Application Virtualization – The UAC Panacea?

2017-07-27T00:01:08+00:00 January 18th, 2012|Uncategorized|

…with contributions from Aaron Gierak, Voltaire Toledo, and Jeremy Pavlov.

The User Account Control (UAC) Challenge

It is commonly known that in XP you have to give end users Administrator privileges in order to do even the most simple routine tasks; like changing the system clock, plugging in a USB drive, running a defrag, updating software, or even running security products.  Of course you can use the RunAs command, but that still requires having an Administrator password – which defeats the security purpose of a limited user account.  And just when we thought moving to Windows 7 would eliminate this security privilege nightmare, enter UAC…

User Account Control (UAC) is a technology aimed to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation.  In this way, only applications trusted by the user may receive administrative privileges, and malware should be kept from compromising the operating system.  In other words, a user account may have Administrator privileges assigned to it, but the applications that the user runs do not inherit those privileges unless they are approved beforehand, or the user explicitly authorizes it.

It is possible to turn off UAC while installing software, and re-enable it at a later time.  However, this is not recommended since File & Registry Virtualization is only active when UAC is turned on – and if UAC is switched off, user settings and configuration files may be installed to an unintended location (i.e. a system directory rather than a user-specific directory).  Also Internet Explorer 7’s “Protected Mode” – whereby the browser runs in a sandbox with lower privileges than the standard user – relies on UAC; and will not function if UAC is disabled.

The Application Virtualization Question

So is application virtualization the solution?  If a virtualized package runs at the kernel level, does it eliminate having to give an XP user Administrator rights?  When you repackage an application that you have been running in XP – in order to port to Win7 – does the app skate by UAC in a way that allows you to keep UAC turned on?

By default, UAC virtualizes requests for protected resources to provide compatibility with applications not developed for UAC.  This is important because many applications written for Windows XP and earlier operating systems assume that the user has administrative privileges and attempt to write to protected resources such as the Program Files or System folders.  The first time an application makes a change to a virtualized resource, Windows copies the folder or registry key to the location within the user’s profile.  Then, the change is made to the user’s copy of that resource.  UAC virtualization is designed to allow already-installed applications to run successfully with standard user privileges, even if they store temporary files or logs in a protected folder.

Installs, Upgrades, and Updates

Many of the problems with UAC come from application installs or upgrades/updates where a new driver or an action that requires UAC acceptance is needed.  With application virtualization – especially a tool like Symantec’s Workspace Streaming where you package from the kernel level – you can bundle the drivers *inside* the virtual app.  As a result, nothing would ever be required of the end-user since nothing is ever “installed”. 

Secondary Executions

However, another issue that bumps against UAC is what we commonly call the “Secondary Execution Event”, where a loaded executable decides to make a call on its own (outside of the one that the app designer intended).  For instance, if a permitted/intended executable launched, and then it calls out to the manufacturer for an updated version, or the latest driver, that is not pre-bundled in the package.  Examples of this are the Juniper VPN agent or the MS Security Center executable.

Panacea or Pariah?

The good news is that application virtualization absolutely does address UAC and elevation features by isolating areas that normally prevent non-elevated users from writing to them by creating a virtual HKLM registry hive, Windows and Program Files.  Virtualizing applications also mitigates potential conflicts in a shared session environment like Remote Desktop Servers or XenApp.

However, is application virtualization the silver bullet to fix all elevation and UAC issues?  The answer is “it depends”.  If the application explicitly requires elevated privileges within its manifest, then it will always present a UAC prompt.  In addition, if the application attempts to make a system change like a driver installation or some kind of self-updating feature, it will force Windows 7 to prompt you for elevation.  These challenges can be further addressed with tools such as AppSense Application Manager, or Viewfinity Privilege Management (which elevate a user’s privilege on a per-executable basis), or SystemGuard (which can elevate privileges to write to the registry).

