866-764-TECH(8324) · Subscribe to Application Solution Providers, Inc.News FeedSubscribe to Application Solution Providers, Inc.Comments

Did I just read that!

On February 9th, there was an interesting press release from VMware that was brought to my attention over the weekend. After reading it, I was rather perplexed as VMware makes the following statement:

“The TCO of an SBC deployment used to deliver all applications to users is 8% to 13% lower than that of a locked and well-managed PC deployment, and up to 44 to 47% lower than that of an unmanaged desktop deployment.”

This quote is clearly referencing Gartner as the source as evidenced by the following statement in the press release:

“Research firm Gartner recently compared the TCO of personal computers versus what they term server-based computing (SBC).”

I totally agree with VMware and Gartner, these are great TCO numbers. SBC saves a ton of money for many use cases such as Task Workers. Citrix has been doing this for a long time and SBC represents the Hosted Shared desktop model that is included as part of XenDesktop.

So why was I perplexed?

Well, VMware is clearly inferring that their View platform can deliver this type of TCO. This would be great for VMware except for the fact that the world for a long time defines SBC as Remote Desktop Services (formerly known as Windows Terminal Services) or Citrix XenApp and VMWare does not offer an SBC solution. VMWare only offers VDI as part of their hosted desktop offering.

Perhaps I am missing something?

Since VMware references Gartner, a very respectable industry analyst firm, as their source. I decided to look for a report I recalled from 2008 that I used as reference prior to joining Citrix. I wanted to understand if perhaps my definition of SBC was inaccurate. After a quick search I found the report available as a free download on various sites, with a direct link here. Nowhere in the report does it talk about SBC being anything else but a mature client architecture that delivers substantial TCO with the right group of users. Very much in line with the philosophy of XenDesktop that offers multiple desktop virtualization models to suit different use cases and budgets. While the numbers in this report are different from what the press release says, I do assume that the latest report referred to is an update. I don’t have Gartner’s permission to use that report or quote from it, but I am confident that if the fundamental definition of SBC was changing, somebody at Citrix would have been consulted as part of the process.

Surely something can’t be right here, so I thought let me go and check to see if there is anything in the desktop geek community that I may have missed. I checked Brian Madden’s site and even as far back as 2007 there is a very clear distinction as to what is SBC vs. VDI. I also checked on Doug Brown’s site and even there I see no obvious references to believe that VDI should be thought of as SBC. So it remains a mystery to me how such a press release could have been approved….

Integrity and ethics seem to be optional at VMware

I also came across a blog written prior to me joining Citrix which talks about the same misdirection, dating all the way back to 2009. It also references another Brian Madden blog that calls out VMware misleading TCO with their VDI solution. It seems the same tactics are in full force at VMware and nothing has changed. Wow! Am I really writing this? How can anybody trust them? This is why I guess they fudge their quarterly desktop financials by hiding VMware Workstation revenues with VDI. Certain analysts may be blind to the obvious, but clearly customers are not buying it as there would be no need for such shenanigans if View was delivering value broadly.

Do people really understand that VDI is not desktop virtualization?

What perplexes me the most is that the press release, which includes customer quotes supporting the inference has been circulating for several days and nobody else including VMware or any other vendor has raised an eyebrow that would get one to correct what obviously is misleading. Certainly, I don’t blame people for not catching it, as it’s very subtle and easy to miss if you don’t bother to read or understand what looks like a bog standard harmless press release. Perhaps that’s the underhanded tactics that VMware now has to resort to after being called out numerous times in the past….

Irrespective of solution, it hurts our industry when customers are presented with inaccurate information from the so called “experts”. That’s very different from saying it was just a marketing oversight or an honest mistake. It also does not mean that one can’t achieve a great TCO with the VDI model, but that is not the point of this post.

Is this due to a lack of understanding or is it something more sinister?

It’s certainly more than creative liberty but I’ll reserve final judgement until VMware has had an opportunity to respond. What I will however say is, it’s about time many more customers, analysts and media woke up and understood that VDI is a dangerous term that is thrown around by too many naive people who don’t understand that desktop virtualization is so much more. There are just way too many customers with use cases like Task Workers that even VMware admits can be addressed with SBC and its excellent TCO that is part of XenDesktop. VDI is not the same thing as SBC and VDI is not desktop virtualization.Desktop virtualization is a comprehensive solution that includes VDI and allows you to tailor desktop delivery to meet your enterprise users’ requirements, from task to mobile workers.

So beware and don’t be naive…

If VMware’s intent was just to point out how great SBC is as part of desktop virtualization, then I’ll say thank you for pointing out what VMWare View doesn’t provide this functionality and therefore results in a higher TCO than XenDesktop. If this is anything else, well at least on this Valentines Day VMware can send flowers to all those customers who may be just a tad miffed.

UPDATE
PR response from VMware and my counter

UPDATE 2
VMware updates press release with quote removed. Guess we can move on.

VMware responds with scripted PR

Yesterday I pointed out how VMware was inappropriately trying to infer that a quote showing substantial savings from a Gartner Server Based Computing (SBC) research report was somehow applicable to VMware View which offers no such solution. VMware responded with a scripted PR statement on the CRN site that is geared towards VARS and technology integrators in response to coverage from Kevin McLaughlin. Below are some highlights from the Kevin’s article which includes a response from VMware.

Reporter Quote
“VMware says the Gartner figures quoted in the press release referred to Wyse’s portfolio of thin, zero and cloud PC client solutions, which support both SBC and VDI.”

VMWare Quote
“It is appropriate for Wyse to choose to feature this when talking about their products,” the VMware spokesperson said in an e-mail. “VMware’s portion of the announcement featured customer momentum and results related to our portfolio of desktop and application virtualization technologies.”

Repeat offender

Before I respond to the quotes it’s worth pointing out that in 2009 an earlier version of the report was also called into question. VMworld – Misuse of Gartner’s TCO Numbers to Make the Case for View

Who is VMware trying to fool?

VMware is trying to wriggle its way out of responsibility for a press release on their corporate website and pin it on a partner with plausible deniability. Really VMware? Do VMware really except anybody to believe that a thin client TCO in combination with SBC where you have no solution can reasonably be merged into a quote in a single press release? It is rather insulting to assume that people are that dumb. It is therefore not appropriate under any stretch of the imagination. The fact that VMware is a repeat offender is also inexcusable.

Who did VMware pin the tail on in 2009 when similar facts were misrepresented? They also take a very similar tact when it comes to PCoIP. The reality is VMware have failed to take any responsibility for their continued pattern of outrageous fud with respect to TCO with VMware View. This kind of fud is designed to confuse and conflate customers, partners, the channel and integrators.

Fundamentally VMware is trying to defend an inaccurate press release. After a history of getting away with elastic facts, getting caught twice, the appropriate thing to do would be to retract the statement and claims of SBC having anything to do with VMware.

Update: VMware removes quote in updated press release.

Yesterday at VMworld I endured sitting through a mind numbing session hosted by VMware End User Computing (formerly desktop) CTO, Scott Davis. This was a session where Scott made bold erroneous claims and assertions which I tweeted about. Then I saw this tweet from @claytonprice

claytonprice: Where do I find the desktop panel discussion featuring Scott Davis and @harrylabana? I can’t find it in the schedule! #vmworld

I responded “he’s scared” in jest. However as I think about this, I wonder if this is true. Earlier this year Brian Madden asked me if I would be willing to have an open debate at BriForum about the desktop on a panel that would include Scott Davis and myself. I agreed to it, but Scott apparently declined and instead opted to present a riveting session on his future vision which was met with thunderous ZZZZZZZZZZZ.

In today’s 90 minute VMworld keynote, a generous 10 minutes was granted to talk about the desktop. We learned VMware CTO Steven Herrod likes to play a lot of Minesweeper. He also asserted that Windows was not very relevant and that the desktop of the future is all SaaS based. Hmm feels a lot like the Citrix Dazzle strategy extended to SaaS, but with the delusion that Windows is not relevant. Nonetheless a good discussion to have.

So since this is VMworld, and the desktop is important to VMware, let’s arrange to have a public discussion on the topic, no need for canned PR scripts. Let’s talk about the desktop today and the desktop of tomorrow. Perhaps if they are willing we can have Brian Madden or Chris Wolf moderate at a neutral location? We’re all here in San Francisco so we can even arrange some logistics now.

The question is, Scott are you up to discussing the desktop or do we continue to listen to fantasy’s of desktops morphing into SaaS based applications everywhere and Windows going away?

The IT executive experience

I was listening to a customer on stage at a conference a few weeks ago proudly explaining how he had managed to police the number of devices in his organization. He accomplished this by effectively implementing three key strategies.

1) Create red tape, and make the end user produce business justification and feel silly about why the corporate issued solution was not good enough.

2) Control budget centrally under IT.

3) Find ways to punish people through bonuses who abused his system by purchasing services outside IT.

I thought I was watching the next installment of Jurassic park and the dinosaurs had returned. Surely this guy drove a Lada……. If you are not familiar with the Lada, it’s an old eastern block car that was widely used and deemed to be appropriate and cost effective for the masses by the state. While this may seem like a good idea at first the results over time are eloquently expressed in this video. To me this is where a lot of old school IT thinking is taking us. Creating inertia to bring innovation to it’s knees by not embracing user choice that will lead to new ways to work.

I was actually surprised that this IT executive had that much control in his organization. Then it dawned on me, that this is a respected conference and the best customer example they could muster. I parked the experience at the back of mind, after wrestling with the thought – can IT organizations still be that backward and remain relevant? I know having worked in IT all these years, I would have never survived with that mindset.

Last week I asked a major customer how many MACS they had in their environment. Less than 1% of the environment had IT supported MACS and they were all senior executives. They estimated that 25% of their population weighted towards more senior people had personal owned MACS that they would prefer to use for work. In this particular case the customer was looking to hosted desktop virtualization (HVD, includes VDI and XenApp hosted published desktops/apps solutions) to enable more choice but looking forward wanted to understand what to do about mobility including tablets and offline use.

When I think about these two customers, clearly there is a gap between what people need/want, and what IT is willing to do vs. what is possible. As mobility and SaaS based applications and other cloud based services enable more on demand IT services, the tension between user and IT will only get worse. So this can only be ignored for so long, as business users will demand more choice and the forces of consumerization will continue to reshape the landscape. The stodgy old IT organization of the past will be hard pressed to maintain status quo and remain relevant.

We ask ourselves all the time, what can we do to help the tension between the changing user wants and the IT need to provide governance and manage costs? The better known models of HVD address many of the use cases. However there is still a need to extend the benefits of desktop virtualization technology to millions of laptops to enable new ways for both users and IT to work.

This is why we are announcing XenDesktop feature pack 2, which includes XenClient and XenVault technologies. These technologies are focused on bringing virtualization to the client.

There has been a lot of discussion for some time in the industry regarding the various client use cases and ownership models. Citrix has conducted internal programs for bring your own computer (BYOC), and researched this space with customers and learned a lot. We find it’s helpful to think about two primary use cases.

The corporate owned laptop

Data security on laptops is a huge reputational risk for any company. Check out the laptop loser hall of shame. Anybody who has had to deal with laptop management, understands they are complex to update and recover and user demands for greater control to personalize to their needs results in compromised IT control. All indications are the number of laptops in the world is increasing further compounding the problem and burden on IT.

