I find your lack of faith disturbing.

I stumbled upon a post via Twitter the other day from Scott Lowe of Tech Republic on IDV (yes, I thought at first I was getting a mild case of dyslexia, but no, it is IDV) and the difference between VDI and IDV. IDV stands for Intelligent Desktop Virtualization and although it essentially delivers the same idea as Virtual Desktop Infrastructure (VDI) it’s actually not just more efficient, it’s really quite brilliant.

Awhile ago I wrote about VDI, which is a way to push virtualized desktops environments to end users through a centralized VM structure. Essentially the end user loads a VM of a desktop on their laptop, desktop, tablet etc. The image can be either cloud based or network resident, usually made up of a pre-configured windows environment which has all the usual applications built in. The end user connects to the virtual desktop, does their thing, and when they shut down, the image resides in a paused state back on the host infrastructure. It’s a great way to standardize endpoint desktops without worrying about which hardware it’s running on, and it’s even better from a security standpoint because the virtual machine doesn’t run the risk of catching nasty viruses or malware that can reside on the end-user’s hardware (especially if little Jimmy uses the computer to surf the interwebs).

IDV works differently using a more distributed approach to provisioning compute power while centralizing all the back-end management and deployment requirements. There are a few downsides that have always plagued full VDI adoption such as limitations on the type of peripheral devices that can be use and the upfront costs and ongoing costs associated with storage and bandwidth. IDV aims to fix that through a unique solution that uses a client-side hypervisor. Yes Virginia, there is such a thing.

A company by the name of Virtual Computer came up with a product called the NxTop Engine which is essentially a bare metal client side hypervisor, which can run one or more virtual machines on the PC without a care as to what hardware is resident. This is huge, because if you are an IT person who works with virtual machines, you know that if there are differences in hardware, it can be iffy to get a standardized VM to run. This type of hypervisor allows administrators to create a master image that works on any endpoint, desktop or laptop. It also does some other cool stuff (blatently stolen from their website):

  • Complete virtual machine isolation. Unlike virtual machines running on top of untrusted operating systems, NxTop virtual machines are completely isolated from one another. Malware in an unmanaged Windows desktop does not compromise a managed NxTop virtual machine, even on the same hardware.
  • Hardware abstraction. NxTop presents a consistent set of virtual hardware to the end-user operating system, simplifying migration of users to new hardware platforms. Driver management and other hardware-specific compatibility challenges are eliminated.
  • Full disk encryption. The entire disk including all virtual machine and system data on NxTop-enabled PCs is encrypted, providing peace of a mind in the event that a PC containing sensitive data is lost or stolen.
  • Granular policy controls. IT administrators can protect against data leakage and unauthorized use through a robust set of policy controls. Access to hardware such as USB ports and network interfaces can be restricted or filtered based on centrally defined policies at global, group, and individual-user levels. Virtual machines can be governed by time-based expiration policies and on-demand remote disablement.
  • Remote termination with lost-data destruction. As an added layer of security, IT administrators can flag lost PCs for remote termination. If a lost or stolen PC connects to a network, it is directed to digitally shred all data and encryption keys, then self-destruct.

Oh, and did I mention it supports USB without the nasty bandwidth issues traditional VDI USB brings? There are a lot of cool features that this type of model provides. It might not be for everyone, but it’s a very cool approach to solving the issues associated with complexity in endpoint types, drivers, memory, security etc.

Client-side hypervisors have always been a pipedream of VM vendors, and it’s nice to see a company actually bringing this model to light. There are issues however, the minute you abstract hardware from the OS you could run into support problems. But with cloud being such an emerging territory, running extensive evaluations is going to be part of the plan.

For more information on Virtual Computer, check out http://www.virtualcomputer.com/nxtop-enterprise

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s