The COVID-19 pandemic and subsequent shift to working from home have brought about numerous technological disruptions, many centered around how organizations deliver IT services to their workforce. Technologies that were dabbled in before, like videoconferencing, have suddenly become standard practice.
Such is the case with Virtual Desktop Infrastructure (VDI), also known as desktop virtualization or thin-client computing. Led by vendors such as Citrix, Microsoft, Cisco, and VMware, it has been around for decades and hasn’t changed much in that time. But with companies’ entire workforces now connecting to corporate networks from home, sometimes without a company-issued laptop with a VPN and all the necessary settings for secure access, VDI is getting a second look.
Pros and cons of traditional VDI
With VDI, desktop environments including the operating system and apps running on it are hosted on a central server. What looks like a Windows desktop at the endpoint is actually a front end to a virtual machine running on a server in a data center and sent down a network connection. Virtual desktops are not limited to running on PCs; they can also run on devices like tablets, thin clients and in some cases even smartphones.
There are two principal arguments for VDI: cost and security. Because the bulk of the processing is done on the server, enterprises don’t always need to deploy high-end hardware to their employees. However, companies using VDI often find that they need to spend more on data center and networking infrastructure to speed up response times, offsetting their savings on client hardware.
The case for security is stronger. Because all of the data from a virtual desktop lives on the server, not the end client, data will not be compromised if the endpoint device is lost or stolen. Also, security policies are easier to enforce with VDI. With centralized security, no unauthorized apps can be installed, and malicious software is more readily caught. Plus, it’s easier for administrators to apply software patches and updates, change configurations and enforce policies from a central location.
But traditional, on-premises VDI never gained a major foothold in the enterprise because it was “a nightmare to deploy,” according to Alan Conboy, Office of the CTO for cloud provider Scale Computing.
“It was obscenely complex and expensive and just not cost effective, almost by design. The reference diagrams are horrific. You had licensing at every corner with obscene amounts of complexity,” Conboy said. “VDI never took off because it was only effective for very large organizations that didn’t view it as a cost savings play but a security play. It was targeted at the Fortune 50, not the Fortune 2000.”
Although there have been a number of improvements from Citrix and VMware, two of the major players in the market today, on-premises VDI has probably gone about as far as it can go, said Mark Lockwood, research vice president in the collaboration, content, and mobility team at Gartner.
“The main changes have been to the companies’ protocols, allowing for better user experience over worse networks, and the addition of application layering by both companies,” Lockwood said. App layering, which lets administrators install the OS, system tools and apps in separate layers and create different sets of layers for different groups of users, has allowed companies to shift wholesale from persistent virtual desktops, in which each user has their own saved desktop image, to non-persistent, in which the desktop reverts to its original state when the user logs out, saving money and improving security, he added.
Eric Sturm, a technical architect with IT service provider Sungard Availability Services, said his customers are turning to VDI as a disaster recovery option during the pandemic because of the crush of remote workers.
“Customers were coming to us because they had a disaster with everyone working from home, so we said, ‘Let’s just fail over to VDI,’” he said. “Specifically around the pandemic, we are seeing enterprise customers who support and run VDI on-premise having issues with limitations in their ability to scale on-premise networking or compute resources to support a 100% remote workforce.”
In Sungard’s case, setup for its disaster recovery software requires installing some software on employees’ computers but no need to buy new server hardware, which is what customers want. “From a disaster-recovery perspective, that’s how the customer is looking at Covid: ‘This is a disaster for me because I can’t support my workforce and I don’t want to invest in hardware we won’t use in six months,’” said Sturm.
Shift to the cloud
One fairly recent change making desktop virtualization more palatable is cloud-based VDI, often referred to as Desktop-as-a-Service (DaaS or sometimes DTaaS). DaaS is simply VDI from a cloud service provider rather than installed in your data center. The main difference between VDI and DaaS is the same as with every other “as-a-Service”: traditional VDI is hosted and maintained on your hardware and managed by your in-house IT staff, while DaaS is hosted and managed by a cloud service provider.
As such, the main pro and con arguments come down to control vs. resources. In a VDI setting, you control the environment and data is kept on premises, and you need the equipment and staff to support it. In a DaaS environment, your desktops and your data are stored in the data center of an outside provider, and its staff manages things. And DaaS offers the same argument as every other cloud service vs. on-premises offering; it’s faster and easier to spin up the service, often in minutes rather than the days or weeks of an on-premises setup.
