My name is Dave Kluger and I am the Principal Technology Architect at Storcom. Storcom has been in business in the Chicagoland area for 20 years and has been specializing in the management, movement, and protection of data since its inception in 2000. Today I will discuss VDI and Desktop-as-a-Service.
I have created this blog series because, just like you, I see a ton of emails in my inbox on the topic of virtual workspace and remote work options. I felt that it was time to write a blog series that was coming from a vendor-agnostic standpoint that is designed to provide information that you really need to make informed decisions. Cutting through the clutter and marketing hype to dig into some of the real questions you need to be asking around any of the topics I am planning to discuss in this series is the main goal.
This blog post will focus on VDI and Desktop-as-a-Service. Part two will cover “Virtual Collaboration” and cloud file-sharing options like OneDrive, Microsoft Teams, as well as our Storcom FileCloud, plus video conferencing and remote user telephony for remote workers. Part three of our series will cover “Securing Your Remote Workers” and how to protect roaming workers to ensure safe and secure internet access from their home offices and endpoints. The goal at the end of the series is that you take away some useful information that you can actually use to potentially decide if any of the options I am discussing make sense for your organization.
Many organizations looked at VDI prior to COVID-19 and evaluated the cost because there was a perception that VDI was going to be less expensive than buying desktops or laptops. VDI has made amazing strides. VDI has an amazing ROI whether you are at a large organization with 1000s of employers or a small organizations. The ROI is there but is just a matter of what business challenge you’re trying to solve. VDI can get you there.
Physical desktop computers with locally installed operating systems and apps no longer make sense for the modern business world. They’re expensive, maintenance intensive, not secure, and they lack sufficient support for an ever-changing business landscape.
By virtualizing desktops and applications and moving to the cloud, organizations can realize many benefits — centralized and simplified management and orchestration, greater business agility, improved security and compliance, and reduced IT capital expenditures (CAPEX) and total cost of ownership (TCO).
In smaller companies with 100-500 employers, the ROI is really achieved with ease of management, deployment, and security. Now with COVID-19, VDI is also useful for the ability to rapidly and easily scale up and scale out. Storcom can walk you through this process. Whether you choose to use a public cloud provider, use the Storcom Secure Private Cloud or even build this on-premise in your data center, there are key questions you need to be asking yourself and your team.
With all of this in mind, you will want to look at end-user computing options now more than ever. My blog series will explore the questions you need to be asking regardless of vendor or solution type: VDI on-prem, DaaS (Desktop-as-a-Service), or remote apps.
COVID-19 obviously created a demand for a remote workforce that we had not anticipated. Although all of the technology we needed to get through this situation was right there in front of us, many of us did not take advantage of what was available. For ages, many companies have had users working remotely with VPN and laptops. But COVID-19 brought the need to rapidly scale up in a matter of days or weeks to light. At this point, companies and organizations like schools or other higher learning organizations are still trying to figure out how they could potentially continue living with a large remote workforce for a while.
So now, more than ever, companies will want to look at end-user computing options. Why? Because simply sending your users home with a laptop and VPN may not be the best option. I think that the current state of the world is opening people’s eyes up to some of the potential limitations of the remote work model. Most importantly, we all have access to the “cloud” and what the cloud means is elasticity. Who knows when all of this current state will change, but the one area that the cloud can really help is in providing on-demand compute resources.
According to an FCC Study in April of 2019, 92.3% of all Americans have broadband internet access now and 89% have some sort of PC at home. So even if it’s not a company supplied computer, workers probably have some way to get work done remotely. That probably sounded like a terrible idea in the past when thinking of your workers connecting to your network to get to data from home; however, the security of a users’ local systems has way less of an impact on your company’s IT infrastructure when they don’t correct directly into your network. This opened up a plethora of options for remote workforce.
Additionally, now that COVID-19 has settled in, more and more of Storcom’s clients are looking for a long-term solution to this current challenge and they are realizing this is not a one month stop gap solution. We may be working like this for quite some time. There is a lot of speculation that there will be a lower percentage of people in offices to keep greater distance even when things open back up. Desktop-as-a-Service can assist with all of these challenges because users can use a desktop in their office and connect to the same VDI session as they do when they are at home on their iPad or laptop.
Whether you choose to use a public cloud provider or use the Storcom Secure Private Cloud, Desktop-as-a-Service solution, VDI does not have to be complex. There are 7 key questions you need to ask yourself and your team. Most webinars never touch upon these. They just tell you about how these solutions are going to make your life simpler from a purely marketing standpoint.
Many organizations, despite what we may all know as “best practices” when it comes to desktop management, allow their users to have a highly customized desktop environment. We have a number of clients who use our DaaS solution that gives all users what is called “persistent” desktops. Persistent desktops means that each time a user logs in to their session then it’s the same exact desktop environment and everything is exactly the same. On a consumption-based model, this also means that if I have 200 users then I am paying for storage for 200 VDI machines 24 hours a day/365 days a week. This is not necessarily the best model.
On the other hand, there are “non-persistent” desktops. These are great for consumption-based models. Non-persistent desktops allow you to have a desktop environment with a specific image and the session is gone each time a user logs in and logs off. You lose the local data, but you also don’t pay for the resources when you’re not using them. With a non-persistent desktop image, you can also patch one desktop and then all users get the updates. Managing endpoints and securing these systems becomes a much simpler administrative task.
The issue is keeping the number of images down. There is a breakpoint if you have two many images because it just doesn’t make sense to go this route. If you have ever looked at VDI in the past, then the number of users per desktop image has dropped drastically from a ROI standpoint. With the right level of management in place, we can also control where data is being saved via techniques like using GPOs or mapped drives to external storage locations either in O365 or Google Drive. You can even use the Storcom FileCloud solution.
One of the benefits of using Storcom’s local file-sharing is performance. The closer the data is to the source, the faster the response time will be. When we start an engagement on VDI sizing at Storcom, we typically start with a matrix that we fill in and figure out which direction we’re going to go based on each type of user.
If your remote workforce is working with a small set of core applications like a custom CRM or ERP systems that are being used, then application publishing may be a great alternative. Application publishing has a very small footprint where a user is sent to a landing page for the apps that they need to access through their browser where they then launch the session from that point.
Both Nutanix and VMware have been clear leaders in providing easy to use self-service portals to allow access to remote applications. They have gone so far as providing built-in integration within these back-end SaaS applications to be part of their solutions. Examples of this are Epic, Skype for Business, and more.
One of the benefits of a modern end-user computing solution like Nutanix is that they are designed to run on any device and any browser. Although I think most users are going to be using a laptop at home, you can also use iPads, Android tablets, or Chromebooks. The policy of being able to use any type of device also provides a clear path to security and patch management.
One of the other benefits to a modem VDI solution is that it provides a way to communicate with your end-users. Messages about upcoming maintenance, or even important corporate announcements, can be sent out simultaneously like a PA system to all users who are connected at that time. It is a way for IT to be in better control of the end-users. Whether you’re on a laptop, desktop or iPad, then all updates are controlled from one location. If there is a problem with the update, then it is a very easy process to roll back, especially when users are remote. Ask yourself how you will handle this if your users have company-owned laptops at home for the next 3 months.
The next aspect you need to evaluate is user workloads since that will directly impact your decisions around VDI, published apps, or RDS (remote desktop services).
The main difference comes down to VDI’s ability to create a custom, persistent environment that is not a shared resource. Multiple users can access a single environment that could be customized on a per-user basis in an RDS environment. Resources are not dedicated to a particular user. In a VDI environment, each user either accesses their own centrally hosted physical PC or VM. Users can also access a shared VM.
In a VDI environment, physical CPU, memory, and disk capacity can also be allocated to a particular user which stops one user’s actions from affecting other users. This is an important distinction. One user in a RDS environment can take down all other users because of an errant action. VDI sessions are “containerized,” just like in server virtualization. One server can’t take down another server if the OS crashes.
Also in RDS, your application must run on Windows Server OS. Even though Windows 2016 and Windows 10 are the same kernel, lots of apps won’t run in Windows 2016. For example, Adobe Photoshop will not run on the Windows server OS but runs on Windows 10. In RDS, you can’t allocate different types of virtual environments based on CPU and memory like you can in VDI.
One of the other main benefits of VDI is that VMware, Nutanix, and Citrix all provide customer protocols that are more efficient than RDP to access desktop environments. On a WAN, RDP is not very efficient and will not provide the smooth graphics needed for CAD-rendering using GPU.
In theory, the one big benefit that RDS has is that the licensing costs are less expensive because of how Microsoft user licenses call for RDS vs. buying Windows 10 license VDI sessions. Always consult with a Microsoft licensing specialist like Storcom to understand the latest in Microsoft licensing options.
Security in itself is a major topic, and I will discuss this in more detail in my later blog posts. VDI and desktop-as-a-service provide a number of key benefits over the traditional model of just handing out laptops or desktops and using a VPN such as:
– the right solution should be able to integrate with all of the leading authentication methods. Whether that is an on-prem domain controller, Microsoft ADFS, external LDAP, G Suite integration, or other 3rd party MFA, a secure authentication method is needed to ensure a user’s identity. Storcom’s partners like Thales and Microsoft MFA can also be an integral part of this process and need to be taken into account. In the next installment of this series, I will be going into more detail on these solutions specifically.
is a huge challenge with a new remote workforce in itself. In a normal environment, when users take laptops home and the OS gets corrupted, they would then bring it back into the help desk. Right now, that is severely hampered and oftentimes impossible. With VDI, you can remotely wipe a system. You can also reinstall applications as well as deal with patch management on devices that are touching your network.
is also part of what makes this entire approach so appealing to many IT organizations today. The ability to provide the best possible security with remote devices accessing your network is a huge selling point. In the scenario where a user connects with their home computer, they do not need a VPN into the corporate network. In the scenario where you use the Storcom Secure private cloud or even one of the public cloud providers, a secure tunnel is created between the remote data center and the corporate data center. This means that these remote users are never actually touching your network.
provides a lot of security benefits, but still needs to be protected like any other desktop environment. In theory, even when using application publishing, there is an underlying OS that can get attached, but it is less likely. Storcom’s partners like Carbon Black from VMware have created a fully cloud-managed platform. You can still manage remote systems and workers even if they are accessing systems from the Storcom Secure Private Cloud or public cloud environment.
Selecting a VDI, Desktop-as-a-Service, or remote application solution that uses micro-segmentation can assist in blocking unauthorized lateral movements, and then define and enforce network security policies consistently on any workload hosted anywhere. This will provide a scalable way to shield your apps with consistent, intrinsic security.
This may be one of the single most important questions to ask yourself right now. We all understand the impact this current crisis has had on our economy, but we need business to continue at the same time. Using a public cloud for DaaS may make a lot of sense; however, if not implemented properly, then these costs can spiral out of control quickly because all of the public clouds are on a fully consumption-based model.
Also, building a solution on-prem right now is also probably not an option. Although you can control costs more from the standpoint of what resources you have and what they cost, you have to go on-site to build it, lay out the capital, and then learn a new solution.
The third option is to leverage the Storcom Secure Private Cloud. We put you on the right technology, provide connectivity into your data center, move workloads from public to private, and even on-prem when the time is right. Storcom’s hybrid cloud model may be just the right mix of all three options. Both VMware and Nutanix offer flexible licensing models that allow for a hybrid approach to purchasing licenses that can be used in the Cloud or on-prem and moved back and forth. Storcom also provides a more tailored approach to understanding your application delivery needs and build a custom solution that is exactly right for your organization.
So by the end of all of this, you can see how VDI and Desktop-as-a-Service (DaaS) can possibly be somewhat complex. There are a lot of variables, but a VDI solution solves so many of today’s current challenges at the same time. VDI’s rapidly scales up and scales down via a public or private cloud option is quite possibly its most important attribute. Storcom can also set up your organization with a trial system to easily find which of these is the right opinion for your business.
Storcom’s methodology is unique in the information technology service provider space. We don’t believe in “cookie cutter solutions,” and we create a fully-customized plan that is specific to your business. Storcom has a solid process that we undergo during each and every project which consists of three methods:
Storcom gathers data, classifies your applications, and does a deep-dive on identifying your specific requirements based on your environment and specifications.
Storcom embarks on our Analysis phase where we analyze the data collected in the Discovery phase, and we evaluate solutions that make the most sense based on our findings and your IT environment and business goals.
Lastly, we provide a Roadmap deliverable where we present you with our proposed solutions based on our thorough research of VDI and Desktop-as-a-Service options that suit your needs and environment. This is where Storcom assists in providing you with viable options with the pros, cons, and pricing. We want you to be able to make an informed decision.
This diagram shows the logical flow of users connecting to the external portal via HTML5 browser and over SSL. The users gained access to the DaaS sessions in the Storcom Secure Private Cloud. It also shows how users can also access data from the Storcom FileCloud local shares for low latency and high bandwidth connections to data.
Thank you for reading this blog. I appreciate that you took time out of your busy day to spend learning about Storcom and our VDI and Desktop-as-a-Service solutions. If this blog was helpful for you, then please contact us to learn more. Stay tuned for my second blog post on “Virtual Collaboration” on cloud file-sharing options like OneDrive, Microsoft Teams, and our Storcom FileCloud. Plus, we will discuss video conferencing and remote user telephony for remote workers. If you’re interested in watching the video of our webinar on VDI and Desktop-as-a-Service, then please click here.
Principal Technology Architect, Storcom
The industry is always changing and our technicians seize every moment to find the best way to keep your business on the leading edge of technology. Here are some articles to help share the knowledge.