VDI is still a fairly new concept to most companies, even those with extensive investments in Server Virtualization.  With that in mind, I get this question several times a week, so below is my answer to one of these queries.

Just like customers use our Virtual Access Suite to extend the base functionality of Windows Terminal Services, they can also use it to extend VMware, Microsoft, Virtual Iron or Parallels base VDI functionality.  We actually announced our VDI offering (project TITAN) at VMworld in 2005,  and released it as Virtual Access Suite for VMware VDI at VMworld in 2006.

Provision Networks started doing business in 1990s under the name Emergent Online (EOL), which was a Citrix Platinum Partner in the Metro DC Area.  We started making tools to address issues with Citrix and Terminal Services in 1996, and many of these tools still exist in our Virtual Access Suite today.  We treat VDI as single user terminal servers, so most of our tools that enhance management, performance and user experience on TS, translate directly to VDI.

So at a high level, Quest Software’s Provision Networks Division does the following:

• Embraces software partners like Microsoft, VMware, Virtual Iron, Parallels… and their core technologies.
  • Quest doesn’t make an Operating System, Hypervisor or any kind of hardware, so we can focus on last mile features, while embracing your current investments.
  • We know that customers often have an heterogeneous IT Infrastructure, so we give you the capability to manage different environments from one console, instead of forcing you to change the technology you have.
• Extends the functionality of partner’s technology, i.e. Microsoft’s RDP Protocol
• Exposes hidden functionality in the core OS or Hypervisor technology via SDK Integration.
• Future-proofs your investments in hardware and software
• Enhances performance, end user experience, management capabilities, IT agility and security.
• Empowers customers by supporting all major desktop and application delivery methods so they can use the method that is suited for their environment.

On the technical side, we make a Connection Broker that does more than brokering connections to Virtual Desktops.  The Provision Networks Connection Broker (part of Virtual Access Suite) does the following:

• Brokers connections to Virtual Desktops, physical or blade PCs and Windows Terminal Services, and manages all of them from one console.
• Integrates with VMware ESX, Virtual Iron, and MSFT Hyper-V.  This means we can create/delete VMs and control the power state of each.  Development to integrate with Parallels Virtuozzo is underway.
• Delivers desktops or seamless applications from virtual machines, physical machines or Windows Terminal Services
• Dynamically manages the membership of the local Remote Desktop Users, Power Users and Administrators Groups
• Assigns applications, desktops and rules to Active Directory Users, Group, OUs, Client IP/Range or Client Naming Conventions. Integration with Novell eDirectory is expected to be available this fall.
• Power manages physical PCs or Virtual Desktops, i.e. the connection broker can (when needed or as scheduled) power on, power off, suspend, resume, reset, restart… and in the case of physical machines put to sleep or wake up machines.
• Completely automates the virtual desktop lifecycle, from creation/clone, to access control/entitlement, application installations or updates, assignment of Virtualized Applications, and deletion of the desktop when no longer needed
• Offers a complete task framework that can schedule single instance or recurring tasks for any power management operation, OS or Session State operation, enabling/disabling of desktops/desktop groups, deletion of desktops, deployment of MSI Packages, running of scripts, copying of files….
• Includes an integrated, end-to-end, 5th Generation Universal Printer Driver
• Has a Hybrid User Profile Management Service so user state can be separated from the desktop or terminal server, without having to implement roaming profiles
• Supports explicit, Passthru, Kerberos, Smartcard and CAC Authentication
• Is the only VDI or Terminal Server Product that includes complete desktop configuration and lockdown, including the following rules which may be applied to Active Directory Users, Groups or OUs, plus Client IP Address/Ranges or Client Name/Conventions:.
  • Removing icons and items from the desktop.
  • Restricting access to drive letters
  • Removing previously created network drive and printer mappings
  • Restricts access to a white list of applications that users are authorized to execute - this is done at the kernel level, not via registry
  • Restricts access to desktops or applications by day of week or time of day
  • Applies user environment variables
  • Sets the appropriate desktop color scheme
  • Assigns the correct time zone
  • Runs logon scripts that apply only to Terminal Servers, Virtual or Physical Desktops managed by Provision Networks
  • Creates or Deletes Registry Entries or Keys
  • Manages environments with any ADM Template, without needing access to Group Policy
  • Redirects Registry and File System Objects from system locations to user locations, so users can run applications without being elevated with Administrator or Power Users Group Membership 
  • Assign whitelists of blacklists of IP Address Ranges, Host Names or DNS Names & TCP Ports (Host Access Control)  
  • Map network drives via NET USE or SUBST and optionally map these with alternate credentials.
  • Maps network printers using Provision Networks Print-IT Universal Printer Driver

 

• Offers granular CPU Fair Sharing, Memory Rebasing and Memory Binding
• Includes granular Terminal Services and Application Load Balancing
• Has the ability to assign unique IP Addresses to Terminal Services Sessions
• Includes a customizable Web Portal and SSL Secure Gateway
• Does not require a 3rd party load balancer for redundant Connection Brokers
• Completely integrates with Microsoft Application Virtualization - Softgrid
• Extends Microsoft’s RDP Protocol with features like True Multi-monitor Support, Windows Media Redirection, Dynamic Bitmap Compression/Acceleration, bi-directional audio, and local text echo/latency masking
• Has clients for Windows, Windows CE, Java, Linux, Sun, Wyse Thin OS (WTOS) and PXE (boot from network, USB Stick or CD)

Like our sister Quest Company “Vizioncore”, we are a strong VMware Technology Partner, and are NOT a VMware competitor. Customers can be assured that by using Quest Software Virtual Infrastructure Management products, they will be empowered to get every ounce of functionality out of their Virtual Infrastructure, whether it is from VMware, Microsoft, Virtual Iron, Parallels or any combination thereof.

As far as VMware Licensing goes, to use Provision Networks Virtual Access Suite, instead of VMware VDM, you’d purchase VMware VI3 or ESX Licenses & Virtual Center, plus Provision Networks Virtual Access Suite, instead of VMware VI3 or ESX plus VDM2, or the VMware VI3 VDI Bundle.

The cost difference between the two solutions can favor either VMware or Provision Networks, deplending on how many users are supported and how many VMs one is running on each ESX Server, so there is no concrete answer either vendor can give to say that “it’s less expensive to do….”  It all depends on your deployment.  The higher you scale, the more it favors Provision Networks, and the lower you scale, or fewer ESX hosts you support, the more it favors VMware.  The good thing for VMware, is that when we sell Provision Networks Licenses, a majority of the time it causes customers to purchase more ESX licenses from VMware, so it’s good for both companies.:)

What is not in dispute, is that Provision Networks has the most mature and feature rich VDI Solution for VMware ESX, that just so happens to also integrate with other hypervisors and Windows Terminal Services.

Both comments and pings are currently closed.