1 / 73

EMC Solution for VMware View™4 Virtual Desktop

EMC Solution for VMware View™4 Virtual Desktop. Planning The Perfect Virtual Desktop Deployment Jeff Thomas Sr. vSpecialist Western Region Manager EMC Corporation Thomas_Jeffrey@emc.com. Super Session Agenda. Technical overview of VMware View Solutions 1:00-1:45pm

xuan
Télécharger la présentation

EMC Solution for VMware View™4 Virtual Desktop

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. EMC Solution for VMware View™4 Virtual Desktop Planning The Perfect Virtual Desktop Deployment Jeff Thomas Sr. vSpecialist Western Region Manager EMC CorporationThomas_Jeffrey@emc.com

  2. Super Session Agenda • Technical overview of VMware View Solutions 1:00-1:45pm • Break 1:45-2:00pm • Security Solutions for Virtualization and VMware View 1:00-1:45pm • Break & Drawing for 1 yr Subscription to Netflix 2:45-3:00pm • White Board Session 3:00-3:45pm • Wifi Blue Ray Player Prize Drawing 3:45pm

  3. Typical Challenges to Contend With… • Distributed workforce • Mobile & remote workers • Outsourcing & off-shoring • Contract Workers • Limited control of PCs • Patch compliance • Security • Regulatory compliance • Focus on PC hardware • Many makes & models • Refresh cycles • Management complexity • Deployment • Support • Security

  4. VMware View - Addressing the Challenges… Centralize compute resource Improve standardization Simplify management Increase flexibility & agility

  5. New Challenges Arise • EMC Addressing the Challenges… • Store and Manage Efficiently • Protect the migrated user data • Secure user access • Scalable, Flexible Infrastructure • Current infrastructure designed for server workloads • Must reduce TCO per user • Large number of VMs to manage • Aggressive and somewhat unpredictable performance profiles • Availability and performance requirements increase • Small changes have a big impact (10 IOPS per desktop multiplies) 99% 99.999% ~600 IOPS 600 GB ~10 IOPS 10 GB

  6. Areas of Focus – Ensuring Success

  7. Management and Provisioning

  8. Virtual Desktops – Impact to Infrastructure Consolidated Environment Thin Clients access data and applications over the network Thin Clients LAN/WAN Desktop VMs ESX Servers Centralized boot disk and user data • Allows IT to enforce corporate policies for what is on desktop • Simplified software management and hardware independence Traditional Environment Thousands of desktop systems distributed through the enterprise Distributed data needs to be managed • Each user has there own C:\ drive with boot disk and user data IT supports/maintains remote systems • Includes hardware compatibility and software updates

  9. What is a Virtual Desktop made of? User Data Disk • Persistent disk to store user data and settings • Consistent user experience while maintain tight control and compliance Base Image • Highly managed OS disk • Reduce provisioning time • Simplified updates and patches Operating System User Data Application

  10. Minimize Boot Disk Capacity Requirements 1,000 users with a 10GB Boot Disk each • Standard Boot Disk for each client ~ 1,000 clients = 10TB of storage • Leveraging VMware’s View Composer or EMC Snapshots to create “Thin” Boot Disks provides 60-80% less drive consumption 60-80%Less Capacity Key Benefits: • Dramatically drives down storage costs • 5 9’s availability across all arrays • Reduces time deploy multiple images • Simplifies maintenance and updates Boot Drive: Techniques to Lower Cost and Maintain Availability VMware View Composer significantly reduce Virtual Desktop Boot Disk Consumption 10TB 2-4TB Full Boot Image/Client VMware Composer/ Array Snaps

  11. View Composer: Linked Clone Technology • A linked clone is a thin copy of the original virtual machine that shares the virtual disk with the base virtual machine in an ongoing manner • Base virtual disk is called replica • Linked clones are given separate identity created with QuickPrep • Clones can be powered on, suspended, snapshot, reconfigured independent of the parent • Optionally, clones can have additional private disks calleduser data disk

  12. N 2 1 System Disk Linked Clone N Data Disk System Disk Linked Clone 2 Data Disk Snap1 System Disk Linked Clone 1 Data Disk Desktop Deployment via VMware View Composer Use Cases Deploy Refresh Replica Base Master (Template) VM