The bottom line is that application virtualization brings many advantages.  In addition to extending the life of legacy applications, reducing deployment costs, and reducing user downtime caused by install/uninstall issues and application conflicts, many UAC issues can be mitigated with application virtualization, especially when coupled with effective use of user virtualization tools.

 

Next installment – Application Streaming…

 

Logging Windows Installer transactions…

2012-01-04T23:42:41+00:00 January 4th, 2012|Uncategorized|

Building and deploying Windows packages in enterprise deployments can be a challenge when it goes smoothly, but especially difficult when the package deployment hits bumps in the road.  Just when you think you’ve got that application perfectly bundled, tested, and deployed, an unforeseen interaction can knock the legs out from under you.

And of course, the behavior of  Windows Installer itself can be frustrating and may even seem a bit mysterious; making app deployment even more of a challenge.  The installer follows very explicit rules for everything it does, and enforces them rigidly.  Creating a log file for an .MSI installation might just be the saving grace – providing insight when troubleshooting installation errors and other unexpected behavior.

Most application packagers are aware that a verbose log file can be can be generated by passing the parameter /l*v install.log to the Windows Installer engine  (msiexec.exe).  But what about when Windows Installer unexpectedly initiates a “self repair”, or errors occurs during an application uninstall?

Here’s one thing that can help:  There is a registry value that can be set which causes all Windows Installer transactions on a system (installs, uninstalls, repairs, etc.) to be logged to a file.  Just add the following key to the registry:

Warning:  Don’t goof around in the registry if you don’t know what you’re doing.  Seriously.  Don’t.

Registry key: HKLMSoftwarePoliciesMicrosoftWindowsInstaller
Value Name: Logging
Value Data (Reg_SZ): voicewarmup

Note that which temp directory the log file is created in depends on the user account under which the Windows Installer transaction was run.  All the relevant information is logged: custom actions, property states, feature states, and error codes.  These can be very helpful in resolving the issue!

Symantec Workspace Streaming / Virtualization Overview

2017-07-27T00:01:08+00:00 May 24th, 2011|Uncategorized|

Understanding Workspace Streaming (SWS)

Symantec Workspace Streaming

Symantec Workspace Streaming is an application streaming solution that enables on-demand application provisioning, offline cache, license recovery and instant application upgrades. Symantec Workspace Streaming increases end user productivity with controlled, guaranteed access to any Windows based applications from any location at any time, including remote and mobile users.

Key Features

  • On-demand application streaming – simplifies OS image management by reducing the number and size of images
  • Dynamic license management – proactively insures license compliance by avoiding over-deployment and optimize software costs by re-harvesting licenses when they expire or after a period of disuse
  • Single-click application upgrades – upgrade and patch applications quickly and painlessly, or roll back applications to the previous version if required
  • Disconnected Usage Capability

Key Benefits

  • Reduce software license costs
  • Simplify Application delivery
  • Reduce application support costs/disruption
  • Improve utilization of existing hardware and software resources

 

Symantec Workspace Virtualization

Symantec Workspace Virtualization provides application virtualization that helps reduce application conflicts, testing requirements and support calls. Symantec Workspace Virtualization helps IT organizations improve management and control over endpoints to reduce the total cost of ownership of laptops and desktops.

Key Features

  • Virtual application layers – patented filter driver technology enables virtual layers that are transparent to the base operating system and other applications
  • Selective isolation – provides a solution for incompatible Windows 7 apps and insures system and application compatibility under any circumstance
  • Endpoint Management integration – Workspace Virtualization is a standard component of Symantec’s Client Management Suite (CMS), Total Management Suite (TMS), Symantec Workspace Streaming (SWS), Software Management Solution

Key Benefits

  • Eliminate conflicts between applications and base operating system, such as incompatible Windows 7 applications
  • Reduce application pre-deployment testing requirements
  • Provide instant reset for broken applications

Citrix XenClient – What is XenClient?

2017-07-27T00:01:08+00:00 December 8th, 2010|Uncategorized|

What is Citrix XenClient?

