For this blog, let us focus on server-hosted VDI. Take the scenario where a customer has one VDI-enabled image that is duplicated for everyone, offered in real-time via a brokered connection and this is torn down every time a user logs out. This is sometimes referred to as an ephemeral desktop or non-persistent workspace. In theory, there's little need for traditional endpoint management disciplines when using this model as everything is temporary. Could this really be the case?
In order to try and tackle this question, I'd like to call out a small subset of the core endpoint management disciplines that we've been used to over the years. Over the coming weeks I will expand on these subjects.
1) OS Deployment In a VDI world the concept of "imaging" is replaced by (thin) provisioning of a virtual machine based on one or more virtual disk images. So the delivery mechanism is different but what about what is inside the Operating System? Each desktop still needs to have a valid and unique machine name and potential registration to systems such as Active Directory. Am I missing something? Perhaps deployment is genuinely no longer needed.
2) Policy-enforced automation Like it or not, customers will be virtualizing a Windows Operating System for now. Even though the OS is becoming more and more of a shell in a VDI model, the end-user, and let's not forget IT, still need to enforce Operating System settings. One great example of this is printers. I need "my" printers based on "who" I am and "where" I am, and this needs to be delivered automatically and dynamically.
3)Remote Management VDI users will still get issues. Many support organizations will have a 30 minute or similar rule; if after 30 minutes I have not fixed the issue, re-image the desktop. In a VDI model, this reset operation becomes much more simple, but and there is a big but, I still need to collaborate in real-time with users to solve issues. If my spreadsheet macro is not working or my in-house application can't connect to its back-end due to misconfiguration by the user, reseting the desktop will not help.
4)Patch Management This particular topic is a very interesting one for me. Do customers need to have online patching when IT can keep one master image up to date. My personal belief is that we need both online and offline patching. If an urgent remediation is required by an entire organization, taking everyone offline and re-provisioning them with a new desktop may not be feasible, try getting away with that in a bank! If a fix is required now and you can not take users offline, online Patch Management is a must.
5) Software Delivery Without software the endpoint, whether physical or virtual, is next to useless. Whether the app is traditionally packaged as an MSI, virtualized, thin-presented or streamed, access to these applications based on the user's identity is a key component of user productivity.
6) Asset Management In the apparent fluid and dynamic world of VDI, IT still needs to secure the intelligence of who is running what apps, for how long and on what devices. Businesses still have license agreements to uphold and contracts to honour, virtualizing the desktop actually brings this more into focus and can actually add complexity.
In addition to these examples, what's more compelling is the convergence of tools to manage physical and virtual endpoints. It will be unlikely that a customer will cut all end-users over to VDI instantly. Perhaps the approach will be phased, more likely is that customers will look to provide VDI solutions for the subset of users that need it. In this case, using two tools and two management approaches will complicate matters hugely. So what is the answer? A tool that can manage physical and virtual desktops, and more importantly the user-experience, across all endpoint management disciplines should cut it. Wouldn't it be great to use the tool you are using today but take on VDI management with minimal additional effort?
With this in mind, what features does an endpoint management tool need to add to address VDI solutions? Can one tool bridge the gap?
Some VDI vendors like Citrix, have profile management and streaming tools... VMware customers are still waiting to see profile management integrated in View.
I'd love to see something like that in ZCM as roaming profiles are always tricky and slow down the login processs. And not only for VDI endpoints but also for physical clients.
Profile management and the ability to personalise a session is key firstly to making VDI work but also, and I think more importantly, it allows users to roam between different access points and endpoints. For example, a user that can roam from a desktop, to a laptop, to a server hosted VDI session, to a thin-presented desktop and still maintain their applications whilst being managed by one tool, is very compelling.
Profile management and the ability to personalise a session is key firstly to making VDI work but also, and I think more importantly, it allows users to roam between different access points and endpoints. For example, a user that can roam from a desktop, to a laptop, to a server hosted VDI session, to a thin-presented desktop and still maintain their applications whilst being managed by one tool, is very compelling.