  13. 1 2 N Linked Clone N Linked Clone 2 Snap1 Snap2 Linked Clone 1 Desktop Deployment via VMware View Composer Use Cases Deploy Refresh Re-Compose System Disk Data Disk System Disk Replica Base Data Disk Master (Template) VM System Disk Data Disk

  14. Snap2 Desktop Deployment via VMware View Composer Use Cases Deploy Refresh Re-Compose Re-Balance Replica Base Master (Template) VM Replica

  15. Data Protection

  16. Addressing Backup/Restore for VMware ViewAvamar • Unified backup approach for both physical and virtual environments • Universal support for file and image level backup • Transparent backups for end users • Move up to 99% less data • Self service end user restores* • Available in physical environments only* • Windows and MAC View Server Image level Physical File level Virtual Desktop File level Avamar delivers up to 90% faster VMware backups, resulting in 50% or greater server consolidation

  17. Leveraging Avamar with VMware View Application-consistent backups for: vCenter database Virtual Desktop Manager Active Directory User home directories Crash-consistent backups using the underlying storage and Replication Manager = Avamar Software Agent Approach 1 VMware vCenter VMware Virtual Desktop Manager Avamar Data Store Microsoft Active Directory Approach 2 Virtual Desktop Templates Avamar Accelerator Node Centralized Storage User Home Directories

  18. Security

  19. Complete Security Solution for VMware View RSA enVision for security monitoring and reporting RSA DLP for protection of data Ionix SCM for security config and patch management VMware Infrastructure RSA SecurID for remote authentication Active Directory RSA SecurID for ESX Service Console and vMA OfflineLaptop VMwarevCenter VMwareView Manager RSA enVision Log Collector For VMware vCenter Clients

  20. SecurBook – Best Practices for VMware View RSA Solutions • Multi-product, integrated solutions • Tested and validated in the RSA Solutions Center RSA SecurBooks • Solution guides enable administrators to better plan, deploy, and manage RSA solutions

  21. Deploying at Scale

  22. Scaling Storage for Virtual Desktops Flash -- Significantly More IO/s per Drive at Much Lower Response Time SATA drives (8 drives) 15K FC drives (8 drives) Enterprise Flash Drives (8 drives)

  23. The Challenge Architecting a View Environment to size for BOTH capacity and performance at scale when leveraging Linked Clone Technology The Analysis 4000 x 10GB boot images = 24TB (90-95% capacity savings) 5 iops per user = 20,000 iops The Result at scale, data reduction technologies + EFD saves you $$$ The Case for Enterprise Flash Drives

  24. Disk Response Times Steady State Boot

  25. Disk Response Times 60% lower average RT 90% lower peak RT 7x VMs per spindle

  26. User Data: EMC Tiered Storage Minimizes The Cost And Complexity Of Backup And Management Key Benefits: Reduce capacity ≈50% Reduce total Storage costs ≈ 80% Improve service levels 5 9’s availability Faster backups and restores Operational Efficiency Centralized anti-virus Quota management Backup/Recovery DR Automated Tiering and Archival Thin Clients LAN/WAN Desktop VMs Policy-based Management to Automate Deduplication, Tiering, Mobility, Replication and Archiving VDI User Data Tier 1 – $$$$ Tier 2 – $$ Tier 3 – $

  27. Storage Infrastructure Deployment OptionsEnterprise virtual desktop infrastructure: design for performance and reliability ALL EMC PLATFORMS = vStorage Ready! EMC Symmetrix V-Maxis a new enterprise-class storage array that incorporates a new high-performance fabric interconnect designed to meet the performance and scalability demands for enterprise storage within the most demanding virtual data center installations. EMC Symmetrix is the industry standard for high-end information storage systems—the unsurpassed market leader for availability, consolidation, performance, application integration, power efficiency, and information-centric security. EMC Unified Storage (CLARiiON CX4/Celerra)delivers industry-leading innovation in midrange storage with a unique combination of flexible, scalable hardware design and advanced software capabilities – it is optimized for file and block access, delivering high-end features in a scalable, easy-to-use package.

  28. EMC Proven Solutions Reduce risk and deliver faster implementations Help you identify and overcome business challenges Simplify the management of complex application environments Address unique industry challenges

  29. VMware View Cisco UCS Highly Scalable Infrastructure for Virtual DesktopsScalability study for deploying VMware View on Cisco UCS and EMC V-Max EMC Symmetrix V-Max • Symmetrix Virtual Provisioning allows on-demand storage allocation which provides significant savings in physical storage required for virtual desktops • Auto-provisioning Groups greatly reduces the time it takes to map and mask Symmetrix devices and present them to a VMware virtual infrastructure • Symmetrix Remote Data Facility (SRDF) with VMware’s Site Recovery Manager (SRM) provides protection from any disaster that might disable a primary production site VMware View Use Case Scale to thousands of desktops, reduce cost of desktop management, and secure/protect corporate data

  30. EMC Global Services - VMware Catalog Adopt VMware with EMC’s Core Competencies… Infrastructure Business Continuity Management Client and Cloud EMC Consulting • Strategy • Business Case Development • Application Transformation • Business Risk Alignment • Recovery Planning • Desktop Strategy • Secure Access • Cloud Integration • Reporting and Dashboard Automation • Operational Excellence Technology Solutions and Services • Resource Management Software and Tools • Discovery, maintenance, and updates • VMware Design and Implementation • Physical to Virtual Migration • Replication and Recovery Site Deployment • Backup, Recovery, and Archive • Virtual Desktop Design and Implementation Education Services • VMware Lifecycle Manager Training • Ionix Training Portfolio • Training for Storage Replication and VMware Site Recovery Manager • VMware View Training • Certification Training • Full VMware Training Portfolio Residency Services

  31. RSA Security Solutions for Virtualization Luiza Aguiar, Solutions Marketing Manager Luiza.Aguiar@rsa.com February 2010

  32. Question Does your IT security address the risks associated with virtualization and private cloud before they are implemented? Question Does your IT security address the risks associated with virtualization and private cloud before they are implemented? Why is this bad? Restricted potential value Increased potential for data breaches 24% 43% 22% 11% “Yes, in all cases” “In some cases, but there are gaps” “No, security is brought in after the fact” “The business moves ahead without security” Source: Live EMC Forum pole conducted in 5 cities across N. America, 10/09

  33. Security Challenges with Virtualization • Trouble finding and tracking sensitive data and files in a dynamic virtual environment • Difficulty ensuring appropriate access to virtual sessions and sensitive information based on end-user identity • Poor visibility into end user and IT admin activity occurring across the virtual network environment that may compromise security and compliance • Ensuring users handle sensitive information appropriately during a virtual desktop session • Need for centralized security policy and management across both the physical and virtual infrastructure • Configuration and patch management to and detect/remediate vulnerabilities across rapidly scaling and growing VMs • New compliance requirements; creating/cloning/moving of virtual machines, data access, and privileged user activities

  34. Leading the Way Toward 100% VirtualizationRSA: Security and Compliance for Virtual Environments ACCELERATE Integrate security controls today that can accelerate the adoption of virtualization for mission critical applications ADVANCE Look to virtualization for a more advanced solution for endpoint security ADAPT Develop one security policy for both physical and virtual environments

  35. RSA Capabilities for Virtualization Security RSA Solution for VMware View RSA Solutions for Virtual Data Center Use Case Scenarios 44

  36. Accelerate Mission Critical VirtualizationWhat if you could… …be 100% confident of user and administrator identities before allowing access to virtual desktops and servers. ProtectIdentities …monitor and report on all activities across the IT stack – both physical and virtual. MonitorInfrastructure …know what is happening with sensitive information in a virtualized environment? SecureInformation

  37. Accelerate Mission Critical VirtualizationWhat if you could… …be 100% confident of user and administrator identities before allowing access to virtual desktops and servers. ProtectIdentities …monitor and report on all activities across the IT stack – both physical and virtual. MonitorInfrastructure …know what is happening with sensitive information in a virtualized environment? SecureInformation

