Upload
vmworld
View
53
Download
3
Tags:
Embed Size (px)
DESCRIPTION
VMworld 2013 Issy Ben-Shaul, VMware Hanan Stein, VMware Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Citation preview
Unified Endpoint Management in Scale:
What’s New with Horizon Mirage
Issy Ben-Shaul, VMware
Hanan Stein, VMware
EUC5629
#EUC5629
2
Agenda
Core product overview
New features and capabilities
Demo
Customer testimonial – global enterprise deployment
Future directions
3
App compatibility
problems
Why is Windows Endpoint Management so Hard?
Mobile users Hardware failures Patch
Tuesday
Physical, virtual,
mobile
4
Horizon Mirage in a Nutshell
A system for management and recovery of Windows endpoints
Unique: centralized images with local execution and quick synch
Empower end users with a personalized desktop experience
Supports both physical and virtual, local and central devices
5
Centralized Images
Mirage Server
Optimized Synchronization and Desktop Delivery
Core Image
Manage Centrally Execute Locally
Local Copies
Mirage Client
How does Horizon Mirage Work?
Patented differentiated technology
• Desktop streaming
• Network de-dup & compression
• Storage de-dup
• Branch caching of images
6
Layered Image Management
Machine Identity
User/PCLM Installed Apps
User Data & Profile
Base Image
(OS, Infra. SW, core apps)
Driver Library
• Zero touch (re) provisioning
• no need for external boot
• No isolation/runtime redirection
• Image merged at endpoint
• Preserves UIA & PCLM apps
• Modular recovery/migration
App Layer 1
App Layer 2
App Layer n
Mirage
Managed
Mirage
Protected
Managing both Base Image & Apps
(“image virtualization”)
8
Image Management, Provisioning, Migration
Reference Machine
Reference
CVD
Base Image
CVD2
CVD1
Laptops w/
Mirage Client
Base Image is captured
from the Reference CVD
Base image
merged with endpoint UIA
Mirage™ Server
CVD3
Branch
Reflector
Base Image downloaded Branch
Reflector
• Zero touch: no PXE, no OS/apps installation
• Personalized apps and profiles migrated/preserved
• WAN optimized -- BR, de-dup
• Minimal end-user downtime
• Safety net: Can revert to previous snapshot quickly
9
WAN
OS
Content
Apps
Fully managed / synchronized
Full access to PC image on central
VM via PCoIP/RDP
• Migrate full image (CVD) into data center
• Access CVD files through File portal
• Mount CVD onto VM for universal access
• Restore CVD onto a new device
OS for VM
Content
Apps VM Pool
Re-base CVD
onto VM
VMware Mirage™
Server
OS
Content
Apps
Desktop Repair, Backup, DR
Dell
Stream CVD to new device HP
Access PC files via Web-based
File portal
10
Agenda
Core product overview
New features and capabilities
Demo
Customer testimonial – global enterprise deployment
Future directions
12
App Layering Concept and Semantics
Desktop Layers
Machine Identity
User/PCLM Installed Apps
User Data & Profile
Base Image
(OS, Infra. SW, core apps)
Driver Library
• Extends Base Image with
managing business apps
• Install once, record “delta” and
apply many endpoints – No
installation at the endpoints
• No app limitations: supports
kernel drivers, shell plug-ins, etc.
