VDI for CHEAP!!!



  • Check this!! http://aws.amazon.com/workspaces/

    Kind of cool.



  • It's been available in beta for a while, we've looked at it, very interesting stuff. We are currently discussing this on our internal Yammer channels because one of our team has been on it for a while. It is dedicated Windows Server 2008 R2 with RDS and the Windows 7 experience applied. Nice technology but not cheap in the least.



  • Cheaper than what i've found anywhere else from desktone or anyone like that.



  • For a dual core experience, you are looking at $720/year. That includes a lot of great features, but that's more than the cost, double the cost, in fact, of a really nice, brand new desktop with enterprise support. For a fraction of the performance. Great network performance so there are certainly special cases for it, but for a normal user or company looking at VDI, this seems way too costly to reasonably consider.



  • @Hubtech said:

    Cheaper than what i've found anywhere else from desktone or anyone like that.

    But really expensive compared to alternatives, like having a desktop 🙂



  • @scottalanmiller said:

    @Hubtech said:

    Cheaper than what i've found anywhere else from desktone or anyone like that.

    But really expensive compared to alternatives, like having a desktop 🙂

    Unless you're really concerned about keeping things in house, I don't understand deploying VDI due to cost factors alone.



  • @Dashrender said:

    @scottalanmiller said:

    @Hubtech said:

    Cheaper than what i've found anywhere else from desktone or anyone like that.

    But really expensive compared to alternatives, like having a desktop 🙂

    Unless you're really concerned about keeping things in house, I don't understand deploying VDI due to cost factors alone.

    VDI is about overcoming limitations caused elsewhere. Otherwise traditional shared computing like RDS is more cost effective. But hosted VDI or even just traditional RDS (shared) is very costly and you need special cases to make it make sense.



  • like accessing EMR remotely?



  • @Hubtech said:

    like accessing EMR remotely?

    Only if the EMR is legacy only and that would only make sense if the remote access system was internal, not hosted.



  • And only make sense if they people accessing it don't have internal desktops to access.



  • @scottalanmiller said:

    And only make sense if they people accessing it don't have internal desktops to access.

    Do you mean that you would expect people to remote into their desktops at their office using something like Pertino or Logmein?



  • @Dashrender said:

    @scottalanmiller said:

    And only make sense if they people accessing it don't have internal desktops to access.

    Do you mean that you would expect people to remote into their desktops at their office using something like Pertino or Logmein?

    that's how i read it.



  • @Dashrender said:

    @scottalanmiller said:

    And only make sense if they people accessing it don't have internal desktops to access.

    Do you mean that you would expect people to remote into their desktops at their office using something like Pertino or Logmein?

    Well Pertino is a VPN, not a remote access technology. But Remote Desktop, LogMeIn, PCoIP, NX, 2X, XenApp, etc. Same way that they access Amazon Workspaces or any VDI/RDS.

    That's how Wall St. firms do it, for example. They do the cost analysis and know that because they own the desktop already it is cheaper to have people remote to those rather than have RDS too.



  • @scottalanmiller said:

    @Dashrender said:

    @scottalanmiller said:

    And only make sense if they people accessing it don't have internal desktops to access.

    Do you mean that you would expect people to remote into their desktops at their office using something like Pertino or Logmein?

    Well Pertino is a VPN, not a remote access technology. But Remote Desktop, LogMeIn, PCoIP, NX, 2X, XenApp, etc. Same way that they access Amazon Workspaces or any VDI/RDS.

    That's how Wall St. firms do it, for example. They do the cost analysis and know that because they own the desktop already it is cheaper to have people remote to those rather than have RDS too.

    cool. thanks scott.



  • What I have seen a lot of places do is stick a XenApp web gateway out front and use it to accelerate and manage access to a company full of desktops. This is extremely popular. Adds security, ease of use and performance without a huge overhead in cost and infrastructure.



  • say i had 10 users i wanted to xenapp up. what's hardware/licensing cost ish?



  • @Hubtech said:

    say i had 10 users i wanted to xenapp up. what's hardware/licensing cost ish?

    XenApp is software so pure licensing costs. For ten users I think that it is really cheap. It's going past ten that it gets expensive, if I remember correctly and they have kept that licensing flat. SMBs rarely find value in it. So easy to do something else, like Pertino or OpenVPN.



  • so quicker easier would be just VPN and RDS.



  • @Hubtech said:

    so quicker easier would be just VPN and RDS.
    Pertino and RDS in my opinion. I really do not think VPN is ever easier.



  • @scottalanmiller said:

    @Dashrender said:

    @scottalanmiller said:

    And only make sense if they people accessing it don't have internal desktops to access.

    Do you mean that you would expect people to remote into their desktops at their office using something like Pertino or Logmein?

    Well Pertino is a VPN, not a remote access technology. But Remote Desktop, LogMeIn, PCoIP, NX, 2X, XenApp, etc. Same way that they access Amazon Workspaces or any VDI/RDS.

    That's how Wall St. firms do it, for example. They do the cost analysis and know that because they own the desktop already it is cheaper to have people remote to those rather than have RDS too.

    Good to know I've been doing the same as the big wall street guys... hey wait.... lol



  • @Hubtech said:

    so quicker easier would be just VPN and RDS.

    This is exactly what I do today.
    But considering i have a LMI Central account I am going to setup my few (5 or 6) users with LMI accounts under my Central account and give them access to their desktops. This will be much simpler than the VPN solution, since they don't need any of the other features of the VPN portion (like direct access to the servers or files, etc)



  • @JaredBusch said:

    @Hubtech said:

    so quicker easier would be just VPN and RDS.
    Pertino and RDS in my opinion. I really do not think VPN is ever easier.