XenClient

As a bare metal hypervisor, XenClient enables the OS to be delivered as a “bubble” to the laptop that is encrypted, secured and enables us to take advantage of hardware attestation through our partnership with Intel leveraging vPro technology so you boot into a trusted operating system. When this important capability is made available it will help assure an organization that the guest VM is being booted on a trusted piece of hardware and that the corporate issued hardware is booting a trusted guest. The laptop loser hall of shame organizations could have spared themselves a lot of reputational damage if they had had XenClient. How do you measure the cost of reputational damage? It’s something that take years to build and seconds to loose…..

Some people push back and exclaim that the number of machines that support XenClient today is small and therefore this is not relevant. I would ask, for a corporate fleet how many models do you support? I would make a confident guess that it’s a subset of models that you support today if you are a true enterprise customer driven by standards. For those use cases, XenClient today offers a very prescriptive secure solution. For organizations that have far more diverse corporate owned laptop fleets, XenClient offers a way to offer a new more secure model that could be tied to better service levels, and over time the supported device list will continue to grow. Others argue they have full disk encryption solutions deployed. So did I in my previous life. My users hated the performance overhead, the multi stage login and then of course there is the additional cost of the solutions themselves that offer limited flexibility.

Another key use case to consider when thinking about XenClient is what happens in the event of lose or theft of a corporate issued laptop. You can get a taste for the liability this poses here, here and here. To help customers deal with these types of solutions, XenClient provides the ability for you to backup and synchronize critical data in the event of laptop lose and policies to render a laptop useless in the event of theft. Note you do not have to deploy VDI to benefit from this. You are not checking in and checking out a VM from a VDI infrastructure, so restoring your critical data to a secure laptop is a much lighter weight operation with a powerful but straight forward ability for IT to control centrally.

XenClient will also allow you to run multiple VMs on a single laptop so you can provide a user with multiple environments. This opens up the possibility of providing multiple corporate guests on a single machine. One could be very secure where you access corporate data. The other could be slightly more open to allow more access to internet sites within your corporate guidelines. For developers the second guest could be their development/Test/QA environments. They could even have Linux development environments side by side with their Windows development environment, yet still securely able to work from their corporate environment all from one machine. All of this opens up the possibility of BYOC user flexibility on corporate owned assets and enable you to take a step forward if you are not comfortable with the user owned model.

It’s also important to realize that XenClient is not limited to just serving up multiple guest OS VMs. It is a very flexible architecture that can be extended further to enable specialty VMs to perform different service functions. This begins to open up so many possibilities beyond the immediate security benefits. Over time it is not a leap of faith to think of use cases like security scanning being performed by dedicated VMs. Perhaps there will be specialized VMs that perform the tasks of patch management, VMs that update software, VMs that run just one app more securely and synch back to data center. The possibilities are endless, and as the eco system evolves it will be fascinating to watch innovations surface as the industry begins to realize what is possible.

Contractor or employee owned laptop

Interestingly a number of customers I have spoken to in regulated industries, have told me that they would like to get rid of all or at least significantly reduce the number of laptops they manage to help reduce risk. For them hosted desktop virtualization is a more secure environment to let users access from personal owned laptops that are self managed. These are also the customers that are interested in using multiple VMs on a single user owned machine machine with XenClient. Some argue that there are legal issues here. However based on the feedback that I have received from these customers they interpret these concerns as unfounded if they secure the corporate operating system on the user owned device. The usability of multiple VMs on a single machine is something that will continue to evolve and will be an interesting area of innovation to watch.

Clearly there is no silver bullet that fits every customer. So depending upon your needs it’s prudent to understand the options. More importantly, understanding that today XenClient is primarily driven by security and the ability to centrally provide updates to distributed laptops is key. XenClient can be used in a simple single VM mode for greater security and multi VM mode for more flexibility using employee owned or corporate owned assets. I’ve blogged about this previously.

XenVault – enabling portable data

There is a valid argument put forward, that for the BYOC use cases, not every user needs a full rich desktop experience. All they need is quick access to an application, some data securely and of course they want mobility. Further there are many cases where users have older hardware that is not capable of running a hypervisor or there is just not enough horsepower on a lower end machine such as a Netbook. Once again hosted desktop virtualization would provide a solution. But in cases where hosted desktop virtualization has not been deployed or where there is the need to work offline another solution is required. XenVault is a new technology designed to meet these use cases. Essentially it is a secure area on the operating system where all application and data I/O is securely redirected. In many respects it’s like having a virtual secure USB drive with you. The difference now is that you don’t have to carry it around, worry about losing it and IT does not have to invest in fleets of USB drives for their staff. XenVault is designed to be transparent to users and quick for IT to setup with remote lock and delete data features. Joe Nord has a good blog that explains some of the inner workings. XenVault provides contractors and employees on consumer owned machines, apps and data on-demand in a secure manner and IT the ability to de-provision instantly.

For me this is yet another example of the benefit that virtualization can bring to desktop use cases. Making data securely portable and simple to access takes another step towards the stateless desktop as I wrote here. The stateless desktop helps us move away from hard coding all our configuration into a single OS image and then trying to manage all the complexity. Abstraction at all levels of the desktops enables greater agility. XenVault is a great example of what can happen when you think about the abstraction of data, that is typically addressed by file shares on a network that assume you have connectivity. Instead now you can protect the data and use it where and when you need. The focus on protecting the data makes it lightweight, no need to install a heavy weight shell like a Type 2 hypervisor solution that would be very clumsy as a data portability solution across multiple machines. Now if I don’t have my machine, and need to look at data securely I have a technology that could provide me that access and not leave unsecure footprints. If somebody sends me a file share with a sensitive document, I have a place to download and view it securely offline on a Netbook that may not belong to me. Many new possibilities begin to open up because the data is abstracted in a stateless desktop.

Personally I’ve been amazed at how quickly Citrix has been able to bring XenVault to market. Here’s the internal scoop. Over the holiday period in late 2009, our CEO Mark Templeton kicked of a competition called Moonlight (since it was an after hours project) for anybody within Citrix to come up with a solution. Within weeks we had multiple entries and a team led by Joe Nord picked a winner and we announced it at Citrix Synergy in San Francisco in May 2010 and now we are going to market. That’s rapid development! I’m very proud of our teams who pulled it off, I am sure they will look forward to community feedback as you kick the tires.

Can stodgy IT remain relevant?

I am sure it can, and there is plenty of precedence. The real question is, what does that do for your organization and the kind of people it will attract? Do you really want your IT leaders up on stage with a Lada mentality? Or do you want your IT leaders looking beyond constraints and embracing solutions that empower user choice, increase security, improve manageability, optimize provisioning and de-provisioning, increase satisfaction/productivity and drive greater organizational agility?

Mobility and diversity of client devices will continue to grow. The laptop will represent a big chunk of that market. Anything that technology can do to reduce the risk while making users lives easier surely is a positive step forward for our industry. Client virtualization is the next phase in the evolution of desktop virtualization that will enable users to work in new ways. It will provide central control for IT, and flexibility will be retained for users while keeping corporate data secure.

As you think about your laptop environment for Windows 7, will it be just more hair pulling trying to secure and update the new, most likely growing laptop fleet? How do your users feel about your current secure laptop experience? Why not consider XenClient and XenVault as part of those plans and extend the benefits of desktop virtualization to the Laptop?

It’s been just over a year since I joined Citrix, and this evening I thought I would carve out a few hours and look back on an incredible year. I’ve been exposed to so many new experiences and great people that have helped evolve my thinking. I’ve witnessed major steps forward with the product, but rather than list every product accomplishment and bore you to death, I thought instead I would say thank you. Thank you to my colleagues who have made me feel so very welcome and put up with me pushing us forward. Thank you to so many people in the community who always keep me honest, have sincerely opened up to share their insights with me and given me the opportunity to share my thoughts with them. For this I am truly grateful.

Since I am in the mood for reflecting. I felt like scribbling down my thoughts on the evolution of desktop management as I have experienced in my career and relay some of the conflicts and thinking that I see as I have spoken to a broad customer base over the last year and discuss how I think we need to move forward towards a better future.

The evolution of desktop management

In the early days of enterprise desktop computing, desktop images were built with floppy disks/CDs and sneakernet was used to deploy images with applications manually installed using native setup routines. In time these desktop images became personal to the user as they configured them as they pleased and installed software that they wanted. This approach never scaled and inventory was impossible to maintain in an enterprise environment and personalization never persisted when users moved to different machines. This led to a series of innovations.

  • Image management technology, that would allow you to clone and personalize a machine became available. Microsoft made it easier to automate image creation with Sysprep and companies like Ghost cloning software became popular later followed by Altiris, which extended the concept to delivering images over a network.
  • Microsoft added technologies to Windows such as profiles and folder redirection to enable personalization across machines enabling roaming use cases.
  • Application setups started to become more standardized and companies like WinInstall gained early market share with their software packaging format to streamline deployment.

As organizations began to acquire more PC assets, the need to manage the inventory of software and hardware became more important. This led to the creation of systems management tools that included inventory management such as MS Systems Management Server (now SCCM) and Marimba (Acquired by BMC) which also included sophisticated machine focused software deployment at scale.

With the plumbing in place, this set of tools powered many enterprises, but cracks started to appear as things began to scale up and organizations became more complex. Packaging formats like WinInstall required manual admin intervention every time for enterprise deployments of setup programs. I don’t recall ever seeing a WinInstall software package from a 3rd party. There was no consistency in the industry, and application packaging was cumbersome. In addition Windows itself had a problem called DLL hell. Applications that shared DLL components on the operating system would collide with each other. The WinInstall packaging format was not able to reconcile these differences. There had to be a better way.

Two new application-packaging formats began to emerge. MSI and OSD, both with MS involvement. In short despite OSD being a very flexible format, MS Office shipped as a componentized MSI. While this format did not solve DLL hell, it made it easier to reconcile. MSI packages started to take hold within the broad eco system and became an accepted standard. Many 3rd parties began shipping their installers as MSI packages which were much easier to customize by IT. I certainly recall repacking many MSIs when migrating from Windows NT 4.0 to Windows XP, which I think was the big event that really stimulated the change. To make this migration easier, packaging authoring vendors started to emerge like InstallShield and Wise (not the thin client people). Many enterprises and service providers standardized on the MSI format and authoring tools because they could simply modify 3rd party MSI’s as opposed to having to repackage the entire application from scratch. The software distribution (ESD) companies started to embrace enterprise deployment of MSI packages.

This model continued for several years and is still the dominant model in many organizations, and once again after a few years of operation at scale the flaws became evident. MSI’s required high admin skill sets, outsourcing did not make it significantly cheaper and DLL conflicts were still there. In addition the amount of software in the market was growing, changes to existing software were occurring more rapidly and security patching frequency was increasing to a point where zero day vulnerabilities gave customers little if any time to regression test remediation patches on both OS and applications.

The change management problem

As the number and iterations of applications and OS changes began to grow with increasing organizational change, the distributed computing model required governance. With all the moving parts and interdependencies making a change is complex and risky because one does not know how change will affect so many custom distributed images. As a result, organizations have built up sophisticated change management processes and teams that police this complexity trying to enforce some known state.

This usually means that updates are slowly managed into the environment, often going through rigorous testing, qa, uat and phased production deployments. Exceptions are made for security related changes and accelerated processes are available. However this increases the risk of poorly written security patches impacting production environments as evidenced by the recent XP patches in Feb 2010 which affected many customers. As you increase the scope from security patches for the core OS to core applications the complexity and risk becomes exponentially greater.

