Upload
doliem
View
215
Download
0
Embed Size (px)
Citation preview
Enhancing mobile working with virtualisation
WEDNESDAY 23RD NOVEMBER 2016
Robin Semple – [email protected]
The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.
The Forrester Wave™: Server-Hosted Virtual Desktops (VDI), Q3 2015
App and Desktop VirtualisationMarket 2015
Mobile WorkingSecurely unite apps,
data and services on any device over any network or cloud using
virtualisation
Mobile working is about people, not devices
Mobile working is about how people work better
With mobile working, people are more productive,
collaborative and creative
Work Better
Mobility challenges for business
Rewriting apps to support a mobile OS which is costly
and time consuming.
No mobile apps.
Designers & Engineers stuck to workstations.
Can’t access/share designs remotely in real time.
Employees/Contractors bringing own devices
regardless of BYOD policy.
Organization exposed to risks from security,
compliance gaps and IT complexity.
Mobile Apps
Designers & Engineers
BYOD
Critical data replicated between headquarters and
branch office.Congested network connection between
headquarters and branch office.
Remote & Branch Workers
Mobility challenges for ITOperating system upgrades,
updates & patches on individual distributed PCs.
Can’t redirect funds towards more innovative IT
initiatives.
Maintain large set of desktop images to deal with complex
mix of laptop hardware.Problems supporting users
offline or on intermittent connections.
Maintain expensive office space.
No flexibility to keep up with increasing business needs.
PC Refresh Corporate Laptops
Call Centers
Access and modify files locally on external devices
that don’t adhere to corporate standards.
No data security.Contractor & Partner
Access
Providing end user mobility is increasingly complex
Telecommuting Device Innovation
ConsumerisationSecurity Risks
The percent of employees purchasing devices for work:
SMARTPHONES TABLETS PCs
1 IN 10Laptops is lost or stolen
From 2005 to 2014, telecommuting increased by nearly 85%.
2005 2014
Tablet sales have consistently exceeded notebook PC sales since 2013.
Apps
Traditional app and desktop management
DataDevices
Tightly coupled apps and data managed on
device
IT forced to manage and secure devices
Apps
Virtualisation delivers workforce mobility
Deliver apps and desktops as an on-demand service
Secures data for anywhere access
Reduce device support Support BYOD
DataDevices
Apps
What is driving IT demand for app and desktop virtualisation?
Percent of respondents, N=136, multiple responses accepted) Source: Enterprise Strategy Group, 2014.
33%
35%
35%
37%
38%
42%
0% 10% 20% 30% 40% 50%
Simplified OS deployments/upgrades
Improved support for remote/mobile users
Reduced IT operational expenses associated withsupporting end-users/endpoint devices
Centralized backup of desktops, laptops, and otherclient access devices
Simplified patch management
Simplified desktop provisioning
What benefits has your organization realized as a result of deploying app and desktop virtualization solution?
Flexible XenApp & XenDesktop Platform
One architecture for apps & desktops
Built in monitoring and support tools
One deployment supports multiple OS’es
Cloud enabled Management
Delivery Controller
XenApp & XenDesktop Platform
Win Server 2012 R2
Apps & Desktops
Delivery Agent
Win Server 2008 R2
Apps & Desktops
Delivery Agent
Windows 10/Linux
Apps & Desktops
Delivery Agent
20 © 2016 Citrix | Confidential
HDX MobileTouch navigation for Windows apps
• Multi-touch gestures
• Touchpad or direct curser
• Inertia-sensed scrolling
• Pop-up keyboards
• HDX Mobile SDK:• GPS
• Sensors• Cameras
High Definition ExperienceHDX BroadcastICA and RDP protocol support for access from any device, anywhere
HDX Plug-n-PlayAccess to local resources and peripherals, including USB devices and printers
HDX WAN OptimizationPerformance and bandwidth optimizations for branch offices with Citrix CloudBridge
HDX RealTimeVoice and video for real-time collaboration
HDX MobileTouch navigation for Windows apps; local device features
HDX Adaptive Orchestration Best user experience based on server, network connection and user device
HDX MediaStreamVideo and audio playback
HDX RichGraphics2D/3D graphics incl. Adaptive Display, HDX 3D Pro and Microsoft RemoteFX
Increase employee productivity with anywhere accessHDX user experience technology delivers better than local performance
HDX™ Mobile Transforms Windows apps for tablets and smartphones by hosting and securing sensitive client /server apps for low-cost mobile delivery
HDX 3D Pro™ optimizes 2D and 3D graphics for secure, global access to sophisticated design apps and data
HDX™ user experience optimization Industry leading performance with multimedia redirection, collaboration, and USB device support
Unified Communications optimization takes secure collaboration anywhere, reducing latency with local voice and video media processing
WAN optimized networking with fine-grained QoS eliminates need for local support while leveraging low-cost public network connections
26 © 2016 Citrix | Confidential
Centralized security to protect sensitive information
• Secure against data loss of intellectual property and sensitive private information by keeping data off the device
• Reduce the risk of intrusion through insecure devices or network connections leveraging granular access policy enforcement and eliminating unnecessary VPN holes
Centralized security to protect sensitive information
User authorization required
Enable local USB devices
Allow local storage
Control cut-and-paste
Control audio/video record
Local Printing allowed
Control geographic location
Centrally secured apps or desktops in the data center delivered to any device eliminates VPN holes with ICA / NetScaler proxy
Multi-factor authentication, including SafeWord, SecureID, and RADIUS;
smartcards and biometrics with activity logging for auditing and compliance
SmartAccess™ fine-grained context-based policy controls for scenario-based access restrictions with NetScaler end point analysis
ShareFile integration for optimized on-demand, on or off-premise data sync and sharing (ShareFile purchased separately)
28 © 2016 Citrix | Confidential
Balance security with productivityGranular policy control of clipboard content
Enable professionals to work securely from anywhere
Read-only setting for local files• Read local files, but restrict saving edits
Read-only setting for clipboard• Restrict copy/paste outside published app
29 © 2016 Citrix | Confidential
Certified securityWorldwide recognition as the industry standard for app security
XenApp & XenDesktop have achieved Common
Criteria evaluation milestone, first & only in
industry
XenApp & XenDesktop are FIPS compliant, simplifying highly
regulated compliance.
FIPS 140-2 Compliant
&Common Criteria
evaluation
30 © 2016 Citrix | Confidential
Granular access to services with SmartAccess™ Who? What? How?
• Return control of services to I.T. Enable a “context-aware” network
• Provide differentiated access based on user and device policies
• Define service level access based on• User identification• Device• Location
• Enable/disable specific application features• No printing when in a public location• No downloads to personal device• No access from jailbroken device• Disable screen grabs
31 © 2016 Citrix | Confidential
Denying access from jailbroken iOS devicesReceiver for iOS 6.1
• Receiver for iOS can detect that the device is jailbroken
• User can dismiss and continue -OR-
• Administrators can choose to block published access to apps and desktops• Add a keyword AllowJailBrokenDevices=False in the default.ica
file.
• Modify the default.ica files on ALL the StoreFront and Web Interface servers.
• When the application or desktop is blocked the user will be shown the same Security Alert.
Security AlertCitrix Receiver detected this device has been jailbroken and cannot be trusted to
run this app securely.
Dismiss
32 © 2016 Citrix | Confidential
Granular clipboard security
Two Way Clipboard
AllData
One Way Clipboard(Client to Server)
TextOnly
One Way Clipboard(Server to Client)
BitmapsOnly
No Clipboard
None
Deliver Windows Apps & Desktops to any device with the best user experience, security and manageability
Drive productivity, employee retention and recruiting by supporting BYO demands
Nearly eliminate costs of employee onboarding, moves and exits
Eliminate “best-efforts” support for executives and top performers already using BYO
Leverage new devices without needing to support the hardware
Simplify IT support of BYO devices
Simplify IT support of BYO devicesAny device access with “follow-me apps” secures apps and data from over a billion devices including Windows, Mac, iOS, and Android or any HTML5-enabled browser
Universal Printing services speedsworkflow delivering a bandwidth optimized, print-anywhere solution eliminating the need for native drivers
Enterprise app store eliminates support tickets offering user self-service selection of authorized apps
Broad compatibility with support for 16, 32, 64-bit apps on Windows Server or Desktop minimizes migration challenges
36 © 2016 Citrix | Confidential
• Self Service Password Reset for resetting and unlocking AD account passwords
• Simplified configuration between NetScaler Gateway & StoreFront
StoreFrontSimplified administration, better integration with NetScaler & enabling self service password reset
37 © 2016 Citrix | Confidential
SSL VPN (NETSCALER)Provides secure remote access control from any device to all the corporate resources
• Meet compliance needs. Protect enterprise data. Secure user information.
• Citrix SSL VPN is thesimplest and most secureway of protecting Citrixapps and desktops
38 © 2016 Citrix | Confidential
CloudBridgeAccelerate and Improve XenDesktop and XenApp capacity and performance over the WAN
• VPX-10 for WAN optimization (XD only)
• CloudBridge Client plug-in (XA & XD)ApplicationAcceleration
Visibility &Insight
VideoOptimization
BranchServices
WAN Virtualization
NDA
39 © 2016 Citrix | Confidential
• Hosted Shared and VDI dedicated desktop
• Clipboard, audio, printing, multi-monitor
• 2D Graphics support including the new enhanced compatibility mode & deep compression
• HDX 3D Pro for Linux – GPU pass through with software and hardware encoding
• Support for non-English environments
Linux Virtual Desktop & AppsLeverage your existing XenApp & XenDesktop infrastructure to deliver Linux based apps & desktops
40 © 2016 Citrix | Confidential
• Proactive notification and alerting
• Capacity management through usage insights
• Integrated SCOM alerts in Director console
• Single sign-on and two-factor authentication
Monitoring with DirectorEnhanced troubleshooting and reporting capabilities
41 © 2016 Citrix | Confidential
• Printer connection load balancing for Universal Print Server (UPS)
• Automatic printer connection redistribution on UPS Failover
• Advanced print options (Stapling & Tray Selection) for XPS UPD
Printing EnhancementsEnable advanced printing and load balancing capabilities
42 © 2016 Citrix | Confidential
Enabling desktop virtualization offline and online DesktopPlayer for Windows
DesktopPlayer for MacDesktopPlayer for Windows
44 © 2016 Citrix | Confidential
HDX Seamless local appsBlend a locally installed app into a virtual desktop
• Integrate local Windows apps into the user’s virtual desktop.
• Bring Your Own Apps (e.g. iTunes).
• Double-hop latency elimination (RDSHVDI).
• Challenging edge cases such as:• Video conferencing apps not optimized for VDI.
• Watching/burning a physical DVD.
• Watching TV using a tuner card.
• Specialty USB devices on the WAN.
• Viewing content that can’t leave the country (regulatory compliance).
• Client-server apps requiring very low latency to a regional backend.
45 © 2016 Citrix | Confidential
Optimize the user experience based on use caseNew HDX Policy Templates make it easier to fine-tune the user experience
• High Server Scalability: High Server Scalability High Server Scalability – Legacy OS
• Branch/Remote Worker: Optimized for WAN Optimized for WAN– Legacy OS
Optimized for CloudBridge
• Security and Control
• Very High Definition User ExperiencePolicies can be applied to specific user groups as needed
46 © 2016 Citrix | Confidential
New advanced capabilities for HDX printing
• Enhancements to the Citrix XPS Universal Print Driver(Helps prevent the need to manage vendor print drivers)• Paper tray selection
• Stapling
• Universal Print Server load balancing(Ideal for large environments)• Load balancing
• Fault tolerance
Print Servers
Virtual Apps + Desktops
47 © 2016 Citrix | Confidential
Smooth drawing at high latency
USB Redirection to Cloud for artists, signing-authoritiesEnabling a paperless, virtual workplace with drawing tablets and signature pads
• Driverless endpoint; one-click redirection of USB input device to cloud
• Two new HDX Policy controls• Capture Mode
• Perfect for signature devices
• Interactive Mode• Perfect for drawing devices
48 © 2016 Citrix | Confidential
Additional user experience enhancements
4K Resolution (Single and multi-monitor)Full screen support for 3D Apps
49 © 2016 Citrix | Confidential
Multi-national Mining Corp• Challenges & opportunities
• Used traditional time card/clock to report worker entry and exit time• Provide automated audit trail of worker entry & exit from mine sites
• Solution• Implemented mobile device access to XenApp hosted employee time
clock app named FacePunch• Pop-up keyboard makes it easy to enter login credentials from
smartphone display• Leverages GPS radio to capture mine location of workers during entry and
exit
• Results• Provides more complete and accurate audit trail of worker entry, exit and
mine location
50 © 2016 Citrix | Confidential
• Challenges & opportunities • Bridge the distance between India and Switzerland – Engineers in India
needed to be able to work as if they were sitting in Switzerland• Infrastructure bottleneck - latency & bandwidth issues
• Solution• Deployed Citrix XenDesktop 3D Pro to deliver E• Series, Solid Edge, SAP
GUI to engineers worldwide
• Results• Central deployment of CAD workstations to worldwide distributed
locations• Good application performance when accessed through WAN links• High security for sensitive design data• Flexible use of CAD applications with different devices
51 © 2016 Citrix | Confidential
Large Financial Institution• Challenges & opportunities
• Employee productivity on the go• Protecting sensitive corporate data
• Migration to Windows 7 initiative
• Solution• Secure PC access for remote employees
• Any employee-owned devices
• Results• Work gets done at the office, at home & while traveling
• Corporate apps and data secure in the datacenter• Leverage existing investment in Desktop Virtualization infrastructure
52 © 2016 Citrix | Confidential
Designers & Engineersusing 3D graphics is no problem
of engineers work late nights or on weekends fixing design data.
XenDesktop with HDX 3D Pro enables IT to:
of organizations miss project deadlines because of design data problems.
Host apps and desktops in the data center for secure, real-time, remote collaboration
Keep pace with fast-moving competition, accelerate time-to-market and protect valuable IP
53 © 2016 Citrix | Confidential
Contractor & Partner Accesswhere data security is toughest
Percentage of contingent workers in American workforce by 2020:
Contractors and partners need access to your data to be productive and that number is increasing.
XenDesktop with FlexCast improves security with:• Granular access control• Advanced system monitoring• Secure-by-design architecture
40%
54 © 2016 Citrix | Confidential
Transform Call Centerswhere minimizing cost is key
Virtualizing the workforce allows managers to: XenDesktop with FlexCast transforms call centers for centralized, agile capacity on demand.
Gain flexibility Reduce costs
Move away from large facilities
55 © 2016 Citrix | Confidential
Corporate Laptopsoffline or online doesn’t matter
1 IN 10 Top places laptops are lost or stolen:
LAPTOPS IS LOST OR STOLEN
WORK CONFERENCE MEETING ROOM
Keep data out of the wrong hands. XenDesktopextends the benefits of desktop virtualisation to corporate laptops, on or off the network, to centralize and secure corporate apps and data.
56 © 2016 Citrix | Confidential
Remote & Branch Workersfor branches of one to many
1 IN 5 British Knowledge Workers
XenDesktop with FlexCast delivers a work-from-anywhere solution that provides secure access to business resources on-demand.
work from home at least once a week. In fact, the growth of telecommuting is rapidly becoming the norm.
From 2005 to 2012, telecommuting increased by nearly 80%.
2005 2012
57 © 2016 Citrix | Confidential
BYODfor laptops and tablets you don’t own
To help with your BYOD strategy, FlexCast services can be delivered:
The percentage of personal devices in the workplace is growing dramatically, as people seek the freedom to work their way.
From 2005 to 2012, telecommuting increased by nearly 80%.
The percent of employees purchasing devices for work:
SMARTPHONES TABLETS PCs
On-Demand Securely To any device
Microsoft Remote Desktop Services• The Remote Desktop Services role within 2012 R2 Server provides technologies that enable
users to connect to virtual desktops, RemoteApp programs, and session-based desktops. With Remote Desktop Services, users can access remote connections from within a corporate network or from the Internet.
• This role is the foundation for Citrix solution, and is great in smaller deployments and where mobile devices are not being used over the internet. Adding Citrix or Vmware gives improved performance and manageability at a cost
61 © 2016 Citrix | Confidential
RDS Components
• RDS Gateway
• Remote Desktop Session Host
• Remote Desktop Web Access
• Remote Desktop Virtualization Host
62 © 2016 Citrix | Confidential
What to choose?• Citrix
Dominates the marketplace (90%) and is the most feature rich and best performing product. Add-on to Microsoft RDS. Licensing cost is highest.
• VMware
New-ish player in the market place. Has its own tools and protocol. More feature rich than RDS and protocol is better than RDS. Licensing cost half of Citrix.
• Microsoft
2nd most popular, has limited client device support for mobility. Much cheaper, although protocol less effective over mobile networks.