How to develop a successful
Desktop Strategy (Thin, Slate,
Thick, VDI... V6)
Ritu Patney
Optimized Desktop Specialist
Microsoft Corporation
The evolution of the desktop
Physical Location
1 Fixed Screen
Deskless Worker
Task Worker
Cashier
We have
location
based
workers on
almost every
Factory
line
Call center
industry
1 Mobile Screen
N Mobile Screens
Office Worker
Office
workers who
are still
dependent on
1 or 2 screens
Today’s Office
Ubiquity / Synchronicity
Multi-screen
Power User
Focus is on
the latest
generation of
devices
Anywhere - Anytime
Multiple of devices
Explosion of devices
So in this new reality…How are you going to
enable, control, secure, manage ?
Phones
New form
factors
Slates
Current Inventory
~7 Years ~4 Years ~3 Years
Performance
IT Control
User Satisfaction
~1
Years
NEW
PC
Current List
of user complains
•
•
•
•
•
•
Slow Environment
Application failure
Complicated to manage
Complicated to mantain
Hard to update
Etc
What used to be a clear future…
For the last 20 years the solution
has been…
Jump to hardware selection
Multiple of devices
Embedd
ed
Slate
Tablet
Laptop
All in
One
Explosion of devices
We have moved form
a Desktop
a Digital
Strategy to
Workspace
Strategy
Lets look at some analyst research
1999
Worldwide
Shipments
• There
is no cost benefit
related to thin client 2009 Worldwide Shipments
Afterand
10independent
years…TCO calculations show
• Analyst
the differential between a a well managed
Thin Clients – 3 Million units (1% WW)
Thin“fat
Clients
–
700,000
units
(0.6%
WW)
a thin1%
client
bemarket
negligible. PCs
Thinclient”
clientand
remain
of to
the
– 301 million units
PCs
- 113
million
units
Based
on
:
Dataquest
Insight:
“The
Emergence
of
Thin-Client-Based
Support
Services
in Europe”,
Rob
Addy, 3
SourceDesktop
: Dataquest
Insight: Global
Thin-Client
Terminal
Market
Even
after
2
years
of
VDI
existence
Source : IDC 1999 Enterprise Thin Client Year in Review - Jan
September
2009,
2000 Update
IDC, 9/7/01
ID Number: G00170696
Disappointing, but It's Poised to Turn Positive, 17 June 2009,
ID:G00168475
VDI provides an average of 10% TCO benefit vs Unmanaged Desktop, but
only 2% on a managed environment.
Based on Gartner: “Total Cost of Ownership Comparison of PCs with Hosted Virtual Desktops”, Mark A. Margevicius, Michael Silvewr,
Federica Troni,
Publication Date: 4 August 2008, ID Number: G00155498
Virtualized applications can reduce the cost of testing, packaging and supporting an application
by 60%, and they reduced overall TCO of a desktop environment by 5% to 7%
Source Gartner: “TCO of Traditional Software Distribution vs. Application Virtualization”,
Michael A. Silver, Terrence Cosgrove, Mark A. Margevicius, Brian Gammage. Publication Date: 16 April 2008 ID Number: G00155897
Application Architecture Drive Device Options
App1
App3
App4
App3
App4
App3
App4
App2
App3
App4
App2
App3
Is Development
Stack supported?
What
format is it Presented
the Application Stack
Application
Compatibility
onin?the Issupported?
• .Net
• depends
Mobile
• C#,
C++
• Weband Presentation
• Office
supported
Development
Stack
• Java
• Rich
• Unified Communications
• Ajax
• Emulation
• Security
Capabilities of the device
• Silverlight
• Utilities (Doc Reader,
Where does it Run / Render?
• VDI
• Remote Desktop Services
• Local
• Private Cloud
• Public Cloud
• Public Internet
• Offline
•
Flash
•
•
•
•
Compression)
User Profiling
Custom Business
Legacy
Emulation
App. Stack
Dev. Stack
Rendering
Presentation
PDA, Pocket PC,
Phone
App. Stack
Dev. Stack
Presentation
Managed
Smart Client
Rendering
App. Stack
Dev. Stack
Presentation
Rendering
Diskless
Smart Client
App. Stack
Dev. Stack
Rendering
Presentation
Thin Client
or Old PC
App. Stack
Dev. Stack
Presentation
Rendering
VDI
Each architecture requires different expertise
High
Med
Low
Directory Access
Roles / Profiles /
Personas
Perimeter
Security
Security
Storage
Anti
– Malware
Management
Anti-Spam
Monitoring
Remote Desktop
Services
Managed
Smart Client
Lifecycle
3-8yrs avg
Remote
Support
Thin Client , Diskless
Client or Old PC
Lifecycle
3-8yrs avg
Network
Bandwidth
Mgmt
Application
Certification
Testing
Image Mgmt
OS or App
Deployment
Inventory
Mgmt
Patch
Mgmt
Mobile Device
Tablet, PDA,
Pocket PC, Phone
VDI
Lifecycle
3-8yrs avg
Lifecycle
2-3yrs avg
So what do analyst recommend…
ANY ARCHITECTURE involves moving all aspects of managing a desktop (HW,SW, Management, Configuration,
Processes, etc)
ANY ARCHITECTURE will not cure the today’s poor desktop management, it makes it even harder
ANY ARCHITECTURE requires more tools and different skills than traditional desktop management
Existing PC Support structures are not appropriate for other architectures
There are still some heavy entry costs to consider for some of these architectures…
Infrastructure dependencies, Licensing, Legal, Operational workload shift, Manageability
The biggest factor to reduce TCO is based on how managed are your
profiles, unlocked users could cost up to 36% more than appropriately
locked down one’s.
VDI / Thin Client is not appropriate for all user, applications or deployment scenarios, segment and use
accordingly
Gartner: “Top 10 Issues With Hosted Virtual Desktops”, , Mark A. Margevicius, Publication Date: 10 June 2010 ID Number: G00201182
Gartner:” Organizational and Staffing Considerations When Planning for Hosted Virtual Desktops”, Mark A. Margevicius, Terrence Cosgrove. Publication Date: 15 June 2010, ID: G00201376
Gartner: “Best Use Scenarios for Hosted Virtual Desktops”, Mark A. Margevicius. 24 February 2009,ID:G00165252
Gartner: “Organizations That Unlock PCs Unnecessarily Will Face High Costs“, Michael A. Silver, Ronni J. Colville, Publication Date: 19 December 2008 ID Number: G00161951
Gartner: “How to Reduce Your PC TCO 30% in 2011 “, Federica Troni, Brian Gammage, Michael A. Silver, Publication Date: 20 March 2009 ID Number: G00166195
“Choosing From 10 Client Computing Architectural Options”, Brian Gammage, Mark A. Margevicius. 10 December 2007, Publication Date: 27 February 2009 ID Number: G00164331
Gartner: “Market Trends: x86 Virtualization Market Driven by Consolidation, Promise of Cost Reduction, and Management Advantages”, 17 November 2009, ID:G00172438
Thin Client Choices
Thin Client Form Factors
Traditional
Thin Client
Definition
Benefits
Considerations
Licensing
A device with a reduced
hardware and software
footprint, intended to connect
to a remote desktop
Zero Client
Windows
Fundamentals for
Legacy PCs (WinFLP)
A terminal with no local
storage, operating system or
processing
A repurposed PC running a smaller
footprint locked down version of
Windows, making it behave like a
Thin Client
Smaller attack surface
than PC
Extremely low device TCO
No OS to manage on device
No upfront costs - Extend existing
investments by repurposing PCs
Fewer breakable parts
than PC
Highest reliability – no
moving parts
All the advantages of traditional
thin clients
Lower energy costs than
PC
Excellent choice for pure
server based desktop
scenarios
Thin Clients need security
and management
updates
Needs to be always
connected
to network
Requires VDA
License,
which includes SA benefits
Enterprise-grade manageability
and security
Has all the benefits of
traditional thin clients
Large PC inventory capable of
running Windows 7
Requires additional
processing on server to
translate I/O calls
Reduced CapEx budgets for device
purchases
Cannot run browser based
applications or be
Requires VDA License,
upgraded
which includes SA benefits
Strategy is not locked to Thin Client
–
flexibility to revert back to PCs
WinFLP is a benefit of SA / VDA
When Is Thin Client an Option?
Scenario
Recommended Access Device
Hybrid SBD Scenarios
If You Have ServerBased Desktops (SBD)
VDI / Sessions
Local desktop +
hosted desktop
Local desktop +
hosted applications
Windows PC
Pure SBD Scenarios
No local desktop
functionality required
No local applications or
data
OR
Thin Client
Windows PC
Unmanaged devices
Tablets, iPads,
smartphones,
employee owned PCs
Device choice
precedes SBD choice
Unmanaged Device as Thin Client
Level of access is determined by
managability
Unmanaged
•
•
•
•
•
BIOS Access
Admin Access
Root Kits
Key Loggers
Spyware
Basic Profiles
• Remote Wipe
• Password Policies
Domain Joined
Enterprise OS
Local User
Group Policy
Data Sync
Offline Data
Synchronization
• Remote Support
•
•
•
•
•
Laptops
Phones
Desktops
Corp-Managed
•
•
•
•
•
•
•
•
•
•
Deployment
Patching
DRM Deployment
IPsec Deployment
HW/SW Inventory
Smart Card
VPN
DirectAccess
HD Encryption
USB Policies
Please
wellon do
you manage
The biggestanswer:
factor to reduceHow
TCO is based
how managed
are your
profiles, unlocked users could cost up to 36% more than appropriately
?
locked down one’s.
Gartner: “Organizations That Unlock PCs Unnecessarily Will Face High Costs“, Michael A. Silver, Ronni J. Colville, Publication Date: 19 December 2008
ID Number: G00161951
What’s needed to build a well managed desktop
environment…
• Regular & Flexible
management of:
Corporate
• Drivers
• Languages
Base
• Common Apps
• Offline servicing and Image
updating
Computer Configuration
• Software Settings
• Windows Settings
• Control Panel
• Network
• Printers
• System
• Windows Components
Group
Policy
• Client for
Virtualized
Desktop
environment
• Client for
Virtualized
applications
User Configuration
• Software Settings
• Windows Settings
• Scripts
• Security Settings
• Policy based QoS
• Deployed Printers
• IE Maintenance
• Administrative Templates
• Policy based quota
• Backup on the
Data
server side
Synchronization
• Offline file
management
• Account Policies
• Password
• Lockout
• Local Policies
• Audit
• User Rights
Assignment
• Security Options
Security
Policy
•
•
•
•
•
•
•
• Roaming
Profiles
• Folder
Redirection
Windows Firewall
Network List Manager
Public Key
Software Restriction
Application Control
IP Security
Advanced Audit
Each virtualization solution offers different
benefits
Secure & Controlled
access
Session
Virtualization
Thin Client , Diskless
Client or Old PC
Client Hosted
Virtual Machine
Local
Local / Synchronized
Encrypted Data
VDI
Well Managed
Device
Application
Virtualization
User State
Virtualization
Benefits:
Application
Compatibility
Benefits:
Application
Compatibility
Inventory &
Usage Mgmt
Migration
mitigation
Application
Lifecycle Mgmt
Application
Isolation
Benefits:
Centralized
Controlled
Locked
Environments
Benefits:
Centralized
Controlled
Flexible
Environments
Local / Synchronized
Virtual
Browser
Local Browser
Virtual
Browser
Roaming OS
Remote
Local OS
OS
Preferences / Settings
HW
HWIndependent
Dependent
HW
Independent
Home
Corporate
Managed
Desktop
Benefits:
Decouple HW,
Apps, and Data
from the physical
device
Roaming
Virtualized
Local
Local applications
/ Virtual
Remoteapplications
applications
Corporate
Managed
Laptop
Corporate Office
Consumer
Unmanaged
Device
Internet
Unmanaged
Device
What about consumerization?
Allow your employees to bring to work their own pc’s
Managed device
Unmanaged device
Managed Data
Unmanaged Data:
Data in Rest:
Group Policy
• Encryption
•Managed
Data location
enforcement
Applications:
• Data synchronization
•Secure
Datause
recoverability
Managed
Operating
System:
of
data through
Local Data in rest:
• Employee backup/restore responsibility
• Theft of PC = loss of data
•Unmanaged
Who owns intellectual
property
Consumerized
•Applications:
How to control access to sensitive data
• Patch management
Data
inuse
Transit:
Secure
of applications and data through;
• Inventory
•Group
OS
patch
Audit
Policymanagement
Managed
Computers:
•• Group
RightsPolicy
management
security
•
Firewall
Access
•• IP
security management
enforcement
Device
(Installation
Secure
use of management
corporate applications
andand
data
• •Configuration
Access)
through;
• Error
monitoring
•Compliance
Application
access (Application Locker)
•• Hardware
inventory
Reporting
• Security
• HW
audit management
• Lockdown
templates
• BIOS
and driver
updates
Network
Protection
•• HW
error Access
monitoring
OS inventory
•• Intel
vPro™ management
OS audit
•• Group
Policy
• OS error
monitoring
• HD
encryption
• Compliance
Reporting
• Device
Management (Installation and
• Direct Access
Access)
• USB drive encryption
Unmanaged Operating Systems:
Web
Service
Data
in rest: data due to;
Limited
use of
corporate
• Undetermined
location
of data (compliance)
Limited
use
of corporate
and data
Unknown
stateapplications
of applications
due
to; owns intellectual property
• Who
Computer:
••Unmanaged
Key
Howloggers
to control
access to sensitive data
• Screen capture
Limited
use of corporate applications and data
•Data
Viruses
in transit:
to; kits
• due
Root
• Undetermined
BIOS access
• • Admin
access
•• Uncontrollable
Root kits
• HD access
Access corporate applications and data through
Remote Desktop or Web based applications
Enable Consumerization of IT
Then people started
brining in unmanaged
computers that also
gave people access to
business information
Guidance based on the best
practices we have found
Who
Role / Profile
Management
Security Access
Management
•
•
•
•
•
• Certificates / IPsec
• Direct Access / IP V6 /
VPN
• Smartcard
• Threat Management
Gateway
• Access Gateway
• NAP / Quarantine
• Patching
Directory management
Group policy
Security groups
Roaming profiles
Compliance logging and
auditing
• Digital Right
Management
What
Where
Application
Lifecycle
Management
• Application Certification
• Application
Virtualization
• Application Catalogue
and Inventory
• Use Management
Data Management
• HD Encryption
• USB Policies
• Backup / Restore
processes
• Data Synchronization
policies / tools
• Data Archiving
• Compliance
What should drive the client selection…
Device
Applications
Role / Function
of the end user
Role / Function
of the end user
Applications
Device
Let’s see what is possible
today…
Scenario 1
• Migrate from Windows Xp to Windows 7
• Manage application compatibility
• The power of Mobility via Group Policy
What do we recommend..
End User Considerations
Huge increase
in mobility
New regulatory and
compliance rules
Increasing system
performance needs
Maintaining productivity
while reducing costs
Use of consumer
devices for work
Segment End Users in 4 Simple Steps
Office Workers
Highly independent
connected workers
Task Workers
Bank Teller
Call Center Associate
Mobile Workers
Senior Executive
Business Consultant
Field Sales
Representative
Deskless Workers
Retail Associate
Nurse
Manufacturing
Floor Manager
Office Workers are a Diverse Group
Office
Worker
Special
But some
havewith
special
Office
Workers
Compliance
Requirements
compliance
requirements
Highly independent
connected
Financialworkers
Trader
Government Worker
Contractor
All
have high autonomy
and
Mainstream
Office Worker
areEngineer
always connected
Designer
Architect
Desktop Transformation-Enabled Scenarios
Sharing
Secure/Shared Laptop Assets
for Travel, Hot-Desking, Shift Workers
Contractors
Hosted Image
security, right apps and data
Application Virtualization
VDI
Folder Redirection
Bitlocker +
BitLocker To Go
BranchCache
Enterprise Search
Application Virtualization
Home
Home PC Enablement – Use home
Task
assets for work or emergency access
VDI
Folder
Redirection
Windows
Fundamentals
for Legacy PCs
Server-based VDI hosting
Remote
Access
Extending PC life, Training Rooms
And Task Workers, low cost, carbon–
neutral
Terminal Services
(Desktop)
Working from remote locations,
secure, remote access, Cloud
VDI
Server-based VDI hosting
•
•
•
•
Reducing Laptop Deployments
Sharing Assets
Enabling Mobile Workforce
Secure, Centralized Architecture
Windows 7
Windows Server 2008 R2
MDOP
System Center
Optimized Desktop Solution
Accelerator
Microsoft Services
Roadmap Example
0-6 Months
6-12 Months
12+ Months
Envisioning
Architect
ure and
Planning
Visi
on
Application
App-V
Application
Strategy
Application Compatibility
Image
Image
Engineering
ImageDeployment
Engineering
Deployment
Proof of
Concep
t
Infrastructure
System Center
Configuration Manager
Active
Directory®
Configurat
ion
Network
Remediati
on
Pilot
Patch
Managem
ent
Security
Configurat
ion
Full Deployment
Foundation elements for a well managed desktop
Windows Optimized Desktop Scenarios
Features
•
Simplify collection of desktop user
requirements with assessment tool
•
Map technology requirements to users’
needs with proven best practice
•
Covers desktop solutions including
Windows 7, App-V, MED-V, VDI, etc.
