Problem solve Get help with specific problems with your technologies, process and projects.

Bare-metal hypervisors -- not just for servers anymore

VMware and Citrix Systems are talking about client hypervisors. They offer some benefit over VDI and may convince IT shops of the value of virtual desktops.

With the emergence of client-side bare-metal hypervisors -- where desktops are freed from running a local operating system (OS) -- IT shops could potentially revolutionize the way end users interact with their computers.

In recent months, companies such as VMware Inc. and Citrix Systems Inc. have touted the future releases of the client-side Type 1 hypervisor. With this technology, there is no standard OS installed on your laptop or desktop. Instead, there is a thin hypervisor that is installed either on the hard drive, a USB drive or on the computer's internal system board.

Virtualization can be broken into 3 levels:

Type 1 Bare-metal hypervisor The idea is that the virtualization operating system is a thin OS that handles resource scheduling, guest monitoring and hardware control. Most Efficient Examples: VMware ESX, Citrix XenServer and Microsoft Hyper-V
Type 2 OS-level hypervisor This version of the hypervisor runs on top of standard OS such as Microsoft Windows or Linux. The hypervisor controls resource sharing, but only based on resources that the OS presents. Works at the Consumer Level Examples: VMware Server, VMware Workstation, Microsoft Virtual Server and Parallels Workstation
Type 3 Application virtualization This is a new type of virtualization because it isn't based on virtualizing hardware such as Type 1 and Type 2. Application virtualization takes the virtualization concept to an actual installed application. The underlying principle is to separate the application from the OS so that the application doesn't depend on the OS. This is mainly for corporate application deployments Examples: Citrix XenApp, VMware ThinApp and Microsoft SoftGrid

Hypervisor security

The benefits of this client hypervisor are numerous, including security, OS portability and multiple OS's per device. The fact that a Type 1 hypervisor is more secure has been discussed many times, but the underlying concept is that it's a purpose-built layer of software without the security holes that are typically introduced when functionality is added. Therefore, the hypervisor does not suffer from the typical security concerns of Microsoft Windows.

With functionality of the hypervisor reduced, there are no network ports or extra applications to create OS security holes. When a desktop or laptop is in use, security is the number one issue of any administrator for various reasons. A laptop can be traveling from hotel to hotel -- connecting to unsecure networks. Or a home PC may connect to an office remotely, being subjected to existing spyware and viruses. The client-side hypervisor can minimize these scenarios.

OS portability

OS portability is another advance with client-side hypervisors. The idea of the Virtual Desktop Infrastructure (VDI) has been around for a few years and is starting to move into the mainstream. What has hampered this concept is the idea that the virtual desktop wasn't portable.

Recent advancements from companies such as VMware, with offline desktop functionality of VMware View 3, have made desktops more portable. The only issue is that the virtual desktop must run on top of the installed laptop OS. In this case, the two OS's share resources such as CPU and memory, which isn't advantageous to the virtual desktop. The client-side hypervisor lets the virtual desktop run without any limitation from the underlying OS.

Multiple virtual desktops

Another benefit to the client-side hypervisor is the ability to run multiple virtual desktops on the same client hardware. This is a great feature for people that might have a personal desktop and a secure work desktop on the same machine. Corporations don't need to secure a desktop from issues that typically arise when an end user's desktop has to use a VPN to access a secure network. The physical separation of these two operating systems occurs at the virtual hardware level. This is more beneficial than using a VPN at the application level.

Client-side hypervisors have the potential to change personal computing and introduce a whole new user experience. Imagine this scenario:

  1. A desktop is ordered from Dell or HP, but doesn't come with the option of Microsoft Windows or Red Hat Linux.
  2. The desktop comes preloaded with VMware client-side hypervisor or Citrix client-side hypervisor.
  3. The user at home plugs in the cables and boots up the system.
  4. Instead of starting the OS, the user inputs a web location or web address. This address is the location of their virtual desktop running on the Web at a solution provider.
  5. The user can download a copy of their virtual desktop locally or run it via the Web.
  6. When the user leaves the desktop, they can still log in from their office and work on the desktop as if they were physically using it.

You can expect plenty of hurdles and years for perfecting this technology, but the client-side hypervisor is the catalyst to many greater things to come.

Brad Maltz is CTO of International Computerware, a national consulting firm focused on virtualization and storage technologies. He holds certifications from VMware and EMC for many technologies. Brad can be reached at

Dig Deeper on Virtual desktop management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.