Commercial uses show technology is mature enough to cut costs and improve networks.
Desktop virtualization offers extraordinary payoffs that could cut total U.S. Defense Department information technology spending by up to 12 percent. Depending on legacy configurations, numerous approaches are available to achieve that rapidly—it is not a “bridge too far.” The technology is mature; it is a path that already has been paved by thousands of commercial firms.
Proceeding with desktop virtualization calls for altering the information technology infrastructure, which establishes how data centers connect via communication networks to millions of user devices. It calls for an architecture that is extensible to meet the diverse needs of the U.S. Army, Navy, Marine Corps and Air Force. Projects to install desktop virtualization must enable a migration path that goes from the costly “as is” configurations to what will evolve into a low-budget “to be” environment.
Desktop virtualization potentially can reduce the Defense Department’s information technology spending by huge amounts. The total population of Department of Defense client computers comprises more than three million computers. Applying desktop virtualization to this population delivers operating savings as well as capital cost reductions.
To illustrate that scenario, one million virtualized desktops can deliver five-year cost reductions of $5.2 billion with a payback in 1.2 years. With the department’s fiscal year 2010 operations and maintenance costs of $25 billion, that could produce savings of up to 12 percent. However, such cuts can take place only while also reaping additional savings from the virtualization of servers at data centers where the virtual clients are hosted.
The effort that goes into choosing the right combination of hardware and software for desktop virtualization should be funded as a major project, coordinated under the direction of a network and information integration executive now in the Defense Information Systems Agency. It will require oversight from Cyber Command because desktop security is a critical component of Defense Department security.
The primary objective for such projects should be to aim for immediate improvements in security as well as for producing major cost reductions in fiscal years 2012 through 2014. A mature and readily available technology makes that possible.
The goal of desktop virtualization is to create an environment that is far less complex than the current one. The Defense Department can meet the threats of cyberwarfare only through a far greater simplification of its fractured networks—desktop virtualization will make that possible. In this regard, the department’s chief information officers would be well-advised to adopt the motto from a recent letter by Ray Ozzie, Microsoft’s chief software architect, that “complexity kills.”
The existing 193 Defense Department security directives and policy memoranda are not executable. The prevailing proliferations of data centers (there are 772 large data centers in the department), 15,000 networks, multiple operating systems as well as the diversity of desktops, laptops, cell phones and other devices have resulted in a level of complexity that makes Defense Department systems unaffordable and dysfunctional.
Defense Department desktop virtualization must be based on a standardization of technologies that manage user clients. Program executive officers (PEOs) cannot continue to examine which one of the five hypervisors, 2,814 servers, 1,811 desktop client device versions and 1,210 implementations of operating systems can fit their needs. Only a limited set of technology options can be chosen to accomplish the desired objective of simplicity.
The department cannot afford to debug and maintain Microsoft’s 280 known operating system versions. Network operations centers never will have sufficient staffs to cope adequately with Hewlett-Packard’s 144 server options. Choices about hypervisors, data center servers, client devices and operating systems therefore must be planned as a fully compatible set that can be controlled easily and inexpensively.
The implementations of desktop virtualization from leading firms such as Citrix, Microsoft and VMware plus hardware vendors such as IBM, Dell, Hewlett-Packard and Oracle will reflect a wide variety of features and capabilities. Hardware will differ with regard to storage requirement, peripherals and the number of servers needed to support virtual desktops. It may take 50 to 250 virtual clients to obtain support from a single server at the data center.
The choice of hypervisor software is the single most important decision before the department can proceed with desktop virtualization. Microsoft Hyper V, Intel VT-x, AMD V, Citrix XenServer and VMware ESX are the leading software firms that produce hypervisors. There should be a preferred choice for which hypervisor will offer the least operating cost for the Defense Department in the long run.
Major differences exist in how vendors insert hypervisor software between a microprocessor and an operating system. There are Type 1 hypervisors—also called native or bare metal—that run directly on the host’s hardware. In this way, the hypervisor controls the hardware separately from the guest operating systems. There are Type 2 or hosted hypervisors that run inside the operating system. How security software interacts with Type 1 or Type 2 hypervisors should be one of the major concerns that must be evaluated and benchmarked before deciding which hypervisor type to adopt. From an engineering standpoint, the bare metal solution will be always more reliable.
