Desktop Virtualization: Benefits and Security
Key Points
- Desktop virtualization is presented as a solution to the growing need for computing across all roles, consolidating workloads that would otherwise require numerous physical laptops and desktops.
- Managing thousands of physical devices creates significant security risks—such as theft, unauthorized access, and vulnerability from locally installed software—and incurs high maintenance costs, especially in rough environments like factories, hospitals, and schools.
- Centralizing computing resources through virtualization can reduce hardware purchases, enable the use of less expensive endpoints, and simplify the enforcement of security policies across the organization.
- By delivering applications from a secure, centrally managed environment, desktop virtualization helps mitigate software‑induced vulnerabilities and streamlines overall IT operations.
Sections
- Intro to Desktop Virtualization - Bradley Knapp from IBM explains how desktop virtualization can help businesses lower the expense and security risks associated with managing large fleets of physical computers.
- Virtual Desktops Replace Laptops - Instead of purchasing numerous heavy, expensive laptops, a single high‑performance data‑center server can be virtualized into many desktop sessions, providing equivalent compute and graphics capabilities to users while dramatically lowering hardware costs and scaling to 24/7 workloads.
- Benefits of Virtual Desktop Sessions - The speaker outlines how server‑hosted virtual desktops increase density and cost‑efficiency, allow users to maintain continuous sessions on any client device for flexible, seat‑less work environments like call centers, and provide heightened security for sensitive information.
Full Transcript
# Desktop Virtualization: Benefits and Security **Source:** [https://www.youtube.com/watch?v=3E0EKUkMEjc](https://www.youtube.com/watch?v=3E0EKUkMEjc) **Duration:** 00:09:49 ## Summary - Desktop virtualization is presented as a solution to the growing need for computing across all roles, consolidating workloads that would otherwise require numerous physical laptops and desktops. - Managing thousands of physical devices creates significant security risks—such as theft, unauthorized access, and vulnerability from locally installed software—and incurs high maintenance costs, especially in rough environments like factories, hospitals, and schools. - Centralizing computing resources through virtualization can reduce hardware purchases, enable the use of less expensive endpoints, and simplify the enforcement of security policies across the organization. - By delivering applications from a secure, centrally managed environment, desktop virtualization helps mitigate software‑induced vulnerabilities and streamlines overall IT operations. ## Sections - [00:00:00](https://www.youtube.com/watch?v=3E0EKUkMEjc&t=0s) **Intro to Desktop Virtualization** - Bradley Knapp from IBM explains how desktop virtualization can help businesses lower the expense and security risks associated with managing large fleets of physical computers. - [00:03:25](https://www.youtube.com/watch?v=3E0EKUkMEjc&t=205s) **Virtual Desktops Replace Laptops** - Instead of purchasing numerous heavy, expensive laptops, a single high‑performance data‑center server can be virtualized into many desktop sessions, providing equivalent compute and graphics capabilities to users while dramatically lowering hardware costs and scaling to 24/7 workloads. - [00:07:19](https://www.youtube.com/watch?v=3E0EKUkMEjc&t=439s) **Benefits of Virtual Desktop Sessions** - The speaker outlines how server‑hosted virtual desktops increase density and cost‑efficiency, allow users to maintain continuous sessions on any client device for flexible, seat‑less work environments like call centers, and provide heightened security for sensitive information. ## Full Transcript
hi there, and thanks so much for joining us today. My name is Bradley Knapp with IBM,
and today the topic that we're going to talk about is desktop virtualization,
and this is a topic that's gotten a whole lot of press very recently because of some recent
announcements in the field, but I just want to give a very brief overview of what is this desktop
virtualization thing and how could it potentially help you or your company. So, If we think about
desktop virtualization holistically, we've got to go back in time, and really not that far in time,
or even to the present day, where we have a person right that person pretty much no matter
what his job is there's going to be some level of computing involved, right? So that guy is going
to have his laptop and he's going to be typing away at the laptop, maybe he's got a desktop,
but computing is integrated into everything that we do, and so if you think about that from a
business perspective, that means that businesses have to buy, and issue, and secure thousands
or tens or thousands or hundreds of thousands of physical computing devices, and there's obviously
some risk that comes along with that, right? If you've got a laptop it can be stolen if you've got
a desktop you know they're anchored to the desk they're not going to wander off on their own,
but you're leaving it unattended all the time. So you've got a risk if you haven't properly secured
it, someone can get in and get to that physical machine, and do things they're not supposed to
that's on the information worker side, but let's also think about a factory floor,
or let's think about a hospital, or let's think about a school where you've got to maintain
all of these computing devices some of which are in kind of rough environments, right?
