If digital transformation is leading to increasing use of public cloud providers, what about desktop computing? Does it make sense to move this to the cloud, consuming the desktop as a service (DaaS) along with everything else?
There is some logic to it. If a business already has data in the cloud, there is an advantage to running hosted desktops with the same provider, to benefit from low latency between the data and the clients. Users can still get a PC experience via a thin client, but the PC operating system runs remotely on a cloud-hosted virtual machine (VM). A number of companies now provide this service, and users can host with large providers such as Amazon Web Services (AWS) or Microsoft Azure, or with smaller hosting companies.
VDI concept works well
The virtual desktop infrastructure (VDI) concept works well both for office and mobile users. In the office, a thin client appliance provides a robust and cost-effective connection to your virtual desktops, while for mobility and flexibility, you can generally use any PC, Android, iOS or Chromebook to connect.Licensing Windows for VDI is complex and requires Windows Enterprise.Customers with Windows Enterprise and Software Assurance can deploy Windows 7 or Windows 10 via VDI.
Take-up for VDI and DaaS is “still increasing”, according to Charles Barratt, digital workspace domain architect at VMware, who cites a variety of reasons. The pay-as-you-go model, a classic benefit of hosted services, is well suited to organisations that experience seasonal demand variation or employ varying numbers of contractors. Security is improved, in that the hosted desktops are in a datacentre and cannot be lost or stolen. If a hosted desktop suffers a malware infection, deleting and replacing the desktop is normally straightforward. Encryption can be applied across the entire network. Hosted desktops are also amenable to behaviour analytics, an additional security piece that can detect anomalies in behaviour and apply remediation, such as blocking an IP address or user account. VMware’s Horizon Cloud is “a control plane that resides in the cloud, with three delivery models”, says Barratt. The three models are VMware hosting, Microsoft Azure and on-premise deployment. It is also possible to implement a hybrid system. You can choose per-user or concurrent connection licensing, with the latter more cost-effective if you have a lot of occasional users.A virtual desktop can be implemented as a dedicated VM or as a session on a shared server or VM, such as one using Microsoft’s Remote Desktop Session Host (RDSH), which allows multiple users to log on to a single server.
A point of confusion in the Horizon Cloud offering is that the different deployment options vary in what they support. On Azure, for example, only RDSH is supported, although support for virtual desktops and virtual applications is in beta in response to customer demand. Historically, a virtual desktop solution has been unsuitable for graphic-intensive applications such as computer-aided design (CAD). While there is still a case for local workstations for the most demanding applications, hardware-accelerated graphics are now supported on virtual desktops. VMware Horizon, for example, uses Nvidia Grid technology which shares a physical graphics processing unit (GPU) between up to 16 virtual machines, allowing graphics acceleration. Another big provider of DaaS is Citrix, whose XenDesktop can be deployed on-premise or on any of the big cloud providers, including Microsoft Azure, AWS, Google Cloud Platform and Oracle Cloud. Microsoft itself has held back from offering first-party desktop virtualisation on Azure, but has partnered with Citrix to offer XenDesktop Essentials, available via the online Azure Marketplace. Here, the customer buys the Azure
infrastructure and Windows 10 Enterprise licences, while Citrix provides XenDesktop management components: Citrix Studio, Director, Delivery Controller and SQL Server. Director is a web-based console that administrators and IT support staff can use for management, monitoring and troubleshooting, including the ability to view and control user sessions. It also provides notifications and alerts.
XenDesktop Essentials is a cut-down version of Citrix Cloud, which adds remote desktop applications as well as Linux applications and desktops, hosted on your choice of cloud. The heart of the Citrix offering is the technology used to deliver remote desktops andapplications to users, called high-definition experience (HDX). This is really a bundle of optimisation techniques, including compression, network traffic deduplication, smart use of local processing power where available, graphics and multimedia optimisations.
More manageable and secure
Thomas Berger of Citrix’s technical marketing team says a DaaS solution is inherently more manageable and secure than physical PCs. Instead of confidential files being spread over numerous PCs, the data never leaves the datacentre (or public cloud). Does the trend towards mobile and web applications reduce the need for Windows desktops? It may do eventually, but in the meantime, “enterprises have hundreds of thousands of Windows applications”, says Berger.Amazon WorkSpaces was introduced in late 2013, providing pay-as-you-go Windows desktops on the AWS public cloud. It originally promised a “Windows 7 experience” via hosted Windows Server 2008 R2. Since then, WorkSpaces has been expanded with an option for a “Windows 10 experience” via Windows Server 2016, or actual Windows 7 or Windows 10 desktops for users with over 200 WorkSpaces with their own licences.There is a wide range of desktop configurations available, with an option to bundle applications including Microsoft Office. The range of VMs available in Amazon WorkSpaces includes a graphics bundle with a Nvidia GPU with 4GB of video RAM, eight virtual CPUs, 15GB system memory and, of course, solid-state drive (SSD) storage.
Amazon has also introduced Amazon Linux Workspaces, a Linux desktop based on the Mate desktop environment. It is priced around 15% less than Windows WorkSpaces, and includes bundled applications Firefox, Evolution, Pidgin and Libre Office.
WorkSpaces can be used with Amazon’s own identity provider(IAM) or integrated with Microsoft Active Directory, if you have a VPN or Direct Connect link between your on-premise network and an Amazon Virtual Private Cloud.
Amazon also offers a document storage and synchronisation system called WorkDocs, which works in tandem with WorkSpaces to provide secure, persistent storage that can be accessed from any computer or web browser as well as within a WorkSpace.
WorkSpace Application Manager (WAM) is a complementary piece that lets you package desktop applications into virtualised containers and deploy them either as optional or required for users. Full control with automated deployment and updates is at extra cost.
Amazon provides its own WorkSpace client for Windows, Mac, Google Chrome OS, Google Android, Apple iOS and Amazon Fire OS. There is also support for the PCoIP protocol, enabling support for thin client devices that use the Teradici Tera2 chipset.Amazon’s VDI solution is characterised by a commonsense approach that is best suited to organisations already using AWS, thanks to integration with other AWS services. It is not suitable for hybrid deployments because WorkSpaces cannot be deployed on-premise, and although it does support Active Directory and Group Policy, it does not support standard tools such as Microsoft’s System Center Configuration Manager (SCCM).The DaaS concept is compelling, especially for organisations that are already migrating to cloud-based systems for other aspects of their IT provision. Centralised desktop provision simplifies deployment, improves security, and enables a higher level of intelligence and analytics.
But there are also downsides. Working mainly with remote desktops can get in the way, especially in scenarios where you need to interact with local peripherals. Licensing is expensive, because the cost of DaaS is additional to the cost of the operating system itself, and can be complex. Some software suppliers have special terms for VDI deployments. It works best when many users can work with the same desktop image, but less well when there is a wide variety of requirements.The challenge of keeping systems and applications patched and updated does not go away just because desktops are virtual.In the context of IT modernisation, DaaS occupies a curious space, living both in the old world of legacy desktop applications and in the new world of cloud services. For some organisations it is a perfect fit, while for others there are better and more cost-effective ways to deploy applications.