When a problem does occur, there is seldom a reliable way to rollback a change for security patches or MSI’s and to keep track of the environments state. (I still don’t of any organization who is truly comfortable uninstalling MSI packages at mass scale) This is often addressed with phased rollouts into production after the initially rounds of testing and verification. Even when you have a successful rollout, there is then the task of maintenance. You may have rolled out successfully, but you then need to go and verify the bits actually got there, and all of a sudden you are in the business of configuration management.

Expand the scope once again to include regular applications that require frequent changes, the need to keep the environment stable and the net result is poor flexibility and agility for the enterprise. Developers especially in my experience hated having to go through the whole packaging process and actively started to seek out ways to get around the system that was too slow for them. Java Web Start a simple ESD that pulls from a single source and requires no admin rights started to spring up all over the place, and there was no real way to police it effectively without implementing yet another agent to deal with application whitelisting or blacklisting. That’s what the Java developers did, the Windows developers were stuck and converting their apps to Web apps in 99% of use cases was a pipe dream.

The rise of XenApp and the profile guys

To help address the change management problem one use case for our XenApp customer base is to offer supplementary environments to the corporate desktop where rapid updates are required for a particular application. (A lot of my early experience with Citrix technologies was because developers had an update problem). For similar reasons customers use low cost Hosted virtual desktops for groups of users that are largely similar to enable faster updates and simpler management. However for both of these use cases, there are limitations as sharing an OS does restrict the ability for users to personalize. Sure you can get a long way just using the standard OS features such as roaming profiles and folder redirection. For many application vendors, especially internally developed ones it was not a big deal because those applications would write their customization somewhere within their own infrastructure if the native OS features were not good enough. However not so easy for 3rd party applications. As a result a number of vendors such as Appsense, RES, Tricerat have innovated to make the XenApp environment more customizable per user. In the case of Citrix this is known as the User Profile Management feature which we got from a company called Sepago. Even VMware acquired a company call RTO to help them with this problem, which is currently not part of the View VDI only offering.

However, while this seems obvious to XenApp minded people, it’s not necessarily intuitive to regular desktop admins. A recent blog helps illustrate this point. Many desktop admins have yet to take the first basic step of enabling roaming profiles as opposed to local profiles, which do not allow users to change machines and persist some level of personalization.

So why is there this discrepancy?

I believe to understand this, it’s important to keep in mind that desktop users typically use one device and therefore roam less. With XenApp, users roam all the time from a myriad of devices and share an operating system. As a result they are more sensitized to the challenges of personalization when roaming. As desktop virtualization becomes more common, it’s not a leap of faith to assume that desktops will face similar challenges due to user mobility and device diversity. Therefore I think it will be increasingly important to abstract the user preferences from the desktop.

So application virtualization is the silver bullet right?

Several years ago, various application virtualization solutions started to appear on the market. Softricity (acquired by MS and rebranded as App-V), Appstream (acquired by Symantec), ThinStall (acquired by VMware and rebranded to ThinApp), InstallFree, Xenocode and Endeavors amongst the most well known. At Citrix we have built our own and it’s a feature of XenApp called Application Streaming. XenApp is also compatible with App-V.

The value proposition with application virtualization was that applications could now be isolated from the operating systems to solve DLL hell, simplify application packaging, enabling applications to be delivered by users on demand and to reduce support costs. In addition, the hope was that now one common base image could be applied to all users, with the differences between users delivered via application virtualization and user profiles.

Ok I will say it, we are not at that reality yet. Application virtualization does not offer 100% application compatibility, although this is getting better over time. Other challenges include inter application communication, x64 support in some cases, the need to repackage all existing applications (just like the old days when MSI was adopted) and integration with existing software distribution scaled infrastructures. Certainly that’s not true in all cases, but I am speaking broadly as it stands today but expect this to ramp up as people migrate to Windows 7. IMO, for many customers application virtualization to date has been an evolution not a revolution and they will continue to use existing application management practices until they have a catalyst like Windows 7 and desktop virtualization.

In addition, numerous customers have commented that the benefits of desktop virtualization are many, and that should not mean having to rip out existing systems management processes and tools day 1. These are sunk costs, often political battle grounds with non desktop or Citrix teams that can result in barriers to adoption. Cultural change takes time.

Hmm, so we’ll take this in steps

As a result some customers simply say they will phase in desktop virtualization. First move to the data center, and then adopt systems management changes over time. Other’s of course are more aggressive. Neither are wrong, it’s a question of priorities. I have yet to meet a single customer who is not thinking that moving to a simpler more efficient management paradigm for the desktop does not make sense.

People handle this differently, some simply deploy assigned desktops with existing machine based management tools in place,(usually means they have a clear business need) others brut force it,(forward thinkers) while the unfortunate ones get into circular internal debates and endless POCs that go nowhere.(usually no business sponsor)

So user installed apps are the silver bullet and the best thing since sliced bread?

Once again much debate is brewing over a potential technology solution. The idea here is that a single image could be managed by IT, but users retain the flexibility to install applications. Kind of the ideal fix for lack of current management standards/process, lack of business users understanding why some controls are needed and IT’s inability to provide flexibility. One side argues that a single image solution with the ability to enable a user to install apps on top gives them the ultimate flexibility and management simplification they need. Others argue that this is a stupid idea, because legally users can’t just accept click through software agreements for liability reasons, admin rights are an open door for malware and of course we come back to 100% application compatibility is still not possible with today’s technology. Yet other’s will argue that this is too complex, will take years to mature and the market for it is still not proven. There is validity in each of these arguments.

It sometime feels overwhelming and why not just stick with the status quo.

The scariest thought of all

Sticking with the status quo, yikes! I don’t say that just because I work for Citrix. I fundamentally think the change management problem is only going to get worse over time and status quo is not a sustainable model for the long haul, just like the original desktop models were not. Distributed management of devices, OS, apps and users to me is like a dog chasing his tail. We will never catch it. It will always be complex, heavy and slow. It will not allow users to roam easily across many devices and connect to work from optimal places. IT will not be agile. It represents a machine centric view of the world, when we should be building towards a user centric vision of the desktop. In the future what is a desktop? That’s a great discussion, but what I think will be the same as today is users who want to get to their stuff, easily and quickly. They want that kind of technology, something simple. When I look at other models it is simple. I want to search, I go to Google, Bing, Yahoo etc and it’s just works. I want to buy a book, Amazon. It’s simple stuff to consume as a service on many device form factors. Now those are probably over simplifications and I don’t really account for the session management work the desktop OS does for us with Windows applications, but IMHO we need to create something users want.

I look at the amazing uptake and customer interest in the Citrix Receiver on the iPad. I scratch my head sometimes and wonder why, why do our enterprise customers really like it? To me it boils down to users want it, it’s not a need question. User want to connect to work in a different way. I see that as an incredible shift that is becoming more real everyday. We’ve talked about consumerization for a while and I continue to believe that beyond any vendor it will reshape the landscape. I’ve spent a lot of time talking to customers struggling with how to deal with this shift.

In addition, many CIOs I speak with, tell me that 2/3 of their budget is operational costs, and the remaining is innovation. They want to reverse that balance and build solutions that users value and will enable their business. They are asking themselves questions like, if cloud means at some point IT services will be consumed centrally how will my organization need to adapt to take advantage? These are transformational strategic discussions that are being shaped by forces larger than any single vendor. For many of these folks, desktop virtualization is just part of a transformational strategy to offer new IT services efficiently. In order to accomplish this they are seeking out ways to abstract state from hardcoded infrastructure so that it can be created on demand and used more efficiently. I don’t think any of these shifts towards IT as an on demand service or consumerization are trade secrets. I think everybody in the industry is finding their way with these changing dynamics. In the case of Citrix we are actively working towards and committed to simplifying the desktop and enabling new ways for people and IT to work. I like to think of it as the stateless desktop. Sure we are not perfect and we have work to do, there will be bumps along the way. However I truly believe this is a worthy goal and creates a better tomorrow. It would be far too easy for me to simply give up and stay with the status quo because it is familiar, or become preoccupied with a niche use case constraint. Fortunately I have had the pleasure to meet so many leaders who understand the changing dynamics, the power of a stateless desktop architecture and are navigating their organizations accordingly. Those are some of the most rewarding conversations I have had and why one year in I am still so excited about having an opportunity to help shape the future.



It continues to amaze me how often people have such a poor understanding of what it takes to deliver real world remote user experience for desktop use cases. Often much of this confusion is a result of thinking that all you need is a protocol for internal LAN use with lot’s of bandwidth and a staged demo to impress the uninformed. Lacking understanding and experience with respect to the desktop, VMware continue to sponsor fud in their desperate attempt to remain relevant in desktop virtualization and lock in customers to expensive commodity virtual infrastructure. So let’s take a look at some of this fud and also talk about where Citrix is innovating next with HDX Nitro Technologies.

The VMware protocol story continues to flip flop

First they were RDP friendly, then Net2Display and now the stable favorite is PCoIP which is from a tiny company in Vancouver Canada, called Teradici. Teradici make hardware based solutions (complete custom lock in from tiny company = risk) and VMware offers a software version of PCoIP that only works with the ESX Hypervisor. PCoIP is not a desktop user experience solution. It is only a protocol and not usable in the real world except for very niche use cases.

PCoIP does not offer printing solutions or profile solutions. VMware has partnered and acquired options to address these gaps. These are still not integrated in View 4 and View 4.5 seems to be suffering from all the integration complexity of bolt on baggage. VMware have had to embarrassingly delay their latest release, see here. Irrespective it’s clear, native PCoIP does not provide these basic features for real world use. Therefore, I find it rather amusing when I hear claims like PCoIP is designed from the ground up to deliver desktops. It just demonstrates a lack of understanding of the desktop and frankly is a naive claim.

If you want to use a HTTP-SLL web front over the internet to access your View environment, it’s not supported with PCoIP. You have to revert to RDP with View to accomplish this. Something VMware likes to sweep under the rug, as it represents more bolt on 3rd path baggage for alternatives that force you to change your access infrastructure. This is basic stuff, if you understand that a core value proposition of VDI is the ability to connect from anywhere. HDX technologies with XenDesktop handle this today.

Let’s extend the connect from anywhere thought. We’ve already established that you can’t connect for a key use case with PCoIP, but even if you could how would you manage policy? How would you prevent data leaving your organization from your central desktops? PCoIP has no understanding of this. HDX provides Smart Access policies integrated with Access Gateway technologies.

Now let’s pretend for a second that all these problems could be solved. Then comes the issue that PCoIP is purely UDP based. Anybody who has worked in any marginally complex environment knows that the ability to inspect UDP traffic is a nightmare on a network and requires opening up more firewall ports. I am sure this is going to result in plenty of interesting conversations between View PCoIP customers and their respective security teams. Additionally, if you want to accelerate traffic over the wire, you will have a fun time using your existing WAN accelerators which typically focus on TCP optimization, just like Citrix’s own Branch Repeater technology which is part of HDX. Now despite all this, I do believe that UDP is great for delivering some rich media content types, but to use it exclusively to deliver user experience is just plain dumb for real world application.

PCoIP consumes plenty of bandwidth. Don’t believe the fud, see here. Page 8 tables 2 and 3 provide a good dose of reality and shows you what happens when you start to provide richer resolutions and move to multi monitor environments. I shudder to think what happens when you put multiple users in a branch office on a shared link! Now I am sure the fud police at VMware will quickly point out recent improvements and upcoming enhancements in View 4.5. But do they really expect people to believe they have performed a miracle? It’s not just me pointing these things out, as you can see here. As a technologist, I think it’s interesting that they may be improving things over time, but I also know from experience that this stuff takes years to get right if you really understand the difference between just a basic protocol vs. delivering rich user experience, hello….

