VMware PCoIP; More than a year on the road. A recap

Since my first post about PCoIP basics, a lot has happend and changed around VMware View’s default remote display protocol. However, I still get the same questions/comments as a year ago. I also notice that the concept of PCoIP isn’t clear to everyone. In this article I would like to give everyone a recap with links to detailed, useful information.

Battle of the protocols

First of all, the “battle of the protocols” disappeared to the background. Yes, it’s still a topic but for sure not the only topic as it used to be (more information about the basics of PCoIP can be read here). Ease of installation, image management, storage efficiency, pool creation options etc became part of the conversation as it should be.

PCoIP and remote access

Since View 4.6 it also is possible to access a View environment remotely, over the internet using PCoIP. In 4.6 the VMware View Security Server has been optimized to handle PCoIP as well. Mark Benson, View Architect and guru at VMware posted an article and video on how to set up a Security Server, Connection Server and firewall to make the chain work so users can connect remotely using PCoIP. If you do experience issues, especially black screens, do read Mark’s article and also read the comments. If you have read it before, do read it again. Follow the 3 steps carefully and it will work.

I also had a discussion with someone about remote access with VMware View, from ANY place. This person kept on mentioning there is a chance a user can’t connect to his/her VM. Well, if the company has multiple sites, the IT department has control over network devices like firewalls, so internally (company wide, multiple sites) you can make View with PCoIP work. Also, I have never heard of any Internet Service Provide (nor it’s modems/routers) block PCoIP. People should be able to connect to a View environment from home by using PCoIP.

This might be different in hotels or when someone is trying to connect from other companies. That is true. Not every hotel will allow TCP/UDP port 4172 in and out. Same goes for companies and their networks (most likely when they don’t have a View environment). In that case, wanting VMware to tunnel PCoIP over TCP (and preferably port 443 because there is a big chance it is open) isn’t the solution. PCoIP is a real time protocol like VoIP and for that reason it is a UDP based protocol…. like VoIP. User experience is very important. Tunneling PCoIP over TCP, 443 will degrade the user experience. Overhead will be added; for example a second layer of encryption (PCoIP already has AES-128 encryption). For this case, turn to RDP as the display protocol which is TCP based and can be tunneled over 443. Yes you will have a degradation in user experience but you are able to connect and work. Once you have full access again, turn back to PCoIP for true user experience. Also, VMware View Local Mode can be a solution for this case as well.

PCoIP improvements View 5

Besides PCoIP improvements in View 5 (think about improved content compression algorithms, you can tweak and tune PCoIP more than ever before. This might be helpful in bandwidth constraint environment. From now on you can turn on/adjust/tune audio settings. band floor settings, initial quality settings, client side caching and turn on/off Build to Lossless. More details about the improvements can be found in this article on the VMware site. A good whitepaper about PCoIP and different scenarios can be found here.

Not that long ago I had a discussion about PCoIP and bandwidth usage (again). In that case the environment wasn’t working; slow screen refreshes, scrolling documents was bad etc. I was told PCoIP was taking 3Mbps! Basically it was unusable. Don’t get me wrong, I do understand why people point at VMware first. It’s a remote desktop environment, our protocol and user experience is bad. BUT, is it the View stack or something else?

Having 25% package loss doesn’t help user experience, same as a 1Mb link often isn’t 1Mb but could be 700Kbps. Tools like Wireshark and iPerf can give you a good insight on what’s going on on your network. Also, VMware recommends to have QoS on PCoIP, just like VoIP. Implement that. Also, capture PCoIP agent logging. Capture it around 5pm, from someone with and without issues, when a working day is over. Then you can see what a user is consuming on average over a day (in that case 170Kbps for someone without issues). Issues occured after an upgrade from XP/Office 2003 to Windows 7/Office2010. The 3-6Mbps was reached during a test where people only measured the peak, while scrolling a document, and playing a 480p movie.

Bottom line, when there are issues, analyze, do useful tests and use good tools to monitor. PCoIP is a very decent protocol : ) Since the introduction of View 5 you have many options to tune PCoIP to your specific network so user will have the best experience when running View.

 

Periodical Health Check VMware View environment; It doesn’t hurt

Most of the blogs (and so are mine) are about products, features and what they can do for you. Right now I would to take a moment to share a current experience with a customer and how VMware Professional Services Organisation can help.

