Explainer: VMware's Virtual Desktop Infrastructure

The VMware Virtual Desktop Infrastructure (VDI) is more a concept than a distinct product. The goal is to host multiple desktops within a virtualization server, a setup that currently requires more than just one product.

VDI consists of four basic components: a client to access the virtual machines, a broker to direct the clients to the appropriate VMs, the virtualization server and the VMs that are used as the desktop.

There are several ways to fill each of these components.

The client that gives end users access to the VMs is usually the Microsoft Remote Desktop Protocol (RDP) but the client is generally dictated by the broker being used. Some other clients are VNC, or RDP or VNC over Secure Shell Tunnels.

The broker could be VMware Desktop Manager (VDM), Linux Virtual Server, Citrix Desktop Server, Citrix XenDesktop, Provision Networks VAS, Leostream CB, FreeNX or a NoMachine Server, Clearcube Sentral and Ericom PowerTerm. (This comparison of most of these products is well worth a read. This site does not review the Linux Virtual Server or FreeNX solutions, however.)

Given that there are so many brokers, VDI ends up being more than just a VMware product; it is a concept that includes multiple products.

Most of the brokers listed here only support Windows VMs; in most cases, the VM must support RDP in order to be used by the broker. Using additional tools like XRDP, it is possible for most Linux systems to work as virtual desktops for all the brokers listed.

Most people, in picking virtualization servers, end up with the VMware Virtual Infrastructure, but VMware Server and XenServer are valid options as well. The choice among servers really boils down to manageability -- the ease in which new VMs are created, the quantity of VMs the interface can handle.

The security of these VMs should be assessed properly and the tools to maintain that security need to be in place. It is important to realize that this is a captured environment and hence all the VMs can be clones of one that could be constantly tested for security issues, patched and redeployed without the users knowing about it.

Next on my list of important items is the access to the VMs through the broker. How is that security achieved? Using preshared keys? Standard SSL, or whatever RDP and Windows normally provide? Once more, this depends entirely on the broker chosen.

Although picking a broker may be difficult -- and is a key decision in selection of the various desktop virtualization products -- VMware has bundled an all-in-one product it is calling VDI that includes VMware Infrastructure v3 and VDM, with RDP access to the VMs.

But, while the products and capabilities are packaged together, the capability itself is still more a concept than a single product.

Virtualization expert Edward L. Haletky is the author of VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers (Pearson Education, 2008). He recently left Hewlett-Packard Co., where he worked on the virtualization, Linux and high-performance technical computing teams. Haletky owns AstroArch Consulting Inc., providing virtualization, security and network consulting and development. Haletky is also a champion and moderator for the VMware discussion forums, providing answers to security and configuration questions.

This story, "Explainer: VMware's Virtual Desktop Infrastructure" was originally published by CIO.

Copyright © 2008 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon