What is Virtual Desktop Infrastructure (VDI)
tl;dr - Virtual Desktop Infrastructure (VDI) hosts virtualized desktop environments for users in a centralized system. What is VDI? Imagine not having to carry around a laptop or be sitting in a cubicle to access your work desktop applications. Virtual desktop infrastructure (VDI) is appealing to many different constituencies because it combines the benefits of anywhere access with desktop support improvements. Employees typically use a wide range of mobile devices from laptops to tablets and from desktops to smartphones are being used. The diversity of these mobile devices and the sheer number of them in the workplace can overwhelm IT and strain your resources. Desktop Virtualization centralizes sets of desktops, usually in a data center or cloud environment, and then provide access to your employees whether they are in the office, at home or mobile. VDI deployments virtualize user desktops by delivering them to distinctive endpoint devices over the network from a central location. There are many reasons why organizations deploy VDI solutions – it’s easier for IT to manage, it can reduce capital expenditures, improve security and helps companies run a ‘greener’ business. Since users’ primary work tools are now located in a data center rather than on their own local machines, VDI can strain network resources, and the user experience can be negatively affected. Desktop virtualization is a bit more complex than server virtualization since it requires more network infrastructure, servers, server administrators, authentication systems, and storage. VDI’s effect on the network is significant; it may necessitate infrastructure changes to accommodate the large volume of client information that will be traversing the network. When a user’s desktop moves from a physical machine under the desk to the data center, the user experience becomes paramount; a poor VDI deployment will result in IT being flooded with “My desktop is too slow” calls. Why VDI? Mobile devices and bring your own computing are popular drivers for VDI deployments. It enables employees to work from anywhere and simplifies/unifies desktop management, especially updating operating systems and applications. It can lower costs, provide flexible remote access; improve security and compliance along with potentially offering organizations disaster recovery options. It also enables employee flexibility and reduced IT risk of employee owned devices. VDI allows employees work with a wide range of devices from laptops to tablets to smartphones. Employees can sign on from wherever they are, whenever they like and with whichever device they choose. Deploying virtual desktops can also increase IT efficiency and reduce IT workload since the desktops are centralized. It also benefits IT with greater access and compliance control, while at the same time, allowing employees the freedom to use their mobile device of choice. IT departments can remove obsolete versions of application software or perhaps enhance the security policy. Either way, the employee always has the most up to date desktop image. Things to Consider Desktop virtualization is no longer about the desktop, it’s about allowing employees desktop access from wherever they are. So things like availability, access, security, DR, authentication, storage, network latency and SSO are all areas to keep in mind when deploying a VDI solution. VDI Providers Some VDI solutions include VMware Horizon View, Citrix XenDesktop, and Microsoft RDS. Next Steps If you'd like to learn more or dig deeper into VDI, here are some additional resources: VDI the F5 Way Lightboard Lessons: Secure & Optimize VDI Citrix VDI iApp template VMware Horizon View iApp Also, here are some other articles from the #Basics Series.Simplify VMware View Deployments
Virtual Desktop Infrastructure (VDI) or the ability to deliver desktops as a managed service is an attractive and cost effective solution to mange a corporate desktop environment. The success of virtual desktop deployments hinges on the user experience, availability and performance, security and IT's ability to reduce desktop operating expenses. VDI deployments virtualizes user desktops by delivering them to distinctive end point devices over the network from a central location. Since the user's primary work tool is now located in a data center rather than their own local machine, VDI can put a strain on network resources while the user experience can be less than desired. This is due to the large amounts of data required to deliver a graphical user interface (GUI) based virtual desktop. For users who want to access their desktops and applications from anywhere in the world, network latency can be especially noticeable when the virtual desktop is delivered over a WAN. Organizations might have to provision more bandwidth to account for the additional network traffic which in turn, reduces any cost savings realized with VDI. In addition, VMware has introduced the PCoIP (PC over IP) communications display protocol which makes more efficient use of the network by encapsulating video display packets in UDP instead of TCP. Many remote access devices are incapable of correctly handling this distinctive protocol and this can deteriorate the user experience. Keeping mobile users connected to their own unique, individual environments can also pose a challenge. When a user is moving from one network to another, their session could be dropped, requiring them to re-connect, re-authenticate, and navigate to where they were prior to the interruption. Session-persistence can maintain the stateful desktop information helping users reconnect quickly without the need to re-authenticate. Secure access and access control are always concerns when deploying any system and virtual desktops are no different. Users are still accessing sensitive corporate information so enforcing strong authentication, security policies, and ensuring that the client is compliant all still apply to VDI deployments. Lastly, IT must make sure that the virtual systems themselves are available and can scale when needed to realize all the benefits from both a virtual server and virtual desktop deployment. The inclusion of BIG-IP APM's fine grained access control to BIG-IP LTM VE offers a very powerful enhancement to a VMware View deployment. BIG-IP APM for LTM VE is an exceptional way to optimize, secure, and deliver a VMware View virtual desktop infrastructure. This is a 100% virtual remote access solution for VMware View 4.5 VDI solutions. In addition, the BIG-IP APM for LTM VE system will run as a virtual machine in a VMware hypervisor environment so you can easily add it to your existing infrastructure. As the number of users on virtual desktops grows, customers can easily transition from the BIG-IP virtual edition to a BIG-IP physical appliance. The BIG-IP provides important load balancing, health monitoring and SSL Offload for VMware View deployments for greater system availability and scalability. Network and protocol optimizations help organizations mange bandwidth efficiently and in some cases, reduces the bandwidth requirements while maintaining and improving the user experience. BIG-IP APM for LTM VE also opens the possibility of making virtual server load balancing decisions based on user’s identity, ensuring the user is connected to the optimal virtual instance based their needs. F5 also overcomes the PCoIP challenge with our Datagram Transport Layer Security (DTLS) feature. This transport protocol is uniquely capable of providing all the desired security for transporting PCoIP communications but without the degradation in performance. In addition, F5 supports View’s automatic fallback to TCP if a high performance UDP tunnel cannot be established. Users no longer have to RDP to their virtual desktops but can now connect directly with PCoIP or organizations can plan a phased migration to PCoIP. The BIG-IP APM for LTM VE comes with powerful security controls to keep the entire environment secure. Pre-login host checks will inspect the requesting client and determine if it meets certain access criteria like OS patch level, Anti-virus/Firewall state or if a certificate is present. BIG-IP APM for LTM VE offers a wide range of authentication mechanisms, including two-factor, to protect corporate resources from unauthorized access. BIG-IP APM enables authentication pass-through for convenient single sign on and once a session is established, all traffic, including PCoIP, is encrypted to protect the data and session-persistence helps users reconnect quickly without having to re-authenticate. BIG-IP APM for LTM VE simplifies deployment of authentication and session management for VMware View enterprise virtual desktop management. ps Resources F5 Accelerates VMware View Deployments with BIG-IP Access Policy Manager on a Virtual Platform BIG-IP Local Traffic Manager Virtual Edition BIG-IP Access Policy Manager Application Delivery and Load Balancing for VMware View Desktop Infrastructure Deploying F5 Application Ready Solutions with VMware View 4.5 Optimizing VMware View VDI Deployments Global Distributed Service in the Cloud with F5 and VMware WILS: The Importance of DTLS to Successful VDI F5 Friday: The Dynamic VDI Security Game F5 Friday: Secure, Scalable and Fast VMware View Deployment Technorati Tags: F5, BIG-IP, VMWare, Optimization, Pete Silva, F5, vmview,virtualization,mobile applications,access control,security,context-aware,strategic point of control