A little while ago I was asked to visit a customer because they were experiencing issues with their VMware View environment. Slow vDesktops, disconnected sessions, user not able to logon. What could have been wrong there?

So, initial meeting with a group of people; networking and storage guys, View admins, desktop admins, managers, infrastructure admin etc. The right people were there in the room. It sounds like a small thing but having the right people there gives you a good start. In a short period of time you get the right picture and details.

During the meeting it appeared that the environment had been changed a lot over time; datastores had been created, deleted, changed, VM’s had been moved, a new anti virus vendor had been chosen, new DNS infrastructure, some ESX servers were upgraded, some weren’t, View Agent had been upgraded to a new version in the master images, Connection Servers weren’t and so on and on.

What became really clear is the fact that those changes hadn’t been documented. On top of that most changes were applied without all people knowing about it. So, no one could tell me when a change happened and when some of the issue started. And to make things just a bit more difficult, when issues arose, other changes, and in most cases multiple changes were applied so an improvement couldn’t be related to 1 change.

Now my question to you; is this really an exception or does this happen more often? My answer; well yes this happens more often! A lot more!

Even when everything gets documented and everybody know about the changes, an environment does change over time. The amount of VM’s increase, decrease, new storage/Luns/servers/switches etc etc get implemented. A virtual environment almost is a living organism and it should be. It’s flexible! One of the benefits, right?!

Because an virtual environment (and in this case a View environment) is a flexible, “living organism”, it should get a proactive check up once in a while, even if there aren’t issues.

VMware Professional Services Organisation offers a wide range of Desktop Services. One of them is a View Health Check. The View Health Check is a vSphere and View Health Check because first the underlying platform should be checked and after that the View environment. The environment will be checked if it’s still following our best practices. So vSphere, storage, vCenter, Composer, Databases, vDesktops, performance etc will be looked at. Recommendations will be provided when applicable. You will get a good overview what’s going fine, what needs attention and red flags. Together with the consultant you can make changes so the environment is running according to the best practices again.

 

Data anywhere, any time, any device; Project Octopus and Mozy Stash

VMware’s End User Computing is all about the end user in the post-pc era. It is user centric. In this concept, the user should be able to access the right applications and data from anywhere, any time and any device. This time I would like to focus on the Data part.

In the traditional way of working data often resides on a PC. The problem here is that data is tied to a device and not to a user. The user needs to access that device (sitting inside a corporate building) to get to the data.

Many companies nowadays use shared drives and/or home drives for users. This way users can save data on central file servers. When they logon to a PC in the environment, they can get to their data. It’s a step forward but what about accessing data from outside the corporate LAN, from different devices like tablets, smart phones, Macs etc?

Many of you know Dropbox or Box.net. Basically it is data storage in the cloud. Your data is accessible from a lot of different devices. If you change a file from 1 device, you will see that change on other devices as well. There are a couple of challenges to Dropbox and Box.net (and other products like them); IT doesn’t have any control over data that’s stored with those cloud products and though, they can’t set policies. That is a big concern because we are talking about corporate data here. Corporate data in general is valuable and some data can also be very sensitive. As a company you would like to be able to control that kind of data.

That’s where Project Octopus and Mozy Stash come into play;

  •  Project Octopus; 

Announced at VMware World 2011 in Las Vegas. Project Octopus is called the “Dropbox of the enterprise”. It will come as a virtual appliance, an OVF file to be installed on premise behind the firewall. IT can set policies; quota, what can be shared outside the company, versioning, history tracking, access/security and manage data based on how old data is-set expiration dates and delete data after that. Project Octopus will work with VMware View, Zimbra, Horizon App Manager and Project Appblast. You can find screenshots here and also a great video here. If you would like to stay up to date and participate in the upcoming beta, go to vmwareoctopus.com

  • Mozy Stash;

Mozy Stash is probably not known as widely as Project Octopus but reality is, it has been in beta for a while now already! Yes, you can give it a try! Read the Mozy Stash FAQ.

Mozy is known as an online file backup company/product but Mozy is moving on. Mozy Stash will be similar as Dropbox and also be hosted off premise, in the Mozy data centers. Mozy Stash can be installed on Windows and Mac devices and also has an IOS and Android App.