Kids are not the most gentle folks on the planet, and factory production floors aren't either,
and so computers are for better or for worse somewhat delicate devices. So we've got to
take care of them, and in addition to that you've got the security headache of securing
not just the physical machines, but also securing all of the user accounts for them. Securing them
against penetration against theft against loss, and so we have to think a little bit about,
is there a better way? Is there a way where we can centralize more so we don't have to buy as much
hardware? Or if we do have to buy as much hardware we can buy less expensive hardware? So can we
centralize it, can we lower our costs, and can we do it in a more secure manner? When somebody's got
an individual laptop they can install software on it, generally speaking, and there's always a
possibility that that software can cause some sort of a security vulnerability. There have
been lots of great published presentations as of late about software that gets installed onto
a local machine that inadvertently causes much greater security problems. So how do we fix these
problems? And one way, certainly not the only way, but one way is to do desktop virtualization,
where the desktop rather than running on the local machine running, on that physical machine itself,
we are going to run it remotely. We're going to run it in the cloud, and so instead of a
physical high-powered laptop. Let’s imagine that we've got 10 architects in an architect
firm. Architects need high-end machines, right? They do lots of processing, lots of cad work,
they need very powerful processors, they need lots of ram, they need graphics acceleration.
So to buy each one of them a very powerful laptop which, by the way is not terribly portable,
we're going to have to spend a lot of money. Is there an alternative? There is, desktop
virtualization. So let us imagine a physical server, cloud server, sitting in a data center.
We'll call that server. There we go. Now this server is 20, or 30,
or 50 times more powerful from a compute performance perspective than this laptop,
but it can perform all of the same functions. You can put the same graphics accelerators in it.
You can stuff them full of ram so that it can get equivalent or better performance,
but it's in a data center. How useful is that? Well the answer is you take this server and
you divide it up into virtual machines that each machine is a virtual desktop. So you get
a virtual desktop for each one of your individual users, and you get to stack them
on top of this server. So one piece of physical infrastructure can host 4, or 10, or 20, or 500
concurrent desktop sessions. Well, why is this good? well let's imagine a 24-hour workplace,
notice I said concurrent desktop sessions before, so if you've got users that are working 24/7/365,
like it's say a hospital, rather than having to have a laptop for each one of them,
they just get a session. Well if you've got a thousand employees and they work about 500 during
the day and about 500 at night you only have to size your infrastructure to run for 500 people,
plus a little bit of overhead. So you're going to save money because you're going to increase
density. You're also going to be able to take all of these big expensive enterprise benefits,
but you only have to buy half as many, right? Because you are serving multiple users out of
that same physical machine. Now let's go back to our hospital for a moment here,
hospital, you've got a nurse who's walking around she's got a certain number of patients, four,
six, eight, patients, right? And maybe each room in that hospital has its own computer,
right? So you've got a physical device there, it's not a powerful device, because all it does
is host these virtual sessions up here. Well as that nurse goes from room, to room, to room,
she doesn't want to lose whatever she's working on. She's got all of the stuff that she's already
doing, plus what she's going to be doing in that next room. This is another place where virtual
desktops are really cool, right? so let's call this this box right here, this is going to be her
session. This is her concurrent session. So she's in room one, and she logs in on that machine,
to her user session, and so she's got her email running. She's got the the patient records open.
She's got lab records open, maybe some x-rays, something like that, and so that is all running
in this session that is unique to her. Now she gets done in that room and it's time for her to
physically go over to room number two. Now all she has to do is disconnect this session right here,
so we'll put an x on it, and reconnect from the computer in room number two, but the session is
stateful, it's still live, and so nothing has changed on the screen that is displayed to her
even though she's now on a different physical device. she's logged in on a whole
new machine now, and she can do that as she goes to room three, and four, and so on, and so forth,
because the session is running on the server. It's running in the cloud. She doesn't ever have to
log off, and log back on again, and rebuild the machine, like if you were going in an old school
environment where you logged off a machine and then you would have to reload it off the domain.
Because it the actual desktop itself, all of the applications on the desktop,
are residing on that server, all she's doing is accessing her session. So not only do you get the
increased density, which is a great thing, lowers cost, you also get this concurrency of session,
which is great for your employees because they aren't constantly logging out and logging in,
and logging out and logging, in and moving from place, to place, to place. Another place that
virtual desktops are great, let's imagine something like a call center environment,
where you don't have assigned seating, right? The employees come in they sit down wherever
they need to be, they log in, and they start work. Well because these sessions reside on
the server whenever you bring them up, they can be brought up onto any client, right? And so the
ability to bring up any client is important, bring up on any clients is very important,
because now you don't have to worry about the problems of assigned sitting, and this person
can only sit in this cube, because it's the only one that is authorized to bring up their session.
So again the increased flexibility that you get is just fantastic. Mow there's one other really
neat part about virtual desktops that's very specific to security that I do want to touch on.
So let us imagine for a moment a scenario where you've got security information, right?
Information that needs to be heavily protected against loss, and so we've got our guy over here.
He's got his laptop. He's working at home, but he needs to get into this secured information,
and for various internal reasons he is not allowed to access that information and store it on his
local machine. What he can do is, he can create a session out of his local machine into our server,
and he can open a virtual desktop on his physical desktop. It runs in a window just like any other
window. So he can create a session that is going to display to him that secured information,
but it's going to display it in a secured way, right? Because he's not caching it locally on
his machine, it can't be stolen off of it. All he's seeing is an image of what he's looking at,
and that image is delivered via the secure server. So again helping to ensure security,
helping to ensure access control, making sure that only the right people are getting to the
documents that they need to get to. So that's a really brief overview of virtual desktops.
Hopefully it was useful and if you have any questions, just let us know.