SDN Makes VDI a TCO Game-Changer
Network virtualization and SDN are finally making VDI viable for the enterprise. Art Cole discusses where it will work best.
The virtual desktop has gotten a bad rap over the years. It's been described as weak on performance, lacking in customization and the source of so much stress on data infrastructure that it ends up costing more than the desktops it replaces.
But the truth is that problems with the virtual desktop originate in the data center. Static infrastructure does not take kindly to sudden disruptions, particularly ones that are as chaotic and bursty as a fleet of dumb terminals looking for storage and processing resources.
And things are changing in the data center. Virtualization has already taken firm hold of the server farm and is quickly moving into storage and network architectures, putting the entire data environment on an abstract footing. The virtual desktop was a burden in the days of physical infrastructure. How does the equation change in the all-virtual world?
"It absolutely changes things," said Steve Shah, senior director of product management at Citrix. "Having an elastic network makes desktop virtualization more cost-effective because you don't need as many resources on normal days but are still able to cope with the change when the spike happens. And at the heart of technologies like SDN are two fundamental ideas: automation and elasticity."
In fact, with the entire data ecosystem sitting atop on-premises or cloud-based virtual infrastructure, the idea of having an application or user interact with local, bare-metal resources may soon become quaint. After all, who wants to limit their data interactivity to just one client? Wouldn't it be much more convenient to pull not just applications and data from a diverse set of resources but your own personalized desktop image as well?
Experts say SDN makes VDI a necessity
With the software defined network as the underpinning of the virtual data environment, the virtual desktop becomes not only convenient, but necessary, according to leading experts in the field. An application-centric universe means that security, access and other policies must accompany applications and data wherever they go. This can be difficult if the desktop is tethered to the, well, desktop.
"Ten years ago, each team in the enterprise would have its own isolated network, either a VLAN or something that allowed the network administrator to easily provide different policies," said Robert Sherwood, CTO of Big Switch Networks. "That physical isolation was coordinated with policy isolation, making it easy to insert, say, a firewall that physically divided groups.
"Then along comes VDI and everyone's desktop image is suddenly in one physical location, so it becomes difficult to drop the same firewall onto these previously separate groups. SDN changes all that because all the policies are port-based. You can have one port with a virtual machine and all its associated policies, and if you move the VM the policies move with it."
In essence, SDN allows IT to create numerous virtual networks out of a conglomeration of physical resources without having to rewire or reconfigure hardware. For virtual desktop applications, this provides the centralized management and control that IT is looking for while still enabling the flexibility users need to form working groups, exchange information and engage in all of the social media and advanced mobility apps that are driving business performance these days.
In this way, desktop infrastructure can more closely mirror the team-based approach towards which most knowledge workers are gravitating. With desktops able to carry their policy assignments wherever they go, teams can now be dispersed over long distances without a lot of infrastructure juggling to ensure proper functionality.
"You can start grouping systems more logically," said Geoff Huang, director of product marketing for VMware's Networking and Security business unit. "Here is a group of VMs that have to do with engineering – everything to do with engineering can communicate with each other and nothing else. The same for HR and other groups. How we operate for policies and control becomes simpler to think about and easier to manage."
Simplifying policy management with dynamic desktop groups
This pooling of desktops can also be highly dynamic to accommodate users with varying levels of access to enterprise data. Core members of a group, for example, may require key apps, web resources and other tools while others may only need to access the web.
"If you didn't have a virtual network construct, you would need a complex matrix of policies overseeing access to certain data sets but not others," Huang said. "And this gets even more complicated once you start layering development zones vs. product zones and then building VLAN configurations."
VDI's benefits to capex and opex
All this talk about policy management and desktop portability is well and good, but does virtual networking reduce the physical infrastructure needed to support VDI? Probably not, but it is safe to say that it does allow VDI to scale to enterprise-class levels without breaking the capex budget. With the ability to provision and reclaim resources to meet data loads, a fully virtualized desktop environment can be distributed across local and cloud-based resources with relative ease, with the only limiting factor being the bandwidth needed to maintain connectivity.
Still, says Big Switch's Sherwood, many organizations are finding that simple overprovisioning is sufficient to handle today's loads, although savings can always be had from consolidating workloads on as few physical machines as possible and then shutting down the rest to conserve power. As well, operational costs are reduced dramatically because there is no need for an admin to update policies and other factors every time new network pathways are provisioned.
Does this mean that the traditional desktop is really dead this time? Unlikely, given that even virtual networks will introduce latency and other issues that can affect the performance of higher-order business applications.
For the legions of lower and even mid-level level desktop functions – everything from call centers to bulk data processing – a virtual desktop environment can lower costs and contribute to the dynamic data environment that circulates throughout the increasingly dynamic data environment.
And as the universe of client devices becomes more diverse, a desktop that cannot be accessed from multiple points may soon become more of a hindrance than a help.
Photo courtesy of Shutterstock.
Arthur Cole covers networking and the data center for IT Business Edge. He has served as editor of numerous publications covering everything from audio/video production and distribution, multimedia and the Internet to video gaming.