  38. Securing the Virtual Information Infrastructure ConsultingEMC Security Assessment for Virtualized Environments RSA SecurID EMC IonixServer ConfigurationManager RSA DLP Endpoint enVision Policy Monitor | Audit | Report Identities Infrastructure Information 2-factor authentication to VMware ESX Service Console and VMware View Manager Discover and protect sensitive information within VMware Centralized Virtual Desktops Central configuration and patch management for virtual desktops

  39. Security Assessment for Virtual Environments Review current enterprise virtualization practices and controls via interviews with IT team members and process owners Report on gaps between current practices and controls and best practices Make recommendations for achieving a desired state Develop a roadmap for implementation of recommendations EMC Consulting: Security Policy Development VM Lifecycle Management Assessment VM Operational Processes Assessment VM Infrastructure Hardening Assessment Security Policies and Controls Assessment Analysis Reporting Recommendations

  40. Establishing user identities for virtual desktop access • Authenticating administrator access • to ESX Service Console • vSphere Management Assistant • Multiple form factors of tokens RSA SecurID and Authentication Manager

  41. DLP Enterprise Manager Unified Policy Mgmt & Enforcement Incident Workflow User & System Administration Dashboard & Reporting RSA DLP Endpoint – protecting data at the endpoint DLP Endpoint Discover Local drives, PST files, Office files, 300+ file types Enforce Allow, Justify, Block on Copy, Save As, Print, USB, Burn, etc. 50

  42. SimplifyingCompliance EnhancingSecurity Optimizing IT & Network Operations Compliance reports for regulations and internal policy Real-time security alerting and analysis IT monitoring across the infrastructure Alert / correlation Network baseline Forensics Auditing Reporting Visibility Purpose-built database(IPDB) RSA enVision Log Management platform RSA enVision storage security devices network devices applications / databases servers

  43. enVision Dashboard – VMware Events and Activity

  44. Managing Changes and Configurations – Ionix Server Configuration Manager Pre-built compliance toolkits Multi-platform server and desktop compliance Virtualization support Managing guest-to-host relationships Benchmark for compliance VMware VirtualCenter plug-in Change and configuration management Remediation Patch and vulnerability management

  45. Managing Changes and Configurations – Ionix Server Configuration Manager • Discover Configuration of Virtual Desktops • Establish a standard virtual desktop configuration and centrally enforce compliance to this standard • Ensure that latest security updates and patches are applied • Verify that required software agents are installed, properly configured, and are running on the endpoint • Verify that the proper software services are installed, appropriately configured, and running on the endpoint • All virtual desktops must be provisioned such that they belong to the organization’s Windows domain

  46. RSA Capabilities for Virtualization Security RSA Solution for VMware View RSA Solutions for Virtual Data Center Use Case Scenarios 55

  47. Today’s Endpoint Security Challenges • Gateway to infection and theft • 35% of infected PCs had up-to-date antivirus software installed. (3) • Malware, typically contracted through web browsing, contributed to 82% of records compromised in 2009 (4) • Expensive but still vulnerable • 60% of the security budget is consumed by endpoint security software (1) • Lost or stolen laptops is the largest single source of breaches (2) Fraudsters Physical endpoint Virtual Data Center Online Banking,Social Networkinge-Commerce, etc. Source: (1) Gartner, Inc. (2) OSF Data loss DB (3) Panda Labs (4) Verizon Business

  48. Security Considerations for VMware View • Extend security controls to third party desktops • Temporary, outsourced or contractor personnel • Mobile worker laptops • Quickly provision and secure new internal desktops • Mergers & acquisitions • Capture event data and audit logs to ensure compliance across the virtual stack • Centralized firewall controls across all desktops (vShield zones) • Granular control of removable NAS devices

  49. RSA Solution for VMware View RSA enVision for security monitoring and reporting RSA DLP for protection of data in use Ionix SCM for security config and patch management VMware Infrastructure RSA SecurID for remote authentication Active Directory VMwarevCenter VMwareView Manager RSA SecurID for ESX Service Console and vMA RSA enVision Log Collector For VMware vCenter Clients

More Related