IT pros waited a long time for Citrix and other VDI companies to introduce offline support with client hypervisors, but were disappointed when Citrix delivered the product last year with serious limitations and only one chip family on its hardware compatibility list; Intel vPro.
IT pros complained that vPro costs more than other virtualization-enabled Intel chips. Also, some wonder whether vPro is worth the premium, particularly in virtual desktop installations that inherently provide the same management benefits that cost extra in vPro.
In fact, vPro is such a point of contention that VMware has said one reason it didn't put out a Type-1 client hypervisor is because bare-metal hypervisors require the expensive vPro chip.
But, as it turns out, Intel vPro isn't necessary to run a Type-1 client hypervisor at all.
Westford, Mass.-based Virtual Computer Inc.'s NxTop, for instance, is a Type-1 client hypervisor that runs on both Intel and AMD chips and does not require vPro to run on bare-metal. The company recently said it would support a number of Intel Core vPro chips, but the key requirement for running the client hypervisor is Intel Virtualization Technology (VT-x), which exists on both vPro and many non-vPro systems.
In fact, most of NxTop's management and security features also work with AMD-V chips, which is AMD's version of virtualization technology. Companies that do invest in Intel vPro-based systems gain incremental management and security capabilities above and beyond core NxTop capabilities, executives at Virtual Computer have said.
Citrix said in October that XenClient's Hardware Compatibility List (HCL) will include non-vPro chips in the future, but a service pack has been released since then and its HCL still includes only Intel vPro family processors today.
Using Intel vPro with client virtualization
Intel vPro is actually a bundle of technologies that includes Intel Trusted Execution Technology (TXT) and Intel Virtualization Technology (VT) from which any desktop virtualization platform can gain advantages. But the vPro Active Management Technology (AMT) capabilities are the same as the management features offered in some desktop virtualization offerings, said Simon Bramfitt, an analyst at The Virtualization Practice, based in San Francisco.
So, perhaps the management benefits in vPro make the most sense for companies that aren't doing a full VDI build-out.
Nathan McBride, an IT director for Lexington, Mass.-based AMAG Pharmaceuticals Inc., installed Virtual Computer's NxTop client hypervisor on Intel vPro-based laptops as part of a Windows 7 migration from Windows XP last year. He said vPro offers no performance benefit whatsoever, but the chip provides cost-worthy power management and security features.
McBride rejected a VDI suite with those built-in features from Citrix or VMware because he didn't want to have to invest in the company's back-end infrastructure, which those products would have required. When he evaluated View and XenDesktop, those products didn't provide offline support, either.
"With NxTop, we use an old HP box that we threw extra RAM into," McBride said. "It runs on our existing network and the WAN, and it's secure." He added that provisioning, patching and backup capabilities are all part of the software pack, and the cost of the entire NxTop environment is the same as two production servers, plus the cost of the new laptops they purchased.
Now, 125 AMAG employees use Lenovo T410 model laptops with Intel vPro and 125 more users will migrate next month. The NxTop software doesn't come pre-installed, and McBride said it takes about 90 minutes per machine to fully boot the NxTop software.
The downsides of client hypervisors
One disadvantage of running a bare-metal client hypervisor is that it shortens the battery life of laptops by about 40%. This is because there are essentially two OSes running and the entire session takes place in RAM, McBride said. That means employees in the field need an extra battery on hand, he said.
Another problem, he said, is the loss of single sign on, as there are two levels of password authentication: the log-in password following boot up and the Windows password authentication.
One of the biggest complaints about VDI has been its lack of offline support, which Citrix and VMware have rectified during the past year. But the Type-1 client hypervisor from Citrix has disadvantages and VMware's Type-2 version has not been a rousing success.
The major gripes about XenClient 1.0 are that its HCL is limited and it requires IT pros to install it manually into end-user devices. This can be a problem in companies with bring-your-own-PC policies.
"People aren't hot on the idea of IT installing something on their machine," said Chris Wolf, a Gartner Inc. analyst. "If client hypervisors came all set up from HP and Dell, fine, but users don't want company IT messing with their computers."
Client hypervisor options
Virtual Computer's Xen-based client hypervisor with a back-end management system runs on Windows Server and Hyper-V. It was one of the first companies to offer a bare metal client hypervisor, along with Neocleus, which Intel Corp. acquired late last year.
Intel would not provide specifics regarding whether the company would offer its own client hypervisor, but has said it is integrating Neocleus technologies into its roadmap and working on enabling plans for OEMs and ISVs.
In addition, Microsoft could be working on a Hyper-V client hypervisor as part of Windows 8. Microsoft France's technical and security director, Bernard Ourghanlian, mentioned in a French publication last year that Hyper-V 3.0 will run as a client hypervisor in Windows 8 along with the MinWin version of Windows, though Microsoft has not confirmed the report.
XenClient will become a more viable option as Citrix grows its HCL this year and improves the product, and it will be an important technology for companies that want to give remote workers offline access to their virtual desktops.
Dig Deeper on Virtual desktop infrastructure and architecture
Coronavirus: How PCs in quarantine and intensive care units can be managed remotely
Intel patches critical flaw in Active Management Technology
Client virtualization, part 1: Is it the past or the future? (With a retrospective on XenClient)
The debate isn't containers vs. VMs; it's how to best integrate them