Your are here: Home > Blog

Five Cool Products from Synergy 2010

May 18th, 2010 | Posted by Sid Herron in Application streaming | Application Virtualization | Citrix | Citrix Synergy | Provisioning Services | VDI | Virtualization | XenDesktop - (1 Comments)

As many readers know, I spent last week attending back-to-back Citrix conferences in San Francisco. Monday and Tuesday (“Summit”) was for Citrix Partners, Wednesday through Friday (“Synergy”) was for the larger user community. In the coming days, I expect to be writing a lot about stuff I learned there – to the extent that I can without violating the Non-Disclosure Agreement that all attendees agree to as part of the registration process.

Today’s post is about five cool products that I think are worthy of further investigation. I should stress that, aside from Wyse, we do not currently sell any of these vendors’ products, and we may or may not partner with them in the future. So this should not be interpreted as an endorsement other than to say that these products intrigued me and I believe them to be worth looking into.

Wyse XenithTM “Zero Client”
Finally, a non-Windows-based thin-client device with HDX MediaStream video support! I can hardly wait for us to get our hands on one of these for testing. Up until now, if you wanted high performance video, you needed to buy a Windows-embedded thin-client, and install the same Citrix Receiver and plug-ins that you would install on a full-blown desktop PC. And, unfortunately, a Windows-embedded thin-client can easily cost as much as a low-end PC. While I don’t have firm cost numbers yet, I was told it would be “sub-$300” (which I assume to mean $299).

At the Wyse demo, they plugged in the box, turned it on, it auto-discovered the XenDesktop infrastructure and automatically configured itself accordingly, and was ready to use literally in a few seconds. Wow.

Kaviza’s “VDI-In-a-Box”
Kaviza has an intriguing product. It won the “Best of Synergy” award in the “Business Efficiency” category. As the product name implies, they make a virtual appliance that handles the provisioning, load-balancing, and management of virtual desktops in a single package. Their original appliance was designed to run on VMware, but the Beta of v3.0 they were showing at Synergy will run on XenServer. They do not require shared storage (i.e., a SAN), or a separate connection broker. When you add more of their appliances, their “grid” automatically reconfigures itself to incorporate the new appliances, replicating desktop template images as required.

They’re positioning this as an SMB solution – up to a couple hundred desktops. If you’re going to grow beyond that, you’re probably going to want the greater storage efficiency of storing your desktop images on a SAN and using the provisioning services of XenDesktop 4. Also, this is specifically a VDI solution, by which I mean a bunch of virtual PCs running on one or more virtualization hosts. As we’ve discussed in other posts, VDI is only one kind of desktop virtualization. If you want the flexibility of being able to leverage all the different kinds of desktop virtualization, XenDesktop gives you that flexibility.

Suggested list price is $125 per concurrent user. Citrix has a VDI-only version of XenDesktop (which does include provisioning services, but does not include any other form of desktop virtualization) which lists for $95 per named user, or $195 per concurrent user. So, taking into account the cost savings from reducing the back-end infrastructure requirements, Kaviza is certainly competitive for smaller deployments, if you’re looking for strictly a VDI solution. Kavisa estimates that, including the virtualization hosts, you’re still under $500/user.

Interestingly enough, Citrix recently made a “strategic investment” in Kaviza, and has licensed their HDX high-performance video technology to them. This suggests that, at some level, Citrix does not necessarily view Kaviza as a competitive threat to XenDesktop 4.

You can view a demo of an earlier version of Kaviza on Brian Madden TV, or go right to the source and sign up for a Webinar on their upcoming v3.0 release.

App-DNA
Good Lord, if we’d only had a tool like this a few years ago. Several years ago, we worked with a major financial institution that will remain nameless (you know who you are) to build an infrastructure of what was then called Presentation Server that would serve up roughly 300 different applications to roughly 1,000 users. Application Isolation wasn’t available at the time, so we had to do things the hard way. We had a team of several engineers who spent months on application compatibility testing – not only to see which apps would run in a Presentation Server environment, but to see which apps could co-exist in a single server image. It was a huge project, and cost the customer a very large pile of money.

The App-DNA AppTitudeTM software automates the process of application compatibility testing. You give it access to the installation packages of your applications, and it will tell you which Windows desktop and/or server Operating Systems they are compatible with, whether they’re 64-bit compatible, and whether you should be able to package and stream them with XenApp’s app streaming tool or with Microsoft’s App-V. Moreover, if there’s an issue with an application, it tells you what the issue is and makes suggestions as to how you may be able to remediate it!

This product won the “Best in Show” award at Synergy, as well as winning in the “Process Improvement” category. The people I talked to couldn’t give me pricing, but if you’re looking at a major upgrade or migration that involves a lot of applications, this could be a huge time-saver.

Liquidware Labs
Their Stratusphere FitTM product was a Best of Synergy finalist in the “Business Efficiency” category (the category that was won by Kaviza). This is a VDI assessment tool. It will monitor and log a bunch of desktop OS and user performance metrics, looking at network usage, application usage, disk and memory utilization, graphics intensity, disk IOPS, network latency between the current desktop location and the data center you’re hoping to move it to, etc.

After gathering information for a while (a minimum of two weeks is recommended), it will spit out both detail and summary reports that will identify good, fair, and poor candidates for virtualization, identify potential problem areas, and help you size the back-end infrastructure that will be needed to host all of the newly-virtualized desktops.

The cost of a time-limited license (90 days, if memory serves me correctly) is roughly $7 per user. Look at it this way: You can design your VDI hosting environment by the seat of your pants, and probably end up either over- or under-building the infrastructure, or you can spend a little bit of money to develop some hard data to guide the design decisions. If it helps you avoid design mistakes, and helps insure the success of your VDI project, that’s probably money well spent.

Unidesk
The Unidesk product competes directly with the provisioning services component of XenDesktop 4. Why, you may ask, would you want to pay extra for a third party product instead of using the provisioning functionality that comes with all versions of XenDesktop 4? Here are some possible reasons:

  • Unidesk integrates patching and version management into their provisioning tool.
  • Unidesk can deliver boot-time drivers such as antivirus software, VPN software, and printer drivers as components that are separate from your master OS image.
  • Unidesk integrates application management into their provisioning tool, including applications that have been packaged for streaming via XenApp, App-V, or ThinApp.
  • The big one: Unidesk treats user-installed applications as part of “user personalization” – yes, you can provision from a single master OS image and still allow users to install their own apps. (And you can also – relatively easily – repair the damage when a user installs an app that breaks something else.)

In some organizations, user acceptance will make or break a desktop virtualization project. In a native XenDesktop 4 deployment, if you want to allow the user to install applications, you have to dedicate an OS image to that user. If this is a requirement for a lot of your users, you’re going to burn up a lot of expensive SAN storage. If internal company politics will allow you to lock down the corporate desktop, great! Your life will be much easier. And, as we’ve observed elsewhere, XenClient promises to address this by giving the user multiple desktops: a corporate desktop that’s locked down, and a personal desktop where they can install their own applications. But if you are forced, for whatever reason, to allow your users to install their own applications on top of the corporate desktop image, Unidesk could save you a bunch of storage space, and maybe even your sanity.

, , , , , , , , ,

Why Isn’t Desktop Virtualization More Widely Adopted?

May 12th, 2010 | Posted by Sid Herron in Citrix | Citrix Synergy | VDI | Virtualization | XenApp | XenClient | XenDesktop - (15 Comments)

I attended an interesting session at Citrix Synergy earlier today. It was conducted by Ron Oglesby, Chief Solution Architect of Unidesk, and the subject was why desktop virtualization has not taken off like server virtualization has. This is something I’ve wondered about myself, so I was eager to hear someone else’s view on the subject. Since a lot of the points he made could also be classified as “things to watch out for,” I thought others might also find it interesting.

First of all, it is important to recognize that “Virtual Desktop” does not equal “VDI.” (And by “VDI,” I mean turning your physical PCs into virtual machines that are running on some kind of hosting infrastructure, such as VMware, XenServer, or Hyper-V.) VMware has done a pretty good job in many cases of framing the conversation as though these terms were equivalent, because VDI is what they do, and it’s in their best interests to frame the conversation that way. Hats off to them for the degree to which they’ve accomplished that.

But VDI is just one form of desktop virtualization. The fact is that we’ve been virtualizing desktops since the debut of WinFrame a decade and a half ago. And it can be argued that XenApp is still the most cost-effective way to virtualize a desktop. I can pretty much guarantee that, on a given piece of server hardware, I can support more concurrent users with XenApp than I can by building individual virtual PCs.

But what seems to be happening in some cases is that management has seen the tremendous cost savings that have been achieved through server virtualization, so they decide that they should virtualize desktops the same way they virtualized servers, expecting that they will see the same kind of dramatic cost savings. Often, they are painfully disappointed.

Dramatic cost reduction through server virtualization is a no-brainer. You take a bunch of servers that are already in the data center, most of which are probably idling along at less than 10% processor utilization (if that), and consolidate them onto a smaller number of servers. You save space. You save power (both the power it takes to run the servers and the power it takes to cool them). You gain agility and fault tolerance through things like live motion technology. The CAPEX (capital expenditure) savings are obvious. You can probably show a positive return on investment in the first year.

Near-term CAPEX savings are almost impossible to show in a VDI project, because of the back-end infrastructure you have to put in place to host your virtual desktops. (Note that we’re talking here specifically about VDI as I defined it earlier in this post.) Your savings are primarily in ongoing operating expenses, and (according to the Burton Group in a different session I attended) it may take as long as 3 – 5 years to see a significant ROI. Beyond that, you’re talking about things that are very hard to quantify at all, such as the benefit of giving your employees the flexibility to be productive from anywhere. Great idea, difficult to quantify.

Unless you are using some kind of tool that will let you provision multiple virtual desktops from a single shared image, your storage costs are going to skyrocket, because you’re replacing cheap SATA storage on the desktop with expensive SAN storage in the data center – and a Windows 7 image with all the apps on it can easily run 30 Gb. Moreover, the way a desktop OS uses storage is completely different from the way a server uses storage. Your typical Windows server probably averages about 5 IOPS (Input/Output Operations Per Second), with a read/write ratio of 2:1 to 3:1 (more reads than writes). A Win7 system averages more like 30 IOPS, and the read/write ratio is just the opposite.

In other words, workstations aren’t servers, and they won’t behave like servers just because you move them into your data center and put them on a SAN, and therefore you can’t treat them as though they were servers. If you do, you probably won’t be happy with the result.

Finally, although IT guys love standardization, users don’t. They’re used to being able to personalize their personal computers, and they won’t easily give that up. And they definitely won’t be happy if all of the personalization they’ve done suddenly disappears when you replace their PCs with virtual desktops. Unfortunately, there is no magic wand you can wave that will transform a bunch of diverse PCs that have been highly personalized into a single shared image while still preserving all of the personalization. There are some tools that will help you with this, but you have to plan, you have to test, you have to be careful, and you need to have a roll-back plan.

