For years I’ve been saying that “VDI is a solution looking for a problem.” A problem that is solved for the most part by Terminal Services (RDS) for many use cases (some special cases such as a requirement for local administrative rights still lend themselves to a VDI solution).
Now it appears that the world’s largest proponent of VDI is starting to see it that way too.
Last week VMware announced Horizon 6. The first question I have for VMware is what happened to versions 1 through 5? IT seems to me like Horizon 6 is emulating what Citrix (and Microsoft have being doing for decades) with a combined instance and session based solution. There’s not much I can tell you about Horizon 6 as it was only announced last week. Apparently you can download a 60 day evaluation. I suggest caution before doing that.
In the past, VMware has been able to get customers to forget that they may already have a solution available to them and get them to look at VDI/View as a potential solution to a problem. My suggestion is to learn what you can currently accomplish with Windows Server 2012R@ and Citrix to help you better understand what VMware is bringing to the party with Horizon 6.
I’m looking forward to seeing how Microsoft and Citrix are going to respond to this. IT will be an interesting TechEd for sure.
For a more in depth perspective on this, see my friend Claudio Rodrigues post here.
Microsoft’s newest Billion Dollar business units include Office 365 and Azure. There’s lots of marketing, sales, and ROI information about Office365 and cloud services in general. So I’m not going to bore you with another post about how to save your organization money or accelerate value by adopting Office365. I’m going to describe two real world use cases that I have personally found Office365 to help with. I might even through in some anecdotal cost benefit analysis but my main purpose is to explore some less common uses for Office 365 that you may not have thought of.
The two scenarios are:
- External consultants
- Text and Development
I manage a team of consultants that regularly have to work at client sites. Often at some very security conscious organizations. We can’t always use our own laptops in their environment or if we can it is typically through guest wireless networks. We’ve encountered situations where the guest wireless prevents us from connecting back to our office through VPN. This makes it difficult to access some of our collaboration services like SharePoint. We have moved my team to Office365 specifically to do things like coauthoring documents in SharePoint from customer sites. This enables some interesting scenarios. We’ve had cases where an offsite consultant was able to review and update some documentation while it was being simultaneously authored by another consultant working in our lab.
Test and Development
We do a lot of System Center work. System Center is a complex suite of products that interact with each other as well as core Windows infrastructure like Active Directory and Exchange. When we are building out a proof of concept for a customer, they typically don’t want us to touch their production AD and Exchange environments. I don’t blame them. Ultimately in order to complete the project we would need to somehow build out an Active Directory and Exchange infrastructure dedicated to the proof of concept or pilot. Consider the additional costs in hardware, software, and time required to accomplish this. Lately we’ve started using Office365 to provide Exchange services. It takes minutes to provision and connect to. Examples we’ve used recently include the Exchange connector for Configuration Manager and Service Manager. Using this approach, in under and hour I was able to get more than a half dozen mobile devices loaded into Configuration Manager for a MDM/UDM proof of concept without touching any production AD or Exchange infrastructure simply by adding an additional email account the devices.
We’ve extended this to Azure as well. We have been using Azure to host System Center instances for proof of concept and sandbox deployments. I’m looking forward to combining Azure with Office365 to further accelerate our pilots and proofs of concept deployments.
I often get asked to do presentations at conferences or user group meetings and although I drive a mean PowerPoint, I feel that showing the actual product and putting it through a few laps adds value and credibility to the production. I’m doing a user group presentation in Montreal next week and I was setting up for it with a colleague of mine. HE asked some interesting questions about why I was setting up my laptop a certain way and I realized that I take for granted that I have been cursed by the demo and presentation gods so many times that I have a few tricks up my sleeve to thwart them. Here are a few of the things I do to minimize the impact of unknown venues with unknown networks:
- Always have a backup of your presentation and and demo VMs. An external drive and/or a cloud drive SkyDrive or Google Drive can be a real saviour when something unexpected happens.
- Always rehearse your demos in the environment you will be presenting in to see how it runs and looks in the venue. Make any changes or restructure the presentation to accommodate for any issues. You don’t want to be surprised on camera.
- Have a backup internet connection avaialbe. A portable hotspot or a mobile phone that has internet connection sharing (like my Nokia Lumia 920)
- Always have a local demo available, even if it’s just a screen recording like Camtasia (full disclosure: TechSmith gives Microsoft MVPs free Camtasia and SnagIt licenses – I also like Faststone Capture since it is inexpensive and also runs as a portable application from a USB key ). Relying on a remote demo is asking for trouble. If you can’t connect to your demo environment for some reason (VPN blocked, network stability, etc.). Also if something goes wrong in the remote location, it is very difficult to troubleshoot.
- If you have multiple systems as part of your demo (virtual or physical) consider using the Sysinternals tool BGINFO or a custom wallpaper with the machine name and/or description to make the different systems readily apparent to the audience (and sometimes to you).
- Make sure your passwords are current and you know what they are. Consider setting demo password properties to “never expire”.
- Set the task bars on your remote demo systems to be in a location other than your primary system so that you don’t get confused as to which task bar you are launching from.
- Explain to the audience the limitations of the demo environment (hardware, data sets, connections to complementary systems, etc.) so that they understand why your demo is designed in a particular way and that it may not be reflective of how a production implementation would work.
I’ve been using Windows 8 and 8.1 since both were in customer preview and I’ve really come to depend on Hyper-V for my demo environment. Before windows 8, I would either boot Server 2008 R2 (or server core) to have a hypervisor available (see my previous blog post about that environment. Before that I would use VMware Workstation or Virtual Box. But they weren’t ideal for every use case as they are type 2 hypervisors not type 1.
I’ve got a few tricks that I use in my demo environment to help build it out and make it present better:
Don’t rely on the Hyper-V Virtual Machine Connection. Enable remote desktop services in your VMs and connect them to an internal network. This allows you to do two things that you cannot do with the Virtual Machine Connection:
- Adjust the screen resolution to meet the needs of the display devices at the venue
- Map local resources like USB drives and printers.
- A cool feature in Windows 8.x and Server 12.x is the ability mount an ISO directly in the OS. Unfortunately, you can’t mount an ISO that is connected through RDP device mapping. You will get the following error:
However, you can mount it in the host OS, it will appear as a DVD drive, and then you access it from the guest VM:
If the demo VM(s) need(s) an internet connection, I like to use ICS to share my wireless connection with my demo VMs. I like this better than the Hyper-V virtual switch bridge because the IP addresses won’t keep changing with the venue. This makes it easier to RDP to them. For step-by-step instruction on how to share a wireless connections try these posts:
While Windows 8.1 and Windows Server 2012 R2 was released earlier this month, when nobody was looking, System Center 2012 Configuration Manager R2 came out. Did anybody notice? Aside from support for Windows 8.1 and Windows Server 2012 R2, there are a quite a few new features. I understand that many organizations typically wait before deploying new versions of products but what’s in store for those who are ready to install if only for evaluation purposes? Here are the features that I’m most interested in exploring:
Profiles. Profiles, Profiles
A raft of new profile types can be managed including Remote Connection profiles, VPN profiles, Wi-Fi profiles, and Certificate profiles. This can really simplify the management of some complex settings across devices.
Reassign clients to another site in the hierarchy. This will primarily be useful for large organizations with a CAS.
Many new features and enhancements including user self-enrollment for Android and iOS using the company portal app. Another neat new feature that I’m excited about is support for personal and corporate owned devices. This feature will be useful in lifecycle management and BYOD scenarios where a selective wipe makes more sense when a device is lost. There are also some new compliance settings specifically targeted at mobile devices.
