In today’s enterprise, applications are king. With bring you own desktop, an influx of Apple systems, and more remote users, the focus for enterprise systems is no longer on the operating system. This application focus led me to do a comparison of Citrix XenApp, the leading application publishing method, and VMware Horizon Application Manager, the latest product to provide centralized managed application to a domain. Each of these products has more features that could possibly be compared in a short presentation and since this test was built to present at the DC and New England VMware User Groups, I had to limit the feature set comparison. Horizon has a great SAAS presentation ability, and XenApp can be accessed from a plethora of devices that Horizon currently can not, but for this comparison I look at desktop presentation within a domain with the standard out of the box deployment. The systems were built to provide a minimum level of high availability and were not tweaked for performance. I was able to do the presentation with another of VMware’s products, SlideRocket and since most people were not able to see the presentation live I have embedded it below. Please add comments and suggestions as I will continue to develop the comparison and probably expand to show the other features. (Make sure to watch the side by side video comparison on Slide 16)
The key parameters that are to be considered when building a multi-tenant environment are Isolation, performance sla, user customization, ease of administration, and financial cost. Citrix is providing ways to build this with multiple different models. The first is session isolation. This would involve fully shared hardware with just a user session separate. The next is server isolation,with each tenant having their own virtual servers. The next is a full network isolation. This is dedicated hardware and systems. The cost increases with each model. Within the next few months (June 30th they say) Citrix will be releasing a full fledged white paper on how to configure each of these setups.
While the full isolation would be the preferred option in most cases, it will also involve the most hardware for this cloud. Some of the components then require you to duplicate solutions, this includes a separate XenApp farm for each tenant. By building multiple farms you also lose some of the new functionality in XenApp 6 that will allow for worker groups to auto populate apps depending on OU. Parts that don’t need to be multiple would include the Access gateway and Netscaler. A Netscaler will create a virtual server that provides client less access into the tenants network. With the netscaler you could have separation with virtual VPX gateways, or for a large environment you could have unto 20,000 concurrent connections with the MPX appliance.
For monitoring the cloud environment you can use Edgesight to monitor end to end details of the environment. This is definitely an advantage since you are often unable to monitor multiple systems through a single pane of glass. Edgesight now provides for some new reports for SLA compliance and Usage reports, specifically built around solution providers.
The goal with the latest releases is to combine the multiple management tools, AD, SQL, and XenApp just to name a few. The release of the Cortex Cloud Control Panel will allow you to manage multiple consoles in one pane as well as delegate access out to either staff or even to tenants to manage their own environment.
Today Citrix released the Service Provider Automation Pack (See Jon Spallone’s details here) in conjunction with Microsoft. it includes a powershell script to automate the provisioning of desktops from Service Providers for the small to medium businesses. On the surface this looks like a great new concept, the ability to give end users in a small to medium workspace the option of purchasing desktops without needing to spend countless capital expenditures. However it appears this is rally the latest rendition of Terminal Services just done better.
This in itself is what makes the solution even more interesting. The Microsoft licensing model for virtual desktops has in the past revolved around the VDA license. The license was essentially a tax on users that wanted the Windows 7 experience without a physical desktop. A yearly cost that Microsoft added to the cost of VDI that can make the return on investment stretch into the 6 and 7 year timeframe. with the SPAP, you are using a version of Windows Server 2008 that is built to look like Win7. This would mean that a Service Provider can now use SPLA licensing and finally offer a desktop as a service with full compliance. The VDA license was never available as part of the SPLA. VMware offers View in a way that you could present desktops, and they offer vCloud Director to automate virtual machine management task, but they do not offer something to present anything other than a Windows 7 desktop in an automated method.
Releasing the SPAP with Citrix harkens back to the days of the release of Metaframe and the early relationship between Microsoft and Citrix. At the same time we get to see the argument between Citrix/Microsoft and VMware to continue to grow.
The advent of social media and the increased use of user bulletin boards, companies have come to realize that there is a significant value to be gained from having users and partners as product evangelists. Microsoft has been doing this for years with the MVP program and a few years ago VMware joined suit with the vExpert program. Citrix has also seen the benefits of these evangelist. Arriving in San Fransisco today for the Citrix Partner Summit, it is immediately evident that the Citrix community not only supports the designation of Citrix Technology Professional (CTP) but wants to see it succeed. The group gather on a semi regular basis and Citrix provides support for the program through incentives that include invitations to exclusive events, access to the product teams, and access to early release software. These are just a few of the incentives provided to a group that Citrix has entrusted not only with their name but provided backing. The largest drawback I can see with the program is the extremely limited size of the group. While a small group makes it easier to provide benefits to, it also limits the reach of the group. This past year the VMware team has said that there were over 1000 applicants for the vExpert program, clearly a number that has to be trimmed down to be able to provide the credentials as an exclusive and beneficial group. Neither group has stated how many times someone can become a CTP or vExpert, and having the same members year in and year out could result in an “old boys club” rather than the true group of passionate supporters and technologists. Overall the program looks to be very beneficial for Citrix and the CTPs.The CTP group is also speaking throughout Citrix Synergy and Summit. I look forward to hearing how this group can represent the Citrix products line.
Citrix has been steadily moving away from the reputation of being the “terminal server guys.” For the past year, 20% of Citrix business was networking including Netscaler, Branch Repeater, and Access Gateway. This is a great transition as the desktop OS moves towards the hybrid cloud and application centric computing.
There is an interesting pitch, that Citrix provides the only end to end solution, providing web access and branch office access to the virtual desktop. This is a bit of a stretch although the ability to offload a web interface from a Windows machine onto the NetScaler and move load balanced web access to an appliance seems to provide a much more secure and potentially robust solution than the VMware Security Server. Adding a load balancer to the View Solution could add cost if you don’t use some of the available open source load balancers. There is an added cost however with the NetScaler as well and the Netscaler is built to replace the free Secure Gateway solution that is built into XenDesktop. You do however get unlimited connection and the added access from the Citrix Receiver plug-in and the Branch Repeater plug-in. The one area that VMware can not provide is the Branch Repeater and Acceleration features. If a customer purchases XenDesktop Platinum Edition, they are able to get the Branch Repeater VPX for free a virtual appliance version of the Branch Repeater.
Branch Repeater gives the user visibility into 500+ applications, and you can auto configure it without changing Xendesktop. You can also prioritize by user groups or apps. That acceleration is a feature that sounds great and because it can be deployed as a virtual machine you could demo a proof of concept or acceleration without impacting your existing networking.
Probably the most intriguing product in the networking portfolio is the Citrix Receiver connection into SAAS apps leveraging the Open Cloud Access. This is very similar to VMware’s newly releasedHorizon App Manager. It utilizes SAML just like Horizon App Manager does to pass through authentication utilizing the token approach. This cNetombination with the Open Cloud Access is that next step into the application centric computing space of tomorrow. Another great transition from the terminal server space into the future.