Wednesday, April 16, 2008

Benefits of end-user device virtualization

In many organizations managing the desktop and laptop PCs seems like a bottom-less pit. It doesn't matter how much resources you throw in it, the situation barely improves. This makes you think that you have reached a point where no further improvement is possible. If the end-user would think that this is acceptable, we would all be happy. But the truth is very far from that.

The fundamental problem is that full standardization of the software stack on the end-user device has become nearly impossible. While some organizations go to great length to reduce the number of applications in order to get the support costs at acceptable levels, the hardware manufacturers make it difficult to maintain a stable operating system software stack (more commonly described as "image" by system managers). IT support organization face difficult challenges, which usually are barely understood by end-users. As a result it often has to sell "no" to end-users who require more flexibility to adapt to changing business needs.

The solution is to marry the operating system stack with the underlying hardware like Apple does with Mac OS X on Apple hardware. Apple fans will tell you in great length that after they switched to this platform, the horror and nightmare to keep the chosen operating system stack running on the variety of hardware equipment is over. But not every organization is willing to pay for the premium that Apple offers. And serious alternative vendors are not available. Unless you take a different perspective.

It will be easy to marry the operating system stack if the underlying hardware interface wouldn't be so volatile. This can be achieved by using a virtual machine. Using a hypervisor which decouples the actual hardware interface from the virtual hardware interface would put some relief on the maintenance of the operating system.

Most end-user device virtualization environments are set up for two major reasons as far as I can observe:

1) provide multiple machines on one physical machine
2) provide a secure virtual machine on an insecure physical machine or the other way around.

The first reason is very popular with software developers en testers. It is actually so popular that many people have the perception that this is the only useful application of client side virtualization. But the second reason is equally powerful. So why is this not ubiquitous?

An explanation could be that this set-up adds another layer in the stack, which is perceived by both end-users and support staff as added complexity instead of simplification. Well I don't know for sure because I am not an average end-user nor a IT support person. In the coming months I plan to run an experiment within one of my clients to see if the perception is true or not. In this particular environment the organization faces the challenge to allow more unmanaged (und therefor insecure) physical devices on their network while guaranteeing a secured access from certain corporate client applications to centralized corporate data. More news in the future.

© Peter Bodifée 2008. All rights reserved

No comments: