TS1048 Horizon Suite Competitive Advantages Fred SchimscheimerEUC Competitive Marketing Jia Dai, August, 2013
Need Help? • Assets: Vault Competition Homepage • vmware.com/go/competition • Competition Questions?Socialcast Group: Competition QueriesEmail: email@example.com • Competitive Contacts • Brian Gammagebgammage@vmware.comCyndieZikmundczikmund@vmware.com • Jia Dai firstname.lastname@example.org • Fred Schimscheimerfschimscheimer@vmware.com
Agenda • Horizon Suite • Competitive Landscape • Horizon Suite Advantages • Horizon Mirage • Horizon View • Horizon Workspace Platform • Horizon Data • Horizon Mobile • Q&A
Horizon Suite The platform for Workforce Mobility VMware Horizon Suite Simplify, Secure, Empower • Horizon Mirage • Horizon View • Horizon Workspace • (Apps, Data, Mobile) Post-PC Era Journey Physical Desktops Virtual Desktops Multi-Device Workspace
Horizon Suite Advantages Over Point Tools • The power of ONE • Point tools only solve one problem a time • Horizon suite transforms entire end user computing • Single product to buy and support • Cost less than acquiring point tools individually • Better integration reduces complexity and risks. • The platform • Built from ground up for extensibility • Catalog abstracts all applications and services • Catalog provides life cycle management, publishing, monitoring, analytics • vApp • Easy to deploy, no need to install each VA separately • Configure all VAs from a single place • VAs communicate with each other • Leverage the power of vSphere (HA, DR, Network, Security, etc)
Mirage vs. Moka5 • Horizon Mirage Does More: • Centralized Image Management • Automated Win7 Migration • Endpoint Protection • Snapshots can be customized and include User Data • Desktops restored to point in time of snapshot • Hardware Refreshes • Moka5 – Enterprise AnyWare is based on 3 capabilities: • Client virtualization called LivePC runs on Mac, PC or bare metal • Both the virtual machine and a client hypervisor are part of a single solution • Central Management – All LivePCs are centrally controlled from the Management Server • Layering – 3: User Data & Settings, User Applications, Corporate OS/Apps(base layer)
Mirage vs. Citrix Personal vDisk • Horizon Mirage Does More: • Centralized Image Management • Automated Win7 Migration • Endpoint Protection • Snapshots can be customized and include User Data • Desktops restored to point in time of snapshot • Hardware Refreshes • Citrix Personal vDisk (PvD) • PvD is a feature only available in XenDesktop 5.6 and 7.0. • PvD is only available for XenDesktop. It is not compatible with XenApp. • http://support.citrix.com/article/CTX131553 FAQ
What is PCLM? • PC Lifecycle Management – TechRepublic • PCLM is the practice of managing end-user systems from purchase to retirement. • PCLM covers everything from initial deployment to upgrading, patching, and decommissioning the systems.
Lets talk PCLM – Mirage Complements these areas Procurement Mirage enables IT to deploy/manage layers of applications outside of the base layer on anyMirage managed device OS Deployment / Migration Application Delivery Mirage seamlessly backs up changes on endpoints which helps avoid data loss due todevice failure or theft. Patch Management Data Protection/System Backup Disk Encryption Mirage data backup honors device encryption Power Management Remote Control Helpdesk Mirage can restore a user to previous snapshotswithout overwriting user data. Asset Management Reporting
Mirage also extends PCLM These are differentiated capabilities Procurement OS Deployment / Migration Deploy a Windows 7 image to thousands of deviceswith a few clicks and perform in-place upgradeswithout moving user data or losing profiles. • Quickly migrate users to a replacement PC or even hardware from a different vendor, while retaining personalization Application Delivery Patch Management Data Protection/System Backup Disk Encryption • Deploy layers of preinstall applications outside of the base layer Power Management Remote Control Tasks that used to require diagnosis and escalationcan now be handled with a few clicks byTier 1 helpdesk staff. Helpdesk Asset Management Restore some or all of an end user’sPC over the LAN or WAN with zero-touch! Reporting Disaster Recovery
OS Deployment / Migration • Layered PC Image Management: • Manage PC image as a set of logical layers owned by either IT or the end-users. Update IT managed layers while maintaining end-user files and personalization. • Accelerate Windows 7 Migrations • Migration time cut in half to 2-3 hours per PC and allows for multiple machines to be migrated concurrently. • Migration can be done with just a few clicks over the WAN or LAN
Windows 7 Migrations Streamline Windows Migrations • In-place: overwrite the previous Windows XP base layer with a Windows 7 base layer • Hardware-refresh: migrate user profile and files from previous PC to new Windows 7 PC. • User profile and user file layers persist using both strategies* Benefits Overview • Reduce user downtime during Windows 7 Migrations • Easy rollback to previous Windows XP system if needed. • Save time and resources for migration *user-installed apps not maintained when upgrading from XP to 7.
Core Technology: Layers Mirage sees Windows as a stack of layers Layers 101 • Layers logically exist in the data center so we can manage centrally • Mirage can perform granular operations within layers • Orange layers are continuously backed up from endpoints • Green layers managed by ITOS, components, drivers User Personalization Layer(user data & profile, installed apps) MachineIdentityLayer(identity, customizations) Mirage Application layers(new in 4.0) Base Layer(OS, infra SW, core apps) Driver Library/OEM End User PC
Core Technology: Layers Mirage sees Windows as a stack of layers Mirage Servers & SIS NetworkOptimizedSynchronization&Streaming Base layer User profileUser data Application layer(s) Machine identity Drivers Apps installed outside of Mirage
Application Delivery and Patch Management • Application Layering: • Easily deploy applications or VMware ThinApp packages to any collection of end users by leveraging Horizon Mirage’s app layering technology. • Patch Management: • Mirage improves the delivery aspect of Patching by ensuring all base-layer updates (Patches) are synchronized.
Helpdesk and Reporting • Helpdesk – Layered PC Image Management: • IT can restore the system layers on an end point to fix an issue without overwriting user layers. • Reporting: • When a base layer update is enforced to a machine with the same OS, Mirage reporting details which applications will be upgraded, downgraded or added on each device.
Security Management and Power Management • Security Management: • If security posture settings are baked into a Reference machine, Mirage can be used to regularly enforce them. • Power Management: • If Power Management settings are built into a Reference machine, Mirage can be used to regularly enforce them.
Desktop Backup and Recovery • Simplified PC Backup and Desktop Recovery: • Horizon Mirage takes snapshots of an entire PC including OS, applications, files and personalization then regularly synchronizes any changes. Mirage restores an exact image of the user’s old PC to any replacement PC. • Self-Service File Access and Recovery • Mirage File Portal allows end users to access any file on their endpoint from any web browser. An end user can also restore any file or any directory on their own with just a few clicks on their PC.
View vs. XenDesktop: What is new in XenDesktop 7 • Mobile • HDX Mobile Technologies • More touch friendly for Windows • Native menus and controls • Windows App Mobilization SDK, optimization and mobilization • H.264 based server side deep compression • Windows Media Redirection • Unified App Store: Storefront 2.0 • HTML 5 Receiver • Simple • Single FMA architecture and MCS support for XenApp • Automated application publishing and migration, AppV integration • Better monitoring with EdgeSight integration and HDX Insight • Secure • HDX 3D pro: OpenGL support, H.264 Deep Compression • Shared GPU acceleration • HDX seamless local apps • Integrated remote PC access Unity Touch provides better mobile experience in a simpler way • No need to modify the Windows applications • Familiar native Windows interface • No learning curve to end users PCoIP server side rendering and compression • Intelligent compression algorithms • Consistent user experience on any end user devices • Adaptable to various network conditions Horizon Workspace provides similar aggregation function • More extensible platform • Support any SAML-based applications View HTML 5 Client • Better performance Citrix’s attempt to fix long time complexity issue • XenApp is now on FMA. Difficult to migrate from IMA • Simpler only if using MCS. Using PVS is still complex • Only support Windows 2008 R2 SP1 and later. Customers still have applications running on Windows 2003 • Publishing application in batch mode is incremental improvement • AppDNA is only available in Platinum edition • Application virtualization goes to AppV. Reduces XenApp value and increases complexity. vCOPS for View provides true end-to-end monitoring and analytics from datacenter to the end user View has provided access to physical PCs for a long time
3D Graphics Acceleration • Status • Reason XenServer leverages NVIDIA’s VGX software to support the latest DirecX and OpenGL. XenServer also supports GPU passthrough for years now. XenDesktop gets all vSphere capabilities too. • Strategy Support multiple GPU vendors (NVIDIA, AMD, and more) • Response XenServer has limited capabilities, supports NVIDIA only, delayed support for vSphere
XenDesktop 7 Limited Value The Bottom line • XenDesktop 7’s only major feature is integration with XenApp – HOWEVER it comes at a HIGH price: • Upgrading XenApp deployments to XD 7- App Edition requires database changes and in many cases breaks the environment • Upgrading XD environments is multi-hop depending on what version you are on • XD 7 requires NetScaler for secure remote access • Simplification is limited to using MCS. With PVS, it is still complex • XD 7 scalability is not proven in real large scale deployments • XD 7 reliability is questionable with over 150 documented known issues. • XD 7 requires Windows Server 2008 R2 SP1 but many customers still running XenApp on Windows Server 2003.
