Streaming the desktop By Robert L. Mitchell Computerworld (US)
Automated software distribution has been a hot topic in desktop management, but the next big thing is on-demand software delivery. While ASD tools help control desktop support costs by making software installations consistent, the on-demand software-delivery technologies go one step further: They can virtualize the local installation and stream the applications -- and even the operating system -- from a central distribution server in real time.
Sanjeev Shetty, director of IT at Time Warner Cable, is using streaming technology to manage the desktop application environments in the company's 300-seat call center. Shetty says he considered thin clients but couldn't justify the back-end server farm investment required to support an architecture for Microsoft Terminal Services or Citrix Systems's Presentation Server (previously MetaFrame).
Instead, he installed Ardence Desktop from Ardence. It creates and stores complete system images on a server and streams portions of the operating system and applications to desktop users at boot-up. "It didn't require a large investment in server infrastructure and provided immediate ROI," Shetty says.
Application streaming technology takes advantage of the fact that LANs are getting faster -- and that most applications require only a small fraction of the total program code in order to run. The minimum needed can be as little as 10 percent to 15 percent, says Dan Kusnetzky, an analyst at IDC.
Once the user is up and running, additional application and operating system components are fetched as needed. After the initial launch of a program, some products allow portions of the applications to reside in a local cache for faster subsequent loads. The result: Applications can be maintained and updated on central servers but run on the end user's local machine. The issue of managing locally installed programs on individual desktops is eliminated.
"This concept is new. It's part of the trend toward on-demand computing and utility computing," says Michael Kantrowitz, CEO of Neoware Systems.
Vendors of just-in-time streaming products fall into one of two categories. Companies such as Ardence offer products that stream complete disk images that include the Windows operating system and a predetermined application set. Companies like AppStream stream only the applications but offer more granular control over application delivery.
Still other vendors, including Softricity and Stream Theory, take application streaming one step further by creating a self-contained virtual environment in which each streamed application can run. The virtualization layer traps and isolates registry entries, Dynamic Link Libraries (DLL) and other changes the application wants to make to Windows settings. This avoids application conflicts and eliminates the need for administrators to do regression testing and build images for every combination of applications.
Since applications are delivered centrally, software streaming products allow application licenses to be tightly controlled. "The idea is to create an environment where applications can be made available on devices in a very managed, controlled way and then removed from the device so they can be used somewhere else," Kusnetzky says.
At Time Warner Cable, Shetty says, streaming technology lowered desktop support costs by reducing help desk calls resulting from malware problems. "Now, when they get [a virus], they just reboot and get a new image," he says.
Centralized management also made upgrades easier. A typical upgrade to the company's Avaya Call Center software, which used to take 75 hours to test and roll out, is now completed in about one hour, he says, because fewer images are needed and the software doesn't have to be installed on each machine.
Time Warner's PCs support PXE boot technology, which lets the machines remote-boot directly from the system image that the Ardence server delivers. PCs boot over the Gigabit Ethernet network faster than they did when running locally, Shetty says, and bypassing the local disk drive has saved on support costs. "Eighty percent of our trouble tickets are hard-drive-related," he says. The downside, he adds, is that building the images used for streaming can be time-consuming.
Shetty doesn't use Ardence on 350 machines outside of his call center because those don't share a common application set. "You'd have a ton of images for those," he says.
Neoware's Image Manager attempts to reduce the number of images required by creating a virtualization layer that allows a single image to run on different systems. "We have a virtualized driver model that lets the operating system boot regardless of what the hardware is," says Neoware CEO Michael Kantrowitz. It is limited, however, to only those drivers that are built into Windows. Applications with unique drivers require a separate image. With both products, administrators still must create different images for each desired application set.
Speed and Flexibility
At Westgate Resorts, systems administrator Brett Lazenby builds the baseline system images and streams only the applications. He is halfway through deploying AppStream to more than 4,000 PCs at the Orlando-based time-share company.
"We liked how the user could start using [the application] before the install even finished," Lazenby says. Although preparing applications is time-consuming, application streaming makes updates much faster, he says, since users receive the update the next time they log in.
"It takes less than a minute before they can use the [updated] applications. That's definitely better than having someone walk around to 2,000 PCs," he says.
Managing multiple images is impractical at Suncor Energy Services, which has 1,600 applications on some 4,500 PCs. Between 75 percent and 85 percent of those applications are now delivered by way of Softricity's SoftGrid server.
SoftGrid includes a "sequencer" utility that encapsulates all of the system changes that the application's installation routine makes and places those in a semi-isolated virtual environment on the PC, along with the installed application image. Applications are delivered automatically based on policies set in Active Directory and are removed when the session ends.
Suncor's goal is a "zero-touch workstation," says IT support analyst Derrick Weiszhaar. Because applications are streamed and virtualized, users can log into any machine and receive their own applications. "I can sit at any desktop in the company and get all of my apps as soon as I log in," Weiszhaar says.
Software updates that used to take a month to deploy are now completed in one day. Weiszhaar doesn't need to first perform regression testing on the application, produce a distribution package and test it. "Within five minutes we can deploy it to every single person in the company," he says.
SoftGrid doesn't work for all applications, however. In some situations, virtualized applications won't interoperate unless they're either packaged together or one is installed locally, Weiszhaar says. Because of interapplication dependencies, he doesn't virtualize Microsoft Office. (Softricity co-founder and Vice President David Greschler says SoftGrid's latest release supports all application components except for NT services.)
Determining application dependencies and sequencing apps to meet Suncor users' needs also required extra work, Weiszhaar says. "For each application, you have to ask, 'What am I losing, and what am I gaining?' " he says.
Stream Theory claims to offer application environment virtualization that's more flexible. AppExpress lets the administrator specify which DLLs or other application components can be virtualized and which need to talk to one another, says Chief Technology Officer Arthur Hitomi. The software won't, however, allow incompatible versions of an Oracle or Office application to run simultaneously, as Soft-Grid does.
On-demand streaming tools can also manage and update applications or system images in a Citrix Presentation Server or Terminal Services server farm. Suncor uses MetaFrame to provide thin-client access to applications that point to its back-end databases, but in the past interoperability conflicts forced Weiszhaar to dedicate separate back-end servers for applications that misbehaved.
"We had to silo-out hardware due to different versions of Office or Oracle," says Weiszhaar. SoftGrid eliminated the conflicts, and Weiszhaar was then able to distribute those applications across more servers.
Jonathan O'Brien used SoftGrid to consolidate 80 MetaFrame servers to just 15 at Lend Lease. "All of the applications were on separate servers. Now we can run them side by side," says O'Brien, senior systems engineer at the real estate services business.
Deployments of new applications via MetaFrame are also easier. "We can take your new application that we've never run before, put it on a server with production applications running, and we don't have to worry about it breaking anything," O'Brien says.
Like other users of application streaming, O'Brien says packaging applications is the challenge. So far, he has 150 available on demand and 10 more planned. "We have so many applications that we don't have time to understand how all of these work," he says. Yet that's exactly what needs to be done for each one before it can be sequenced. "How the application gets stored and accessed, [whether] you want .ini files copied out or not -- you have to know or learn those things," he says.
While approaches to application streaming vary, in the end all vendors attempt to deliver applications to the end device in a managed, secure way, says IDC's Kusnetzky. While SoftGrid's offering is the most mature, administrators will need to examine each approach carefully before making a decision, he says. "There may be six or seven ways to do it. That's got to be very confusing for an organization trying to decide what is the best solution for their needs."