It starts to get even worse

I am editing this blog on a flight to Citrix Synergy San Francisco connected over wireless on my Mac and using my XenDesktop. My iPad also connects just fine to a published Powerpoint 2010 presentation at 35,000ft. Currently I am using my iPad as a second screen to view the presentation as I type on my main laptop screen. Try doing that with PCoIP. Even if PCoIP could handle the bandwidth, securely traverse a firewall etc, it still won’t help. PCoIP is only able to support Windows clients. I would hate to be a MAC user at a company where some genius in IT thought that just because they virtualized a few servers on ESX that PCoIP would solve all their client diversity needs.

PCoIP only works on ESX. Are you kidding me? Why will people keep spending obscene amounts of money on a commodity infrastructure? Hypervisor diversity is going to be the norm. If you don’t believe that, then you believe that as the cloud matures everybody will use a single hypervisor. Nonsense! It’s like saying everybody will use one hardware vendor for all servers….

At desktop scale the cost of the virtual infrastructure with VMware will just keep on growing. What is the benefit for the desktop? I bet in most cases that the number of desktops in an organization is far greater than servers. So the economics should be clear, even if VMware keep giving away View as part of ELAs to lock you in. Why will you continue to pay $$$$ fees for vSphere/ESX when Hyper-V and XenServer are essentially free minus the advanced management capabilities which are still a lot cheaper. Do you really believe that the Hypervisor as it stands today is cost effective at desktop scale? Why would you lock customers out of all other Hypervisors with just a protocol? I can certainly understand if it’s certain features, but a complete lock out, it’s ridiculous!

You also miss out on all the flexibility of having desktop virtualization options as opposed to VDI alone. How’s VMware doing in terms of flexibility? Well, they are rapidly back peddling on CVP and still only offering a VDI only model. With no sign of View 4.5, it’s empty promises all around.

It is no wonder that customers are choosing Citrix XenDesktop so often and why we are the leaders. It’s why smart customers are running from the fud and not wasting time with View or PCoIP. They get that it in the real world you need more than a protocol and flexibility.

HDX Nitro technologies

However, this does not mean at Citrix we have been sitting on our hands amusing ourselves at the fud. HDX continues to be the most widely deployable user experience technology across devices and networks. We understand and believe that our 20 year history and know how of how to deliver real world user experience needs continued innovation as content continues to get richer. We are not here to pretend that toy Lan use cases represent solutions for diverse customers.

To further raise the user experience bar. We are announcing HDX Nitro technologies. Our next generation of Citrix HDX technologies focused on increased performance and efficiency. We have broken this down into 5 key areas of focus. More details will follow but here are some of the highlights.

Mach 3- 3x faster performance (Breaking the speed barrier with high-definition virtual computing)

  • Advances in Citrix Receiver deliver radically faster end user performance
  • Matches the speed of your network with zero overhead
  • Dedicated, parallel processing of virtual channels yields efficient performance

Zoom- 2x Instant app startup (Instant startup of on-demand apps)

  • Advances in HDX broadcast technologies deliver unprecedented launch speeds
  • Connect to session in half the time
  • Silent session pre-loading produces unparalleled responsiveness

Laser- High speed printing (Faster printing at at fraction of the bandwidth)

  • High speed printing from anywhere
  • Advances in HDX Plug-n-Play reduce print data and increase performance
  • Automatically discovers and creates printer connections in real-time
  • Use 10% of current bandwidth requirements

Mercury- Faster WAN performance (Breakthrough WAN speed and efficiency)

  • Faster HDX performance over the WAN
  • Advances in HDX WAN Optimization and HDX MediaStream optimize HDX traffic
  • Highly responsive up to 300ms network latency
  • Compress, caches and prioritizes traffic

Dynamo- Adaptive HDX performance (Dynamic sense-and-respond rendering)

  • Adaptive HD performance
  • Advances in HDX Adaptive Orchestration sense & respond to the user’s environment
  • HDX RichGraphics enhancements render a crystal clear, 3D Windows 7 experience
  • Intelligent Quality of Service (iQoS) provides prioritized, policy -driven performance gains

User experience will remain a continued area of focus for us

With HDX, no need to lock into hardware, no need to lock into a hypervisor, any device, any network, secure, everywhere far beyond just VDI. PCoIP is a protocol only. It is disingenuous for VMware to continue to spread PCoIP fud to customers when they don’t understand what it takes to deliver real world desktop user experience. Sure you can use VMware in a small environment, on a LAN with high bandwidth, perhaps even risk a WAN with a tiny number of users and assume nobody will ever want to connect externally…..

Ask your friendly VMware field rep next time, how much quota they accept for View. That’s the dirty little secret that nobody tells you. If there is one thing that has been abundantly clear since I moved from being a customer to a vendor, it’s listen to what the field team sells and what they are willing to take quota on. This will tell you where a company is investing. Then ask yourself is VMware serious about the desktop, or is this just a game to monetize vSphere with ESX until they can figure out how to monetize vSphere with their recent acquisitions of SpringSource (Java) and Zimbra (Email). Still want to handcuff yourself to VMWare View and PCoIP fud for the desktop?

Today we announced XenApp 6 to continue building upon our vision of delivering on-demand applications and desktops to both virtual and physical hosts. XenApp 6 raises the bar for TCO and performance, and is also an integrated feature of our desktop virtualization solution, XenDesktop 4.

We don’t usually talk about what it takes internally to develop a product. However, in this case it’s worth knowing that this has in effect been a complete rewrite of the XenApp code base for the x64 platform. This clean slate effort really provided a fantastic opportunity to optimize the code base for performance and scalability and provides a solid new base on which we can continue to innovate. While this massive change is transparent to customers, I am very proud of our teams for accomplishing this with the additional pressure to innovate new features for our customers. Here are some of the highlights.