• No isolation – resulting image is
standard (no runtime redirection)
• OEM apps can be captured in an
app layer (enhance HW refresh)
App Layer 1
App Layer 2
App Layer n
Mirage
Managed
Mirage
Protected
13
• Native experience
• Applications with drivers
• Inter-app communication
• No App compat issues (e.g., shell plug-ins)
Horizon™ Mirage Application Layers VMware ThinApp Package
• Isolation
• Cross-Platform
• Multi-version support
• Agentless Deployment
• UPL is now a citizen in consumerized IT
• User installed and updated apps
• Personalization preserved
Horizon™ Mirage User Personalization Layer
Base Layer Assigned
Horizon™ Mirage: App layers and ThinApp
14
Centrally managed
Windows images deployed
locally on devices
Datacenter hosted
virtual desktops
Horizon™
View
Horizon™
Mirage
Security
Remote &
Roaming Access
Offline Flexibility
Native Performance
Synchronization
Thin/zero clients Tablets PCs Laptops Macs
16
Traditional Image Deployment and Management for View
Floating pools
• Identical images – all apps and drivers installed centrally
• Stateless – pristine image on each log-on
• Storage efficiency via Linked Clone
• Image managed by View Composer
Only viable when all workers use identical apps/peripherals
Dedicated pools
• Individualized images with user-specific and departmental apps
• Stateful – Images persist across sessions
• Full Clones or Linked Clones with space reclamation (New in View 5.2)
• However, Composer cannot be used (due to personalized images)
No effective image management tool
Unique: centralized images with local execution and quick synch
Empower end users with a personalized desktop experience
Supports both physical and virtual, local and central devices
17
Initial base Image is linked cloned or fully cloned
Subsequent updates to base and app layer performed by Mirage
Profile and user-installed apps protected and preserved by Mirage
For Linked clones, delta disks growth contained by SE Sparse (5.2)
Note: Parent VMs for floating pools can also be managed by Mirage
View Dedicated Pools Managed by Mirage
Mirage™Server
Provision desktops (Linked or Full clones)
Base Image
App Layer 1
App Layer 2
Desktop VM
Virtual Disk
(linked/full clone)
user-installed &
PCLM apps
Update Base layer
User Profile
Provision App layer Update App layer
18
View Dedicated Pools Managed by Mirage
Initial base Image is linked cloned or fully cloned
Subsequent updates to base and app layer performed by Mirage
Profile and user-installed apps protected and preserved by Mirage
Delta disks growth contained by SE Sparse technology
Note: Parent VMs for floating pools can also be managed by Mirage
Mirage™Server
Provision desktops (Linked or Full clones)
Base Image
App Layer 1
App Layer 2
Desktop VM
Virtual Disk
(linked/full clone)
user-installed &
PCLM apps
Update Base layer
User Profile
Provision App layer Update App layer
19
Roadmap: Mirage Mass Restore of Personalized Images
When Needed ?
• Rebalance – when adding hosts to ESX or adding LUNs
• DR – Failure of ESX host/storage
• Recompose – Cost-effective re-provisioning (e.g. major image updates)
Mirage restores personalized part of the image
Mirage™
Server
Refresh/Rebalance/ Recompose
User installed &
PCLM Apps
User Profile
Base Layer
App Layer 1
App Layer 2
Desktop VM
Virtual Disk
(linked clone)
Restore apps, profile
21
Scale and Performance Enhancements
Reduced amount of IOPS by 35%
• Reduced number of file “pointers” in Single Instance Store by 35%
• Extensive in-memory caching of metadata and signatures for popular data
Offline De-duplication
• Server based de-dup continues after client gets disconnected
Improved resume time by order of magnitude (10X)
• Persistent resume state across server restarts & server fail over
Consensus Based Upload
• Do not scan data of known files (e.g., System files)
• Average 40% reduction in scan time
23
Agenda
Core product overview
New features and capabilities
Demo
Customer testimonial – global enterprise deployment
Future directions
Customer Case Study:
Global Mirage Deployment
Yoni Kaplansky, IT Operations Director
Paul Navarro, IT Operations Service Delivery and PMO Manager
Amdocs IT, North America
August 2013
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 25
#1 in Telecom Software
Market Share
Amdocs wins
2012 Outsourcing
Excellence Award
A leader in 2012
Integrated Revenue
and Customer
Management (IRCM)
Magic Quadrant
About Amdocs
● Leader in Telecom Customer Experience Systems and Services
● $3.2 billion revenue in 2012
● 20,000 professionals
● Serving customers in more than 60 countries
● Listed on the New York Stock Exchange (DOX)
Information Security Level 1 – Confidential
© 2013 – Proprietary and Confidential Information of Amdocs 25
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 26
Why Amdocs Selected Horizon Mirage
Many Challenges with managing & protecting laptops
● Majority of laptops offsite more difficult to manage and protect
● Experienced many support cases and SLA expirations
● Had a backup solution that was very limited
● Challenging for remote workers – unpredictable restore, PSTs
● Backup only, no solution for Hardware refresh, image mgmt, break-fix,
● Decentralized system (20 servers) complex to manage/support
● Considered VDI, but not applicable for remote users that work ‘offline’
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 26
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 27
Business Benefits of Using Mirage
● Loss, theft, or damage Restore full CVD to replacement hardware
● DRP & Business Continuity Strategy – Restore to VM on VDI
● Break-fix for helpdesk support, minimal IT time & end-user downtime
● Base image management – Compliance, provisioning, HW refresh
● OS and App layering – On-going updates, distribution to remote sites
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 27
Support category IT cost savings
w/ Mirage
Productivity
savings w/ Mirage
Hardware problems 27% 79%
Software problems 40% 63%
Restore (from backup) 90% 96%
Settings & Configuration 60% 61%
Software Install (core apps) 42% 53%
Weighted Average 40% 59%
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 28
Technical Advantages of Mirage
● Centralized architecture
● Increase in successful number of full backups from remote sites/users
● Transparent – non disruptive backups and restores
● Revert to snapshot (break-fix) preserves user data. Impact to OS and
installed apps only. Plus for developers and testers.
● Right-Click Fingertip access to file version history and restore options.
● Increased confidence in PST file backup and restore
● Product Support and Engineering team – committed, available, and
does what it takes to remedy any challenges
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 28
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 29
Deployment Architecture and Stats
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 29
3 Sites
• AMER – 3500 laptops
• EMEA – 4000 laptops
• APAC – 3000 laptops
Each site hosts
• ~5 Mirage servers, F5 clustered
• ~75-100 TB NAS
• ~15000 IOPS per site
• QoS defined over WAN links
Steady state stats
• Upload per desktop – 1-2 hrs
• Upload delta ~20MB (de-duped)
• No impact on user experience
Centralization stats (Apr – Aug 2013)
• 1000 laptops per month
• Average CE per laptop ~20 hrs (5 days)
• Average image size – 50GB (25 unique)
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 30
Success Stories
● Business Continuity
● Employee relocated from Israel to Canada. A couple of weeks after
relocation, laptop drive failed.
● PC tech performed full restore of 52 GB over low bandwidth SSL VPN
● Image streamed to end user, within hours could resume work
● Full image was recovered – employee resumed from where left off
● Break-Fix
● Employee had broken Internet Explorer plugins for finance apps
● PC tech tried to manually repair IE without success
● OS restore option would not proceed either
● PC tech used Mirage “revert to snapshot” – less than 10 minutes to IT
● Without Mirage, IT would need to re-image the computer – huge effort to IT
and long downtime
Information Security Level 2 – Sensitive
© 2013 – Proprietary and Confidential Information of Amdocs 30
31
Where are We Heading?
Advanced bare metal provisioning and restore
Mirage DMZ Edge Gateway
Self-service App delivery and integration with license management
Multi-site, scalable management
New OS platforms: Windows 8, Windows Server, Windows Embedded
Image management for View in scale
Self service restore of PC on central VM for universal access
Central policy management for Fusion Pro
32
Unified Image Management
View
VDI Image
VDI
Off-Network BYOD Macs
Off-Network BYOD Win Laptops
BYOD
Local
execution
In VM
Central
execution
Efficient
Remote
Protocol
Thin/Zero-Clients
Networked Mobile Devices
Networked BYOD Laptops
Physical
Local
execution
Corp Owned Laptops
Power-User Workstations
CAPEX Sensitive Desktops
Efficient
WAN
Streaming &
Caching
Mirage
Centralized Image
34
Other VMware Activities Related to This Session
HOL:
HOL-MBL-1309
Horizon Mirage - Manage Physical Desktops
Group Discussions:
EUC1000-GD; EUC1004-GD
Mirage with Daniel Beveridge or Mark Ewert
Breakout Sessions:
EUC5507
Vmware Mirage storage and network de-duplication demystified
EUC5587
Horizon Mirage image deployment deep dive
EUC4608
Mirage 201
EUC4815
• Demystifying VMware Mirage: tips and tricks for success
EUC5629