Virtual Desktop Infrastructure (VDI) or the ability to deliver desktops as a managed service is an attractive and cost effective solution to mange a corporate desktop environment.  The success of virtual desktop deployments hinges on the user experience, availability and performance, security and IT's ability to reduce desktop operating expenses. 

VDI deployments virtualizes user desktops by delivering them to distinctive end point devices over the network from a central location. Since the user's primary work tool is now located in a data center rather than their own local machine, VDI can put a strain on network resources while the user experience can be less than desired.  This is due to the large amounts of data required to deliver a graphical user interface (GUI) based virtual desktop.  For users who want to access their desktops and applications from anywhere in the world, network latency can be especially noticeable when the virtual desktop is delivered over a WAN.  Organizations might have to provision more bandwidth to account for the additional network traffic which in turn, reduces any cost savings realized with VDI.  In addition, VMware has introduced the PCoIP (PC over IP) communications display protocol which makes more efficient use of the network by encapsulating video display packets in UDP instead of TCP.  Many remote access devices are incapable of correctly handling this distinctive protocol and this can deteriorate the user experience.

Keeping mobile users connected to their own unique, individual environments can also pose a challenge.  When a user is moving from one network to another, their session could be dropped, requiring them to re-connect, re-authenticate, and navigate to where they were prior to the interruption.  Session-persistence can maintain the stateful desktop information helping users reconnect quickly without the need to re-authenticate.  Secure access and access control are always concerns when deploying any system and virtual desktops are no different.  Users are still accessing sensitive corporate information so enforcing strong authentication, security policies, and ensuring that the client is compliant all still apply to VDI deployments.

Lastly, IT must make sure that the virtual systems themselves are available and can scale when needed to realize all the benefits from both a virtual server and virtual desktop deployment.

imageThe inclusion of BIG-IP APM's fine grained access control to BIG-IP LTM VE offers a very powerful enhancement to a VMware View deployment. BIG-IP APM for LTM VE is an exceptional way to optimize, secure, and deliver a VMware View virtual desktop infrastructure.  This is a 100% virtual remote access solution for VMware View 4.5 VDI solutions.  In addition, the BIG-IP APM for LTM VE system will run as a virtual machine in a VMware hypervisor environment so you can easily add it to your existing infrastructure.  As the number of users on virtual desktops grows, customers can easily transition from the BIG-IP virtual edition to a BIG-IP physical appliance.

The BIG-IP provides important load balancing, health monitoring and SSL Offload for VMware View deployments for greater system availability and scalability. Network and protocol optimizations help organizations mange bandwidth efficiently and in some cases, reduces the bandwidth requirements while maintaining and improving the user experience.  BIG-IP APM for LTM VE also opens the possibility of making virtual server load balancing decisions based on user’s identity, ensuring the user is connected to the optimal virtual instance based their needs.  F5 also overcomes the PCoIP challenge with our Datagram Transport Layer Security (DTLS) feature. This transport protocol is uniquely capable of providing all the desired security for transporting PCoIP communications but without the degradation in performance.  In addition, F5 supports View’s automatic fallback to TCP if a high performance UDP tunnel cannot be established.  Users no longer have to RDP to their virtual desktops but can now connect directly with PCoIP or organizations can plan a phased migration to PCoIP.

The BIG-IP APM for LTM VE comes with powerful security controls to keep the entire environment secure.  Pre-login host checks will inspect the requesting client and determine if it meets certain access criteria like OS patch level, Anti-virus/Firewall state or if a certificate is present.  BIG-IP APM for LTM VE offers a wide range of authentication mechanisms, including two-factor, to protect corporate resources from unauthorized access.  BIG-IP APM enables authentication pass-through for convenient single sign on and once a session is established, all traffic, including PCoIP, is encrypted to protect the data and session-persistence helps users reconnect quickly without having to re-authenticate. BIG-IP APM for LTM VE simplifies deployment of authentication and session management for VMware View enterprise virtual desktop management.

ps

Resources

Technorati Tags: F5, BIG-IP, VMWare, Optimization, Pete Silva, F5, vmview,virtualization,mobile applications,access control,security,context-aware,strategic point of control