Citrix plans 'bare metal' desktop hypervisor

Software vendor says it's working with Intel on new desktop virtualization technology

Citrix Systems Inc. said today that it is working with Intel Corp. to develop a "bare-metal" hypervisor for desktop and laptop PCs, a move that is aimed at broadening the use of desktop virtualization tools by overcoming some of the technology's current shortcomings.

Citrix plans to deliver the hypervisor in the second half of the year, as part of a new product offering code-named "Project Independence." The hypervisor will be based on the open-source Xen virtualization software and optimized to run on PCs that include Intel's Core 2 and Centrino 2 processors and the chip maker's vPro technology, according to today's announcement.

Citrix, which acquired Xen vendor XenSource Inc. in 2007, and Intel said that the bare-metal hypervisor will make it easier to create and centrally manage virtual desktop images for PCs used in the workplace.

The companies also said that the new offering should improve on current desktop virtualization technologies by providing stronger security because the hypervisor will be able to run independently of the client operating system. They also said it will better performance for end users because it will enable applications to run locally instead of on a remote server.

"What this product will do at a high level is address some of the core challenges and core barriers that have kept client virtualization solutions and usage models from being broadly adopted in the past," Gregory Bryant, vice president and general manager of Intel's digital office platform division, said during a conference call with reporters and analysts on Friday. The announcement was embargoed by Citrix and Intel until today.

A hypervisor is the layer of software that manages interactions between a virtual machine and the underlying hardware. Most of the client-level products sold now are so-called Type 2 hypervisors, which are installed within a PC's host operating system. Type 1 hypervisors, such as the one planned by Citrix, are installed with the firmware beneath the operating system level, thus earning them the bare metal tag.

The new hypervisor is designed to help Citrix keep pace with virtualization market leader VMware Inc., which announced its own Type 1 hypervisor at its VMworld user conference last September. VMware's product is also due in the second half of this year, a spokeswoman for that company said this week.

Virtualization has been widely adopted on servers, but its use on desktops has been limited. Although proponents say desktop virtualization can generate big savings for IT departments by enabling them to centrally manage desktop images, existing products have drawbacks.

For example, in one approach, supported by Citrix's XenDesktop software and VMware's View, desktop images are stored in virtual containers on a server and streamed to end users. That model can create performance problems for the users, since data is constantly being shuttled back and forth over a network. It also doesn't allow them to work offline.

Another model, used by VMware's ACE technology, installs the desktop image on a Type 2 hypervisor. That provides better performance and the ability to work offline, but critics say security protections are weaker because they are dependent upon the security of the client operating system.

"The Type 2 hypervisor provides no security to stop the host from snooping on what the virtual machine is doing," said Ian Pratt, founder of the Xen open-source project and a Citrix vice president. "It can arbitrarily corrupt it and steal data from it,"

Bare-metal hypervisors aim to combine the best of both worlds. They also will enable companies to install two separate desktop images side by side on a PC, so an employee could have one environment for work use and another for personal use, said Andi Mann, an analyst at Enterprise Management Associates Inc. in Boulder, Colo.

"It really enables this fundamental and clear separation of the corporate and the personal, and that's very significant," he said. "From a usability point of view, it makes my personal desktop environment really my own, and from the corporate standpoint, it allows them to lock down their desktop. So it satisfies both parties' desires."

Citrix said Project Independence will allow companies to centrally manage one copy of Windows, one copy of each application and one copy of each employee's user data and profile. The software will then assemble and deliver those elements as an on-demand service to the virtual machine on each user's PC, the vendor added.

When used along with Citrix's XenApp application-delivery system and other products from the vendor, Project Independence will also be able to automate data backup and recovery as changes to virtual desktops are synchronized with data center systems, company officials said.

VMware dominates the server virtualization market, but Citrix may have an advantage on the desktop because it has focused much of its efforts on application delivery, Mann said. "My feeling is that Citrix is better poised to manage the virtual client environment," he added.

But, Mann cautioned, claims that Type 1 hypervisors are inherently more secure than Type 2 products need to be tested. "We can't tell until we do some penetration tests how secure it really is," he said.

Citrix's hypervisor will be able to run on existing Intel-based PCs that include the vPro chip set, and applications won't have to be rewritten to run on top of the new software, according to Pratt.

The company is not yet discussing its planned pricing for the Project Independence technology. The hypervisor will be based on software developed through the Xen Client Initiative, which was announced last year by the Xen project, and Citrix said it expects to release an open-source version along with the commercial product.

Copyright © 2009 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon