ra2 studio - Fotolia


Right and wrong ways to implement cloud-based desktops

If your DaaS deployment has a direct connection with the provider, you could have some of the same issues a branch would. But if you need to scale or breakdown siloes quickly, cloud-based desktops could be right for you.

It was the spring of 2000 when I first looked at virtual desktops. In the new millennium, a new server paradigm had arrived with the release of Active Directory. A Citrix rep told me that in five years, it would be hard to find a physical desktop in the corporate world.

Nine years later, physical desktops were still everywhere, and Virtual Desktop Infrastructure 3.0 was renamed VMware View. At VMworld, I again heard that the coming year would be "the year of the virtual desktop."

Another half-decade later, and I drafted this article on my virtual desktop. Of course, I'm still surrounded by physical PCs, but at least I've made the transition myself. The past five years have been busy, with Microsoft, Citrix and VMware all fighting for dominance at the endpoint. But the waters have been muddied with the addition of zero clients, mobile devices including tablets, and hybrid cloud-federated operating systems, as well as desktop as a service (DaaS).

DaaS is just getting a foothold in the marketplace. VMware's Horizon Air, Amazon Workspaces, Microsoft Azure and a host of smaller providers are attempting to deliver the security, portability and centralized management of VDI without the overhead and specialized skill sets required to own your own deployment.

Some industry observers even believe that cloud-based desktops will be enough to tip the scales away from physical computing at the endpoint and that it could even "kill" on-premises VDI.

Choose the right tool for the job

The debate over which one is better can be misleading; VDI and DaaS are both tools that provide the most value when they are in skilled hands and being applied to the right problem. So where does DaaS fit in the toolkit when compared with own-your-own VDI, or even physical desktops?

Cloud-based desktop offers organizations the ability to have rapidly scalable virtual desktops while avoiding the costs of local infrastructure and a product-specific VDI skill set. It's not enough to simply spin up a desktop in the cloud, however. A company must be able to access resources that are meaningful to the user. In other words, if my servers are here and my desktops are in the cloud, how do I get access to my applications and data?

Some providers address this issue by offering virtual private network (VPN) connectivity, or even direct point-to-point circuits between your core infrastructure and their cloud platform. In most cases, these services are offered by peripheral, or niche, providers in the cloud-based desktop market.

Direct connections can absolutely work, but operationally, this is exactly the same as having a branch office full of PCs that connect back to your servers to access applications. All the problems that could occur in that scenario -- such as performance lag for bandwidth-intensive applications -- will follow you in this architecture.

It should also be noted that the architecture described above is best fit to remote or mobile users as opposed to pools of users sitting locally to the servers. This is because remote users will access cloud-based desktops via the Internet and then open applications via the direct connection from the cloud to your network.

Local users would likely need to transit the same connection to DaaS that cloud uses to access the applications. This effectively adds load to that connection, potentially affecting performance. Thus, you need a larger circuit or additional connections, either of which costs more money.

Clearly, the ideal use for DaaS will be one where the servers and applications that a large population uses can be located in the cloud. This is where bigger providers such as VMware and Amazon have a strong play.

Imagine a company that needs to rapidly establish a support center for a new product that's ramping up adoption. Typically, it might race to buy real estate, renovate, buy support center software, build servers, set up a resource domain and buy PCs (or roll local VDI).

With DaaS, the company has a new option. It can subscribe to a cloud provider, federate its AD environment to that cloud, stand up some cloud VMs for the call-center application and then spin up virtual desktops for the user population that will work from home. No office full of desks, no insurance needed and no new infrastructure to manage.

Of course, lots of companies will still choose to seat their employees on- premises, but that doesn't diminish the value of being able to rapidly scale or deploy siloed user groups and workloads.

DaaS and developers

As with many cloud technologies, DaaS also has utility for development teams. Standalone pools of desktops can provide rapidly deployable, unpolluted OSes for test processes and an off-network assessment of Web-delivered company assets. Be careful to consider the implications of DaaS for testing and development, however. Do data security policies cover such systems? What about regulatory compliance? Data leakage prevention policies need to evolve to support the DaaS paradigm.

One unconventional application of DaaS technology is increasingly taking hold. That's DaaS as a disaster recovery tool. If you're replicating your servers to a cloud provider, why not consider subscribing to DaaS and maintaining an updated master image in the cloud?

In the event of a disaster, you can spin up your virtual machines and then use the master to provision a volume of desktops that can be delivered to users either at home or at a temporary operating location.

This is not the end

DaaS clearly has a lot of great uses. So why won't this be the end of on-premises virtual desktops? The answer is that there are plenty of cases where local VDI makes more sense. Highly customized environments and performance-sensitive desktops may require GPU offload, protocol offload or advanced hardware performance characteristics that aren't available in DaaS contracts.

Compliance-sensitive organizations may want the flexibility and centralized management of VDI, but they aren't yet comfortable letting the data leave their direct control.

In addition, large environments where workloads are varied and users aren't as siloed, as in the support center case, may find that it's not feasible to span local resources to desktops that are delivered remotely.

The bottom line is that DaaS is one more step in the evolution of endpoint computing. It's not going to replace physical desktops or even on-premises VDI. While desktop in the cloud is a powerful proposition, it does require planning if you want it to be effective.

VDI and DaaS are still evolving. There's a lot of discussion now about abstracted applications being delivered to mobile devices without the overhead of the surrounding OS. The desktop-delivery toolkit will get ever bigger as the focus shifts from the delivery methodology and the compute paradigm to empowering the user.

Next Steps

Cloud-hosted desktops could be a better alternative to VDI

Cut costs and complexity with cloud-based virtual desktops

What are the downsides of cloud desktops?

Dig Deeper on Cloud-hosted virtual desktop and application strategy