vmware & unidesk customer webinar: wisconsin department of children and families
DESCRIPTION
Presentation slides from VMware and Unidesk webinar with joint customer Wisconsin Department of Children and Families.TRANSCRIPT
Webinar: Make VDI Personal – How State of Wisconsin
DCF is Virtualizing its 1,200 Desktops
Maytee AspuroChief
InformationOfficer
Ron OglesbyVMware vExpertMicrosoft MVP
Chief Solution Architect
Chris FoxSenior
Software Engineer
Desktop Virtualization Bureau of Milwaukee Child Welfare
The Challenge
Wave One / Phase One & Two:
To transition 250+ staff to an efficient, agile, responsive, secure, accessible/mobile, recoverable, and comprehensive desktop that can be reasonably customized and centrally supported with limited financial and labor resources.
dcf.wisconsin.gov
The Business Case• Meeting Operational Requirements
° Scalability
° Flexibility and Agility
° Longevity
• Customer Service
• Total Cost of Ownership
• Highly Mobile Workforce (internal & external)
• COOP Solution
dcf.wisconsin.gov
Success Measures
• User Personao Meet or beat previous desktop experience
• Manageabilityo Enable fewer IT staff to accomplish more
• Storageo Conserve space while maximizing performance
• Mobilityo Anytime / Anywhere
dcf.wisconsin.gov
The Customer
Bureau of Milwaukee Child Welfare
• 1/4 of the total DCF population• Highly Mobile
• Externally: Staff operate in a wide variety of environments• Internally: Staff regularly moves among locations based on tactical needs• High turnover rate (~20% annually)
• Access to sensitive data• Task oriented• High risk of equipment theft • Undergoing substantial strategic restructuring and reorganization
dcf.wisconsin.gov
The Partnership• Department of Children & Families
o Bureau of Information Technology Services (BITS)o Bureau of Milwaukee Child Welfare (BMCW)
• Department of AdministrationoDivision of Enterprise Technology
• Vendors (Listed Chronologically by Engagement)
•HP/PDS•Cisco/AT&T•VMware•InSight•Lenovo•CDW-G•Riverbed/A&E Business Solutions•Unidesk•SolarWinds•Microsoft•Symantec
dcf.wisconsin.gov
The Timeline
dcf.wisconsin.gov
Wave 1 – Phase 1
Infrastructure Foundation and Services Layer Implementation
June 2010 – September 2010
Wave 1 – Phase 2
BMCW Network and Workstation Migration October 2010 – December 2010
LAN, WAN, Datacenter Network Management Transition from DOA/DET to DCF
June 2010 – December 2010
Service Desk/HelpDesk Implementation November 2010 – December 2010
eWISACWIS Modernization October 2010 – July 2011
Wave 2
Transition of Workstation, file/print services from DWD
March 2011 – December 2011
Transition of DWD hosted KIDS & CARES web-based applications
January 2012 – December 2012
Wave 3
Optimization & Consolidation January 2013 – June 2013
DCF Technology Selection
dcf.wisconsin.gov
Hardware
Server Platform HP BladeCenter C7000 w/ BL460c Blades
Storage Platform Primary and Secondary: HP EVA 8000 Series
Backup and Archival: Symantec NetBackup
Network
Data-center Networking Cisco Nexus 7000/5000 Series Switches, ASA Firewall & VPN
WAN Optimization/Acceleration Riverbed
Virtualization
Server Virtualization VMware vSphere 4.1 Enterprise Plus
Desktop Virtualization VMware View 4.5 / Unidesk
Management and Monitoring
PC, Server Lifecycle Management Microsoft Systems Center Configuration Manager (SCCM)
Infrastructure Monitoring Microsoft Systems Center Operations Manager (SCOM), HP Systems Insight Management, HP Storage Essentials
Network Monitoring Orion Solarwinds Network Performance Monitor
Service Desk Microsoft Systems Center Service Manager 2010
Why Virtualize The Desktop?
• Separation of the OS, applications and hardware. This separation will increase agility while decreasing support costs (firms commonly report 50% decreases in desktop support costs while improving service delivery).
• Windows 7 Support
• Simplified Desktop Management
• Automated Desktop Provisioning
• Built-in Security
• Availability and Scalability
• Streamlined Application Management
• Advanced Virtual Desktop Image Management
• And the topic we all love to hate…COOP
dcf.wisconsin.gov
DCF VDI Architecture
dcf.wisconsin.gov
Unidesk
• Allows us to effectively personalize,
package, and provision desktops,
improve overall manageability, and
provide significant storage savings, all
without compromising the underlying
solution.
• C:\ Drive is compiled at boot time,
consisting of independent OS, App, and
Personalization layers.• All layers are independent• OS and Application layers are
shared (storage savings)• User Persona persists through
updates• Snapshot/Restore individual
layers or the entire desktop
dcf.wisconsin.gov
Inside Unidesk Layering
It’s All About the Layers
dcf.wisconsin.gov
Planning & Design – Steps to VDI Success• Know your users
o Create a set of tiers that users fit into, and assign a weight to each tier
dcf.wisconsin.gov
Tier Weight Typical Workload
Information Workers
70% Child Welfare App (Web Based), Outlook, Excel, Word
Power Workers
20% Above, plus custom apps, development suites (i.e. IT Staff, Finance, Developers)
Admin Workers
10% Management and Directors, requiring basic applications, but lowest downtime
Sizing• Next, assign performance characteristics to each tier• Based on a number of users and this breakdown, we can reasonably plan hardware resources• For us, this was a journey from estimating to actual
dcf.wisconsin.gov
Tier vRAM vCPU Disk I/O (non-idle)
Information Workers
1.5 GB
1 ~12-15 IOPS
Power Workers
2-3 GB
1-2 ~18-22 IOPS
Admin Workers
2 GB 1 ~12-18 IOPS
Estimating Hardware• Conservative Numbers for Budgeting
o Don’t forget about: Virtualization overhead Infrastructure supporting VDI N+1 capacity, etc
dcf.wisconsin.gov
CPU Memory Disk Network
~2-4 Desktops per CPU core
~.5-1 Desktop per 1GB of Physical Memory
~7 Desktops per 15k RPM hard disk spindle
~3 Desktops per 1Mb of WAN bandwidth
Current Usage Statistics•~350 Desktops with over 65% user concurrency
•Plan to roll out an additional 600 desktops this year
•A single gold image•~50 Application layers•Average of 67 desktops per blade•Serious storage savings
• i.e. Savings for 53 desktops running on a single CachePoint
dcf.wisconsin.gov
Executing Desktop Virtualization• Research, research, research…• September had to be used for testing and optimization
• Over 600 staff and partners to be moved in November • DCF infrastructure had to be production ready by October 15th.
• Integrated design from the desktop to the data center
dcf.wisconsin.gov
VDI in a Mobile Client
• Roaming Thin Client is what we needed…
• How did we do it?
• Why did we choose to use this method?• Compressed timeline• Guaranteed success was required
• Post implementation included a large refresh project that allows opportunity to adjust
dcf.wisconsin.gov
Lessons Learned
• Extensive planning - Understand your users• Plan for some sort of persona management tool
• Unidesk packages the OS, Apps, and Persona• Take a holistic approach to Application Inventory
• Unidesk Layer• ThinApp• Installed on Gold Image
• Dedicate trained virtualization staff to your Helpdesk• Implement in small groups and monitor constantly on all levels• Use direct user training and interaction within the rollout• Ensure you have immediate triage ability with staff as they face change• Keep your user in mind
dcf.wisconsin.gov
The Achievement
•Meeting Operational Requirements•Scalability Highly scalable•Flexibility and Agility Quick provisioning and extensibility•Longevity Designed for the future
•Customer Service Customer-centric design•Total Cost of Ownership ROI driven •Highly connected workforce (internal and external) Anytime and anywhere access•Establishing COOP solutions Without costly redundant equipment & environments
dcf.wisconsin.gov
Thank you.