So does this mean that desktop virtualization is a bad idea? No, not at all. It does mean that you need to take the time to understand your users, and come up with a desktop strategy that encompasses all of your use cases. And you need to recognize that classic VDI is probably not a “one-size-fits-all” solution for all of your users:

  • Task-based workers (e.g., call centers) are probably very well served by “Hosted Shared Desktops,” a.k.a., virtual desktops running on XenApp servers.
  • Remote workers may also be covered by Hosted Shared Desktops, although those who need more power, or need the flexibility of a dedicated OS, may be well served by a hosted virtual PC – traditional VDI. For example, a contract programmer may be a continent away, and may need the ability to do things that cannot be done on a shared server OS, like modifying the registry or rebooting the system, but the employer may also want the security of knowing that the code never leaves the datacenter. VDI is a perfect solution for this use case.
  • Office workers may be served by hosted virtual desktops (VDI), but could also be served by streaming the PC operating system from a central shared image directly to the PC hardware on their desks. Managing that central image beats running around to all the desktops with a backpack full of CDs to do your upgrades!
  • Power users who might, for example, need the power of a dedicated 3D graphics processor might be best served by streaming a central shared image to a blade PC in the datacenter, which the user then accesses via a thin-client desktop device.
  • Mobile users, by definition, need to work when they’re not connected to the corporate network. This is the use case addressed by XenClient.
  • In all of the cases above, having a provisioning tool that allows you to boot and run multiple systems from a single shared image is going to save you a bundle on storage.

The cool thing about XenDesktop 4 is that you can handle all of these use cases, and mix and match the best virtual desktop deployment method to each group of users, and they’re all included in your XenDesktop 4 Enterprise or Platinum license. No other vendor offers that flexibility.

, , , , , , ,

Microsoft Takes a Step In the Right Direction

March 18th, 2010 | Posted by Sid Herron in Citrix | Licensing | Microsoft | VDI | Virtualization | VMware | XenDesktop - (1 Comments)

The big Webcast just wrapped up, and will be available for replay shortly at http://www.desktopvirtualizationhour.com. Click on the “videos” tab to get to the selection of recorded videos. Several changes were announced. Unfortunately, they don’t become effective until July 1, but you can’t have everything.

  • VECD is dead, long live the VDA. For all practical purposes, the VECD license is history. Effective July 1, if your client desktop is a PC that’s covered by Software Assurance, you will no longer have to purchase a VECD license to access a virtual Windows Desktop. That saves you about $23/device/year.

    If your client device is not covered by SA (e.g., a thin-client device), you will now be required to purchase the new “Virtual Desktop Access” (“VDA”) license, which will cost about $100/device/year. That also represents a savings of $20/year or so compared to the old VECD pricing model.

    In both scenarios, the “primary user” of that client device now has the rights to access corporate VDI desktops and Microsoft Office applications from other client devices, such as home PCs, Internet cafes, hotel business centers, etc.

  • Windows Server 2008 R2 SP1 will have a couple of new features that will make VDI a friendlier place to go:
    • Dynamic Memory – Provided your guest operating systems support “hot add” for memory, you will be able to configure your Hyper-V host with minimum and maximum memory limits for the guests. So if a VM that’s serving a power user needs more RAM, more RAM will be dynamically allocated from the host server’s memory pool. When that additional RAM is no longer needed, it will be returned to the pool. Note that this assumes that there is unallocated RAM available – this is not the same thing as “memory overcommit.” This should increase VM density and require fewer Hyper-V hosts to support a given number of virtual desktops. Note also that Windows XP does not support “hot add,” so that’s just another reason to make the move to Win7 when you virtualize.
    • RemoteFX – This is a set of technologies that have evolved from Microsoft’s acquisition of Calista Technologies a couple of years ago. It’s primarily a set of enhancements to the RDP protocol, but the graphics virtualization enhancements will also benefit virtual Win7 PCs that are running on a 2008 R2 SP1 Hyper-V host. The performance that was demonstrated during the Webcast was pretty impressive, but in addition, Citrix announced that the “HDX” technology in XenDesktop would be enhanced so it could detect when the RemoteFX technology was present, and leverage it to make graphics performance even better. You’ll find more information on RemoteFX over at the Windows Virtualization Team Blog.
  • The Citrix/Microsoft Partnership is still going strong, and a couple of new promotions were also announced today:
    • “Rescue for VMware VDI” – which is targeted squarely at people who have started to deploy VMware View, and ran headlong into problems with scalability, user experience over WAN links, etc. These customers will be able to trade in up to 500 VMware licenses for the same number of Microsoft VDI Standard Suite subscription and Citrix XenDesktop VDI Edition annual licenses at no cost. Note, however, that these are annual, subscription-based licenses, so they are going to start costing you money after the first year.
    • “VDI Kick Start” – Eligible customers can pay only $28 per device for up to 250 devices to license the Microsoft VDI Standard Suite subscription and the Citrix XenDesktop VDI Edition annual licenses, allowing you to roll out a 250-seat VDI deployment for only $7,000 in licensing costs – roughly a 50% savings. Again, note that these are annual subscription-based licenses, so you’ll start paying the regular price after the first year. Still, that’s a pretty aggressive offer.

The big loser in today’s announcements? VMware. In addition to the trade-in offer, Microsoft made it very clear where they stood. I submit for your consideration a screen cap of the Q&A thread from the Webcast:

If there was any doubt before about where the battle lines are drawn, there shouldn’t be anymore.