    Maybe not, but Pertino has a monthly reoccurring cost. If you already have VPN in place it costs nothing to use.



  • yeah. i'm using asa's at all of my clients right now. though i'm thinking about switching to another solution.



  • @Dashrender said:

    @Hubtech said:

    so quicker easier would be just VPN and RDS.

    This is exactly what I do today.
    But considering i have a LMI Central account I am going to setup my few (5 or 6) users with LMI accounts under my Central account and give them access to their desktops. This will be much simpler than the VPN solution, since they don't need any of the other features of the VPN portion (like direct access to the servers or files, etc)

    LMI plus desktops is a great VDI alternative. We've done this for years.



  • @Hubtech said:

    so quicker easier would be just VPN and RDS.

    LMI is easiest.

    Then RDS

    Then Pertino and desktops

    Then Pertino and RDS

    Then traditional VPN and desktops

    Then traditional VPN and RDS



  • @scottalanmiller said:

    @Hubtech said:

    so quicker easier would be just VPN and RDS.

    LMI is easiest.

    Then RDS

    Then Pertino and desktops

    Then Pertino and RDS

    Then traditional VPN and desktops

    Then traditional VPN and RDS

    What, what? RDS - alone? do you publish the 3389 directly (probably using some form of PAT in reality?)? this is safe?



  • @Dashrender said:

    @scottalanmiller said:

    @Hubtech said:

    so quicker easier would be just VPN and RDS.

    LMI is easiest.

    Then RDS

    Then Pertino and desktops

    Then Pertino and RDS

    Then traditional VPN and desktops

    Then traditional VPN and RDS

    What, what? RDS - alone? do you publish the 3389 directly (probably using some form of PAT in reality?)? this is safe?

    RDS is published alone sometimes. Not the end of the world. Obfuscating ports has no value. That's security through obscurity which is negative security.

    But RDS has a web gateway built in that secures via HTTPS



  • @scottalanmiller said:

    RDS is published alone sometimes. Not the end of the world. Obfuscating ports has no value. That's security through obscurity which is negative security.

    But RDS has a web gateway built in that secures via HTTPS

    Obfuscation wasn't for security it was so you could reduce the number or IPs needed to publish multiple machines from behind the firewall.

    As for the RDS web gateway - is that a free addin on Windows server? I recall SBS having something like this (you could log into the SBS web portal, and then RDS to your internal PCs) but I never implemented it, so I have no idea how it works.



  • @Dashrender said:

    @scottalanmiller said:

    RDS is published alone sometimes. Not the end of the world. Obfuscating ports has no value. That's security through obscurity which is negative security.

    But RDS has a web gateway built in that secures via HTTPS

    Obfuscation wasn't for security it was so you could reduce the number or IPs needed to publish multiple machines from behind the firewall.

    As for the RDS web gateway - is that a free addin on Windows server? I recall SBS having something like this (you could log into the SBS web portal, and then RDS to your internal PCs) but I never implemented it, so I have no idea how it works.

    Oh, I see. RDS only needs one port.

    Yes the web gateway is just included with RDS.



  • Disclosure: Among a few hats, I'm a VDI architect. What I'm about to say may be slanted a bit, but should be useful to some folks:

    VDI often does have a business need driving it. Sometimes, it's even financially motivated. Here's a few of instances where VDI really shines:

    1. You have many people doing the same thing. Places like call centers have bunches of people running the same programs the same way all the time. This is even more applicable if it's shift work where employees don't have an assigned cube to work in and rather just grab any one that's available. Now, they can log into their VDI session and get a crisp, clean desktop image and have their profile connected to it as a separate disk. The desktop image has been refined and perfectly tweaked by IT to have everything they need the way they need it, with very little fluff added. The user's data and customizations are still there, and they can pick up just like they were at their very own desktop PC. When they're done for the day/shift, they logoff, the data disk is disassociated and stored for later, and the VM is deleted.

    2. There's an important or very complex resource somewhere else. Companies are starting to realize that using colos and hosted facilities (or if they have the infrastructure, internal datacenters) leads to more solid uptime and consistent experiences. Naturally, they'll want to safeguard these systems, such as LOB applications, by putting them out there. Often times, these systems are more traffic-heavy than other applications and perform better when on the same network instead of trying to move data across the WAN. Placing VDI in the same environment not only increases the reliability and uptime of the desktop environment, but it also allows the client sessions to work with the servers at LAN speed.

    From a financial standpoint, VDI becomes attractive when it's time for large hardware refreshes. With VMware Horizon View, for example, VDI clients pretty much can run on tin cans. Instead of getting a new batch of desktops, get a batch of solid-state thin clients, or even reload the desktops with Linux and a PCoIP client and replace them through attrition. That alone doesn't save much money. What does, however, is the drop in the desktop support headcount (or gains by freeing up desktop support to help with other roles). Almost all basic support issues can be resolved with 1 of 4 things:

    1. Delete the session
    2. Rebuild the profile
    3. Replace the client.
    4. Add change to base image.
      Managing computers is no longer needed, so systems like SCCM, LANDesk, and Altiris no longer need to have their annual support purchased. The system has built-in remote connectivity, so you aren't managing LogMeIn or the like on desktops, and antivirus is enforced at the host level. Once you factor things like this in, the true cost of deployment starts to look more like ROI.

    Need to support BYOD? Users can access their corporate desktops from nearly any kind of device while keeping corporate data off of those devices.


Log in to reply