- From CIO Digest, October 2009 Issue ( Download This Entire Issue in PDF)
As Moore’s Law continues to drive up processing power, many companies have achieved substantial cost, space, and efficiency savings in their data centers by running many virtual servers on fewer pieces of iron. Yet for organizations with a significant number of client systems to manage, endpoint virtualization has the potential to provide even greater savings.
While the most effective technical approach varies depending on an organization’s needs and infrastructure, the business results of endpoint virtualization are nearly always cost savings (especially for large organizations), easier management, less risk, and substantial productivity gains for both end users and IT staff.
What is endpoint virtualization?
In its broadest sense, endpoint virtualization means separating or partitioning the various layers involved in client computing: a user’s data, profile and configuration settings, software applications, and the underlying operating system. Think of the elements that define a user— his or her data, profile, applications, and desktop configuration—as different colors of paint. If you mix all the paint, it’s tough to get any of the original colors back. Keep them separate, and you have flexibility.
Consider the problems associated with the traditional client computing model: when software is installed locally on dedicated physical hardware, application performance often degrades over time. If a problem occurs with the application—for example, because the user installs another application or version that conflicts with it—a desktop support technician usually has to spend valuable time visiting the machine to remediate the problem. And if the user needs to be upgraded to new hardware, the process of transferring applications, data, and configuration settings to the new machine is laborious and potentially error-prone.
Virtual applications run on a central server, either in the data center or on a network local to the client machines, thus separating the software component from the client hardware. Application virtualization is usually accompanied by application streaming technology, which delivers the software to the client machines over a wired or wireless network. Some endpoint virtualization technologies stream the entire desktop, including the operating system. Others use “bubbles” or “wrappers” to present a personalized workspace, exactly the way the user left it and with secure access to his or her data, from whatever PC might be handy.
Depending on the technology used, client machines might be traditional PCs and laptops running a local operating system, a thin client running an embedded operating system in flash memory, or a diskless, stateless device. One advantage of using “thick client” hardware is that organizations can choose to virtualize some applications and not others, whereas thin clients require more of a commitment to virtualization.
Since the bottom line is reducing endpoint complexity—and the cause of that complexity varies from business to business—most organizations will want to adopt a hybrid approach based on a careful evaluation of their needs and goals.
Show me the money
When shopping for solutions, be careful of any vendor or reseller that pushes one particular flavor of endpoint virtualization without a thorough understanding of your situation, your network, and your requirements for return on investment. Usually, that just means that’s all they have to sell you.
“Companies aren’t looking at endpoint virtualization because it’s some single compelling technology that’s right for everyone,” says Mark Bowker, senior analyst at Enterprise Strategy Group (ESG). “It’s really a set of technologies that can solve business problems for certain profiles of users who need controlled, efficient access to a specific set of applications that they use regularly. Companies considering endpoint virtualization should examine their potential use cases and work backward, with the understanding that multiple approaches may be necessary even within a single organization.”
It’s therefore advisable to work with prospective technology partners to establish a one-year ROI plan. Those that shy away from the challenge may not be equipped with the breadth of technology necessary to deliver success within a reasonable timeframe.
Education: a natural for endpoint virtualization
Endpoint virtualization is generating quite a buzz among educational institutions, and for good reason: the ability to roll back applications to a standard image, avoid applications conflicts, and optimize license management can save thousands of hours a year in IT staff time.
“Educational institutions have been early adopters of endpoint virtualization because it addresses their major pain points,” says Bowker. “Traditionally, a good portion of their IT staff time is spent on deployment—just rolling out new images. Endpoint management tools can lighten that load considerably, but there’s a huge opportunity to reclaim staff time and improve service by virtualizing applications or workspaces.”
Barry R. Ribbeck, director, systems architecture and infrastructure at Rice University in Houston, can relate. “It’s always a very challenging process for us to get images on the lab machines in a specific timeframe,” he explains. “There are so many different groups and people involved that the task is difficult at best, and deployment always comes down to the wire. And then once we have gone through all the effort to test and validate the image, there are inevitably last-minute requests or software versions that come out mid-semester that we’re under pressure to accommodate. That’s a tough position to be in, because we want to be responsive, but we can’t risk application conflicts that might cause downtime for other users.”
Ribbeck hopes that using Symantec Endpoint Virtualization Suite to stream applications to 500 desktop PCs in student labs will help solve these problems. Deployment of the solution is currently underway.
“Application virtualization will give us the ability to change horses in midstream and perform upgrades without impacting our base image,” he explains. “If an instructor wants to add software that’s not in the default build, we’ll be able to do that on the fly, without impacting every other course that’s taught on those machines. We’ll be able to provide instant gratification.”
At Harvard’s School of Engineering and Applied Sciences (SEAS), endpoint virtualization was recently tested to examine potential savings in deployment costs, licensing costs, and remediation time for MATLAB, Wolfram Mathematica, COMSOL, and Abacus—heavyweight engineering and scientific applications that traditionally consumed considerable IT staff time. The school recently completed a pilot using Symantec Endpoint Virtualization Suite to stream the four applications to faculty, research, and student computers.
“The engineering and scientific applications we chose to virtualize can take hours to install and configure locally, and the licenses are often expensive,” says Jack Yatteau, technical lead for the pilot effort at SEAS. “So the ability to stream multiple versions of the software, or keep certain people on a specific version, or allow them to concurrently test the old and new versions simultaneously and compare the results, was very attractive. Users can now begin using new or upgraded applications in minutes, and installation and configuration is significantly streamlined, with no CDs or DVDs required. Both IT staff and researchers can be more productive.”