Amazon Web Services has Amazon WorkSpaces; Microsoft Azure has Windows Virtual Desktop; IBM Cloud offers VDI through VMware Horizon, VMware’s VDI service; and Google Cloud partners with several different vendors to offer customers virtual desktops.
“VDI has been growing at a steady rate of about five percent per year rate for quite a while. However, DaaS was the hot topic even before COVID, led largely by Microsoft’s entry into the market with Windows Virtual Desktop,” said Lockwood. “Although Gartner clients were largely in the ‘kicking the tires’ phase of evaluation of DaaS, the pandemic has greatly increased speed of adoption.”
According to Conboy, the real player to watch in the cloud is Microsoft. “Amazon and Google both have cut deals with VMware to run Horizon but haven’t eliminated the complexity at all. Microsoft, owning Windows and Azure, can create a nice tight bundle. If you are already in that environment, it’s just hit the switch and go,” he said.
Indeed, Microsoft announced in late March that Windows Virtual Desktop use had grown threefold since widespread lockdowns began. Other DaaS providers have yet to make a statement.
Where VDI and DaaS need improvement
What still needs changing? Conboy contended that while the structure of VDI interfaces has been vastly simplified, it’s not enough. “They need to continue down the automation path. The cloud vendors absolutely need to simplify the hell out of automation technologies and last-mile technologies,” he said.
Sturm said that VDI will continue to be a human resource-heavy undertaking as long as enterprises do it themselves. “Unless you are paying for DaaS or a third-party provider to get that infrastructure built, you will need a staff with expertise. You will still need storage and compute and network and VDI [staffers] to make it work,” he explained.
As for the cloud-based VDI services, Sturm said that DaaS doesn’t yet have the failover resiliency of a virtual server, where if the server fails a new one is spun up without service interruption. DaaS is more prone to suffer an outage because of it, he said.
DaaS needs more efficient application layering, and costs desperately need to come down, according to Lockwood. “Excluding Microsoft WVD, the list prices that major vendors show on their websites produce a sticker shock for a lot of potential buyers that is quite a turn-off,” he said. “As Microsoft WVD improves, its lower cost will hopefully put downward price pressure on other DaaS providers, which will be good for all customers.”
Do we need virtual desktops at all?
As workers move away from the office space, there is a viable question as to whether or not they need a full desktop experience and data center connection. In a software-as-a-service world, nothing is stored locally and apps can be accessed from any device, so workers might not need access to a company-configured desktop at all.
“SaaS has replaced desktops in a lot of cases. Apps that would historically use VDI became SaaS” and are run in a web browser rather than installed on the desktop, pointed out Tim Crawford, CIO strategic advisor and president of the AVOA consultancy. “As more apps are moving toward the web or browser-based interfaces, it eliminates the need for VDI.”
Lockwood disputed this. “Although there is a sizable decrease in the number of Win32 applications in use at most companies, the reality is... companies will still have a few Win32 applications [for years to come]. That means they’ll need Windows,” he said. “Remember how hard it was to get rid of mainframes? Windows has been the main corporate compute platform for quite a bit longer than the mainframe was. Its applications will be around for the foreseeable future, so VDI and DaaS will likely have a place for a long time.”
Crawford conceded that SaaS can’t replace desktop virtualization in all situations right now. He said the best use case for VDI is to protect a highly secure app or sensitive data, or to comply with privacy regulations. VDI includes some security protocols that provide greater protections than a VPN, such as a VM management platform for load balancing and data protection; real-time monitoring for GDPR, HIPAA and PCI compliance by continuously monitoring the virtual infrastructure for anomalies and sudden changes; vulnerability scanning; and data-loss prevention by encrypting virtual machines.
Whatever the eventual outcome for VDI and DaaS, it seems clear that they’re worth a look for enterprises grappling with the new work-from-home reality. And now you have a choice.
“The question about VDI in the cloud or on-prem is the same debate we’re having about everything else on-prem vs. the cloud,” said Conboy. “The answer is we put things where they need to be. VDI is getting a renaissance because some vendors have made it affordable and easy, and you now have a choice: do I want it in the cloud or on prem?”