A stash folder will appear after installation of the Windows/Mac software. When you add data, this data will be synced with the cloud so all connected devices will have the same up to date files and folders to access. During the beta only MozyHome accounts can be used. It’s intended to add Stash to MozyPro accounts in the future. Up till 5 computers can be tied to your Stash.

It is relevant to mention Mozy Stash will be a feature of MozyPro and MozyHome rather than a stand-alone offering. So you can backup your Mac/Windows device (all your files) but also have a magic Stash folder to share your data or have it accessible from many devices. This sharing feature currently isn’t in the beta. Also in a future release it will be posible for IT departments to set policies and permissions for Stash, to proactively manage data with group policies. Reactive monitoring like auditing, roll out software and users should also be possible.

So all together, interesting products are coming on the data side! I cancelled my Dropbox renewal and put everything on Mozy. Fair is fair, it is a beta product but it is working for me!

Thanks to Ted Haeger for providing me the information about Mozy Stash.

 

Do I eat my own dog food?

Customers and partners do ask me what I use on a daily base. Do I use ThinApp, Socialcast, Sliderocket, View etc etc? In other words, do I eat our own dog food?

Well, first of all, the base. My laptop is a personal Mac Book Pro. For the geeks (just like myself); a 2.66Ghz Core i7, 8GB Ram and a 256GB SSD and Snow Leopard. Yeah baby, I love my MBP. It’s quick!

On top of Snow Leopard I have installed VMware Fusion 4. I installed Windows 7 Enterprise inside Fusion. This VM is my VMware Workspace. So my VMware Workspace is completely separated from my personal Mac environment. This way you can apply the “Bring Your Own Device” concept securely.

I don’t have a corporate vDesktop yet. Basically the only reason is I’m offline too much of the time and the current View Client for Mac doesn’t support Local Mode. I do have a vDesktop on our European demo environment though. I can connect to it from my personal Mac side with the Mac View Client and from inside my Windows VM with the Windows View Client.

So, what am I using inside my VM? Of course email. My email resides on a Zimbra backend and I either use Google Chrome (my default browser) or the Zimbra Desktop Client Application to connect to Zimbra. Because there is hardly no difference between the browser and application way of connecting, I use Chrome to connect to Zimbra basically all the time. I can use my email independent of an OS and App and have the same experience every time by using a browser.

For my presentations I do use Sliderocket. I converted my most important PPT’s into Sliderocket and threw away all my presentations. All new presentation I create from scratch in Sliderocket.  Give yourself a bit of time with creating presentations and converting PPT’s. Not everything will go smoothly from the start but I love Sliderocket now. I’m still not a guru but I wasn’t a guru with Powerpoint either. I tried to create a small story here. Just in case I don’t have a connection, I have cached all my presentations into my Sliderocket Player application. You can download it for Windows, Mac and iPad.

Everyday I also use VMware App Manager. Via App Manager I can easily connect to several SaaS applications VMware provides me, like for example VMware Socialcast.  I intensely use Socialcast to collaborate with my colleagues. You can read about my Socialcast experience here. To connect to Socialcast I do use a browser but I have to say the Socialcast App is looking pretty good.

For my data I use Mozy Stash. Stash is in beta at this moment. This new technology keeps my data synced across all my devices. You can compare it with Dropbox. I will elaborate on Stash soon.

Lastly, I use a couple of ThinApp-ed applications, like Google Chrome and Adobe Reader.

I try to use as much VMware End User Computing technology as possible. When new technologies arrive I will continue to try to use them as quickly as possible. I can’t wait to use Horizon Mobile, Appblast and Octopus.

 

BYOD and the Nirvana phone

It’s has been a long time since I heard about the Nirvana phone for the first time. After that, it became very quiet around it. Last week I heard about it again. In this article I want to share my thoughts about BYOD and the Nirvana phone. I used some information from Brian Madden’s article from the beginning of this year.

What is the Nirvana phone? Basically the Nirvana phone is a 1; regular mobile phone with all the common capabilities, and it isn’t tied to a specific vendor and 2; a device which can handle a USB/Bluetooth keyboard/mouse and where you can connect a monitor to and change it into a thin client/PC. With the appropriate app (Citrix Receiver/VMware View Client) you can connect to a corporate desktop. Citrix’s Chris Fleck has been writing about this concept for while now. Click here to see a demo video.

