In our latest article we discussed how today’s IT departments are faced with the balancing act of delivering more services, increasing the flexibility and improving IT-security with the same budget as before. To find competitive solutions to today’s challenges, many IT managers choose to re-evaluate their IT environments from the ground. One area that is being scrutinized is the traditional client-server environment with its limitations. To many organisations a virtual IT environment is becoming an attractive alternative.
From client-server to virtualization
To find competitive solutions to current challenges, many IT managers are electing to re-evaluate their organizations from the ground up. One area that comes under scrutiny in such evaluations is the traditional client-server architecture and its limits. Instead, companies increasingly see a virtualized IT environment as an attractive alternative.
Limitations of the traditional client-server environment
A traditional client-server environment consists of software, operating systems and applications installed on each employee’s unique terminals: desktop computers, laptops, notebooks, smartphones and tablets.
Typically, different types of terminals have different types of operating systems and application support, and thereby different conditions. Applications and software services are developed and customized for each unique type of terminal and its operating systems. Organizations with different types of users with separate needs thus have a wide range of combinations and variations that need to be verified, provisioned and administered. This is work that will ultimately become slow, expensive and difficult to manage. The local handling of each individual client when, for example, new software needs to be installed or updated, also impacts the total cost.
Virtualization – how it works
One of the fundamental principles of client virtualization is to separate the operating system and the applications the user is running from the physical, local hardware. This makes it possible to centralize applications and data to a data center. Instead of local installation for each individual employee computer, all applications and operating systems run concurrently in a central environment. This centralized control gives IT managers new opportunities for more effectively managing and administering the central, shared image of each operating system or application platform.
The organization’s employees gain access to a complete digital desktop environment with selected applications and services from a thin client, a regular computer, smartphone or tablet. Since all services – applications and operating systems – are run centrally, the digital work environment is made available to the end user through streaming.
When the employee’s digital workplace is moved from the end user’s computer to a centralized data center, the input for provisioning, storing and supporting each individual client is reduced. Since no applications are installed locally, there is less risk of incompatibility between different software versions and thereby also less need for testing. In a virtualized environment, all compatibility issues can thus be handled centrally once and for all.
The separation of applications and operating systems from the physical device also makes it possible to run all applications on all types of terminals without local customization. Regardless of where the end user is located and how they choose to work, the work environment and the user experience are the same.
Virtualization with Citrix XenDesktop and XenClient
XenDesktop and XenClient offer an attractive alternative to desktop virtualization.
Citrix XenClient is a so-called “hypervisor,” which enables the virtualization of clients to the organization’s employees. This means that multiple virtual operating systems can run side by side on the same physical computer, completely isolated from each other.
This in turn makes it possible to create one private environment and one professional work environment with different operating systems and different applications that work side by side. Since the different operating systems can be completely isolated from each other in terms of security, it is possible to fully protect the company’s applications and files, while at the same time the user is free to do whatever they like on their own private virtual computer.
Citrix XenClient also offers the advantage of “checking-out” and running the virtual desktop client offline, locally on the employee’s client. This has traditionally not been possible in a virtualized environment.
Citrix XenDesktop / XenApp
Citrix XenDesktop makes it possible to quickly and securely deliver a complete digital desktop to all users in the organization, whether stationary or mobile. One of the advantages of this solution is that it offers three different alternatives for virtualization and how the virtual desktop can be made available to the end user:
- A server-hosted desktop is hosted in a Windows Server, Remote Desktop Service, and shared by several users. Multiple users connect to the same virtual server and share resources in the same operating environment. An entire desktop or a single application can be delivered, with the perception that they are run entirely locally.
- In desktop streaming, the virtual desktop is installed and run centrally from the data center. Both the operating system and applications are delivered as a streaming image over the network to the end user, who has the same user experience as with a locally installed service.
- When using Virtual Desktop Infrastructure (VDI), an image of the virtual desktop is hosted as its own virtual machine running on a hypervisor in the central data center. The IT department can thus offer each employee the best experience for them, depending on whether they have access to the network or need to be able to work locally and sync data when the connection becomes available again.
This is the third article in our series about security in virtual desktop environments. You can find the first article here. Next week we will take a closer look at the advantages of virtual desktop environments when it comes to improving security and flexibility. If you want to read more about smart card-based security in virtual desktop environments already now you can also download our whitepaper Security and virtual desktop environments.
SecMaker is the Nordic region’s leading supplier of smart card-based security solutions to companies, public agencies and organizations. If you want to know more about smart card based IT-security you are welcome to contact us.