Layering: The Keyto VDI Success
Unidesk: Desktop Layering Innovation
C:
The Best of Persistent & Non-Persistent VDI
Persistent:custom foreach user
Non-persistent:stateless and managed by IT
UnideskManagement
ApplianceVirtual appliance serves GUI, maintains policy &
configurationAdministrator
UnideskMaster CachePoint
Virtual appliance stores common layers
UnideskCachePoint
Virtual appliance stores only the layers need by
desktops it hosts
End Users
Unidesk Topology
Personalization Layer Backups
Regular backups of desktop personalization layers for
recovery purposesUnidesk Virtual Desktops
Unidesk-composited desktops hosted on
existing VMware infrastructure
Demo: Unidesk and VMware View in Action
Copyright © 2010 Unidesk Corporation. All Rights Reserved. www.unidesk.com
© 2009 VMware Inc. All rights reserved
Confidential
VMware View – Enabling manageability and mobility like never before
29
Modernizing the Desktop – A Managed Service Model
Persona
Applications
Operating System
Centralized Management
DesktopDelivery
ModernDesktop
30
Modernizing the Desktop – VMware Vision
Mobile Desktop Mac Thin Client Offline iPad
Desktop Cloud
Cloud Desktop Management •Image Management •SLA•Provisioning•Maintenance•Policy•Security
Cloud Desktop Infrastructure •On Demand Resources
•Availability
•Scalability
•Performance
vCenter – Policy-based Management & Automation
vSphere – Platform for Cloud Infrastructure
View – Desktop Computing via Cloud
OS Apps Persona
Personalized Access across Devices
Desktop Application Portal
31
VMware Partner Unidesk Shares the Same Vision
“Dynamic desktop composition represents an advance in client management technology and can accelerate growth for virtual desktops where the ability to personalize the user experience is needed. Unidesk’s layering technology is an innovative example and we look forward to collaborating to modernize the desktop experience for VMware View and VMware vSphere customers.”
- Scott Davis, CTO, Desktop Virtualization, VMware
32
Customers Modernizing More Desktops with View and Unidesk
33
Key Components
Built on reliable vSphere platform
vCenter Server
View Connection Server
View Security Server
Now supports PCoIP!
View Client
Offline Client available for special use cases
Overview of the View Architecture
vCenter
CentralizedVirtual Desktops
MicrosoftActive Directory
View Connection Server
View Security Server
View Client
DMZ
PCoIP
34
View Security Server Security Features
• Native support for PCoIP added in View 4.6
• Recommended for DMZ deployment or environments with separated networks
• Only authenticated users can gain access through it
• Can ensure that virtual desktop access is only possible for authenticated users. The only desktop protocol that can enter the data center is on behalf of authenticated users
• Ensures users can only access resources (virtual desktops) they are authorized to access
• Zero administration
• Offloads the HTTPS processing and all desktop protocol traffic away from the View Connection Server
• Multiple View Security Servers are used for scalability and HA with loadbalancers
• Support for RSA SecurID and smartcards
View Security Server
35
Operating System
ThinApp – application virtualization
Features
• Decouple applications and data from OS
• Agent-less architecture
• Wide platform and application support
• Plug into existing application management tools
• Deliver ThinApp virtual applications asUnidesk layers for automated deployment,version control, and rollback
Benefits
• Simplify Windows 7 migration
• Enable application mobility and easier access
• Minimize the number of OS images managed
• Eliminate application conflicts
• Enable the use of multiple versions of thesame applications
Application Application
Operating System
VOS VOS
Application
sandbox
Application
sandbox
App Files App Files
36
vShield Endpoint Integration
Improve performance and effectiveness of existing endpoint security solutions
Offload AV activity to Security VM (SVM)
Eliminate desktop agents and AV storms
Enable comprehensive desktop VM protection
Centrally manage AV service across VMs with detailed logging of AV activity
Partner Integration through EPSEC API
vShield Endpoint Included with the VMware View 4.5 Premier bundle
VMPersonaAPP
OSKernelBIOS
VMPersonaAPP
OSKernelBIOS
VMPersonaAPP
OSKernelBIOS
SVM
OS
VMware vSphere
AV
Hardened
Introspection
37
Thank You!
Q&A
Please feel free to contact the speakers directly :
• Maytee Aspuro, State of Wisconsin, [email protected]
• Christopher Luter, State of Wisconsin, [email protected]
• Timothy Curless, State of Wisconsin, [email protected], Twitter:@timcurless
• Ron Oglesby, Unidesk, [email protected], Twitter:@RonOglesby
• Chris Fox, VMware, [email protected]