How difficult is it to transition 350 of a planned 1,000+ employees to an efficient, agile, responsive, secure, mobile, recoverable virtual desktop infrastructure (VDI)? One that can be customized for individual end users, and managed centrally by a state government agency with limited financial and labor resources?
As just one component of a newly established, independent state government infrastructure involving complete migration of, not only the aged desktops, but of all our servers? With complete integration from the desktop to the data center, implemented in-house, by a newly built team and with assistance of just-in-time established vendor partnerships?
To be honest, as CIO at the State of Wisconsin Department of Children and Families, I expected this would be difficult. We are a relatively new agency formed from two predecessors and still in transition after determining that the best way to serve our customers was to establish an independent infrastructure that was both separate from, yet interoperable with, the state of Wisconsin’s architecture.
We knew we wanted the overall desktop technology solution to be as reliable and scalable as possible, while enabling us to customize and deliver services centrally, thereby limiting labor and costs. We also knew there could be pitfalls in whole-heartedly embracing solutions with a leading edge nature in order to maximize return on investment for our citizens. We had a lofty set of goals, to be sure, but given the timeline, scope and scale of the project, new technology was inevitable.
We managed risk by taking a conservative approach when our timeline did not allow for even a brief delay in service delivery. We bought full PCs from Lenovo, setting them up initially to give the impression of a thin client, knowing we could use these traditional PCs if virtualization failed. Now those laptops are in use throughout the organization. We have 350 virtual desktops in live deployment, with several hundred more expected this summer and through the end of this year.
Two key technologies we embraced from the start for desktop virtualization are VMware View for virtual desktop delivery and Unidesk for virtual desktop provisioning, management, and personalization. We knew that virtualizing our desktops and managing them centrally without having to go to each PC for patches and updates would save significantly on our labor costs right off the bat.
Virtual desktops would mean our end users could move from one location to another without having to provide everyone with a laptop, and we could centralize security, too -- of utmost importance when you are dealing with sensitive data about children. But what to do about our users’ applications, their operating systems and the myriad “persona” like profile settings, data, toolbars, plug-ins, wallpaper – all the customizations that make up an individual’s desktop? Could we manage all of this virtually without having to buy separate products for each?
With the risk of end user revolt, you could certainly make a case that the ability to deliver personalization as part of the virtual desktop infrastructure stack is the single greatest requirement for virtual desktop success. Simply put, even where groups of users are similar, the individual wants and needs a virtual desktop that meets or beats previous PC experience.
But if you provide personalization, how does this effect manageability, that is, the ability for lean IT staff like ours to manage these custom desktops? If personalization and ease of management are priorities, what about conserving storage? As the first state agency to implement new virtual desktop layering technology from Unidesk we found this VDI “companion” platform to VMware to be especially useful because it separates virtual desktops into independently managed operating system, application, and personalization "layers."
You can share a layer of Microsoft Windows and layers of applications like Office across many VDI desktops. This drastically reduces storage requirements; what’s more, having a single image to manage makes it a lot easier to deliver applications, patches and the like. This is done without any impact on the user’s separate personalization layer, which is where the magic happens in keeping users desktops as they like them. You don’t need profile management, application virtualization, or image cloning or provisioning. And storage de-duplication isn’t necessary because you are sharing images across hundreds of desktops, so there is nothing to “de-dupe.”
How does our new architecture affect the user? In some respects the change is minimal because they don’t even realize their desktops are virtual. In other ways, it is so dramatic there is little way to measure change fairly. As one small example, previously, a simple measure such as boot time of a computer could literally be greater than 15 minutes because the underlying architecture was operating as a Novell based file and print solution using Microsoft Active Directory roaming profiles. Users moved among a number of agency offices utilizing roaming profiles that grew very large, impacting daily productivity. Now, their desktops are available instantly.
Virtually everyone in IT is talking about desktop virtualization and many in government have started to look at replacing individuals’ PCs with virtual desktops hosted in the data center and accessed through “greener” thin clients. Extensive planning is needed to understand your users, but be aware that knowing the users’ work environment is only half the solution.
Other organizations try to put together a patchwork of point tools to manage virtual desktop operating systems, applications and user persona, all as separate entities. Everyone’s needs are different but in our case, the latest virtual desktop layering technology has enabled us to meet our operational requirements with a customer-centric design that doesn’t require a raft of partial solutions.