I‘ve heard it opined a few times recently that the whole profile management market, often referred to as “user state virtualization” (USV) or “user environment management” (UEM), is based on a lie. Essentially, there are those out there who believe that the industry that has sprung up around UEM is a solution looking for a problem, and that there is no need for any enterprise or SME to make any sort of investment in UEM products. Is there any truth to this assertion?
Quite a few players in the UEM market are aiming their products at both virtualized and standard environments. The biggest two are AppSense and RES Software, but these are joined by Immidio with Flex, Liquidware Labs with ProfileUnity, Microsoft with UE-V, Citrix with UPM, and many more besides. The products range from full-featured (AppSense and RES both have solutions that do far more than profile or environment management) to extremely lightweight (UPM, for instance, hooks into Group Policy and is controlled through a set of ADM files).
Something noticeable about most of the UEM detractors—i.e., those who believe it’s just vendor FUD—is that they are generally also believers in AppData redirection. To redirect or not to redirect AppData (on a Windows platform, obviously) is one of those hotly disputed topics, with some claiming it adversely affects application performance and others vigorously nay-saying the idea. People like Aaron Parker, Helge Klein, and Shawn Bass have discussed this many times both online and in presentations, so it’s worth reading up on the whole AppData subject before making a decision about UEM as a whole.
The reason the AppData question is so crucial is because those who believe UEM is simply a made-up concept espouse the traditional Microsoft way of profile management on Windows platforms. Using roaming profiles, aggressive folder redirection, and (if necessary) offline files together apparently provides a perfectly acceptable method of virtualizing the entire user state. In a world of high-speed networks, expansive storage, and reliable connections, the UEM detractors say that no other tools are necessary.
Citrix UPM is probably the only major profile management solution that actually recommends redirecting AppData, but this is expected given that UPM is simply a way to extend the roaming profiles concept. Most other solutions save the AppData filesystem and HKCU registry hives in a different way than by simple redirection.
UEM sprang into being over a period of time, but it was typically used to address issues such as:
- Last-write-wins issues in Terminal Server computing environments
- Roaming profile corruption
- Complicated logon scripts and/or Group Policies
- Requirement for roaming settings between device types and operating systems.
Group Policy (especially since the advent of Group Policy Preferences) can be combined with roaming profiles to produce a very good solution, but this solution still has limitations. Not all settings can be controlled by policies. Users often have to load large and complicated sets of policies, even if they are not using all of their applications. UE-V extends the capabilities of the “standard” solution from Windows 8 and up and essentially moves Microsoft into the UEM market also, but this is still a fairly immature product with no backward compatibility.
Roaming profiles have, historically, been prone to corruption, which then necessitates the deletion and recreation (or “reset”) of the entire profile, losing all associated user settings. Whilst this is not as bad in the latest iterations of Windows, it can still be an issue. Also, the tendency toward profile corruption can depend on various factors, not least the behaviour of the applications in use. If an enterprise uses nothing but Microsoft Office and Internet Explorer, then the roaming profile solution may be perfectly viable. However, the more complicated (and poorly written) applications often pose problems that require a third-party tool to manage effectively.
More recently, UEM has become key to managing one’s applications and data independently of the application delivery method. The user environment is then delivered based around the user’s context—where the user is, what the user is using, etc.
Is UEM Truly Necessary, Then?
It’s always going to be the stock answer, but the truth is, it depends. On a whole host of factors.
The main one is, “Do the Microsoft-provided tools work for you?” If you can leverage Folder Redirection, Group Policy, and roaming profiles to provide a solution that is quick, reliable, within budget, and delivers all of your required settings in a timely fashion, then there would be no need for a third-party UEM solution.
Unfortunately, not all environments have the luxury of being straightforward enough that the MS-provided tools simply do the job. You may have slow links that don’t lend themselves to effective use of redirected folders. You may have applications that don’t play well with redirected AppData due to the network I/O. You may need to roam settings between Windows 2003/XP and Windows 7/8, and the roaming profile types are completely different between these two OSes. You may find your logon times are unacceptable to users. You might end up having to script your way around some issues and therefore be looking for a slicker, more self-contained solution. If any part of the MS-provided toolset causes issues around the delivery of your user environment, then it may make sense for you to take an interest in the various UEM solutions available.
The features in some of the UEM solutions out there—particularly the higher-end ones such as those from AppSense, RES, and Liquidware Labs—can also provide a far richer user experience, besides addressing any issues you have been experiencing. PQR’s UEM Smackdown whitepaper does an excellent job of comparing the features available in almost all of the UEM solutions currently on the market.
In fact, the most validation for UEM as a defined solution is made apparent by the fact that Microsoft has seen fit to provide UE-V as a competing product. If there weren’t a real use case for UEM, then surely Microsoft would have felt it unnecessary to put a product out there that competes with the standard tools it provides?
In summary, UEM may not be a solution that you need to embrace—but it certainly is a consideration that many enterprises find themselves needing to deploy.