In closing, here are a couple of other links you may want to check out:

Bottom line: While I didn’t get everything I’ve complained about in the last couple of blog posts, and I’ve got to wait a few months for some of the announcements to be effective (nothing new about that), it was not a bad day at all. Definitely a step in the right direction.

, , , , , , , , ,

Is Microsoft Changing VDI Licensing?

March 11th, 2010 | Posted by Sid Herron in Licensing | Microsoft | VDI | Virtualization | XenDesktop - (0 Comments)

You may want to mark your calendar – one week from today, Microsoft is holding a “Desktop Virtualization Hour” Webcast, beginning at 9:00 am Pacific time.

Why should you care about this? Well, techtarget.com and others are reporting that there are some licensing changes coming that will make it easier – and hopefully less expensive – to license desktop virtualization technologies.

I really hope they’re right, because the current license model is complex, expensive, and, in my experience, not very well understood by the user community. The vendors of VDI technologies are often not very helpful in this regard, because their focus is to sell you on why their VDI approach is the best, not to needlessly (in their view) complicate the sale by saying, “By the way, here are all the hoops you have to jump through to legally license this deployment from the Microsoft perspective.” Not to mention the fact that their salespeople may not understand the Microsoft licensing side very well anyway.

Today, there is one and only one way to legally license access to virtual Microsoft desktop operating systems, and that’s with the VECD license. (When it was first introduced, VECD stood for “Vista Enterprise Centralized Desktop” – today it stands for “Virtual Enterprise Centralized Desktop.”) The VECD license is only available as an annual subscription license…and the annual cost varies, depending on what the client device is that’s being used to access the virtual desktop OS. If the client device is a Windows Desktop that’s covered by Software Assurance, then adding a VECD license for that client is only $23/year. If it’s anything else – a Windows desktop that’s not covered by Software Assurance, a thin-client terminal, a Linux desktop, a Mac, etc. – the cost jumps to around $120/year. That adds up pretty quickly, and it goes on forever. That’s a tough license model to adjust to if you’re a Small- or Medium-sized business that’s used to just buying new PCs that come with OEM copies of Windows.

These days, you can buy a pretty darned good desktop PC with a professional version of the Windows OS, and probably an OEM copy of the Office Suite, for $700 – $900. If you amortize that over three years, well, you can do the math. Throwing another $120/year on top of that for the VECD license is not insignificant…and we haven’t started talking about the cost of the rest of the VDI infrastructure.

Don’t get me wrong – I’m a fan of VDI in general, and Citrix XenDesktop in particular, which you already know if you’ve followed this blog for any length of time. I truly believe that there are overall cost savings to be had. But most of the savings are in soft costs: reduced effort to manage the desktop image; easier to upgrade and patch; harder for users to break things; easier to insure that critical data is being stored in the data center and backed up; flexible application deployment options; consistent access to the same desktop from just about anywhere; extended life for the client device; faster rollout of Windows 7; etc. Those cost savings are real. Unfortunately, they are also, by definition, hard to quantify, despite the best efforts of the Gartners of the world. And a lot of businesses are still in an operating mode where reducing hard costs today is more important than reducing soft costs in the future.

Reportedly, one of the changes Microsoft is announcing will be a move from per-device licensing to per-user licensing. Depending on what the numbers look like, that could be a step in the right direction.

The other change I’d like to see – and this applied to Windows Server licenses as well as to desktop OS licenses – is to have the OS license associated with a workload, not with a physical device. If a Windows Server license was associated with a workload, e.g., my Exchange Server, instead of me having to “assign” it to a piece of hardware, then I could use live motion to move it from one virtual host to another, or use HA functionality to restart it on another virtual host in the event of a host failure, without having to worrying about whether I’m violating my Microsoft license agreement.

On the desktop OS side, I tend to agree with Tony Wilburn of Betis Group, Inc., who is quoted in the techtarget.com article as saying, “If I buy a Windows 7 license…let me use that instance of Windows 7 whether I have it installed locally, attach to it remotely with a PC or thin client running Windows or Linux, [or] have it running on vSphere, XenServer, or Hyper-V.”

Microsoft’s answer to the Server OS issue is: buy Windows Datacenter Edition licenses for your virtual hosts. And that does indeed solve the license compliance issue. It can also nearly double the cost of licensing for a smaller business that is looking at server virtualization for the first time.

So far, Microsoft’s answer to the desktop OS issue is: buy the VECD license.

But Microsoft is not totally insensitive to customer pushback. Some of us remember when NT 4 Terminal Server Edition was first introduced. Microsoft’s initial licensing stance was to say, in effect, “Terminal Services provides another way of accessing an NT 4 desktop. Therefore, if the client device you’re using is not an NT 4 Workstation, you must buy an NT 4 Workstation license for it, no matter what it is.” Customers who were running Windows 9x, or thin-client devices, or Macs, were not happy about being told that they had to buy a bunch of NT 4 Workstation licenses that would simply sit on a shelf or in a file cabinet and never be installed. The customer outcry was so loud that, less than a year later, Microsoft converted to the Terminal Services CAL license model – which at least had the virtue of being consistent with the way they licensed other server products.

Windows 7 adoption is important to Microsoft. And Windows 7 adoption is driving a lot of the current interest in VDI. Therefore, it is in Microsoft’s best interests to make it as easy as possible for customers to deploy VDI as a means of enabling and accelerating Windows 7 adoption. The signs are hopeful, we’ll just have to wait and see what comes out of next week’s Webcast.

, , ,

Minimum Requirements for XenDesktop

February 5th, 2010 | Posted by Sid Herron in Citrix | VDI | Virtualization | XenDesktop - (6 Comments)

We were recently asked, by someone who was planning a XenDesktop 4 Proof of Concept, what minimum components were required to conduct the POC. Rather than prepare a document just for them, it seemed like a good idea to put the information here so others can read and contribute.

In its most basic configuration, XenDesktop is, functionally, going to look like this (click on picture to view full-size):

XenDesktop Functional Diagram


I lifted this drawing from a three-year-old Citrix PowerPoint presentation, and while XenDesktop has evolved considerably since then, the functional building blocks are still much the same:

  • You’re going to have a Desktop Delivery Controller (“DDC”). This is the Windows server that brokers the connection between the client device and the virtual OS. As you move into production and scale up the environment, you will probably have multiple DDCs.
  • You’re going to have a Citrix License Server. In a small deployment, like a POC, this service can also reside on the DDC.
  • You’re going to need a place for Citrix to store configuration data. In a production deployment, you’ll probably want the Data Store on a SQL Server. For the POC, it can also reside on the DDC.
  • You’re going to need a “Web Interface” server. One way or another, the client devices are going to communicate with the WI server, which will consume the user’s authentication credentials and (in most cases) present the user with the desktop choices that are available to him/her. I say “in most cases,” because it is possible to configure a client such that it will immediately connect to a designated virtual desktop without requiring the user to click on an icon.

    Once again, in a small deployment like a POC, the Web Interface services can run on the same Windows Server as the DDC, the Licensing Services, and the Data Store. So far, we haven’t moved beyond just a single Windows server – although, of course, as the environment expands and moves into production, these Web services should also be migrated to their own server.

  • All of this needs to live in a Windows Active Directory Domain, so if you’re building a POC that is isolated from your production environment, you’re going to need to provide a Domain Controller. That poor little DDC system already has enough running on it, so let’s make the Domain Controller a separate server.
  • You’re going to need some kind of virtualization infrastructure. XenDesktop is platform-agnostic at this level – it will run on XenServer, Hyper-V, or VMware. All of the other servers/services we’ve been talking about so far can be virtual servers running on this infrastructure. In a small POC, that’s the obvious way to go anyway.

Now things start to get a little tricky. That gray box that surrounds the repositories labeled “Profiles,” “Apps,” and “OS” can be broken down in a couple of ways.

Let’s assume that we are going to stream an OS, from a single, shared, read-only image, to virtual PCs that will be instantiated (I love that word – it just rolls off the tongue, and it sounds so technical) on-demand on whatever virtualization platform we’ve chosen. That means we need a Provisioning Server, and a place to store those read-only images. For a POC, the images can be stored on the Provisioning Server itself. When we move into production, since we don’t want the Provisioning Server to be a single point of failure in our VDI infrastructure, we’re going to want more than one Provisioning Server, which means that the OS images are going to need to reside on shared storage of some kind that can be accessed by all of our Provisioning Servers.

Elisabeth Teixeira of Citrix has a great 4-part series on High Availability for Provisioning Services over on the Citrix Community Blog site. Rather than go into detail here, I’d strongly recommend reading through her posts.

For our POC, the Provisioning Server can be virtualized. When we move into production, it’s probably best, for a variety of reasons that we won’t go into here, that they be physical servers.

Our virtual PCs are going to need apps as well. (After all, the entire purpose of a PC is to run apps, right?) If you wish, you can “bake” the applications into the read-only “golden” image that we’re going to use for provisioning, by first installing them on the PC that we’re going to use to create the image. Of course, that means that whenever you make a change to an app, you have to change the whole image, and we know what a pain that is, because many of us have been managing images for physical PCs that way for years. So we’re going to be better off if we stream the applications on-demand onto the virtual PCs after they’re booted up and users have attached to them. We will therefore need at least one XenApp server to manage the application streaming.

Finally, we’re going to need a file server to serve as a repository for user profiles and user data. The streamed OS images are, after all, read-only, so we’re going to need to use AD Group Policies to specify where that data is stored, since it can’t be stored in a profile that’s part of the streamed image.

One more thing comes into play, depending on what Windows OS you’re going to use for your virtual PCs. As we’ve noted in other posts, the process of converting a Vista or Windows 7 PC into a shared golden image will break the license key. You must therefore have a KMS Server available to auto-activate the PCs as they boot up. For best results, the KMS service should be running on a Windows 2008 R2 server. For more information on KMS and how it works, please see our earlier blog post on KMS.

That’s really all you need to do a POC, provided that all your clients will be connecting from within the protected network. If you want to grant access to clients connecting in from the public Internet, you’re going to need a secure way to do that. The simplest way is to use the software Citrix Secure Gateway that comes with XenApp. The CSG is basically an application-specific software SSL/VPN – running on a Windows Web server – that provides a secure proxy between the public Internet and the Web Interface server. For more demanding environments, you should consider the line of Citrix Access Gateway appliances, which can function as general-purpose SSL/VPN appliances as well as providing access to the XenDesktop infrastructure, and can provide advanced features like redundancy, automatic failover and, with the NetScaler software load, even provide Global Network Load Balancing for automatic failover between a primary site and a DR site.

If you have clients in branch offices connecting to your XenDesktop infrastructure across a Wide Area Network, you may see some benefits from deploying the Citrix Branch Repeater line of WAN optimization appliances. It’s likely that as we move through the year and see the release of new technology like XenClient, we will see an expanded role for the Branch Repeater with Windows Server and its ability to cache data locally at the branch office level – but that’s another post for another day.

So there you have it. To summarize, our minimum POC environment will consist of the following servers/services running on our virtualization infrastructure:

  • Domain Controller
  • A Windows Server hosting the following services (which can be broken out onto separate servers as the environment scales):
    • Desktop Delivery Controller
    • License Server
    • Data Store
    • Web Interface
  • Provisioning Server
  • XenApp Server (for application streaming)
  • File Server (optional – in a pinch you could make file shares available on one of the other servers)
  • KMS Server (if you want to provision Vista or Win7 PCs)
  • Secure Gateway Server or Access Gateway Appliance (if you want to provide secure access from the public Internet…note that this server or appliance should be in a DMZ for best security)

, , , , ,

XenDesktop Trade-Up Extended to XenApp Advanced

January 18th, 2010 | Posted by Sid Herron in Citrix | Licensing | VDI | Virtualization | XenApp | XenDesktop - (0 Comments)

Citrix has announced that, effective immediately, the XenDesktop 4 trade-up offer has been extended to customers who have XenApp Advanced Edition. This is great news for those customers, because, under the terms of the original trade-up offer, XenApp Advanced customers would have had to first upgrade their XenApp licenses to XenApp Enterprise, and then do the trade-up.

The table below shows the pricing grid for the trade-up program, depending on which version of XenApp you currently own, which version of XenDesktop you want to trade up to, whether you’re trading up all of your XenApp licenses, and whether or not your Subscription Advantage is current (click on the graphic to view full-size):

XenDesktop 4 Trade-Up Pricing

XenDesktop 4 Trade-Up Pricing


Because the part numbers for the trade-up from XenApp Advanced have not yet been released, customers who want to take advantage of it will need to request a special quote. Two other points to remember:

  • If you trade-up 100% of your XenApp licenses, you get two XenDesktop licenses per XenApp license. Otherwise it’s one-for-one.
  • The trade-up offer runs through June 30, 2010. And as much as I hate to say this, that date will be here before you know it, so please don’t wait until the last minute!

The on-line trade-up calculator has been updated to include information for XenApp advanced.

, , , , , , ,

XenDesktop 4 Campus-Wide Licensing

December 7th, 2009 | Posted by Sid Herron in Citrix | Licensing | VDI | Virtualization | XenDesktop - (0 Comments)

Effective today (12/7/09), qualifying institutions can take advantage of Citrix’s new campus-wide licensing for XenDesktop 4. This is an annual license (meaning that you pay this every year) that is based on the concept of “Full Time Equivalents” (FTEs). For example, an FTE student is defined as either:

  • One student attending the educational institution on a full-time basis, or
  • Three students attending the educational institution on a part-time basis.

The suggested pricing is as follows:

  • XenDesktop Platinum – $29/year/FTE
  • XenDesktop Enterprise – $19/year/FTE
  • XenDesktop VDI – $9/year/FTE

There are several other things you need to know if you want to take advantage of the campus-wide pricing model:

  • For K-12 educational institutions, a “campus” may be defined as a single school, or as an entire school district. Either way, all FTE students must be licensed – either all FTE students attending that single school, or all FTE students in all schools within the district.
  • For higher educational institutions, a “campus” may defined as “a school or department, an individual location, or an entire multi-campus university.” For example, it could be the entire University of YourState, the University of YourState SpecificCity Campus, or just the University of YourState School of Engineering. Again, whichever definition you choose, you must license all FTE students that fall within that definition.
  • You are not required to license faculty and staff, but if you choose to do so, you must license 100% of them, “using the same FTE calculation as your Microsoft Campus or School Agreement.”
  • You must hold an active Microsoft Campus or School Agreement. The Citrix definition of “FTE” is deliberately designed to align with the definition Microsoft uses in these agreements.
  • To qualify for a campus-wide agreement, you must be:
    • “A school organized and operated exclusively for educational purposes, such as a correspondence school, junior college, college, university, scientific or technical institution, which is accredited by associations recognized by either the Department of Education and/or the local Education Authority, and that teaches students as its primary focus.” – or -
    • “The district, regional, or state administrative office of an entity described above, if the office is organized and operated exclusively for educational purposes.” – or -
    • “A hospital, healthcare organization, medical testing laboratory, non-profit museum or public library which is wholly owned by an entity described above. By way of example, the hospital or library of a university meeting the requirements would be part of the customer for purposes of this Agreement.” – or -
    • “Any administrative office or Board of Directors that controls, administers, or is controlled by or administered by an entity described above may also participate.”
  • There is a minimum purchase requirement of 1,000 licenses. You don’t necessarily have to have 1,000 students, you just have to buy 1,000 licenses.

You can find more information in this Citrix Community blog post by Sumit Dhawan.

, , , , ,

Implementing the New Citrix XenDesktop 4 Licensing Model

November 20th, 2009 | Posted by Steve Parlee in Citrix | Licensing | VDI | XenDesktop - (0 Comments)

A couple of days ago, while reviewing some of the blog posts here, I happened to read Sid’s post regarding Citrix’s new per device or per user licensing model for XenDesktop 4. That led, in a somewhat convoluted way, to this post, which will focus on how you would implement this new model.

Even though I already knew some of the changes that were being incorporated into this licensing model, as soon as I read his post I immediately asked myself how, exactly, from a technical standpoint that was going to work? You see, at that exact point in time I was actively working on upgrading our XenDesktop (XD) and Provisioning Server (PVS) lab to XD4 and PVS5.1 sp1, so this topic really interested me – for the simple reason that what Citrix says is supposed to happen was not what I was seeing in my lab. At that point I was already running XenDesktop 4.0 in my lab, and I’d done nothing to put any per user or per devices licenses in place (I do however still have my previous XD Platinum Licenses from my XD 3.0 build on my 11.6.1 license server), but everything worked and I was not getting any license errors. Strange, you say? I agree!

So, like any curious tech, I started what turned out to be a long and exhaustive search for information regarding how the new license model should be implemented. But after a few hours, and a few emails between Sid and I, I had unfortunately turned up nothing, zilch, nada! In fact, the only thing I could find from Citrix – and this is pretty much common knowledge at this point because lots of people have already blogged on the topic – is the set of XenDesktop 4 documents located in the new Citrix eDocs Library. However, if you actually plow through the XenDesktop 4 documents, you will discover that there is no information on how, from a technical standpoint, this new license model is supposed to be implemented.

During my search I did run across one (yes, only one) blog post which had some insight regarding how it will actually work. That blog post was by Helge Klein of Sepago, a Citrix partner in Cologne, Germany. In that post, Helge states, “If what I have been told is true, the current version of XenDesktop 4 has no licensing enforcement built in.” (emphasis added) Now that statement really got me interested, because that was consistent with what I was actually seeing in my lab, but could it really be true?

Again, my curiosity required that I had to verify this information one way or the other. So today I picked up the phone, called the Citrix XenDesktop support team, and asked, “How does it work?” The initial answer (which I actually expected and would have bet money on) was, “I don’t know!”

To the credit of the Citrix technical support person I had on the phone, he did not just let this drop. Rather, he kept digging and reviewing information until he finally turned up an “internal only” document – which, of course, he could not share with me. However, based upon what he was reading in that document, his answer – specifically regarding the named user model – was that any user who is supposed to be assigned a license will need to be placed into the OU that was created during the install of the Desktop Delivery Controller (DDC). My reaction was, “What? You guys are going to require a business to move their users from their current OU(s), which may have group policies being applied, and place them into the XD OU? That’s crazy, because businesses, especially larger enterprises, are going to laugh at us!” Then I asked, “Can we at least nest the OUs to maintain GPO and AD structure?” to which the answer again was, “I don’t know.”

Once again, to the credit of the Citrix support person, I was asked to hold and give him a few minutes so that he could go talk to the escalation team and get a definitive answer. When he returned he confirmed what he had told me about how it was supposed to work…however, he also confirmed that today in XenDesktop 4.0 there is no license enforcement mechanism coded into the product. Basically, the license enforcement is based upon the honor system and what is written in the EULA.

That’s not necessarily bad – it’s worked reasonably well for Microsoft for many years. And our experience over the years has been that nearly all businesses want to be legally licensed, and will comply with license requirements as long as (1) they understand what constitutes compliance (which hasn’t always been easy), and (2) they don’t feel like they’re being ripped off. But it’s certainly a bit unexpected, to say the least.

So, finally, I had the answer directly from the Citrix XenDesktop support team regarding how it is implemented, which left only one more question: When will license enforcement be implemented? The answer: “I don’t know!” So, until Citrix decides to shed some light on this for us, we’ll just live with EULA-enforced licensing.

One last thought: With all due respect, wouldn’t you think that Citrix would want to tell their own internal support people the details about something like this BEFORE the product actually launches? Maybe they didn’t want the world to know about the lack of license enforcement – but things like that always come out…it’s just a matter of time. (Pssst! Hey, Citrix – it’s not a secret anymore!)

, , , ,

Citrix Fine-Tunes XenDesktop 4 Licensing

November 9th, 2009 | Posted by Sid Herron in Citrix | Licensing | VDI | XenDesktop - (0 Comments)

In our post of October 6, hard on the heels of the Citrix news release that announced XenDesktop 4, (hereinafter called “XD4” to save wear and tear on my keyboard) we told you that XD4 was moving toward a strict per-user licensing model, rather than the concurrent-use model that Citrix products have been using since forever. Since that initial news release, however, Citrix has backed down on that position, and made some changes in how XD4 can be licensed.

XD4 Enterprise and Platinum Editions can now be licensed in either per-user or per-device mode. The per-device mode has obvious benefits in, say, classroom situations where a single device will be shared by multiple users, a clinical workstation in a hospital that is used by multiple users, or a factory floor where different shifts come and go. This aligns very closely with the Microsoft RDS CAL licensing model. (RDS, or Remote Desktop Services, is the new name for Terminal Services.) If a given use case would be more economically licensed using per-device RDS CALs, then per-device licensing for XD4 will probably make more sense as well.

A user who has been assigned a user license is entitled to use an unlimited number of devices to access an unlimited number of desktops. A device that has been assigned a device license can be used by an unlimited number of users. Just as is the case with Microsoft RDS CALs, user licenses can be reassigned permanently if a licensed user leaves the organization, or temporarily if a licensed user is absent for a protracted period of time. Likewise, a device license can be reassigned if a device must be replaced, or reassigned temporarily while a device is being repaired.

Customers can have both user and device licensing in the same enterprise, and licenses may be switched from user to device and vice-versa after 90 days. Once you reassign a license, you must wait at least another 90 days before you can switch back.

Just in case that’s not confusing enough, the low-end XD4 “VDI Edition” – which supports only VDI deployments and does not include any of the XenApp or “FlexCast” functionality – can be licensed in either per-user or per-device or concurrent mode. Concurrent licenses for the VDI Edition can be upgraded to either user or device licenses for XD4 Enterprise or Platinum Edition. However, within the VDI Edition, you cannot convert VDI concurrent licenses to VDI user or device licenses, nor can you convert VDI user or device licenses to VDI concurrent licenses.

License Management
Device licenses are assigned by manually adding a unique device identity to a device log. This device log must be manually maintained as devices come and go. User licenses leverage Active Directory – you create and maintain a specific OU for your licensed users.

One wrinkle that you may not be aware of is the concept of “overdraft” licenses. Citrix will actually grant one overdraft license for every 10 licenses that you allocate to a license file. These overdraft licenses are automatically rolled into the license file when it’s generated, and are displayed in a separate column of the License Management Console. The allocation of an overdraft license is recorded in the XenDesktop event log, but you won’t know unless you go looking for it – there is currently no alerting system that would proactively tell you that it’s happened. I would expect that, at some point, Citrix will build in some kind of overdraft alert.

Bear in mind that the overdraft licenses are not intended to let you, on an ongoing basis, exceed the license count you purchased. They’re intended to prevent the situation where a user is denied service because of a temporary spike in usage, or because a license hasn’t been properly allocated or re-allocated, and give you time to purchase additional licenses before the lack of available licenses becomes a crisis. Bottom line here is that if you think you’re getting close to your maximum license count, you should probably check the License Management Console from time to time to see how many licenses are actually in use, and whether you’re into your overdraft pool.

, , , , ,

Citrix Changes the Game Again

October 6th, 2009 | Posted by Sid Herron in Citrix | VDI | XenDesktop - (1 Comments)

Disclaimer: Moose Logic is a Citrix Solution Advisor, and the author has worked with Citrix products for well over a decade – which is about how long there have been Citrix products to work with. As a fan of the company and the technology, it’s sometimes difficult to be objective…but I’ll try.

Citrix has shown in the past that it is not afraid to make bold moves to shake up the market landscape. The most recent was the decision to make XenServer, the “type 1” hypervisor obtained through the acquisition of XenSource, free. With today’s announcement of XenDesktop 4, they’ve made another bold move – arguably the boldest and the most far-reaching retooling of their product line ever.

You can read the press release at the Citrix Web site, and also get all of the details of the new offerings there, as well as from the volumes that will be written in the blogosphere and trade press over the next few days. But the basics are as follows:

  • XenDesktop, in all but it’s most basic version, will include XenApp. With a single XenDesktop license, you will be able to:
    • Deploy a shared virtual desktop from a XenApp-equipped Terminal Server, or deliver published applications running on a XenApp-equipped Terminal Server.
    • Connect to a virtual instance of a PC Operating System running on your choice of virtualization platforms (XenServer, Hyper-V, or VMware) – the classic definition of “VDI.”
    • Connect to a blade PC, if your computing or graphics needs are so demanding that you need dedicated hardware.
    • Stream a PC Operating System in real time to a desktop PC across the LAN – allowing you to boot and run your PCs from a common master image.
    • Stream applications to XenApp servers, PCs (whether virtual or physical), or both, and, if necessary, cache them for off-line use.
    • (Coming very soon) stream a PC Operating System to a client-side hypervisor, where it can be cached for off-line use.
  • XenDesktop will be moving to a per-user license model – a major shift, since Citrix licensing has almost exclusively been based on concurrent use as long as anyone can remember. Sales of concurrent-use licenses for XenDesktop will be discontinued on November 16, when sales of XenDesktop 4 licenses begin.
  • XenApp Enterprise and Platinum users with current Subscription Advantage will be offered a screaming “trade-up” deal that runs through June 30, 2010.
  • Strategically speaking, XenApp is clearly taking the back seat compared to XenDesktop. It will continue to be sold in all existing editions, but is being repositioned as the best solution for customers with high user concurrency (greater than 2:1), or those who use it as a “point solution” (e.g., remote access over limited bandwidth connections, call center applications, etc.). This also is a huge shift, when you consider that XenApp is the product that made Citrix.

So…what’s behind these moves? Citrix clearly believes that the battle for control of desktop delivery is where the future of the company lies. WinFrame/MetaFrame/Presentation Server/XenApp has been the de facto standard for remote access and server-based computing for well over a decade. But if all you care about is deploying Terminal Services (a.k.a. Remote Desktop Services in Windows Server 2008 R2), the value proposition for adding XenApp to your Terminal Servers has been steadily declining – and with the new features of Windows Server 2008 R2, it declines even further. This is why Citrix has worked so hard to reposition the conversation as one about application delivery as opposed to remote access or server-based computing, and why they have continued to roll more features into XenApp – particularly the Platinum Edition, which is really a suite of products more than an edition of one product.

Now they are working to reposition the conversation yet again. Nearly everyone agrees that there will be a huge uptake of Windows 7 over the next couple of years. And as Brian Madden pointed out in a techtarget.com article recently: “…there’s no sense virtualizing your desktops just to end up with XP again. And when Windows 7 launches, there’s no sense migrating to it while still managing your desktops the ‘old’ way.” Clearly, the Windows 7 rollout is a perfect opportunity for organizations to rethink the way they deploy and manage desktops.

The message from Citrix is clear: Desktop virtualization does not equal VDI. VDI, as it is classically defined, is only one way to deliver a virtualized desktop. There are many other ways – which we listed at the top of this article – and all of them have perfectly valid use cases. Since Citrix has solutions that cover all of those ways, it makes sense to offer a single license that will allow customers to “mix and match” and choose the best virtualization solution for each use case.

As the old saying goes, “Nothing succeeds like success.” If this works out the way Citrix obviously hopes it will, it will, by definition, be viewed as one of the most brilliant marketing moves since the deal with Microsoft that led to MetaFrame. At the very least, I think it must be recognized as a pretty gutsy move. And it’s certainly going to be fun to watch.

, , , ,