“Our service calls have gone down, and we’ve seen that they are much lower for students and faculty who are using the streaming versus the self-installed applications,” says David Gipstein, director of operations for information technology at SEAS. “And with dynamic license management, we don’t have to buy 1,000 licenses to cover all potential users. We can buy some fraction of that and grow it as required, maintaining both compliance and the ability to audit usage. This is particularly helpful because we have a fluid community with students, researchers, and collaborators here from weeks to years. When they’re gone, assigned licenses can simply expire, and return to the central pool for reassignment. And for university-owned computers, application virtualization will certainly streamline systems deployment during hardware refresh cycles.”
The case for healthcare: making more time for patients
Another industry embracing endpoint virtualization is healthcare, driven in part by the adoption of Electronic Medical Records (EMR) that is now underway at many hospitals. Physicians, nurses, and clinicians are using computers to access medical data more than ever, and IT organizations are charged with making sure that information is available conveniently and securely.
In Grand Blanc, Michigan, Genesys Regional Medical Center, a member of the Ascension Health system, is using endpoint virtualization to make sure technology is giving healthcare professionals more of their most valuable resource—time—instead of taking it away.
Until recently, doctors, nurses, and clinicians waited for time on shared computers, then spent much of that time logging on to the system and to various applications. With increased reliance on EMRs, “squatting” became a problem. “Once staff members were at a PC, they would often try to stake a claim to what was expected to be a shared computer,” says Dan Stross, CIO at Genesys Regional Medical Center. “Doctors making their rounds often had to hunt for an available computer, taking time away from patient care. We wanted a design that would allow staff to sign on quickly using their I.D. badge and a single password. Our goal was to get them logged in, with a single sign-on for all their applications, in less than 10 seconds, and then be able to suspend their session with one keystroke. We then want to allow them to quickly resume and get back to where they left off—in less than 10 seconds—at a different device.”
Symantec Endpoint Virtualization Suite with Symantec Workspace Corporate met the hospital’s needs. Hospital personnel simply swipe their badges and enter a password, and are instantly logged on to a personalized desktop with whatever applications they’d been using in precisely the state they left them. When they log off, no data remains on the endpoint. Security and compliance are improved, and doctors find that their daily rounds take two hours less. Doctors can even log into their workspace from home using Symantec Workspace Remote to further enhance productivity.
Following a successful pilot program, Genesys is now rolling the solution out to 700 doctors.
“We chose to make this investment over a lot of competing investments because we can tie this directly to improved patient care,” says Stross. “Very simply, endpoint virtualization is allowing us to reclaim staff time by providing more ubiquitous access to PCs. The way most healthcare organizations are dealing with this problem is to put more and more computers on the floors of the hospitals, which causes congestion and drives up costs. With endpoint virtualization, we can reduce the number of PCs that we really need—we’re just using the ones we have more effectively.”
A fly-right model for airlines
At Azul Brazilian Airlines in São Paulo, recent efforts to streamline service by virtualizing ticket sales, check-in, and crew desk applications are already paying off. To give agents fast access to applications and data from various locations in the airports, the company is using Symantec Endpoint Virtualization Suite to stream applications from a local server to thin-client PCs with embedded flash memory. “Golden” images of the three applications reside on a central server.
Dedicated PCs with locally installed software are expensive to maintain and vulnerable to security and reliability issues,” explains Jefferson Santana, data center and IT architecture manager, Azul Brazilian Airlines. “With Symantec Workspace Virtualization and Symantec Workspace Streaming, applications load on demand, without needing to be locally installed. As soon as a user logs into the endpoint device, the server immediately begins streaming down packets of the application code for different functions as needed. The application builds up in the cache in the background as the session continues.”
Because Azul’s IT staff can maintain the software from a central location, the applications are not subject to local corruption, and administrators don’t have to visit machines and re-load software from CDs. Security has also improved, since after a user logs off, no code or data remains on the endpoint. Perhaps most important, applications are customized for the user, not for the machine.
“Because the virtual desktop can stream to any endpoint device where an agent logs on with proper credentials, any agent can work on any station,” Santana points out. “This means the user experience is portable across any machine in our environment. That pays huge dividends in terms of flexibility and faster service in an airport setting.”
Azul is also using Altiris Client Management Suite from Symantec to allow administrators to deploy, manage, and troubleshoot systems from virtually anywhere. “We felt a new level of efficiency was possible in endpoint architecture for the airline industry, and we set out to find it,” says Kleber Linhares, IT general manager at Azul. “We used endpoint virtualization to deliver low-cost workstations ideal for use in a harsh airport environment. This has increased availability, security, productivity, and flexibility and reduced the need for administrator support, allowing us to drive our TCO well below that of the traditional model. We project a 40 percent reduction in total cost of ownership for our endpoints.”
|< Previous Page||Page||6||of||6|
The future is now
Endpoint virtualization has indeed come a long way since the humble terminal server. Education and healthcare are leading the transformation. But as evidenced at Azul Brazilian Airlines, any organization with distributed endpoints and standardized application sets can reap the benefits.
“CIOs are taking a hard look at the resources that are involved in the daily upgrading, patching, and maintenance of endpoints, and frequently those costs are much higher than they’d like them to be,” concludes ESG’s Bowker. “Properly implemented in the right situation, endpoint virtualization can drastically reduce those costs. But for IT, the biggest upside to endpoint virtualization is centralized management and control.”
Ken Downie is Senior Writer at NAVAJO Company. His work has appeared in Business Finance, Internet World, and Business Credit magazines.