktops over time.  Its not clear what causes this, however does it automatically follow that the same issues won’t occur when a PC is assembled every day from components, perhaps even worse if the components are virtualized (ie multiple copies of dependant components).  However using XenApp published applications would be cleaner.
      1. However if XenApp published applications are being used how does a user add their own apps or add active x controls, or outlook add-ins etc.
   10. Repeated the benefits of using XenApp published apps, ie you can get up to twice as many XenDesktop users per server.
6. Customer example
   1. Collier County public school
   2. 10,000 students, 1000+ staff, about 9,000 remote students
   3. Early adopter of desktop virtualization
   4. A customer that was caught in the “hype cycle”
   5. Deployed maturity level 1, didn’t get beyond the pilot
   6. Rolling out to about 50% of users
   7. Key message – use cases are key!!
7. Costs
   1. Will this cut costs?
   2. For procurement costs Citrix believe PC is $1100 VDI is $1400, but by extending the life of the PC this cost increase will be reduced
   3. Lots of other cost discussion didn’t get covered, although they believe that TCO saving is 40%