After working on a bunch or larger VDI projects last year there was usually several conversations with the security teams of these enterprises that don’t seem to get much press in the VDI world. Lets face it, VDI is new for most of us but it is a total shift for your security team to wrap their heads around this new portable desktop idea. In today’s world the security team is used to their being a hard drive in a PC that captures the activities of the employee for the life of that computer. So if some event takes place and they need to investigate or do forensics on the PC all is there, even if someone tried to cover their tracks.

So the default response of these security team members when you talk VDI and ask what do they need kept from a Windows desktop to be able to do their work? Is they need everything!! Well that does not mesh up with the idea of linked clones, floating pools and the idea of a layered desktop image.

When VDI is done right you are separating the images into layers that include the operating system, applications and user profiles. These layers are then presented back to a user upon login and looks like a personalized desktop for them. But with this method the actual operating system (OS) is some what disposable, meaning that you are reading from a master copy or golden image that is read only. This golden image is shared by all of the users and allows for the desktop to be refreshed at each logoff or on a regular basis keeping the desktops clean. This also allows for easy patching of your virtual desktops, but that is enough of a VDI lesson.

The really fun conversations happen with security when they find out that desktops are created and destroyed automatically and things like page files and temp folders that they are used to have around for the lifetime of the PC are being trashed and recreated on a regular basis. But if you work closely with your security team and find out how their tools work and what parts of an OS or user profile need to be preserved a plan can be formulated and factored in when creating your VDI design.

There are other factors and processes that security is concerned about besides forensics. They will need to adapt the process that cover what is done when an employee is let go for example. Since there is not a desktop that can be held until the process is complete, you will need a method to freeze their VM in time and not allow it to be used by others.

These are all very important conversations and processes to be considered when creating your enterprise virtual desktop design. Make sure to include all necessary teams that will have a stake in your new environment and invite the security team to the table earlier rather than at the last minute. I know nobody likes to talk to those security guys but addressing their questions and concerns earlier will prevent them from putting the breaks on your project in the final stages, until you are able to adapt and meet their demands.

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

Something that I get asked about often when working with customers on their VDI designs is a portal to request virtual desktops. Much like “The Cloud” IT organization seeking more automation when it comes to virtual desktop environments. All the major vendors are adding automation around the creation of the desktops within the pools of desktops and have been for some time now. But the business people that are consuming the virtual desktops want a portal or store that they can go to check out or request a desktop.

To give an example a marketing manager hires 3 new people and needs to have them added to the VDI environment. There may be forms to fill out to request or maybe its a ticket that needs to be submitted to request the desktops. But it would be much simpler if he could go to a web portal and fill in the new user details and make a couple of selections from options provided and BANG! a few minutes later he gets an email saying the desktops are ready and this is how his people can connect to them.

Now I don’t think this is that far off of an idea and with VMware already having the right tools to make this happen. I think that with a little hard work and the use of VMware Service Manager something like this could be created. Now some of you might have not heard of Service Manager (SM) before or maybe you’ve heard the name but don’t understand what it does. It seems like SM is a bit like Orchestrator in that people have heard the name but no one is using it. If you search the web there are almost no blog post written about SM and very few videos about SM even by VMware.

As of today I’m not sure if this would be possible in the current version of Service Manager or if it would require VMware to add this as a new feature. But it would be a good selling point for a misunderstood product that is not much different than a Unicorn right now. As of today SM has replaced VMware Request Manager as the tool used to provide VM request management for vCloud designs. So if a user wants request management in their VMware cloud they need to use SM. So this is right in the same ballpark and would be a big competitive advantage that Citrix is not offering right now.

I plan to try and setup SM in my lab soon and see if this is possible with the current version and provide any feedback on whether I was successful or not.

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

This has become a tradition now for the last couple of years. Eric over at vsphere-land.com has opened up the voting for top virtualization blogs. This year brings the idea of special categories for blogs that focus on certain topics like scripting, VDI or something else.

I would appreciate your votes if you have the time please fill out the survey. I am listed in the full blog list and in the VDI category. So remember to cast a vote for VirtualizeTips.com. You can vote HERE

http://www.surveygizmo.com/s3/786135/Top-VMware-virtualization-blogs-2012

Thanks,

Brian

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

Along with the many other features that are new in VMware View 5, there are now WMI counters to monitor and report on PCoIP performance. In this post I will highlight some of the ones that I think are most valuable. At first I was kind of mixed about how I felt VMware choose to implement these features. But for those of you that have tools that can monitor Windows PC’s via WMI or are used to using Perfmon you will have no learning curve for this.

You can view these counters in Perfmon if you have access to the PC or the end user is familiar enough to help collect the data. Or if you have a tool that is capable of monitoring or collecting this data you will be able to add these to your standard monitoring rules. I plan on setting up some of the common monitoring tools in a lab when there is time and testing how they work with these new counters.

In the image below you can see the 5 new PCoIP sections that are available in Perfmon. Each of these has a number of counters that will help you monitor and trouble shoot PCoIP sessions for your View 5 users.

In the next image I am showing the counters available under the PCoIP network statistics section. This will give you details about network stats within the View session. You can monitor bandwidth, latency and packet loss for example.

On the next image I fired up a session and started to monitor the network settings for my PCoIP session. You can see below that I was looking at my latency and it was all over the board. This is because I was running from my house and the internet there is line of sight and well lets just say it sucks. But it is fairly useful for testing things like this because I get to see how they perform on bad connections.

 I have take shows of the remaining counters available for monitoring and shown them below. These counters focus on general PCoIP stats, Audio, Video/Image and USB related statistics for the View session. Over all I’m glad to see these new features added to view. Now I am waiting to see how tool makers adapter their products to take advantage of these new features. I am very eagerly waiting to get a look at vCenter Operations for View coming out in early 2012.

Update December 22, 2011:

I have listed out the different WMI classes and their explanations below. This should help you with understanding what each does.

PCoIP Network Statistics

General PCoIP Sessions Statistics

PCoIP Audio Statistics

PCoIP Imaging Statistics

PCoIP USB Statistics

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

Well October 31st and Halloween have come and gone and I’m just getting around to writing my recap. It was a busy day all round between the overwhelming success of Chicago’s first VMUG user conference and sugar overload from candy. I can’t say how proud I am of the turn out that the VMUG had. We broke an attendance record for a first time user conference with 500 people showing up at the conference. I believe the previous record was 390, so we have something to be proud of Chicago VMUG members.

The conference had speaking tracks from VMware and Partners on some great topics. I was able to attend sessions on View 5 and related products and a deep dive on ThinApp. Both were really good sessions with great speakers from VMware. I know that the VMUG leaders would like to thank everyone that came out to the conference and the Vendors that sponsored for making it all possible. But a huge thanks goes to VMware and the VMUG organization for helping plan this big event and making sure things went off without any issues.

I was able to meet a bunch of new VMUG members from Chicago and look forward to staying in contact with you all and meeting more. I hope that people that attended the user conference are able to attend our quarterly VMUG meetings that we hold. Growing our membership and creating a community around VMware in Chicago is a big part of the VMUG.

The Picture below is a view from the View 5 session that was presented by Josh from VMware. He covered all the infrastructure parts of View 5 and what roles they play. There were several good questions from the audience and he covered some real world implementation stories.

The image below is a picture from the exhibit space at the VMUG conference. We had tremendous vendor interest in the meeting. There was 55 boots in the space and some really great vendors and partners were there talking with VMUG members and helping them with products and solutions.

a

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)