Yes we heard, make the management simpler! AppCenter is a new single management console and is something that our customers have been asking us to do for years, and we’ve added Powershell 2.0 support. A brand new code base provided us with an optimal opportunity to start fresh, I hope you like it and would love to hear feedback so we can continue to make it better.

Installation just got simpler by adding roles to the installation process. This means your Farm member servers can be installed in a way so they just focus on delivering desktops and applications and your Farm infrastructure servers can be installed to focus on all the Farm management and operational tasks. This improves reliability, scalability and performance with a rethink of our core architecture and a ton of smart code changes! Our goal at Citrix is to continue to simplify our products.

Policy management also just got simpler with Active Directory group policy support. Here’s a good external blog from Nicholas Dille that gives some detail. I’d also encourage you to check out Juliano Maldaner’s blog who is our lead XenApp architect.

XenApp 6 is a move to x64 and runs on top of Windows 2008 Server R2. We spent a ton of time optimizing for scalability to take advantage of x64. In our internal testing, we’ve really been pleased with the improvements. We’ve managed to run server farms with over 1000 member servers and 100,000 concurrent sessions. Whether you are an Enterprise customer or Service Provider your TCO for delivering desktops or applications just got better.

In the context of desktops use cases, I really believe that for structured task workers this makes a lot of sense. Not everybody needs or requires VDI and now with XenApp 6 you can build a much more compelling TCO business case as part of your desktop virtualization strategy. It’s really important to understand that XenApp remains strategic to us as a core component of delivering desktops and applications with a fantastic TCO.

We’ve added isolation of services to our product line, that will increase the number of applications that you can support with XenApp. At the same time our partnership with Microsoft continues to get stronger and[ App-V integration|http://community.citrix.com/display/ocb/2009/07/13/Citrix+and+Microsoft+Expand+Desktop+Virtualization+Partnership+to+Simplify+Desktop+Management] is available. This let’s XenApp focus on on-demand applications and user self service. App-V managed apps can now be delivered via Citrix Dazzle which empowers the end user to pick the apps they want. I really believe that these are the kinds of services that users want vs. IT trying to serve just basic needs and predicting what users will want. The world is moving to a consumer mindset and this is just the beginning.

We also spent a lot of time adding additional capabilities to HDX to enable better multimedia and peripheral support. I really like the improvements in audio quality to enable me to use VoIP softphones and the fact that I can now use OCS video due to broader USB device support. HDX for our entire product line is an area that we will continue to invest in and raise the bar. I look forward to sharing more in the future.

One question I often get asked is how can Citrix help us with application migrations? I want to point out App-DNA and that we are working very closely with them to help customers. I would encourage everybody to talk to them as your consider application migrations. They have a really good product that makes life simpler.

So there you have it folks. A brand spanking new XenApp that takes it to the next level for on-demand delivery of applications and desktops. It will be available for download on March 24th. I hope you like it, and as always Citrix is happy to listen to your feedback to help us make things even better.

Time for a reality check

There’s a lot of opinion being thrown out by VMware extolling the virtues of PCoIP with their VDI only solution. I was part of a panel discussion yesterday in Toronto with VMware’s desktop CTO and continue to hear claims being made about PCoIP such as:

“The only protocol designed and built ground-up for desktop. ICA/RDP are designed for applications not for desktop”

“Superior experience from LAN to WAN”

“Seamless desktop experience: rich media and graphics, multimedia, progressive build, productivity applications, USB”

“Flexible access from multiple devices”



At Citrix we decided to engage Miercom, an independent networking and communications testing and validation firm to help validate these claims. Their background made Miercom particularly well suited for this investigation into the user experience performance of Citrix XenDesktop 4 vs. VMware View 4.

The testing looks at different workloads (general desktop use and Flash multimedia) and multiple network scenarios (LAN and WAN), and shows significant differences in bandwidth utilization, CPU consumption and overall user experience. Some key highlights:

• XenDesktop uses 64% less bandwidth than View 4 (with PCoIP) for typical desktop workloads

• XenDesktop uses 89% less bandwidth and 65% less CPU for Flash video when using our HDX MediaStream for Flash feature

• Overall, XenDesktop provides a better “Quality of Experience” as quantified by Miercom

• As a result, XenDesktop is significantly more capable of scaling and meeting end user requirements

I encourage you to download the report and see the results and methodology for yourself.

Vanilla ice cream for everybody?

We are well into 2010. For the most part, I continue to read the same old blogs, analyst coverage, tweets and so called experts debating how VDI will/will not solve world hunger with a good toping of circular debates on the pros and cons of user installed apps and pundits predicting VDI adoption rates. I’m fully anticipating many to sharpen their pencils and scribble stories that too often fail to understand the broader needs and get to the heart of the debate.

Let’s be pragmatic and step back to reality for just a second. VDI alone is not the silver bullet that will solve all problems for every user and all use cases. There will never be that one silver bullet…. so let’s see through marketing hype and think a little more holistically about what we’re trying to accomplish with desktop and application delivery. Here are some considerations:


Delivery strategies will vary widely between customer organizations depending upon:

Distribution of user populations — from knowledge to task workers.

Mix of applications — between personal, legacy, client-server and web-based.

Relative importance/impact of IT to/on business success — from providing a ‘commodity’ corporate service at lowest cost to cutting edge strategic services that drive profitability, growth and new business models.

Philosophical and organizational polarity of IT leadership — from in-sourcing to outsourcing; and from centralized management to distributed governance.

Financial — goals ranging from capital preservation to operating expense reduction; from single-year budget focused to multi-year business modeling.

This is real life. And to stand any real world chance to drive broad adoption of desktop virtualization across the industry, flexible options are needed to address a plethora of use cases in highly differentiated organizations. That’s why XenDesktop 4 was realized at Citrix. We understood that Vanilla ice cream is not for everybody, but it’s now time for many more people to wake up and have the right conversation around desktop virtualization.