Businesses strive to boost productivity, enhance operational efficiency, and offer excellent customer service to keep up in this competitive world. For these reasons, there is an added focus on enabling dynamic communication and collaboration, as well as specializing in emerging technologies. The modern office environment is rapidly evolving to meet diverse business needs, and a notable trend involves workspace virtualization, also referred to as VDI. Before we explore the reasons for its growing popularity, let’s review a key point.
PC setups offer adequate computing power to run productivity applications at work while delivering reasonable user experiences. The challenge is that these environments present many difficulties for companies. Some common examples include:
- High operating costs for desktop configuration, application support, and patch management.
- Regulatory compliance demanding data protection.
- Intensive disaster recovery (DR) planning.
- The ability to easily scale in an acquisition or merger scenario.
As a result, IT experts need a way to centralize the control and administration of client computing environments. Recently, client computing virtualization technologies have taken the world by storm, showing great promise in delivering an innovative desktop computing model. Combined with remote display protocols and connection broker software solutions, they pave the way for companies to adopt virtualization. Today, a wide variety of products, solutions, and management software of the same allow businesses to perform high-end functions, including:
- Running peer-to-peer and real-time apps for team collaboration, such as Cisco Webex, Web 2.0, and instant messaging.
- Ubiquitous mobility and proliferation of Wifi-enabled clients like laptops, tablets, and smartphones.
- Increasing video application usages such as digital signage, video conferencing, and desktop video.
Although VDI is an effective PC replacement technology that eases desktop management, it is not as simple as many think. A successful roll-out requires in-depth network preparation which businesses often overlook as they focus more on server hardware, licensing, and application integration. Enterprises shifting from PCs to VDI setups must plan for a considerable jump in network traffic. The reason is that user data and applications traverse their LAN and WAN connections to remote workers. Furthermore, in a virtual desktop environment, the network not only exchanges user/application information between servers and end-users. It also supports the complete desktop/display experience, and this is exactly why one should never underestimate its role.
Let’s examine the major factors in network planning that impact the usability of virtual desktops. Needless to say, you will also need to select the right display protocol and set access policies to thoroughly secure your infrastructure.
*Note: please familiarize yourself with the term ‘campus network’ (CN) which you will come across from time to time. Its main function is to connect users and devices to the data center, WAN, and the Internet. In addition to receiving high-speed connectivity, users benefit from feature-rich services such as secure access control, PoE, as well as traffic monitoring and management. When planning for CN, consider workplace trends and integrate performance, scalability, and services into your virtual desktop infrastructure to meet enterprise demands of both today and tomorrow.
App virtualization and server-based desktop virtualization technologies depend on always-on network connectivity to the data center. Hence, IT should take into account network resilience throughout the campus and WAN by:
- Building the CN with device, topology, link redundancy, and an optimized routing control plane. Look up technologies that boost design resilience to deliver a sub-second network convergence in failure recovery scenarios.
- Attaining device resiliency with a blend of physical redundancy (redundant switch supervisors), device hardening (control plane policing), and supporting software like stateful switchover (SSO) and nonstop forwarding (NSF).
- Achieving operational resilience to decrease planned downtime and ensure always-on connectivity.
This is another crucial aspect that systems engineers must deal with when it comes to VDI network requirements. Virtualization generates network traffic that can spike latency and reduce throughput. So, begin by assessing expected network performance and mapping out connections to calculate the potential loads VDI could account for. Use performance tools to gain complete visibility into latency, throughput, and capacity. Identify peaks and valleys in usage to determine the maximum load your network is capable of handling.
For instance, traffic could peak at 10:00 am at the start of the workday when authentication requests and applications launches from employees saturate the network. Adding virtualization to the mix can overwhelm network performance where virtual machines (VMs) will be launched. Other processes like quarterly processing and backup operations also affect traffic and throughout.
If you deploy your VDI infrastructure on a CN, latency is not a concern for employees who connect locally. However, it can be a problem for end-users connecting across a WAN or using remote access over the Internet. Consider a distributed VDI architecture to minimize the impact that latency can have on your remote/mobile workforce.
Network redundancy and smooth failover are important as virtualization streams PC content from servers to users. If the network fails, employees cannot do anything without PCs. Examine everything from cabling to routing protocols to reduce the likelihood of outages. Check your WAN and internet redundancy alternatives to ensure consistent productivity in case carrier links fail, especially when catering to a growing remote user base.
Once you have confirmed that physical redundancy and monitoring are good to go, focus on the weakest link in your environment, which is generally the WAN. We recommend doing this especially if your company provides virtual desktops to both on and off-premises employees over the network.
With VDI, users can connect to the data center anywhere, anytime, and on any device, hence making policy and identity management critical network security aspects. Access management and lack of identity features related to outdated networks cannot address such modern scenarios.
