Information Technology Navigator

Tips, Advice & Insights from Technology Pros

Is this (Finally) the Year of VDI?

Posted by Michael Chen

Wed, Aug 30, 2017


It’s become an industry joke that every year is the “Year of VDI.” While promising to be the be-all and end-all solution to everyone’s IT woes, it’s never really lived up to the hype. Sometimes the issue is cost; other times it’s concerns about performance. And there’s also the problem of familiarity -- why break away from something you’re already comfortable with? Not to mention that supporting a VDI environment falls in that weird gray area between infrastructure and end user support. Nobody that has worked on VMware environments for the last 10 years is particularly interested in troubleshooting Microsoft Office issues again. But there is a convergence of improved technologies and market forces creating a perfect storm as to why you should begin seriously considering implementing VDI in your environment, if you haven’t done so already.

Security, Security, Security: Forget about ROIs, desktop performance, and CapEx vs. OpEx. At the end of the day, VDI is necessary to protect your network and data. With the WannaCry, Mamba, and NetPetya (to name a few) destructive malware attacks, it’s never been more clear that hackers are finding ransomware to be successful and profitable, and consequently, are increasing the frequency and sophistication of their attacks. While defense-in-depth and external hardening are all necessary components of a security strategy, it’s also vital to reduce the attack surface areas. With tools such as VPN and policies like BYOD becoming the norm, each new endpoint introduces another potential malware entry point, and trying to harden them all is a very tall task that wastes valuable IT resources, time, and money. With VDI, each of those endpoints is reduced to a glorified screen of a desktop that exists inside your datacenter, already protected with corporate security policies. By controlling what data can go through these links, any sort of vulnerability on the endpoints themselves will be contained on their devices. And it doesn’t hurt that you can literally destroy the desktop after every session. Of course, this doesn’t mean that you can neglect endpoint security, but it does mean that you have more flexibility in how you can address it and control any domino effect that may emerge from the next, inevitable malware attack.

HyperConvergence: While VDI has traditionally been plagued by performance and cost concerns, HyperConvergence is tackling both problems at the same time. A big part of the problem has been that traditional storage solutions were never designed with desktop performance in mind. As such, you usually had to massively overprovision storage to get any sort of viable IO, which drove VDI costs astronomically higher. This made VDI a non-starter for many organizations, regardless of the security benefits. However, with the maturation of HyperConvergence technologies, VDI has found a great platform to land on. HyperConvergence, by design, grows linearly, with CPU, memory, space and IO increasing predictably as more nodes are added. VDI behaves similarly, as each new VDI instance (for the most part) requires a linear addition of CPU, memory, space, and IO resources. The viability of all-SSD hyperconverged environments means that provisioning storage does not have to be IO constrained anymore, controlling what would otherwise be the largest part of a VDI budget. VMware is well aware of these advantages, and has actively been promoting VSAN with the Horizon View offerings, even bundling it in to make the technology more attractive. And the real-world effects are very tangible. One of my current projects saw a reduction of login times from 2 hours to 30 seconds by moving to a HyperConverged platform. Of course, the reduction wasn’t solely due to HyperConvergence, but it played a big role.

But other factors are paving the way for VDI, I’ll discuss those in Part 2 of this blog next week when I’ll reveal the 2017 VDI “verdict.”