Recently, our own Steve Parlee sat down with Josh Osborn, the Wyse Regional Sales Manager for the Northwest, and Dave Jolley, our local Wyse Sales Engineer, to talk about what’s new in the Wyse product line. In this video, they talk about the Xenith “zero-client” device that was introduced last quarter, and the new Windows Embedded Standard 7 device.
Earlier today, at Citrix Synergy in Berlin, Citrix announced XenDesktop 5, which is scheduled for availability in December, 2010. Naturally, we went looking for the “what’s new” list. You can find that list on the Citrix Web site, but, just to save you a few clicks, here’s our take on it.
Most of the user-facing features are evolutionary, as opposed to revolutionary. There have been incremental improvements in devices supported by the Citrix Receiver, the performance of Citrix HDX, user self-service provisioning, and single sign-on. There is also support for XenClient and XenVault, which were recently made available for download as part of XenDesktop 4, Feature Pack 2. But the truly revolutionary, knock-your-socks-off features are on the management side.
Installation and deployment of a large XenDesktop environment is now a snap using the new Desktop Studio tool. Since a video is worth a thousand words, check out the following video demo of Desktop Studio:
But wait! That’s not all! There’s something here for the help desk staff as well, and this may be the coolest part of all. Take a look at a demo of the new Desktop Director tool:
One of Citrix’s stated goals with XenDesktop 5 is to take VDI from “wow” to “how” – to show you how to easily install, scale, and manage a desktop virtualization deployment. Desktop Studio and Desktop Director are huge steps in that direction.
One of the criticisms that’s been leveled at XenDesktop by its competitors is that it is too complex – too many components that have to be configured to get everything to work. And while that’s partially true, it’s not the whole story. As we’ve discussed in previous posts, XenDesktop is extremely flexible in that it allows you to mix and match different kinds of virtual desktops in your environment to best meet the needs of various groups of users. As you bring more kinds of virtual desktops into the mix, you add more infrastructure components to manage them. More infrastructure components = more complexity but also more flexibility.
If you don’t need all that flexibility – if, for example, you just want to deploy “classic” VDI, by which I mean a bunch of virtual PCs running on the hypervisor of your choice – then you don’t need all that complexity, either.
In this video, Dan Feller of Citrix presents a reference architecture for a straightforward VDI deployment of up to 500 users. The video takes about 50 minutes to watch, but it’s worth your time. You’ll learn some interesting things.
For example, you’ll note that Dan is recommending that the XenServers in the XenServer pool that supports the virtual Windows 7 machines should have local disk drives, in a RAID 10 configuration, that will be used for the local host cache for the provisioned Windows 7 systems, for two reasons: First, it’s less expensive than using SAN storage. Second, the limiting factor for how many virtual PCs you will be able to run on a XenServer host is not processing power, and it’s not RAM – it’s IOPS. And he walks you through the calculation of how many functional IOPS the local storage on the XenServer can support, and how many virtual desktops you can therefore reasonably expect to support.
In fact, my only reservation about this video is that, like just about every other discussion I’ve seen regarding Windows 7 virtualization, it doesn’t mention the Microsoft license activation issue that’s inherent in provisioning Vista and Windows 7 desktops, the need for the Microsoft Key Management Service, and the nuances of getting KMS to work properly. But we’ve pummeled that issue elsewhere in this blog.
So, with that in mind, heeeerrrrrreeee’s Dan (P.S.: the audio doesn’t start until about 15 seconds into the video):
According to an August 26 Gartner press release, your Windows 7 migration may have a painful impact on your budget. The heart of the problem is summed up in this quote from Gartner managing vice president Charles Smulders:
Corporate IT departments typically prefer to migrate PC operating systems (OSs) via hardware attrition, which means bringing in the new OS as they replace hardware through a normal refresh cycle. Microsoft will support Windows XP for four more years. With most migrations not starting until the fourth quarter of 2010 at the earliest, and PC hardware replacement cycles typically running at four to five years, most organizations will not be able to migrate to Windows 7 through usual planned hardware refresh before support for Windows XP ends.
Because of this time crunch, Gartner says that you really have only one of three options:
If you’ve been following this blog for any length of time, you know were we stand on the “hosted virtual desktop” issue. To most people, the term “hosted virtual desktop” refers to a virtual instance of a PC OS (e.g., Windows 7) running on a virtualized infrastructure such as VMware, Hyper-V, or XenServer. However, this is only one way to deliver a virtual desktop to a user. Other ways include:
We’re also of the opinion that no single one of these approaches will fit all use cases. But the nice thing about Citrix XenDesktop is that you can mix and match any and all of these use cases to the needs of your users, all under a single license model.
It still isn’t going to be inexpensive. As Gartner points out, you have to build the virtual infrastructure to deliver those desktops, which will involve both capital costs and labor costs. Anyone who tells you that VDI will save you money in immediate capital costs compared with buying new PCs is not being straight with you. But you can, according to other studies, save up to 40% in your “Total Cost of Ownership” (“TCO”).
And your other alternatives aren’t inexpensive either. So why not take advantage of this opportunity to change the way you deploy and manage PCs? Take a look at what you can do with XenDesktop today, think about how much easier and less costly your Windows 7 roll out would be if you already had XenDesktop in place, and then think about how much easier and less costly your next major PC upgrade project will be if you deploy XenDesktop now.
Windows 7 is going to impact your budget one way or another. Gartner estimates that if you just decide to accelerate your upgrade cycle, the percentage of your IT budget that you spend on PCs will need to increase somewhere between 20% and 60% in 2011 and 2012. If, as in many organizations, your PC spending accounts for 15% of your overall IT budget, that means that in 2011 and 2012 you’re going to be spending between 18% and 25% of your budget on PCs instead of 15%. And that will impact other projects.
As if that wasn’t bad enough, Gartner also predicts that the demand for “highly qualified Windows 7 migration IT personnel” will exceed supply in 2011 and 2012. Remember those discussions about supply & demand back in Economics 101? Yep, that means that IT labor costs are going to go up. In fact, Gartner predicts that the labor shortage, and higher costs, will persist into 2013 as organizations realize that they’re behind in their planned migration schedule and try to figure out what to do about it.
Mr. Smulders had a recommendation on that as well: “Begin talks with suppliers now about putting in place contracts that can deliver flexible levels of resources at a fixed rate over the migration period.”
If you want to purchase a copy of the full report from Gartner, you can order one through their Web site. Or, if you just want to take Mr. Smulders’ advice, you can reach us at (206) 774-0619, or by email at sales@mooselogic.com, or by using our handy information request form. We’re here to help.
Yesterday (August 25), Citrix formally announced XenDesktop 4 Feature Pack 2. It’s expected to be available by the end of September, and, of course, will be available at no charge to existing XenDesktop customers whose Subscription Advantage is current. The big news in this Feature Pack is the incorporation of XenClient and XenVault.
We’ve talked a lot about XenClient here, but haven’t said much about XenVault. It’s high time we did, because it’s a pretty cool piece of technology in its own right.
If you’ve used Citrix products in the past, you know that we have administrative control over whether, for example, users who are running applications on a XenApp server are able to save data back to a disk drive on their client device. With the advent of Smart Access (enabled by Access Gateway Enterprise policies), we can get even more granular: we might allow a user to save data to a client drive if they’re connecting from within the protected network, or connecting from a corporate-owned laptop, but deny that same user the ability to do so if they’re connecting from a personal device or public location like a hotel business center.
Unfortunately, once the data is on a client device, you now have a security risk. It could potentially be copied to a USB drive. The corporate laptop could be lost or stolen. (For some of the more high-profile examples, check out the “laptop losers hall of shame.”) Nevertheless, it’s often viewed as a risk we have to take so that our mobile users can be productive.
XenVault, which was first previewed at the Synergy event last May, is designed to address this risk. XenVault is a new plug-in for the Citrix Receiver. As such, its deployment and configuration are controlled through the Citrix Merchandising Server. To quickly review, Merchandising Server is the preferred tool Citrix has provided for installing and configuring client software. The first time a user authenticates to the Merchandising Server (through a simple browser interface), the Citrix Receiver will be pushed down and installed on the client device, together with whatever plug-ins and configuration details the administrator has defined for that user. Subsequently, the Citrix Receiver will check back with the Merchandising Server behind the scenes, and receive any configuration updates that may be available.
The XenVault plug-in creates a secure, encrypted (256-bit AES) storage area on the client hard disk. Typically, any application that is running remotely on a XenApp server or XenDesktop virtual PC will only be able to store data in the secure, encrypted location, if it is allowed to store data on the client drive at all. Same for an application that has been streamed via XenApp for local execution on the client (regardless of whether it was packaged with the Citrix streaming tools or with App-V). While the user will be able to use Windows Explorer to look at the secure location and see what files are there, the user will not be able to copy files from the secure location to a non-secured area of the hard disk, nor open the files with applications other than those specified by the administrator. For a deeper explanation of how this works, see Joe Nord’s blog post on the subject.
If the laptop is lost or stolen, the administrator can issue a “kill pill” that will cause the secure, encrypted area to be locked or deleted the next time the Receiver checks in with the Merchandising Server. Pretty cool.
If you can’t wait until the end of September to try it out, and you have a mycitrix login, you can download the XenVault technology preview now. And keep watching this space, because I’ve got a feeling that this will be a good subject for a future video blog.
Last fall, we posted about Citrix Provisioning Services and Microsoft KMS activation. To briefly recap, here’s the issue:
In the comment thread of that earlier post, “Chris” stated that he was trying to use Provisioning Server to provision Windows 7 systems, but that they were not incrementing the counter on the KMS server. It turns out that he was absolutely right, and I thought this was important enough to bump the issue by writing another post rather than just going back and commenting on the older one.
It turns out that, although Provisioning Server changes the host name as systems boot, it does not change the machine ID (“CMID”). And, unfortunately, the CMID is what a KMS server looks at to determine whether a machine that’s checking in is a new one that hasn’t previously checked in. Therefore, all of your provisioned Windows 7 systems will look to the KMS server like the same system checking in over and over again, and will not continue to increment the threshold counter.
According to a blog post by Thomas Koetzing a couple of weeks ago, Citrix has told him that this will be fixed in the next release of Provisioning Services, scheduled for sometime in Q4.
Frankly, I’m pretty disappointed by this whole issue. Windows 7 has been out now for almost a year. The big push by both Citrix and Microsoft is that XenDesktop is a great way to roll out Windows 7. Provisioning Services is a must for any significant VDI deployment, because otherwise you eat up far too much of your expensive SAN storage. But yet we’re still stuck in a situation where we can’t use Provisioning Services to provision Windows 7 unless we have at least 25 physical systems checking in with our KMS server for activation. In my opinion, there is no excuse for this issue not being addressed long ago…particularly when it’s been a known issue since the release of Windows Vista.
I did find a workaround described by Kirk Kosinski in a Citrix forum post:
What I did was create a VM with VL media, sysprep and power off, convert to a template, then deploy the template 25 times and boot each VM once (a few required a reboot before contacting the KMS for whatever reason). My KMS server could then activate clients successfully, at least for a while… the activation count will decrease over time if the machine doesn’t contact the KMS server, so you will periodically need to redo this process.
The VMs don’t have to join the domain to activate so you don’t need a complicated sysprep script, just make sure to not include any license key in the script…
This strikes me as a bit of a pain, particularly when you’ve got to do it every six months or so to keep your systems alive, but it should at least work until Citrix and Microsoft get this sorted out.
We have made a number of posts on this blog discussing the value of Citrix XenDesktop and felt it was time to add a video to this topic. Sid Herron had written a previous post Minimum Requirements for XenDesktop that you might find helpful after watching this video. Between this video and Sid’s post you should have a basic idea of what you would need for a basic deployment of Citrix XenDesktop.
Take a few minutes to learn what is required and what would be optional in a XenDesktop deployment, as well as how all the pieces would interact.
I just read an interesting blog post over on ZDnet, entitled The Changing Face of IT: Five Trends to Watch. As I read through the article, I was struck by how Citrix solutions can enable IT organizations to deal with these trends. Consider:
Yep. In fact many companies are instituting “BYOPC” (Bring Your Own PC) policies, because in the long run it can be less expensive to give employees a fixed allowance and allow them to buy whatever they want than it is to issue – and maintain – a company-owned laptop. Citrix themselves instituted this policy a few years ago.
If you’re using XenApp or XenDesktop to provide access to your key line-of-business applications, you don’t care what the endpoint is. If your employee prefers a MacBook, fine. Want to use an iPad? No problem. Connecting in from your home PC because your kids are sick? We’ve got that covered, too. Just install the Citrix Receiver and you’re good to go.
Citrix likes to say that their products are “Secure by Design,” meaning that security is built into them from the ground up. First of all, when you’re accessing your virtual desktop remotely, or running a published application from a XenApp server, the data never leaves the data center. The remote endpoint (whatever it is) is just sending keystrokes and mouse movements to the data center and getting back pixel updates. On top of that, we can encrypt that data connection using the Citrix Access Gateway.
Citrix also gives you very granular control over whether files can be copied between client and server, and/or whether print jobs can be directed to a client-attached printer. In fact, using Advanced Access Control policies, those controls can be context-sensitive, i.e., you might allow files to be copied to the client device if the client device is a company-owned laptop, but not if it is a home PC; or you might allow client-attached printing if the client is connecting from a branch office, but not if the same user, using the same client device, is connecting from home, or from a hotel.
But the point to remember is that when you’re delivering applications via Citrix, users don’t know and don’t care where the data center is or where the applications are being executed. It doesn’t matter. Want to move your entire infrastructure to a co-lo? Fine. Want to have multiple data centers with automatic failover from one to the other? We can do that, too. By some definitions of the term, we’ve been building “private clouds” since the release of WinFrame back in the mid-90s.
We made the point above that users don’t know and don’t care where the data center is. The fact is, for about 90% of what they need to do, neither do the administrators. Virtualization in general, and Citrix products in particular, make it very easy to administer, troubleshoot, and repair issues remotely. We built the entire Evans Fruit Company infrastructure without ever having our engineer set foot on site. In fact, actually dispatching an engineer to a customer location is now the exception rather than the rule.
Very true…but these same users are going to still need to access your traditional line-of-business applications, which will not be transformed overnight into touchscreen enabled apps. It is axiomatic that, in IT, nothing ever actually goes away – instead, new technology just gets layered over the top of old technology…which is why you’ll still find applications running on big mainframes in a lot of enterprises. So how do you manage that transition?
Once again, Citrix comes through. There’s a Citrix Receiver for the iPhone, one for the iPad, one for Windows Mobile phones, one for the Android, and just a couple of months ago, Citrix released a version of the Receiver for BlackBerry devices. And, of course, Receivers for Windows, Mac, and Linux PCs have long been available. I don’t know of any other product or technology that offers this kind of flexibility in delivering applications to users regardless of location, connection, or endpoint device.
So a big “Thank you!” to Jason Hiner for an excellent post. You’ve just described, in a nutshell, why Moose Logic is still excited to be a Citrix partner after all these years. Just remember, as you work to adapt to all of these trends that are indeed changing the IT landscape, we’ve got your back.
As we told you many times, and in many ways, the special Citrix XenDesktop Trade-Up promotion ended on June 30. However, as we expected, Citrix has announced a new trade-up promotion. So there is still a migration path from XenApp to XenDesktop, although (as we also expected) it will cost you more than it would have had you acted before June 30.
You can still get the two-for-one deal if (1) your Subscription Advantage is current, and (2) you trade up all of your XenApp licenses.
Citrix has also extended the trade-up offer to customers who own XenApp Fundamentals (a.k.a. Access Essentials), which is great news. Under the earlier promo, these customers would have had to upgrade to XenApp Enterprise first, and then trade up to XenDesktop. Now they can trade up for the same price as customers who own XenApp Advanced Edition (although the two-for-one deal is not available for XenApp Fundamentals).
Here’s the pricing matrix for the new promo, which will run through December 31, 2010 (click graphic to view full size):
XenDesktop Trade Up Pricing, July 1 - Dec 31, 2010
Just in case you haven’t heard, there’s one week to go on the Citrix XenDesktop 4 Trade-Up Promotion. Here’s a quick recap:
Citrix has a helpful on-line trade-up calculator that you can use to help you compare costs. You’ll need to enter (1) how many XenApp licenses you own, (2) how many of them you want to trade up, (3) what version of XenApp you own, (4) what version of XenDesktop you want to trade up to, and (5) whether or not your Subscription Advantage is current.
I suppose it’s possible that, come July 1, Citrix will announce that they’re extending the promotion…but I doubt it. So far, everyone I’ve talked to at Citrix has assured me that it will not be extended. I’m sure that there will still be an upgrade path after July 1, but it will cost you more money than the current promotion.
One more thing – if you’re going to do this, please don’t wait until the afternoon of June 30 to issue your purchase order! June 30 is like the “triple witching hour” – it’s end-of-month, end-of-quarter, and end-of-promotion. So it’s bound to be crazy busy in the Citrix order entry department. We’ve been requesting that all of our customers get their orders to us by end of business on the 29th, just to make sure that we can get the order placed through distribution and into Citrix’s hands before end of business in Fort Lauderdale on the 30th.
The important thing to remember is that if you are in that situation, you’ll actually spend less money and get more functionality for it, because the XenDesktop licenses will cost you roughly half of what it would cost to buy an equivalent number of XenApp licenses.
And if your use case is primarily to support a large pool of remote users, but you will never have more than half of them logged on at any given time, you can still purchase XenApp licenses to support those users, and they will still be concurrent use licenses.