Benefits
•
Streamline user requirements gathering
•
Enable fast planning and deployment for
optimized desktop solutions
•
Free up IT administrators and support staff
from break-fix issues
www.microsoft.com/WODS
Microsoft Services Solutions
Challenges
Reduce Costs of
deployment & IT
Management
Manage Risk and
Empower People
Anywhere
Access to information
& Application
Benefits
IT Enterprise
Management:
Configuration
Management
Desktop
Planning &
Deployment
Desktop Image
Engineering
Desktop
Planning &
Deployment
Desktop
Application
Compatibility
Security,
Identity, and
Access
Management
Desktop
Planning &
Deployment
Client
Virtualization
with Advanced
Management
Security,
Identity, and
Access
Management
Streamline PC
Management &
Automated Software
Update
Comprehensive
Security and
Compliance
Make Users Productive
Anywhere
Next Steps
Kaun Banega IT Pro
Champion Quiz Contest
• 1:30-2:00 PM on 24th & 25th March
• Here’s an opportunity to prove your
knowledge/skills around IT Pro topics –
Desktop Deployment, Security &
Virtualization Technologies
• Win exciting prizes
• Those interested in nominating yourself,
please stay back!
Resources
Software Application Developers
Infrastructure Professionals
http://msdn.microsoft.com/
http://technet.microsoft.com/
msdnindia
@msdnindia
technetindia
@technetindia
© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in
the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft
must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any
information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Recommended References
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
Gartner: “Top 10 Issues With Hosted Virtual Desktops”, , Mark A. Margevicius, Publication Date: 10 June 2010 ID Number: G00201182
Gartner:” Organizational and Staffing Considerations When Planning for Hosted Virtual Desktops”, Mark A. Margevicius, Terrence Cosgrove.
Publication Date: 15 June 2010, ID: G00201376
Gartner: “Best Use Scenarios for Hosted Virtual Desktops”, Mark A. Margevicius. 24 February 2009,ID:G00165252
Gartner: “How to Reduce Your PC TCO 30% in 2011 “, Federica Troni, Brian Gammage, Michael A. Silver, Publication Date: 20 March 2009
ID Number: G00166195
“Choosing From 10 Client Computing Architectural Options”, Brian Gammage, Mark A. Margevicius. 10 December 2007, Publication Date: 27
February 2009 ID Number: G00164331
Gartner: “Market Trends: x86 Virtualization Market Driven by Consolidation, Promise of Cost Reduction, and Management Advantages”, 17
November 2009, ID:G00172438
Gartner: “TCO of Traditional Software Distribution vs. Application Virtualization”, Michael A. Silver, Terrence Cosgrove, Mark A. Margevicius,
Brian Gammage. Publication Date: 16 April 2008 ID Number: G00155897
Gartner, “Total Cost of Ownership Comparison of PCs With Hosted Virtual Desktops”, Mark A. Margevicius, Michael A. Silver, Federica
Troni, 4 August 2008 ID Number: G00155498
Gartner, “Desktop Total Cost of Ownership: 2008 Update”, Publication Date: 24 January 2008 ID Number: G00153705
Gartner PC Configuration Magic Quadrant Dec 2008
Gartner, “The TCO of Employee-Owned Notebooks Running a Corporate Virtual Machine”, Brian Gammage , Publication Date: 5 May 2008
ID Number: G00156851
Gartner: “How to Reduce Your PC TCO 30% in 2011 “, Federica Troni, Brian Gammage, Michael A. Silver, Publication Date: 20 March 2009
ID Number: G00166195
Gartner: “Organizations That Unlock PCs Unnecessarily Will Face High Costs“, Michael A. Silver, Ronni J. Colville, Publication Date: 19
December 2008 ID Number: G00161951
Gartner: “Hosted Virtual-Desktop Deployments Are Set to Accelerate”
Gartner, Brian Gammage, Mark A. Margevicius, 28 July 2008, ID Number: G00159683
Gartner: “Choosing From 10 Client Computing Architectural Options”, Brian Gammage, Mark A. Margevicius. 10 December 2007, Publication
Date: 27 February 2009 ID Number: G00164331
Gartner Hype Cycle for PC Technologies 2008, Publication Date: 1 July 2008, ID Number G00158516
Gartner - Dataquest, “Dataquest Insight: Growth in Thin-Client Terminal Markets Points to a Fundamental Shift in Computing Architecture”, 2
October 2008 ID Number: G00160724