Slide 1

Mythbusting DaaSJp Pflaum and Dave Peternell

1

VMware Global Partner of the Year - SDDC Global Partner of the Year -SDDC -2013Infrastructure Partner of the Year - 2010VMware Competencies:Infrastructure VirtualizationBusiness ContinuityCloud IaaSDesktop VirtualizationManagementVirtualization of Business Critical Applications

VMware Certifications and Accreditations: Total # of VCPs: 40Total # of VTSPs: 45Total # of VCDX: 3Elite Partner: ManagementCloud ComputingvSANNSXvCloud AirHorizon

2

Debunking the Top 10 Cloud-Hosted Desktop Myths 3Desktops-as-a-ServiceApps-as-a-Service

vCloud Air

Desktop Disaster Recovery-as-a-Service

Driving IT Transformation4Infrastructure TransformationApplication TransformationMove to SDDC CloudIaaS, PaaS, DaaSApplication OptimizationMobile ApplicationsBYO

4

5We Can Help You Do More

PlanBuildManage

AdvizeX enables IT departments to focus on whats really important--driving innovation and revenue in their business--by providing services across the entire business solution lifecycle, from PLANNING through BUILDING to MANAGING the solution.

This is a key differentiator for AdvizeX because few companies can do all of these things and do them well. Weve talked about how AdvizeX isa Partner for Life. The new AdvizeX is also a Partner for the Entire Solution Lifecycle:We help you identify the need and align it with business goals;We architect the solution with you;We build it, validate it and install it;We integrate it with your existing IT systems and business applications;And well manage it for the life of the solution to ensure it continues to deliver value.

5

Were With You, From Whiteboard to Real WorldAdvizeX can help accelerate the move to Horizon Air :Use case analysisSolution proof-of-conceptMigration and integration planning

6

End-user deployment servicesOn-going managed servicesInfrastructure hosting services

6

Whats the Next Step?Executive BriefingTechnology WorkshopsAdvisory AssessmentProof-of-Concepts

7

The journey to the next platform starts with a single step. What will your next step be?You can get started with one of our online Advizer tools to assess your technology needs and measure your IT strengths and weaknesses against relevant industry benchmarks.You can engage us for a complete and complimentary onsite technology review with your IT team.You can be our guest at one of our Executive Briefing Centers for an executive team meeting and an opportunity to see our solutions firsthand.

7

Thank You

Top 10 Myths of Desktops as a ServiceDave Peternell

2014 VMware Inc. All rights reserved.

9

Top 10Marketing messages that cause confusion in the market

1. You cant do DaaS underMicrosoft licensing

DaaS Terminology ComplexityHorizon Air PlatformNetwork ControllerStorage Controller

Compute Controller

Windows 7App 3App 2App 1DataServer 2008App 3App 2App 1DataServer 2008App 3App 2App 1DataServer 2008App 3App 2App 1Data

VDI

ServerDesktop

SessionDesktop

PublishedApps

Daas includes all 4 of these models. When they say you cant do DaaS, what they mean is VDI on the left.12

From the Microsoft Blog

http://blogs.technet.com/b/volume-licensing/archive/2012/03/08/delivery-of-desktop-like-functionality-through-outsourcer-arrangements-and-service-provider-license-agreements.aspxVolume LicenseSPLA license

MS says you can. 13

Licensing Windows Desktops with DaaSVDIServerDesktopSession DesktopPublishedAppsOS TypeWindows 7Server 2008 R2Server 2008 R2Server 2008 R2License VehicleVolume LicenseSPLASPLASPLALicense TypeVDA (SA)RDS-SALRDS-SALRDS-SAL

These are the licensing models. On Dec 1 implementing USL User Subscription Licensing for DaaS.14

Key things to understand about VDAMicrosoft licenses Windows for virtual desktops by access device or by user (as of Dec 1, 2014) For access device licensing:Extended roaming rightsCompanion Subscription LicenseThe service provider can not include Microsoft Client OS licensing as part of DaaSThere is no SPLA for Windows client OSThe end customer must own the Microsoft license If you are using a public cloud, you must ensure dedicated hardware for anything running an instance of Microsoft software

http://download.microsoft.com/download/5/c/7/5c727885-ec15-4920-818b-4d140ec6c38a/SA_Customer_Virtual_Desktop_Brochure.pdf

http://download.microsoft.com/download/1/1/4/114A45DD-A1F7-4910-81FD-6CAF401077D0/Microsoft%20VDI%20and%20VDA%20FAQ%20v3%200.pdf

2. Only shared session desktopscan be used for DaaS

Benefits and Challenges of each modelVDIServerDesktopSessionDesktopPublishedAppsOS TypeWindows 7Server 2008 R2Server 2008 R2Server 2008 R2License TypeSA / VDASPLASPLASPLADensity1:11:14:110:1IT FriendlyYesNoYesYesApp SupportYesUnknownIT ManagedIT ManagedUIAYesYesNoNoSecurity RiskNoMaybeNoNo

Full desktopLicensingNon-persistentSingle App

Go thru why users select non-VDI DaaS.

Skinned server solves licensingSession desktop is cheaper cheaper to buy and cheaper to managePublished apps when desktop not required cheaper still

UIA = User Installed Apps17

VMware Horizon AirEconomically balanced Business & Personal objectives80%15%5%Replace XenApp FarmTerminal Services just an app Published Apps via an icon Students, Virtual LabsShared Desktop Shift Workers Desktop Replacement My Desktop Thick to Thin Client flip++100%=Provision & Manage Entitlements single consoleRDS DesktopsRemoteApp

RDS

Win 7/8/XP, Win Server Dedicated

VDI DesktopsPersistent or Non-persistentShared Desktops

Published ApplicationsFrom VDI or RDS Pools

*sample

Multi-model allows service provider to provide a solution for different types of end-users & use cases all from the same platform.

VDI desktops provide a dedicated instance for each end-user. The image can be WinXP, Win7, Win8, WinSvr (skinned as Win 7). Desktop can be persistent or non-persistent.

Shared desktops are session-based, non-persistent sessions running on WinSvr Pro: cheaper to buy, support and maintain than VDI desktops, but do not provide full desktop functionality.

Published applications for users who only need 1-3 Windows applications and not a complete desktop. Applications can be published from either a VDI desktop or a shared desktop.

(percentages shown are just examples)18

Desktop models for all use cases19VMware Horizon Air: Provision & Manage Entitlements from a single consoleFull VDI DesktopsHosted ApplicationsSharedDesktops

Economically balanced Business & Personal objectives80%15%5%Replace XenApp FarmTerminal Services just an app Published Apps via an icon Students, Virtual LabsShared Desktop Shift Workers Desktop Replacement My Desktop Thick to Thin Client flip++100%=*sample

Single customer wants a mix or least the option to have a mix19

3. DaaS is too expensive

Predictable costs

Minimal internal labor & expertise requiredNo upfront capital outlay for hardwareOPEX model with utility based pricing

MSRP: $35 per desktop/month

21

Cloud-hosted desktops drive down operational costs22HardwareServer, storage, network switches,access device, maintenanceSoftwareWindows OS, VDI license, maintenanceLaborHelp desk (tier 1,2,3), security, desktop management, administration

Horizon View$840$652$1133$810Subscription CostSubscription costs can be amortized over time

Source: Analyst & VMware estimates

22

4. DaaS delivers poor userexperience

View Clients for Windows, Mac and Ubuntu Linux based desktops and laptopsWindows and Linux based thin clients and zero clientsMobile clients for Android and iOS devicesWeb AccessHorizon View ClientsFlexible access to a desktop that follows you everywhere

Details

Securely embrace BYOD initiativesEnable and secure tablet devices Reduce TCO with repurposed PCsIncrease end-user flexibility with access from a wide variety of devicesDeliver a seamless end user experienceBenefits

Users love the DaaS experience anywhere, any device, start where you left off

VMware Horizon View client enables flexible online access to Horizon Air desktops across a wide variety of devices for a desktop that follows the user.

The View Client is software that runs on an endpoint device and enables an end-user to access their Horizon Air desktop running in the vCloud Air datacenterThe View Client runs on a number of different endpoint devices including traditional or thick clients. This includes desktop and laptop computers running Windows and Mac OSSeveral vendors enable Repurpose PC solutions that will remove the OS on the end point device and replace it will a very thin OS purpose built to only run the View Client. This helps reduce OpEx associated with managing the end-point OS while helping to keep down CapEx by enabling the reuse of existing PCsThe View client is supported on Linux through some of our Thin Client partners as well as through an open source clientThe View Client is also supported on Thin Client and Zero Client devices. While Thin Clients have a very small OS a Zero Client will have no OS on the end point. This increases end-point security while helping to reduce OpEx associated with managing the endpoint device.The View Client is also available for tablet devices like iPad and Android. 24

Remote protocol delivered throughAny HTML5 capable web-browserGoogle ChromebooksAccess through Horizon UIRoutes to existing Horizon Air desktopClient-less HTML5 Browser AccessSimplified web access to desktop from ANY modern device

Overview

Install-Free access to DesktopsAccess to Windows desktops and applications from modern devices such as Google ChromebooksBenefits

Even if all you have is a browser nothing localed installed.25

Focus on applications, not the desktopEasier to launch appsEasier to switch between running appsEasier to open/find filesEasier to use, minimize and quit appsMobile Client User ExperienceOptimize usability and end-user productivity

OverviewMakes using Windows apps on mobile much more usable and mobile centricBest-in-class Windows apps experience on the iOS & Android devicesBenefits

We accommodate devices not designed for Windows. Unity Touch26

5. DaaS security is lacking

Horizon Air Security Model

End User Security

Virtual Desktop Security

Data Center SecurityHorizon Air Platform

PROVIDED BY CustomerAdvizeXPROVIDED BY VMware

This presentation will provide an overview on comprehensive DaaS security. Total DaaS security has multiple layers of controls.

The base layers are handled by the service provider. They do it better than most end customers.

Data Center Security: Securing the data center through access controls, biometrics, non descript design, etc.Desktone Platform Architecture: The built-in security provided by the Desktone platform. Because Desktone was built from the ground up with service providers in mind it has multiple internal layers of security to provide a secure environment for users and administrators.

These next 2 layers can be either client managed or outsourced to the service provider or a 3rd party MSP.

Virtual Desktop Security: These are the same controls applied to all desktops, physical or virtual, such as AV and patch management.End User Security: How the user accesses the virtual desktop and the controls in place to restrict access.28

Horizon Air Security OverviewNetwork SeparationResource SeparationSecured AccessMinimal Node FunctionalitySecure Software DevelopmentIn our opinion, the VMware Air Platform has been reasonably assessed and it is unlikely that there exists any significant security issues that could compromise the software confidentiality, integrity or availability.- THIRD PARTY SECURITY AUDIT

Architected from day 1 to be delivered by a service provider

Each client has their own dedicated hardware resources for compliance and security reasons.

Every client tenant has their own dedicated compute, memory, management databases, dedicated datastore, virtual network, and access gateway. Enforcing this separation adds an additional layer of isolation and protection for each customer. Because of the isolation between the tenant network and the service provider network and the dedicated hardware resources this prevents a tenant from compromising their own environment to attack another tenant.

29

6. DaaS wont work with youronsite IT assets

Enterprise IntegrationContinue to use all of your existing assets and management platforms with cloud hosted desktops.UsersvCloud AirVPNMPLS

Data CenterCorporate applicationsGroup file shareUser document storageUser profile storageCollaboration serverSource revision controlPatch management

Enterprise IT ResourcesActive Directory

Business benefit for End Customer: They do not need to change anything about existing IT business practices because virtual desktops look just like physical desktops. Own Active Directory, own OU, security policies, etc.

Enterprise integration is really about minimum business interruption. Customer extends their network to include the cloud hosted virtual desktops. All existing IT infrastructure and investments, including security policies, apply equally to the virtual desktops. This is essential when starting with a pilot and then moving to a phased production implementation. Enterprise integration supports an iterative implementation.