When I first heard about it I wanted to have “it”. Without thinking about it I was thrilled about the concept. Combine it with Bring Your Own Device, and the concept became even better; get your favorite mobile phone, one you like and can operate and also use it to access your corporate desktop. That’s sweet!

Then I started to think about the concept and quickly I became less cheerful.

My first concern is the docking, cabling, keyboard, mouse and monitor issue; do I need to carry all that around myself? The cables, adapters, mouse and keyboard are small and could fit in my bag but a monitor? Never. I visit customers and partners a lot and I’m pretty sure of 1 thing; I’m not going to ask for a monitor before I go into a meeting. Same with hotels though. Yes there is a TV but I don’t want to use that as my monitor. I prefer to work and listen to the TV, switch channels etc. I haven’t seen a separate monitor in many hotel rooms. Besides the monitor, wouldn’t it be a lot easier to grab a laptop or even a tablet in stead of setting up everything so you can work on your phone?

So what if I don’t have a monitor, too much hassle to setup everything or you can’t connect to your vDesktop? I could just work on my mobile phone. But that is a very small screen and basically not usable (that’s the reason for that monitor!). Let’s assume you have very small fingers and it’s very easy for you to type for an hour on your 4” screen during a meeting. Remember I combined the Nirvana phone and BYOD concept. So basically, this is your personal phone and because you can’t connect to a remote desktop you want to use your phone for work. This means you will use local apps for work. Local apps you normally use for private things. Private and corporate data will mix. IT doesn’t have control over you personal device and can’t set policies. With the Nirvana concept, I’m missing something to fill this gap. I believe that when it comes to BYOD, VMware Horizon Mobile is a must have, essential, can’t live without it. Think about it; when you open a confidential corporate document, do you want it to be cached inside a corporate vPhone or just on your private phone? You can read more about Horizon Mobile here. Again, VMware Horizon Mobile comes into play with BYOD and not specifically the Nirvana concept but I combined the 2 because I think BYO will get huge!

Also, when you do have all the gear in place to hook up your phone, how would you make phone calls. Well it is possible to be connected and make calls at the same time. However, you need to put it on speaker or use a headset. Putting it on speaker isn’t an option in many cases. People around you, noise, the nature (confidential/private) of your conversation will stop you from putting it on speaker. A headset will solve the issue but again, another gadget I need to carry around and keep charged battery wise. I don’t use a headset otherwise.

Users who don’t need local horse power and don’t need offline capabilities don’t need a laptop and a mobile phone, provided by the company. That is very true. I personally would give those users a Thin Client (more robust than a mobile phone, static setup, no hassle) and access to a VMware View Desktop with a soft phone installed inside it. Unified Communications is supported inside a VMware View 5 environment with Avaya, Cisco and Mittel. So you need 1 devices; a thin client with a headset.

Undocking and docking your phone because of whatever reason shouldn’t be an issue. Time out settings inside your vDesktop can easily handle that. Also, current mobile devices can output a high quality resolution so that shouldn’t be a issue as well.

At this moment my feeling is we have passed this Nirvana phone station. Too much hassle with gear and it isn’t a solution when, for example a monitor or vDesktop isn’t available and you need to work offline; your screen is way too small. New device like tablets are common now and will take care of tasks more easily/efficiently that could/couldn’t have been done by the Nirvana phone. It must be said that VMware Horizon Mobile for tablets needs to be available before the BYOTablet concept can happen big time though. Also on a tablet you want a secure corporate space to access/read/modify data and access apps.

The small screen will be an issue with app remoting techniques as well. Right now, Connecting to a vDesktops is part of the Nirvana phone concept. The thing is that a vDesktop won’t be the only technique to access corporate resources/application. For example, VMware also announced Project Appblast during VMworld 2011. Appblast is a application remoting technique. So basically you remote apps via HTML5 to a browser. Great stuff!! But what about my Nirvana phone? Again, without a monitor the phone screen is too small. Same as with remoting a vDesktop. Displaying a vDesktop or an app is so much easier on a tablet.

Because of all previously said I believe most people will end up with 3 devices; smart phone, tablet and laptop. This could be 2 depending on how tablets will evolve. Maybe the laptop will be replaced by the tablet eventually, who knows.