VMware View’s Advantages Over XenDesktop 7 Directly leverages the power of vSphere Integrated with Horizon Suite Ease of deployment and management Lower cost of deployment Validated Solutions Smooth upgrade
Horizon View: Directly Leverages the Power of vSphere • Full Virtualized 3D Graphics • Storage Accelerator • Composer Array Integration • vCloud Network & Security • SE Sparse Disk Utilization • vSphere Web Client Integration Unique Integration
Integration Storage Comparison Horizon View & vSphere Integration Citrix • Lacks storage and CAPEX savings integration with vSphere • Does not provide a generic solution for optimizing VDI storage like VCAI • Lacks storage efficiencies for persistent desktops like SE Disk Utilization • Does not have CBRC equivalent for enterprise deployments; XenServerIntellicache is limited: • Does not support Provisioning Services (only supports MCS) • Only supports NFS • Does not support persistent pools • View Composer Array Integration allows generic storage devices to leverage View's linked clone technology and save on CAPEX • View Storage Accelerator integrates with vSphere’s CBRC to reduce VDI boot times • View Space Efficient (SE) Sparse Disk Utilization reduces storage capacity requirements for persistent desktops
Integration: Security Comparison Citrix VMware vShield Endpoint • Third party validated solution required • Secure your VMs with offloaded anti-virus and anti-malware (AV) solutions without the need of agents • Protect sensitive data on VDI desktops • Higher consolidation ratios by preventing the possibility of AV storms • Improved performance • Included with vSphere
View Beats Citrix XenDesktop in Cost • Principled Technologies Report: VMware Horizon View 5.2 delivered comparable density at 41.1% lower cost per user • View supported 174 Windows 7 virtual desktop sessions: $483 per user • Citrix XenDesktopsupported 175 sessions: $820 per user
View Beats XenApp in Offering Greater Density • Principled Technologies: VMware View 5.2 delivered 19.2% greater density and a 49.2% lower cost per user • View supported 174 Windows 7 virtual desktop sessions: $483 per user. • Citrix XenApp 6.5 FP1, using the lossless settings supported 146 sessions: $950 per user
View vs. XenDesktop: Solutions High availability to critical applications and data Always On Desktop • Validated Desktop Solutions • Built around VMware View, by our partners • Meet the stringent requirements of the VMware Ready Desktop Solutions program. • Validated by VMware Desktop team for performance, functionality and scale for its intended use case. • Cater to a particular use model or ISV for any vertical. • Benefits • Accelerate time to deployment and overcome challenges • Highly secure, validated solutions that solves specific business challenges • Reduced risk and improved employee satisfaction Centralize IT management with limited or no local IT support. Drive higher SLAs at lower costs Enhance user access from any device, anywhere Business ProcessDesktop Branch OfficeDesktop Mobile-Secure Desktop
Workspace vs. XenMobile App • Horizon Workspace • A true extensible platform • Built-in data service • Integrates with View, ThinApp • Integrates with Horizon Mobile workspace • Leverage the power of vSphere, vCNS • XenMobile App • A product, not a platform • Loosely integrated with ShareFile • Not integrated with XenMobile MDM • Overlaps with XenMobile MDM in many areas
Horizon: Platform as a vApp Workspace vApp Management VA Data VA Configurator VA Connector VA Proxy VA API API App App Modules App App DB tcserver Jetty tcserver tcserver Nginx LDAP DB OS (SLES) OS (SLES) OS (SLES) OS (SLES) OS (SLES) • Central Wizard UI • Distributes settings across VAs • Network, Gateway, vCenter, SMTP attributes • Add / remove modules • Manage certs, security • Enables single user-facing domain • Routes requests to correct node • Reverse proxy insulates VAs • Stores files • Controls file sharing policy for internal and external users • Manage file preview server • Serves end user web UI • Workspace Admin UI • Application Catalog • Manage user entitlements • Workspace Groups • Reporting • User authentication • AD secure bind and synchronization • Set replication schedule • Sync View pools and ThinApp
Citrix Architecture XenMobile MDM Not a vApp, Server silos Multiple OSes Multiple products
Horizon Data vs. ShareFile • Horizon Data is fully integrated with Horizon Workspce • ShareFile is loosely integrated with XenMobile App • Implication: Deployment and management complexity • Horiozn Data is 100% on premise • ShareFile only support local storage with Storage Zones • Application still has to go through ShareFile website • Implication: Data Security, Auditing, Monitoring, Troubleshooting, Disk Quote
Android Landscape • Widely popular in developing countries • Lots of choice – screen size, price, capabilities, etc. • Not much traction in enterprise segment • Perception is that Android is not secure • Google Play is ‘wild wild west’ • Enterprise features (eg: MDM) weak • No two devices are the same in terms of capabilities or UI • Hard for IT to support diverse environment • OS upgrades are controlled by carrier/OEM • Security patches not pushed out in a timely manner Control Fragmentation Security
MDM and MAM for Android • Mobile Application Management (MAM) • Containerization of application and data • Polices are applied at application level • Looked as a better approach than MDM • Issues • Malware can compromise the whole device, keyboard logging • Applications must be modified and tested • Fragmentation issue still exists • Mixing personal and work spaces degrades user experience • IT has no control over the OS updates • Mobile Device Management (MDM) • Google Android offers a limited set of device & policy settings • Typically, device control is relinquished from user to the enterprise • Top Vendors: Mobile Iron, Airwatch, Citrix/Zenprise/Xenmobile • Long list of vendors including Blackberry, Microsoft, IBM and more • Issues • Not appropriate in the Bring Your Own Device world to lockdown the device • Does not prevent data leak • Intrusive user experience
VMware Strategy for Android Personal Space VMware Switch VMware Android OS Horizon Mobile Manager Corporate Workspace Native Android OS OEM Enabler Kit (OEK) Components of the workspace defined and managed by IT Components of VMware Switch, downloaded from Google Play Integrated to device firmware by phone OEM Unmodified Android System
Competitive Advantages of Horizon Mobile for Android • Better system integrity check with OEK • Workspace apps are sanctioned by IT, no Google Play • Entire Workspace is encrypted with AES 256 algorithms • Complete isolation of personal from corporate • Support a single Android OS from VMware • No need to test applications for all Android flavors • Single vendor to call for support • OS upgrades are controlled by IT • Enterprise app store for unmodified Android app • Integrated with Horizon Workspace • Total control of personal space • No intrusion to privacy • Native Android experience for work and personal • Dual-number / dual-billing Control User Experience Fragmentation Security
iOS: Apple Redefines The Game with iOS 7 • Announced at WWDC 2013 • Largest iOS release to date • Fundamental changes to UI • New Management API’s • Control of “Open In” – prevents data leakage • Per-App VPN • Single Sign-On (Kerberos) • Managed Apps • Volume Licensing improvements • App Settings & Feedback • Supervised Mode • MDM becomes mandatory for all use cases • Expected availability - Fall 2013
Change in Strategy due to iOS 7’s impending release • Strategy Validation • Enterprises definitely have unique needs for policy and data controls • Role of Application Wrapping • Obsoleted by policies built-in to operating system • Frowned upon by Apple • Our New Approach • Embrace Apple’s APIs; Don’t fight Apple on App Wrapping • Remove App Wrapping from Horizon Workspace • Re-implement the secure workspace using iOS7 in an upcoming release • Rely on Mail.App (Mail client) & Safari (Web Browser) • Manage apps but will leverage MDM APIs to implement
Impact on MAM Vendor’s Application Ecosystem • Citrix-Ready Worx Verified Program • 65 apps at launch • 500 ISV end 2013 • Symantec Sealed Program • 25+ apps today • MobileIron AppConnect Enabled • 15 apps today OBSOLETE WHEN iOS7 SHIPS • Good Dynamics Marketplace • 35 apps today
Thanks! Q & A