Hypervisors have numerous resellers. Each includes customization of interfaces and defines the ways a hypervisor will be deployed. PEOs will have to evaluate how to pick from the numerous competing features. This will require benchmarking how a hypervisor will function in a specific Defense Department environment. Unverified vendor claims cannot be trusted when choosing software that is as pervasive as a hypervisor.
Fat or thick clients are computers providing stand-alone functionality that is independent of a central server except for access to the Internet by means of a browser. However, there are fat clients that can be scaled down so that they depend entirely on a central server. The number of configurations that can be managed from a data center can be large. Using de-featured fat clients makes sense when migrating legacy applications from fat clients to centrally managed virtual computers. Some fat computers can be made to act as virtualized desktops starting at $400.
A thin client does as little processing as possible, if any at all. It relies on accessing a data center server each time input data needs to be processed. Thin clients are available from firms such as Wyse,
From a business standpoint, the Defense Department should not seek short-term savings from a major reduction in capital costs when making a switch from fat to thin virtual desktops. The primary reason for swapping hardware should be in the material improvement of systems security. The long-term payoffs from desktop virtualization accrue when capital cost savings continue beyond the three- to four-year fat client replacement cycle. The depreciation of properly configured thin virtual clients can extend to more than seven years. In addition, there are immediate major savings from cutting rapidly rising costs for electricity. If existing legacy computers can be virtualized and then reused, the savings can be even larger.
The overwhelming cost advantage from any conversion will be in the reduction in ongoing operating costs. Operating savings come from a rapid decline in support personnel. In the case of the Defense Department, that comes from contractor labor.
The purpose of desktop virtualization is to increase the availability, reliability and scalability of computing, including the support of portable devices, especially under combat conditions. Shirt-pocket communicating devices now cost less than a round of artillery ammunition. Therefore, portable devices should be viewed as disposable items whenever they fail and are difficult to fix.
Virtualization of clients increases uptime by offering instant fail-over to other devices without requiring reconfiguration. All it takes is re-booting of a device, which can be performed for multiple sites simultaneously. Multicomputer rebooting at different geographical locations is useful whenever a military unit redeploys. That ensures practically no downtime as well as zero data loss while keeping military personnel connected.
Client virtualization also increases the reliability of communications by making it possible to switch from handheld communicators to laptops and vice versa. Such interchangeability can be controlled from network control centers and not from local sites that could be at risk. It is plausible that control of onshore networks could be managed far more effectively from offshore Navy platforms.
Virtualization increases scalability for rapid access to computing services. A Marine Corps expeditionary force can re-deploy from shipboard without delays. Applications and devices could be reassigned using only a minimal staff that would depend on fully automated diagnostic software.
Vendors can stream applications from data center servers to desktops while simultaneously enforcing consistent security. Virtual data center computers allow the deployment of patches and image updates while retaining each user’s settings. Virtualization guarantees that all updates are applied uniformly while also synchronizing the image on each client with a master copy. Desktops can be restored to their latest state whenever that becomes necessary, such as in cases of a local failure or when a user is disconnected while moving around.
Virtualization software has the capacity to deliver multiple types of desktops. These either can be persistent, where everyone receives the identical desktop automatically, or nonpersistent, where the users each have the option to set up their own formats.
To standardize the training of military personnel, most virtual desktops will have to remain persistent. Access to applications then becomes a routine procedure that never changes regardless of whether the user is using a smart phone or a laptop.
The Defense Department training commands—not the information technology staffs—will have to devote much attention to the design, layout, symbols, icons and colors of visual images that are placed on every screen. The designs and particularly the graphic buttons and application icons need to be consistent whether they appear on desktops, laptops or smart phones. The Army Corps of Engineers will see different screen templates than members of the Special Forces, although each of their screens will be assembled from a library of Defense Department-standard applications. When desktop technologies and displays are acquired, the PEOs must recognize that the worth of a display to a user always exceeds the costs of delivering the information technologies.
Thousands of virtual desktop applications can be managed and audited from consoles at the network control centers. Operators will have a comprehensive view of the entire desktop infrastructure and applications—including separate personal desktop apps for social computing or for the nonsecure Internet protocol router network (NIPRNET) or for the secret Internet protocol router network (SIPRNET). In all cases, it will be necessary to place partitions between Defense Department communications and messages to and from private desktops. Desktop virtualization will always have to securely isolate all military communications from social communications and vice versa.
