VMware released Horizon 6 on the 9th April, only a day after the demise of Windows XP support. Horizon 6 has an array of fancy End User Computing (EUC) related features that make a really compelling case, however, writing a piece solely around this is not the plan with this article.
Instead let us consider the VMware portfolio for a moment. It has been a busy time recently, with a number of innovative technologies being released and starting to gain some traction. Let us consider a handful of these technologies as a bit of a thought exercise for a moment.
New and Improved vSphere and vSAN
VMware vSphere 5.5 Update 1 was released relatively recently. This accompanied the release of vSAN – VMware’s own storage virtualisation technology. This, in itself, is something of a game-changer. Taking a set of relatively proprietary servers with some SSDs and spinning rust, it is possible to configure a vSphere environment with performance and resilience without needing to buy an expensive SAN with all the paraphernalia that such a solution usually requires.
vCloud Automation – Presenting and Automating Service Provisioning
Next, let’s consider vCloud Automation Center. This provides a highly customisable self-service portal that allows an enterprise to present cloud provisioning servers to customers, whether internal private-cloud customers, or externally, in the case of cloud providers. A nice idea – a user can request a service from a catalogue and all the technical processes can be automated and hidden away.
Horizon 6 – End User Compute, Reloaded.
Now we look at the new boy on the block – Horizon 6. This is more than simply an extension of the Horizon View stack. With the release of Horizon 6, we start to see the integration between the somewhat disjointed elements of the previous Horizon Suite. We see a raft of changes:
- Application presentation from different sources (ThinApp, web applications and Citrix XenApp).
- An improved Horizon View, with enhanced performance and extra features.
- A centralised Workspace interface for ease of use for the end user.
- Local SSD storage
And let’s also consider that this release directly supports vCAC and vSAN, so we can do clever things with provisioning services to customers and the storage infrastructure without resorting to third party solutions.
Networking with NSX
The last item on the shopping list is VMware NSX. This is VMware’s new network virtualisation stack which allows the provisioning of a whole networking environment within a virtual infrastructure:
- Provisioning of virtual VLANs – VXLANs – across a virtual estate. Pretty much as many as you will ever need, as well as several ways of bridging to physical VLANs upstream.
- Firewalling – at several different levels, from the virtual NIC on a VM, to VXLAN wide and across network boundaries, NSX includes its own firewall solution, as well as providing integration mechanisms to support third party options.
- Load Balancing – Not merely IP address sharing, but quite feature rich, including the ability to host certificate based load balancing.
- Integration with vCAC for provisioning network services.
Putting This All Together
So, taking this list of products, we can consider our thought exercise. What do we get if we combine all of these into an integrated EUC solution?
Firstly, we can look at provisioning. Using vCAC provides the ability to offer a console to present a catalogue of end user services – remote desktops of different specifications, access to applications and services. The service catalogue can then automate the provisioning of these services, as well as the underlying infrastructure where applicable.
The infrastructure would, as you would expect, sit on a vSphere environment, augmented using vSAN and NSX. In the case of vSAN, considerable performance can be gained through the use of locally installed SSD presented across hosts as a virtual SAN. Scaling is relatively straight forward to accomplish too,as hosts are added in a scale-out fashion, so too is storage, presenting a potentially linear model.
NSX as part of the environment is a subject for discussion in itself. Using commodity network hardware – a relatively cheap managed switch infrastructure, a dynamic, fully featured network infrastructure can be established by moving the network stack from the physical to the virtual world – Software Defined Networking.
An End User Compute solution such as this is likely to include a management infrastructure separate to the virtual desktop infrastructure. View brokers, Horizon Workspace and Horizon Mirage all require network load balancing in order to scale in a resilient fashion with adequate performance. NSX Edge appliances can be used to provide this ability. In addition, use of routing and firewalling within the virtual infrastructure not only provides tighter security in a traditional single-tenant enterprise, but also opens up the ability to provide secure multi-tenancy on a shared architecture – with VXLANs supporting discrete customers in isolation. Of course, this becomes all the more important when internet connectivity for these services is required.
On the infrastructure supporting Virtual Desktops, NSX can provide similar segregation between tenants. Client security using NSX is potentially a massive benefit. The NSX Distributed Firewall applies to VMs on the individual VM network interface, subject to rules established within NSX. This is much more flexible than a hardware appliance working at a global level – discrete policies can be applied using parameters such as what VXLAN the VM is located, or even VM parameters such as the VM name.
One pretty intriguing feature of NSX includes integration with third party antivirus scanning solutions, for example Symantec Critical System Protection. Consider a default rule for firewalling applied to a VM. If the VM is picked up as being infected by the antivirus solution and tagged as infected, NSX can automatically apply a different policy to isolate the VM until it is cleaned by the antivirus solution. All in an automated fashion.
So, all in all, potentially a slick, compelling solution, all provisioned using VMware’s product range.
If you would like to learn more about virtualisation and cloud solutions, or wish to discuss your workspace challenges, we have lots of experience to share so please contact us today.