For this blog, let us focus on server-hosted VDI. Take the scenario where a customer has one VDI-enabled image that is duplicated for everyone, offered in real-time via a brokered connection and this is torn down every time a user logs out. This is sometimes referred to as an ephemeral desktop or non-persistent workspace. In theory, there's little need for traditional endpoint management disciplines when using this model as everything is temporary. Could this really be the case?
In order to try and tackle this question, I'd like to call out a small subset of the core endpoint management disciplines that we've been used to over the years. Over the coming weeks I will expand on these subjects.
1) OS Deployment In a VDI world the concept of "imaging" is replaced by (thin) provisioning of a virtual machine based on one or more virtual disk images. So the delivery mechanism is different but what about what is inside the Operating System? Each desktop still needs to have a valid and unique machine name and potential registration to systems such as Active Directory. Am I missing something? Perhaps deployment is genuinely no longer needed.
2) Policy-enforced automation Like it or not, customers will be virtualizing a Windows Operating System for now. Even though the OS is becoming more and more of a shell in a VDI model, the end-user, and let's not forget IT, still need to enforce Operating System settings. One great example of this is printers. I need "my" printers based on "who" I am and "where" I am, and this needs to be delivered automatically and dynamically.
3)Remote Management VDI users will still get issues. Many support organizations will have a 30 minute or similar rule; if after 30 minutes I have not fixed the issue, re-image the desktop. In a VDI model, this reset operation becomes much more simple, but and there is a big but, I still need to collaborate in real-time with users to solve issues. If my spreadsheet macro is not working or my in-house application can't connect to its back-end due to misconfiguration by the user, reseting the desktop will not help.
4)Patch Management This particular topic is a very interesting one for me. Do customers need to have online patching when IT can keep one master image up to date. My personal belief is that we need both online and offline patching. If an urgent remediation is required by an entire organization, taking everyone offline and re-provisioning them with a new desktop may not be feasible, try getting away with that in a bank! If a fix is required now and you can not take users offline, online Patch Management is a must.
5) Software Delivery Without software the endpoint, whether physical or virtual, is next to useless. Whether the app is traditionally packaged as an MSI, virtualized, thin-presented or streamed, access to these applications based on the user's identity is a key component of user productivity.
6) Asset Management In the apparent fluid and dynamic world of VDI, IT still needs to secure the intelligence of who is running what apps, for how long and on what devices. Businesses still have license agreements to uphold and contracts to honour, virtualizing the desktop actually brings this more into focus and can actually add complexity.
In addition to these examples, what's more compelling is the convergence of tools to manage physical and virtual endpoints. It will be unlikely that a customer will cut all end-users over to VDI instantly. Perhaps the approach will be phased, more likely is that customers will look to provide VDI solutions for the subset of users that need it. In this case, using two tools and two management approaches will complicate matters hugely. So what is the answer? A tool that can manage physical and virtual desktops, and more importantly the user-experience, across all endpoint management disciplines should cut it. Wouldn't it be great to use the tool you are using today but take on VDI management with minimal additional effort?
With this in mind, what features does an endpoint management tool need to add to address VDI solutions? Can one tool bridge the gap?
Ahem.. You forgot to mention eDirectory :) And yes, we need to manage virtual workstations with ZCM, just as we do physical ones. Software rollout, per-user settings and above all remote control. Right now you cannot RC a virtual PC to which a user has a RDP connection, somewhat of a PITA.