Desktop virtualization enables social communications to connect only to their respective designated servers. This makes it possible to switch a user instantly from a private social desktop to the NIPRNET desktop without ever compromising military communications.
Instant deactivation of a desktop for security reasons must be executed without delay whenever a person’s security status changes. Currently, too much time elapses between the time an employee is dismissed, when termination is recorded in one of the many personnel files and when the Common Access Card (CAC) is deactivated. For security reasons, CAC deactivation should take not longer than one second.
The software vendor supplying desktop virtualization must be able to deliver identical experiences across diverse end-user devices, including Microsoft Windows, Apple Mac OS, zero clients, thin clients, data kiosks or any newly announced computing platforms such as the iPhones, iPads or Android devices. Anti-virus and malware scanning should be installed as a centrally administered security protection measure. Firewall appliances should be managed centrally for sharing the costs of security safeguards.
Centralized security measures ensure that when a person uses multiple computing devices—which in the future increasingly will be the case—each client will operate under identical levels of security protection as well as comply with information technology policies. Central control also may assign different levels of security protection depending on a person’s temporary exposure to risks.
Some desktop virtualization software allows network administrators to control clone computers to enable the migration of operating systems. This is important for dealing with legacy application during the transition to a thin client environment. Such adaptations are necessary because the migration to a fully virtualized desktop environment will take at least seven years.
Virtualization allows users to check out their virtual desktop from the data center and take it on the road. Upon return, they can re-synchronize their virtual desktop with their virtual computer. This is useful if communication links are intermittent, such as in the case of computers on ships or on submarines.
Desktop virtualization devices can be refreshed every time a device is restarted. In this way the staff at a network control center can redirect a desktop to a different location or to any alternate device in the world. This feature is needed in the Defense Department, where personnel continually move around and must maintain connectivity without impairing mobility.
The desktops hosted in the data center must connect with a remote screen, a keyboard and a mouse. The connecting display protocol between the desktop and the data center server then defines the quality of the end-user experience such as the resolution of windows, how fast the scrolling takes place or whether access to high-resolution video is possible. Such protocol must be able to deliver simple displays to task workers as well as provide complex multimedia images to power users.
Information technology organizations always have had a problem with what display protocol to use when communicating with a variety of endpoint devices. In most cases such protocols were proprietary, which required additional contractor efforts to achieve the compatibility with installed hardware. There are more than 60 software protocols for handling the connections between the desktop platforms and their corresponding servers. They differ in license fees, encryption options and their audio and video quality. They differ whether they support secure connectivity to Linux, Mac OS, Microsoft Windows, BlackBerrys, Apple iOS or Android. In addition, more than 1,200 versions of almost entirely proprietary host operating systems connect servers to a desktop platform. Each data center may operate its unique versions of connection protocols. In an October 1, 2010, memorandum Vivek Kundra, the federal chief information officer, noted that the Defense Department operated 772 large data centers.
The large combination of desktop connectivity protocols inhibits the enterprise-wide adoption of desktop virtualization. To accommodate the prevailing diversity, the Defense Department has broken up its WANs and LANs into hundreds of contractor-administered enclaves. Diverse local implementations promote the acquisition of additional hardware and software because desktop connectivity will work only by spending more money on software links.
Acceptance of virtualization requires connectivity that is independent of proprietary desktops or of server software. Network clients must be able to hook up to a shared Defense Department network anywhere without requiring software fixes. End users also must be able to see their persistent displays anywhere in the world.
A new standard now offers connectivity based on the Internet protocol (IP), which is independent of either sender or receiver. The PC-over-IP (PCoIP) procedure has been accepted by Dell, Hewlett-Packard, IBM,
The purpose of desktop virtualization is to free information technology management from more than three decades of labor-intensive client computing that was device-centered and not network-centered. The Defense Department now should embark in a direction that will shift the support of user computing to enterprise clouds, which can support client computing from a much smaller number of data centers over the network to a much larger number of thin- and zero-client end-user devices.
The savings from desktop virtualization are attractive. The technology for installing it is mature. Thousands of commercial firms have demonstrated how to do that successfully. There is no reason why the Defense Department should not proceed with desktop virtualization without further delay.
The next installment in Paul A. Strassmann’s series on defense information technology will address the virtualization of servers in the March issue of SIGNAL Magazine.