Software Distribution and Application Management
There’s a new Deployment Type for web based applications. This is really just a way to manage links to web based applications but it does help to simplify and centralize all software deployments. There are also some new features that are intended to help manage scenarios that include Windows Store Apps and the company portal.
There are some enhancements to ADRs as well as a new type of maintenance window specifically for Software Updates. I can see this being very useful for organizations that need to manage software updates on a different schedule that normal application deployments.
Check out fellow MVP Kent Agerlund’s TechEd New Zealand’s presentation for some demos of some of the changes. For a full list of the changes and additions in Configuration Manager 2012 R2 check TechNet
I’m not a licensing expert and I don’t play one on TV but it occurs to me that many organizations are paying twice for their endpoint protection solutions. I have been involved in over two dozen System Center 2012 Configuration Manager deployments and only one of the organizations was even mildly interested in System Center Endpoint Protection. My understanding is that the System Center Endpoint Protection (SCEP) CAL is included in the System Center 2012 Configuration Manager CAL. So at least from a licensing perspective if you already have Configuration Manager, you have SCEP. So why are organizations paying Symantec, McAfee, Trend, or some other endpoint protection vendor in addition to Microsoft? I understand that SCEP may not fit the bill for some organizations and that they may have specific requirements that need to be addressed by their chosen solution but doesn’t it make sense to at least evaluate the SCEP option – especially if you have already paid for it? What are some of the possible reasons that SCEP is flying under the radar of most organizations?
- Microsoft isn’t in the Gartner Magic Quadrant, they are in the Challenger’s quadrant.
- There have been very few independent reviews of SCEP apart from one pseudo review since it really isn’t a stand-alone product but part of a suite.
- Microsoft isn’t really pushing the solution since there is no financial upside (the product is already sold, just not deployed).
- Organizations are complacent and don’t have the time or desire to make a change.
What are some of the reason’s that an organization might want to try out SCEP?
- Save money! The license is already owned as part of Configuration Manager. Why continue to pay another provider until you’ve at least evaluated it for your particular use cases?
- Minimize infrastructure and administrative overhead. Configuration Manager already has the infrastructure for managing client configurations and moving software and updates to them as part of software distribution and patch management solutions. This is essentially the same managing endpoint policies and distributing malware signature files. Why maintain a duplicate infrastructure for third party endpoint clients and signature files and train administrators on multiple products?
- Unified security posture visibility. When you need to understand your complete desktop security posture, do you want to get one report from your endpoint solution and another form your patch management solution to and try to correlate the data to understand your actual security posture? Wouldn’t you rather have a single repository for all of the relevant data and be able to create a unified report? What about integrating endpoint protection policies with compliance management built in to Configuration Manager?
What are you waiting for? Start being SCEPtical. Turn on System Center Endpoint Protection!
I often get asked why I like Hyper-V or why I don’t like VMware. The answer, strangely, isn’t about technology. Anybody that knows me well, knows that I’m not a technology bigot. Meaning I don’t get fanatical about particular companies or pieces of technology. In my house we have six tablets. A Surface RT, a Surface Pro (soon to be replaced by a Pro 2), 3 Android tablets, and an iPad. They all get used on a regular basis. There is no favourite. Just a preference for one device over the other based on the particular use case in question and the strengths of each device at addressing that use case. I’ve used VMware products for years and I like them. They have met many of the requirements I’ve had for a long time.
So how does this relate to Microsoft vs. VMware? Well, I see a lot of fanaticism over VMware. A large percentage IT Pros really love it and many are fanatical about it. They are quick to criticize alternatives (like Hyper-V) without having all of the facts. Another issue is that most people see the results of past consumption and mistake it for current market trends. Let me explain that with an example. Currently Android phones outsell iPhones however, most people see more iPhone sin use that Android phones because iPhones have been around longer have had past sales success. What is being seen is phones that were purchased over the last several years still in use.
Enough digressions. Back to Microsoft and VMware. Historically, VMware has had the edge over Microsoft in the hypervisor market. With Hyper-V 3, most experts would agree that the gap has narrowed enough that for most organizations, the differences are insignificant from a pure technical capabilities perspective. It’s like choosing between a Honda and a Toyota. Both vendors have offerings in every major segment. Most consumers would be equally well served by a Camry or an Accord but preferences still abound. In the virtualization world, there are many other factors to consider such as migration costs, retraining, new licensing, etc. VMware has had very strong technical offerings for a long time and the investments made by many organizations can’t easily be shifted. Of course, historically, there are many examples of a technically superior product being eclipsed (BetaMax vs. VHS, Amiga vs. PC, FLAC vs. MP3). It also isn’t about first or early movers in a market. Consider Blackberry losing 33% market share in 2012 while Android now has nearly 80% market share in the smartphone market. Of course, depending on when you read this the current market share may be very different.
So back to my previous statement “It isn’t about technology”. I’ve shown examples of a superior product losing out as well as examples of an early mover with a dominant market position being eclipsed by a relative newcomer. If not technology, what’s it about then?
Well, I’m an IT Pro. Any IT Pro worth his salt will tell you that the three key elements of a successful IT rollout of any system are People, Process, and Technology. Not necessarily in that order, but all three ingredients are required for success.
As I’ve mentioned previously, VMware has great technology and Microsoft is no slouch either. We can remove people from the equation since both Microsoft and VMware have access to the pretty much the same talent pool and really, the people that matter most aren’t the vendor’s staff but the enterprise customers’ datacenter staff. So a talented VMware administrator could easily be a talented Microsoft administrator. Using the same logic, you might conclude that the processes that are used in enterprise datacenters would also be a wash between VMware and Microsoft implementations and for the most part you’d be right. However I believe Microsoft has an edge. Here’s why:
Microsoft has a long history of supporting cloud/online services that process billions of transactions a year. Consider Hotmail/Outlook.com, XBOX Live, Office 365, Azure, as a few examples with revenue Microsoft has had to develop some fairly robust processes for managing their datacenters. This isn’t new for Microsoft. Consider the ITIL based Microsoft Operations Framework (MOF) currently at version 4.0 has been around since 2000. VMware doesn’t have an online services history to learn the hard lessons of datacenter management or the history of helping customers manage their datacenters from a process perspective. Microsoft has taken the battlefield tested processes they’ve used for over a decade and incorporated many of them into one of the newer and lesser known products in the System Center suite, Service Manager.
Service Manager helps organizations align business processes with technology delivery to create efficiencies in service delivery. The product is tightly integrated with the rest of the system Center suite (especially products like Operations Manager, and Configuration Manager) as well as Active Directory. The rich CMDB provided by Service Manager helps to manage the inevitable VM sprawl that accompanies virtualization. It is also a great platform to bolt on a SAM/ITAM solution like the one from Provance (Full disclosure: Provance is headquartered a few kilometres from my homeand I know many of their staff professionally – We’ve worked on joint projects and I’ve had more than a few drinks with them over the years.).
Until VMware has a similar offering, organizations that want to enable IT Service Management (ITSM) best practices, will find it much easier with a Microsoft private cloud solution than with a VMware solution.
BTW – Market share numbers for last year shows an interesting trend in the hypervisor adoption rates:
Source – Wall street Journal / IDC
Are we in the midst of a Blackberry like decline for VMware?
A few key quotes from the article:
“So while VMware’s initial acquisition cost is much higher than Hyper-V’s, VMware allows for much denser VM configurations and permits RAM overcommit for higher memory utilization rates”
“…users interested in Hyper-V today tend to be small and medium-sized businesses and remote offices that already use Windows Server; Hyper-V is built into that familiar system and allows them to run hundreds of VMs at a lower cost than VMware…”
“large data centers that are serious about VM availability and density continue to rely on VMware, not the first version of Hyper-V”