The Virtualization Practice

Licensing VDI for Microsoft Desktops – is it rocket science?

Given all the past ingenuity and accomplishment why is it, in 2011, the mere task of assigning valid licenses to desktop virtualisation should appear an arcane process?

How do different virtualization models impact how you license your desktop services? What are the current licensing models and do they apply in all instances of desktop virtualisation? Do the models impact on provisioning of services be they laptops, thin clients, Bring Your Own Computer (BYOC), or mobile devices?

Is desktop virtualization licensing an intentionally complex process and what other options could there be?

It is often very hard to plan which virtualization and cloud conferences to attend and why. You may need to start your planning now as justification from work could be hard to come by. It may mean you make the decision to go on your own dime. If you do the later, there are some alternative mechanisms that could work for the bigger conferences. The conferences and events I attend every year depend on my status with the organization hosting those events, and whether or not I can get a ‘deal’ as a speaker, analyst, or blogger. So what conferences do I find worth attending? That will also depend on your job role. There is one I would attend regardless of role, and a few I would attend as a Virtualization and Cloud Security person. All are good conferences.

When VMware first announced that it was going to license Teradici’s PCoIP protocol for inclusion in View 4.0, its most visible shortcoming was that VMware did not plan to update the View Security Server at the same time. Setting aside any debate as to the performance characteristics of PCoIP on the WAN, the lack of support for the View Security Server was a significant obstacle to widespread adoption of View in enterprise environments. So the inclusion of direct support for PCoIP tunneling through the View 4.6 Security Server comes as a most welcome update. Also included with View 4.6 are new USB enhancements, as well as support for Windows 7 SP1.

The right approach to monitoring a virtual or cloud based environment is to start with a clean sheet of paper, determine your requirements, and assemble a horizontally layered solution out of best of class vendor solutions that address each layer. Vendors should be evaluated on their mastery of one or more layers, their ability to keep up with the change in that layer, and their ability to integrate with adjacent layers.

Serial Attached SCSI (SAS) is better known as an interface for connecting hard disk drives (HDD) to servers and storage systems; however it is also widely used for attaching storage systems to physical as well as virtual servers. An important storage requirement for virtual machine (VM) environments with more than one physical machine (PM) server is shared storage. SAS has become a viable interconnect along with other Storage Area Network (SAN) interfaces including Fibre Channel (FC), Fibre Channel over Ethernet (FCoE) and iSCSI for block access.

In my last post I was Exploring a Limitation of VMware DRS and I have encountered another situation that had similar symptoms but the resolution was quite different. This problem was occurring on a VMware ESX 3.5 cluster that was specifically affecting Windows 2008 R2 64bit virtual machines that were configured with four processors and eight gigabits of RAM. These virtual machines were taking an extreme amount of time to perform a reboot. During the reboot ESXTOP was showing insane %RDY with spikes climbing over 200. When the reboot would finally finish several services would have failed to start.

This years Innovation Sandbox at RSA Conference was won by a little know company to virtualization and cloud security vendors, its name is Invincea. However, it makes use of virtualization to aid in security. This years finalists once more included HyTrust for the inclusion of what appears to be complete UCS support within the HyTrust Appliance, Symplified which provides a unified identity within a cloud, CipherCloud which encrypts bits of your data before uploading, but not enough encryption to mess with sort and other algorithms. Plus other non-cloud like products: Entersect (non-repudiation in the form of PKI), Gazzang (MySQL Encryption), Incapsula (collaborative security to browsers), Pawaa (embed security metadata with files), Quaresso (secure browsing without browser/OS mods), and Silver Tail (mitigation).

Attached as a footnote to last week’s big news of Windows 7 SP1 being released to manufacture, Microsoft also announced a new lightweight edition of Windows 7. Windows Thin PC (WinTPC) is in many respects a Windows 7-based update of Windows Fundamentals for Legacy PCs (WinFLP), a lightweight locked down version of Windows XP SP3 that was offered to enterprise customers as an encouragement to get them to migrate away from Windows 2000 without the cost of performing a hardware refresh at the same time.

Unlike last year where there were many virtualization security vendors existed at RSA Conference, there was a noticeable lack of them within booths, yet all of them were here to talk to existing and potential customers. However, there were many vendors offering identity management in the cloud for these I asked the identity management product owners the following question:

How can you prove identity in the cloud?