31

VMware Customer/TenantRole SeparationIT AdminTenant SDK APIs integrate with other self-service systemsGold Pattern ManagementPool ManagementUser EntitlementsWorkload ManagementVM ProvisioningAuthorizationSLA ReportsIT Management DashboardService SDK APIs integrate with NSM, OSS, BSSService Grid ManagementAuthorizationSLA & Price ManagementMonitoringDaaS AppliancesResource OptimizationMulti-Tenant ManagementAdministration Portal

End-UsersWeb Service APIPersistent DesktopsSession DesktopsPersonal ApplicationsCorporate DataNon-persistent DesktopsCorporateApp StoreMobile ClientWeb PortalZero ClientView Client

Tenant has full ability to manage your virtual desktop environment32

7. DaaS does not support theconsumerization of IT

DaaS delivered to any device, anytime and anywhereDaaS ENABLES the Consumerization of IT

Smart Phone

Tablet

Desktop

Laptop

Machine

Horizon View

Horizon ViewHorizon Air Service

At VMware, we are embracing these changes and we believe users should have one place to securely access all the applications, files, social tools and online services they need, from any device they choose, everywhere.

If we look at our Mission-- its about enabling the software defined workspace and allow people to work at the speed of lifeand this is a great term-because it is about end users and how they want to work-whether they are in the coffee shop, at home, on the road or in the office accessing their applications and data that they need, when they need it-- across everything from a laptop to a desktop to their new car.

Its also a great term because it signals that customers can take advantage of the full capabilities up and down the stack that VMware brings to bear around the software defined datacenter and extend these capabilities out to end users through the workspace.

34

Consumerization of IT with security controlsUser Devices

HTTPS

Web Broker

128 Bit+Remote ProtocolVirtual DesktopsControlled Redirection

End User Security

The final element of good VDI security is the controls around end user security. This includes encrypting traffic in transit between the end point and the client user device as well as right and appropriate controls for sharing data between the end user device and the cloud resources.

Step 1) The user and administrator both logs into their respective portals over a HTTPS connection securing their session.Step 2) The protocol session connecting the end user to their hosted desktop runs on at least 128 bit encryption, and that can be increased depending on the protocol.Step 3) Access to move the remote resources locally is controlled by policy so administrators can choose what access the user has to the clip board, printers, drives, and USB ports.35

8. Migrating users to DaaS ishard

Cloud Makes the Complex EasyManagement, devices, apps, OS Desktop management Access devices (end-point) PC, laptop, tablet, etc. Applications Word, Excel, LOB apps, antivirus, etc. Image creation, deployment and maintenance Operating system licenses Windows clients/serverSoftwareHorizon Air Platform Server/data store SW patching and administration Support and maintenanceHardwareServers Storage (RAID protected)Networking infrastructure Hardware Administration Support and maintenance

PROVIDED BY CustomerAdvizeXPROVIDED BY VMware

FacilitiesData center Racks Power and cooling Security

Support 7 x 24 x 365 L2+ support for desktop admin Horizon Air Platform certified support personnel Integrated incident, service request and escalation management system24 x7 Enterprise ITIL Support Enterprise SecurityEnterprise ClassData Center Operations

AdvizeX helps migrate37

Easy for the Business to get started3 Clicks to a Virtual Desktop

Create Virtual Desktop12Assign to Users3User Login

Easy to provision start small38

9. DaaS requires lots ofbandwidth

Protocol and desktop bandwidth

IT Shared ResourcesEnd User Devices Active Directory User Data Storage IT Assets High performance network Secure & Compliant

Centralized management & reporting Provisioning on demand

Remote DisplayAccess Anywhere

Network Connection (VPN)Horizon Air DeliversClient Manages

Explain bandwidth fronthaul & backhaul. Fronthaul is better understood backhaul is not clear.40

Optimization, optimization and optimization

Well documented guides on how to optimize we have dont this for you. All this knowledge & experience is build it to the Horizon Air.41

10. The offline use case is a dealbreaker

The offline business should not use DaaS

Thank YouQuestions?