Opt for identity-aware networking, an integrated approach where the network collects data from different existing sources that IT can use to create and enforce access policies. This method reveals details of many elements. For example, are employees logging on from a reliable or unreliable network? Are they accessing the network across Wifi or from a wired port? Moreover, large businesses may need to modify access policies and procedures in varying locations for added protection. Choose quality networks with intelligent controls that actively gather and update details about users, devices, and locations. When employees connect to virtual desktops, they enforce policies once they appear on the network. The regulatory compliance and security ROI benefits that enterprises can reap from this are highly sought after as they simplify application-layer protection.
On the other hand, VDI network-based identity is related to factors such as VLAN tags, Subnets, MAC addresses, and IP addresses. These play an integral part in device authentication, IPSEC, and VPNs.
Most deployments call for IT departments to fulfill the demands of different devices and mobile users. In such cases, additional granular network access policies based on device types, user roles, and physical locations may be needed. This allows the network to seamlessly scale bandwidth and manage converged communications that introduce network layer security policies not bound to any one application or device.
What happens when you turn up virtualization in a production network? There will be a considerable rise in data flow quantity and link usage across your network. Monitor bottlenecks that may appear in places such as uplinks connecting access switches to core/distribution layers, WLAN uplinks to wireless controllers, WAN connections, Internet connectivity, and VPN.
Check for congestion inside the data center where the centralized servers are located. Note that early data centers were designed in a way that the bulk of the available throughput managed traffic entering and exiting the repositories (north-south structure). Recently, many data centers utilizing distributed IT architectures that isolate storage, databases, and computational functions have moved to systems that assign throughput for intra-data center flows. This is referred to as east-west traffic.
With virtualization, traffic flows increase in a north-south direction because of the servers within the data center stream content to employees. This makes things slightly complex in setups with distributed architectures.
Confirm if your network can scale in accordance with anticipated VDI growth. A key benefit of VDI is the ability to scale up and down easily without having to significantly increase managerial efforts. In any case, accommodating VDI growth means that the underlying network must be able to support it. While you can scale a CN to a specific point, network hardware upgrades may be needed if you intend to boost your virtual desktop footprint quickly.
A common challenge associated with virtualization is the delivery of rich media, such as streaming video and bi-directional interactive video apps and voice over IP (VoIP). Some vendors struggle with offering a dynamic UX for video and voice apps within the context of remote display protocols that are not optimized for delivering immersive media. Nobody wants an untrusted network that leads to dropped packets with unresponsive mouse clicks, keyboard activity, and poor screen updates. After all, everyone wants a consistent stream of data.
Go for technologies that facilitate native VoIP and media delivery instead of tunneling server-rendered media information into ICA and RDP transport. The CN infrastructure can then offer network-based Quality of Service (QoS) and multicast services that optimize VoIP and video app delivery in virtualized environments with rich multimedia demands.
*Note: IT professionals can also use PoE to support IP phones in virtual workspaces. Take advantage of this technology with PoE-ready Thin Clients such as the agile C4Pi Raspberry Pi endpoint that actively mitigates the need for individual power outlets. This dual display device caters to enterprise use cases in the government, finance, healthcare, and retail industries, as well as POS kiosks.
VDI Issues To Consider From The Network Perspective
After determining how virtualization could add to network traffic, work on improving network performance to address heavy workloads. It all comes down to the type of implementation you have in mind when diagnosing and solving performance bottlenecks.
All processing activity occurs in the data center where the network traffic appears in two forms: traffic which the virtual PC provisions and traffic to and from the endpoint device. The external network (user to VDI host) comes with small amounts of data like keystrokes and screen updates that a remote display protocol transmits from the device to the host and vice versa.
IT can segment the network and apply Quality of Service (QoS) controls to decrease traffic between the endpoint and the host when processing takes place inside the data center. Another option is to search for high-speed links between servers and storage that further reduce the performance impact of virtualization.
This type supports disconnected virtual sessions where the VM runs on the employee’s endpoint PC. In this scenario, the VM is delivered to the device and launched locally. Delivering its virtual hard drive file can consume significant bandwidth which luckily only happens during initial provisioning. Afterward, the VDI network traffic is similar to what a standard PC uses unless there is a need to replicate the virtual hard drive at some point in time.
As a result, this system is only bandwidth-intensive during provisioning and replication that are few and far between. Server-to-storage bandwidth is less critical which means that IT specialists should concentrate more on network traffic between the host and the device.
Datacenter engineers must completely understand the network’s function in providing key business benefits including energy efficiency, cost savings, and user and device identity. Only then, can the use cases of virtualization become even clearer.
ClearCube specializes in custom designed and engineered solutions for enterprises. To get started, please visit our website and contact us. One of our representatives will reach out to you instantly.