Project Horizon finally goes public

After at least 2 years of anticipation and waiting we get to see the first release of VMware’s Project Horizon today.  We still have to wait to get the application publishing that many of us hoped would be the first part of Horizon to go public but this new single sign on cloud connected enterprise tool can go along way to help enterprises give the flexibility back to the users.  Horizon App Manager is delivered as a virtual appliance that sends secure tokens instead of full passwords between the corporate environment and cloud providers like SalesForce and Workday.  This gives users the comfort of knowing that a seasoned IT pro had secured the connections and validated that the site they are visiting is in fact the proper place to go and not a hackers imitation.  What Horizon also does is provides a app store in a sense that corporate users can request accounts on these third party services directly within the corporate environment.  Check out the video below from VMwareTV for more details.  I look forward to seeing the next few releases from the Horizon Team.

The Google Chromebook just helped VDI into the mainstream

Google announced that they will be selling the Chromebook for Business for $28 a month per user starting in June.  At first you probably wonder how a web based dumbed down notebook could help the likes of VMware, Citrix, and Microsoft sell VDI solutions.  The answer is simple.  As our data moves into the cloud we have less and less need for the large fast hard drives that have been populating notebooks for the past few years.  Add that to always on connectivity of 3g and you have access to your data (for free up to 100 mb a month).  The next question is now that I can get to my data how to I use it.  You could follow the party line from Google and move everything to Google Docs but that does not work for most enterprises.  However published applications from XenApp or single sign-on solutions like Project Horizon from VMware are moving enterprise applications into the cloud and onto the internet.  So now you can have a notebook that can boot in less than 8 seconds with full web connectivity and a minimal security threat footprint that also has access to your documents that sit in DropBox or SugarSync,  If you add that to the latest release from Ericom of a HTML5 client for VMware View and you can now have enterprise class desktops at your fingertips.  There is of course the worry of what happens in someone hacks the ChromeOS that is on these machines do they now have access to all my data anyway?  It is still possible that could happen but with a team of engineers and an auto-update feature on the Chromebook you would hope whatever vulnerability that may be found would be patched extremely quickly.

This is great now for your work computer but what if I want to use it at home?  The applications that are loaded are already the ones that most uses want to use from their home PC, with full access to chrome, google docs, chat clients, twitter clients and of course angry birds who could want more?

VMware FlowCharts Part 2 : SRM Installation

In an effort to make these processes as easy as possible heres the next in my series of flowcharts for supporting VMware.  Keep in mind that this is simply for installation.  Make sure you follow best practices and do a full application assessment before assuming your DR plan is complete.  Attempting to deploy a DR plan for Exchange, SQL or any other multi-tier application without looking at all the interconnectivity will result in an unsuccessful DR failover.  With that being said… heres the flowchart.

SRM Install Workflow

Are you sure you are following best practices on vSphere?

I have worked for multiple resellers throughout the years and one of the things that has been constant throughout has been that customers like to bring in an subject matter expert to do an initial deployment, but then after the initial deployment they let the environment remain status quo.  Budgets tend to shrink with each passing year but the one area that should not get overlooked in maintenance of your infrastructure.  As companies consolidate their servers and desktops onto a small subset of servers, the old system admin rule of “Always check from layer one up” carries even more weight, the physical layer quickly gives way to the hypervisor.

The challenge comes into play when you need to determine if you are truly following the best practices that have been put out by VMware.  The do more with less mentality often means that IT staff are wearing multiple hats.  This is the time to bring back in the VMware Solutions Provider or consultant and ask for one of the more underutilized tools in the consultants belt, the VMware HealthAnalyzer.

HealthAnalyzer is an automated process that collects inventory, configuration, and utilization data from the vSphere environment through the vSphere SDK.  Once the data is collected the tool allows the solutions provider to produce a report grading the environment through a stop light mentality and display the findings and data in an easy to view format, including ways to re-mediate any pieces that are missing when compared to VMware Best Practices.   The amount of time that the report takes is completely dependent on the size of your environment but in most SMB environments the data collection can be done in a single day without installing anything on the corporate environment.  Once the data is collected, the consultant can compile and analyze the data to return the report card both in a written report as well as a summary presentation.

vSphere Ipad App with Screenshots

The VMware purchase of SpringSource seems to be paying off heavily in the past few weeks.  After the long awaited release of the VMware View App for the Ipad last week, VMware followed up with the vSphere Client for Ipad on Friday  Unlike the View app that connects directly to a current production environment, the vSphere client requires you to install the vCMA or vCenter Mobile Access appliance from http://labs.vmware.com/flings/vcma.

Once you install the vCMA you are able to publish a new web based vCenter management console.  The vCMA will not give full control of your environment but it is great for quick checkups or vMotions.  Once the app is installed you can set the IP address from the console and then access the webserver by browsing to the IP address followed by /vim (http://192.168.1.15/vim as an example).  The next few screenshots are from my iPhone connecting into the vCMA

The first is the home screen with the second being the host and clusters view.  These should look very similar on any smartphone you look at.  One of the biggest features of the mobile app is the ability to migrate machines between hosts as seen below.

Now that the vCMA is installed you can grab the vSphere client for the ipad and get an even more detailed view into your environment.  The first step, once you have the client downloaded and installed, is to set the webserver in the Global Settings screen.  The webserver will be the IP address of the vCMA you installed earlier.  When you open the app you will be asked to enter the vCenter address and username and password.  From there you will see your hosts.

If you select one of the hosts you will see all the VMs it hosts along with basic performance information for the host.

Notice the performance tab at the bottom of the screen.  This screen shows the historic performance stats of your host.

Returning back to the info tab, you can select an individual VM and get information from that VM.

Similar to the host settings you can also see the performance of the individual VM.

Now that you can get the information from VMs and Hosts, the next options are tools.  You can ping or traceroute to the VM.

One of the last notable features is the ability to Suspend, Stop, or Restart the VM from the app.

As these apps mature I am sure we will see more features to include the network configurations, storage integration, and hopefully connectivity to the Public Cloud with the integration of vCloud Connector.

All the ways you can access your desktop

As a premier partner with VMware, we’ve seen a significant uptick in sales and pilots of the VMware View virtual desktop solution. The solution gives you a lot of flexibility for access including the flood of mobile devices hitting the market; iPad 2 anyone?

First, you can re-purpose your existing desktop as what’s called a full or fat client. This involves launching a client application from within the existing Operating System to access the View broker(s). The nice part about this approach is that regardless of your OS, there’s a client available to connect with. The Windows OS client from VMware gives you the advantage of software PCoIP and out of the box functionality. For Mac users there’s now have a native client as well, and you can use the Open Client when working with a Linux machine like Ubuntu (http://code.google.com/p/vmware-view-open-client/). If you’re looking to repurpose the desktops in your company but don’t want to maintain the desktop OS, there are client vendors that provide the ability to convert your existing desktop into a pseudo-thin client. This option allows you to ether completely rebuild the desktop as a pure thin-client platform, or as a dual boot environment. For more on this type of deployment, check out ThinDesktop (http://thinlaunch.com/).

The next option would be to access your virtual desktop from a traditional thin client. A thin client gives you a significant power savings with a product that has no moving parts and consumes anywhere from 6 to 50 watts versus upwards of 350 watts for a traditional desktop. There are a lot of vendors out there that make thin clients, but the granddaddy of them all is Wyse. We were fortunate to be able to speak with Kim Nicola at Wyse at VMware PEX 2011.

The last and most exciting (in my opinion) option for access is through a mobile device. If you are using an iPhone or Android based phone, you can use the Wyse PocketCloud app to get RDP access to your View environment and virtual desktop. For both platforms, the app runs $14.99 and allows you to connect to View as well as traditional RDP or VNC clients. If you have an iPad you can still use the Wyse app or you can use the newly released VMware View iPad App (http://itunes.apple.com/us/app/vmware-view-for-ipad/id417993697?mt=8).

Take a look at our latest ClearpathTV video below and see the View iPad Client in action.

Tips when upgrading from View 4.5 to 4.6

After working on updating my View 4.5 environment to 4.6, I came to the conclusion that the documentation is not exactly complete. I have listed out a few tips to take note of during your update process.
•All of the base images must have the upgraded View Agent installed. ◦You can install over the existing 4.5 agent, however it might fail if the View Composer Guest Server Agent can’t be stopped. To get around this, disable the service, reboot and reinstall the 4.6 agent
◦Once you install the agent, make sure you check the video card driver version. It should be the VMware SVGA 3D (Microsoft Corporation – WDDM) version 7.14.1.49

•Easiest way to upgrade the connection broker is by adding a replica server. ◦If you are running Windows 2003 32-bit the easiest upgrade path is to add a new server. Simply create a 2008 R2 server and install View as a replica server.
◦If you want to keep your Connection Server as 2003 then you can simply click the option “Use PCoIP Secure Gateway for PCoIP connections to desktop”
◦If you want to have a security server, I found it easiest to create another new server and set the pairing password. If your security server is already 2008 r2 then you could also reinstall the security server and set the password, but that would stop access temporarily from the outside world.

•On the View Admin console, make sure to set the external url on both the Security Server and the Connection Server. This is not needed or possible if you keep a 2003 connection server.
•If you want PCoIP over the WAN you will need to open a few more ports in addition to 443 ◦TCP 4172 Security Server -> Virtual Desktop
◦UDP 4172 Security Server Virtual Desktop
◦TCP 4172 View Client External -> Security Server
◦UDP 4172 View Client External Security Server

•If you think you have all the ports open, but still get a time out when using the Ipad client or through PCoIP, but RDP works fine and you are using a Cisco ASA (and possibly some other firewalls); we have found that you may need to separate the firewall rules. One rule for the UDP 4172, one for TCP 4172, and one for TCP 80 and 443. Having a single rule with all the ports seems to have problems when connecting through an ASA.

Hopefully these few tips will allow your upgrade or deployment to go just a little bit smoother.

VMware’s Project Horizon: What It Is and How Will We Get It?

Manage the User Locally, but Extend Identity to the Cloud

Starting at last years VMWorld one of the hottest topics has been Project Horizon. What was initially billed as an Enterprise App store will be released in three phases.

Phase 1: Secure Identity and Manage SAAS Apps
– Federate AD to Cloud SAAS Apps
– Simplify End User Experience with SSO
– Provision Users to mainstream SAAS Apps

A complementary product to many of your Identity Access and Management suites, Horizon will use a virtual machine placed in your DMZ that is referred to as the Horizon Connector.

Connector acts as a broker between the enterprise and the SAAS services. Secure tokens are used for the communication into the Horizon Cloud. Connectors from the Cloud could begin with Google Apps, Salesforce, Success Factors, Workday, Zimbra, Mozy, and Box.Net. These are done with SAML (http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language) federation. SAML is an open standard that provides high security with no passwords, digitally signed tokens are passed for access. Access and reporting can be done from the Horizon Connector for auditing and license tracking.

Phase 2: Modernize your Windows Environment
– Virtualize your windows apps for isolation and portability
– Secure and Mange the desktop
– Orchestrate Windows App Delivery Options

This phase will bring applications into an app store, very similar to http://myonelogin.com/, with the addition of being able to add in ThinApp applications and Microsoft App-V packages. With a client to be released for desktops Horizon should be able to push icons for applications directly to the desktop after they are selected from the enterprise app store.

Phase 3: Control Your data and Collaboration
– Automatic Data Sync to trusted devices
– Encrypt data across different platforms
– Enable Simplified End User Collaboration

The last phase of this rollout will include being able to allow access to data and transfer/sync user data regardless of platform or applications, either within the enterprise or with SAAS products.

New Desktop Virtualization Certifications from VMware

VMware announced at Partner Exchange yesterday a new certification designed specifically around desktop virtualization. The VMware Certified Associate – Desktop or VCA4-DT is the first of these certifications and the test is being ran in beta at Partner Exchange. According to the education team this is the first of 3 new certifications. There will be a VCP-DT for desktop focused engineers as well as a VCAP-DT for the most advanced desktop focused virtualization architects.

There are no prerequisites for the VCA exam, however VMware recommends taking the VMware View Fundamentals and the View 4.5 Install, Configure and Manage classes. The current requirements for the VCP4-DT will include passing the VCA4-DT and attaining a VCP4 certification.

The test is still in beta, however there is a blueprint on the VMware website (http://bit.ly/erCNUD). The beta test is 110 questions with top is ranging from the CLI commands, to maximum capabilities. Before taking the test you will want to make sure you have worked on View often, including troubleshooting.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