Virtual desktops… to go

XenClient is a client-side hypervisor that enables virtual desktops to run directly on client devices. By separating the operating system from the underlying hardware, desktop images can now be created, secured, deployed and moved across any supported hardware, greatly reducing the maintenance burden on IT and simplifying disaster recovery for laptop users. Optimized for Intel vPro XenClient delivers the high definition experience that users expect.

XenClient Video

Learn how XenClient can bring security performance and flexibility to both IT and your laptop users extending the benefits of desktop virtualization to users that need to work from anywhere at anytime.

Citrix XenDesktop

2017-07-27T00:01:08+00:00 December 8th, 2010|Uncategorized|

What is Citrix XenDesktop?

Citrix XenDesktop transforms Windows desktops into an on-demand service that can be accessed by any user, on any device, anywhere, with unparalleled simplicity and scalability. Whether workers are using the latest tablets, smartphones, laptops or thin clients, XenDesktop can quickly and securely deliver virtual desktops and applications to them with a high-definition user experience.

Why use XenDesktop to transform your desktop computing environment?

Innovative technologies in XenDesktop enable you to turn your vision for a more flexible, mobile and agile desktop computing environment into a reality.

Citrix Receiver, a lightweight universal client, enables any PC, Mac, smartphone, tablet or thin client to access corporate applications and desktops—easily and securely.

Citrix HDX technology delivers a rich, complete user experience that rivals a local PC, from optimized graphics and multimedia, to high-definition webcam, broad USB device support and high-speed printing.

Going far beyond the limitations of VDI-only solutions, Citrix FlexCast delivery technology gives each type of worker in your enterprise the virtual desktop that’s right for them—hosted or local, online or offline, standardized or personalized—through a single solution.

Members of your workforce can access any Windows, web or SaaS application on demand through a single interface. Simple, self-service provisioning reduces desktop management costs and complexity.

Built on an open, scalable, proven architecture, XenDesktop gives you the simplicity, flexibility and scalability to meet any requirement, while fully leveraging current and future investments.

XenDesktop Video

Wyse Xenith™ – The zero client built for Citrix

2017-07-27T00:01:11+00:00 May 17th, 2010|Uncategorized|

Meet Wyse Xenith

Zero delays, Zero management, Zero security issues – Citrix HDX.

Outfit your cloud with the fastest, easiest to manage, and most secure Citrix client we’ve ever built – and that’s saying something.

From the company that invented the category and built more zero clients than anyone.

Yes, anyone.


 

Zero Delays

 

Go from 0 to productivity faster than a Ferrari.

Wyse Xenith is ready to work in six seconds because its dynamically delivered firmware is smaller than a single digital photograph. Its efficient design is three times faster than competing devices and sports gigabit LAN and wireless-n, so it’s ready for serious tasks whether you’re wired in or not. With an industry first media decoder in hardware, Wyse Xenith will be able to deliver HD video without taxing your server, network or patience.


 

Zero Management

 

That’s right, no management. It’s a zero configuration client.

Most thin clients require you to add software, tweak settings, or configure them in some way before you can use them. Not Wyse Xenith. Just take it out of the box and connect it to your network – your Citrix XenDesktop server configures it to your preferences.

Wyse Xenith is completely configurable, yet no management software is needed. So unlike some clients, when a hot new feature is released, you won’t need to buy new ones to get it.


 

Zero Security Issues

 

It’s one less thing to worry about.

Wyse Xenith is the only dynamically configurable zero client that is virus and malware immune.

Yes, immune.

There are no Windows or Linux APIs for viruses to latch on to, so even network and memory-borne viruses can’t attack. Unlike other HDX compatible clients, Wyse Xenith needs absolutely no local firewall or anti-virus protection.


 

Zero Energy Use (Almost)

 

Save $70 a year in energy versus a PC*

Wyse Xenith draws less than 7 watts of power – in full operation.

That’s less than every PC on the planet. And no multimedia rich client on the market today uses less energy.

When you hug a tree – it might hug back.


 

Zero Compromise User Experience

 

Wyse Xenith is built for Citrix environments.

XenApp, XenDesktop, it’s what Wyse Xenith lives for.
It’s quite simply the best Citrix HDX client this side of Win32.
With HDX support that goes beyond any non-windows device on the market today.

The desktop just got a lot easier.

Specs

Processor: VIA 1GHz
Chipset: VIA VX855
Memory: 128MB Flash / 512MB RAM DDR2
I/O peripheral support: One DVI-I port, DVI to VGA (DB-15) adapter included
Dual-video Support with optional DVI-I to DVI-D plus VGA-monitor splitter cable (sold separately)
Four USB 2.0 ports (2 on front, 2 on back)
Two PS/2 ports
One Mic In
One Line Out
Enhanced PS/2 Keyboard with Windows Keys (104 keys)
PS/2 Optical mouse included
Networking: 10/100/1000 Base-T Gigabit Ethernet
Internal 802.11 b/g/n (optional) eliminates theft of external wireless adapters
Display: VESA monitor support with Display Data Control (DDC) for automatic setting of resolution and refresh rate
Dual monitor supported
Single: 1920×1200@60Hz, Color depth: 8, 15, 16, 24 or 32bpp,
Two independent full resolution frame buffers
Dual: 1920×1200@60Hz, Color Depth: 8, 15, 16, 24 or 32bpp
Audio: Output: 1/8-inch mini jack, full 16 bit stereo, 48KHz sample rate
Input: 1/8-inch mini jack, 8 bit stereo microphone
Physical characteristics: Height: 1.38 inches (34mm)
Width: 6.94 inches (177mm)
Depth: 4.75 inches (121mm)
Shipping Weight: 6 lbs. (2.7kg)
Mountings: Horizontal feet (optional vertical stand)
Optional VESA mounting bracket
Device Security: Built-in Kensington security slot (cable sold separately)
Power: Worldwide auto-sensing 100-240 VAC, 50/60 Hz. Energy Star V.5.0 compliant power supply
Average power usage with device connected to 1 keyboard with 1 PS/2 mouse and 1 monitor: Under 7 Watts
Temperature Range: Horizontal and Vertical positions: 50° to 104° F (10° to 40° C)
Humidity: 20% to 80% condensing
10% to 95% non-condensing
Safety Certifications: German EKI-ITB 2000, ISO 9241-3/-8
cULus 60950, TÜV-GS, EN 60950
FCC Class B, CE, VCCI, C-Tick
WEEE, RoHS Compliant
Warranty: Three-year hardware warranty

Windows 7 Migration – Using App Virtualization

2017-07-27T00:01:11+00:00 April 7th, 2010|Uncategorized|

Windows 7 will impose many challenges to organizations having to migrate to this new operating system. Ensure application compatibility of your mission critical desktop applications using VMware ThinApp to virtualize applications. Then centralize and simplify desktop management using VMware View and virtualize your complete desktop environment.

  • Virtualize your desktop applications with VMware ThinApp to build in compatibility
  • Virtualize your desktops with VMware View for centralized management of your user environment
  • Ensure delivery of the best user experience with VMware View PCoIP

Minimize the Cost and Disruption of Windows 7 Migration

Get the benefits of upgrading to Windows 7 without endless testing and troubleshooting of integration issues.

IT organizations are faced with the daunting task of having to migrate their desktop environment to Windows 7 as Windows XP support approaches its end and Windows XP availability squeezed with impending complex licensing.

But upgrading 100s or 1000s of desktop devices is costly and time consuming. Windows XP applications will not automatically be compatible with Windows 7. For example Web-based apps that work great on Internet Explorer 6, may not run on Internet Explorer 8 with Windows 7. Additionally, many organizations have custom applications driving their businesses, recoding and recertification their applications for Windows 7 is a time-consuming and costly endeavor. Most of them will have to rely on external vendors to provide the new compatible applications. And the clock is ticking.

Start the transition to Windows 7 today by virtualizing your existing Windows applications with VMware ThinApp. Application virtualization removes the dependency of applications from the underlying operating system so you can run a single application across multiple Windows operating systems. This helps to streamline application migration, ease the burden of cost and complexity for IT and create a seamless transition for end users.

Once your applications are virtualized, consider moving to a complete Virtual Desktop environment using VMware View and further separate the operating system from the underlying hardware and deliver as a secure managed service from the datacenter.

Separate desktop environments from the underlying hardware and run a single image of the operating system on a variety of machines with VMware View. Desktop operating systems, applications and data can be isolated and managed independently in the datacenter.

The VMware virtual desktop solution lets you:

  • Minimize costly application porting and reduce regression testing
  • Reduce conflicts and support calls by providing application isolation and portability using VMware ThinApp, an integral part of VMware View
  • Deliver next generation desktop architecture with modular desktops
  • Enhance image and application management
  • Extend the life of your application and hardware to maximize and protect your investment

Minimize Costly Regression Testing

Applications virtualized with VMware ThinApp are contained in single image formats such as .EXE and .MSI. These images can simply be deployed to end point device or delivered as a secure managed service using View. There is no need for costly deployment downtime and disruption to end user activities.

Since virtualized applications are fully isolated images that do not require installation and commit no changes to the registry, this removes any potential conflict that can be introduced to the environment and greatly reduces the need for regression testing.

You can even deploy a single image of an application to multiple OS versions. Complete a company-wide Windows 7 migration quickly and easily, without costly application porting and lengthy regression testing. Using VMware desktop virtualization, you will:

  • Run a single image of the Windows 7 OS across your virtual environment on a variety of hardware types
  • Maintain user productivity by enabling Windows 7 migration across many systems without rebooting
  • Reduce management costs and power consumption by encapsulating older systems and running them in a more efficient, server-based environment
  • Ensure application compatibility on all endpoint devices

 

Fast to Deployment and Minimize Support Demand on IT

Migrating an entire desktop environment to a new operating system is a time-consuming and costly endeavor for IT and a disruptive event for end users. With VMware desktop virtualization solutions, you can continue to deliver the same applications your end users are accustomed to along with their profiles to Windows 7 quickly and seamlessly. By first virtualizing the applications with VMware ThinApp into single image files, then using VMware View to virtualize the desktops and isolating the desktop environment from the OS. The resulting combined stack helps IT to streamline deployments of both applications and virtual desktops to end point devices. The virtualized applications and desktop environments eliminate direct dependencies on the underlying Windows 7 environment. This helps to reduce conflicts and reduces demand on IT and helpdesk support.

  • Maximize worker productivity and dramatically reduce support calls and maintenance overhead with VMware View. Images of the desktops reside in the datacenter and are deployed to each end user‘s machine. Virtualizing applications isolates them from the OS so they remain unaffected during OS upgrades and migrations, lessening support costs and frustration.
  • Eliminate conflicts and reduce helpdesk support calls.
  • Migrate application and desktop as a single “stack” to minimize disruptive end user downtime.

Source: VMware

Citrix Receiver for Windows & Mac

2017-07-27T00:01:11+00:00 April 5th, 2010|Uncategorized|

On-demand applications from any Windows & Mac device

Citrix Receiver for Windows and Mac is a lightweight software client that runs on laptops, desktops, Macs and netbooks – turning any device into a powerful business tool to access virtual applications and desktops. With Receiver installed on a device, IT can rapidly deliver virtual applications and desktops people need to do their jobs. Receiver for Windows and Mac, along with its innovative console, Merchandising Server, enables faster roll-out of virtual applications and desktops, simplified client management and update, and a single unified user experience for everything Citrix.

Flexible Client Software Configuration
Built with a browser-like ‘plug-in’ architecture, Receiver for Windows & Mac enables flexible client software configuration ideal for every user in your organization.  IT administrators can select from plug-in functions for hosted applications, secure VPN access, communications services and self-service applications with Citrix Dazzle.  Receiver also supports 3rd party plug-ins to further simplify client software management.

Safe, Secure, High Definition Experience
Receiver includes built-in HDX technologies to bring a high definition user experience for virtual applications including document-oriented, data-intensive, graphics-rich and multimedia applications – on any network connection.  Receiver supports high performance, standards-based encryption security for all data from the datacenter, over the network to users anywhere.

Zero-Touch, Silent Updates
Receiver allows the use of enterprise computing services without the need to understand or worry about the underlying complexities. Installs are a simple point and click, and once Receiver is installed, it’s pretty much ‘lights out’, with zero-touch, silent updates from there forward.

Auto-Updating with Targeted Deliveries
Receiver is completely under centralized administrative control to allow the entire Receiver setup, including plug-ins, to be kept up-to-date, with scheduled automatic download to users based upon user preferences for update checks, or IT-controlled mandatory updating.  Receiver enables IT to deliver client software updates to users using a rules-based system based on group credentials, IP addresses, machine names, login IDs, or operating systems. This provides the flexibility to ensure plug-ins are delivered to only appropriate, authorized users.

Receiver for Windows & Mac is free and is available immediately for any Windows or Mac-based device, including PCs, Laptops, Macs and Netbooks. Receiver is also available for smartphones and iPad.

Twelve Money-Making Reasons for Workspace Virtualization

2017-07-27T00:01:12+00:00 October 28th, 2009|Uncategorized|

symantec_logo tranDesktop virtualization is the second-fastest growing of all virtualization technologies. According to EMA research, around 26 percent of respondents had adopted or were planning to adopt desktop virtualization in 2006; but that number has almost doubled to 46 percent by 2008.

For institutions, the technology has valuable applicability: fault tolerant endpoints for the trading floor; single sign-on application access for the call center; easy desktop management for branch and remote workforces; productive workspaces for telecommuters and mobile workers; and guaranteed anywhere access for disaster recovery applications.

But the real business case lies in the impact workspace virtualization can have on an institution’s top- and bottom-line. Here are 12 reasons that should make this IT investment a done deal for financial institutions looking to thrive (not just survive) in a tough economy

1. On-demand access to applications from any location.
With streaming technology, users can access their workspaces and applications from anywhere, anytime. That access drives user productivity and is a direct contributor to the top line.

Business Impact:
A Day in the Life of a Power User – In the virtual reality, a user isn’t tied to her desk to be productive. Take Kelly, for instance, who is stuck in Aruba on a vacation gone awry – with no chance of getting home in time to finish an important business plan for this quarter’s board meeting. She finds her way to a local Internet café and logs in to the portal. Her workspace is waiting for her there, just the way she left it in the office. She has instant access to all the applications and data she needs. Instead of taking precious time to install specific applications, she’s productive from minute one. Kelly completes her plan and forwards it to the board members. She might not make the meeting, but her plan will.

2. Save time with delta-only updates.
Less downtime has its own impact on the top line. Delta-only updates ensure that users always have the right version of the right application, without surrendering their systems for upgrades—so they’re always ready to work.

3. Proactive license compliance.
A streaming platform manages application licenses and user authorizations. That means institutions will always be in compliance, avoiding surprise license consumption come end-of-year inventory.

4. Reduce license costs by eliminating unnecessary deployments.
For even deeper cuts, institutions no longer pay for licenses that may never be used. By deploying only icons, applications are only installed when they’re actually used.

5. Optimize license costs.
Additionally, institutions can proactively recover licenses for unused applications. If an application goes unused for an unusual amount of time, that unnecessary cost can be recouped.

6. Instant endpoint configuration based upon domain login.
As users move from endpoint to endpoint, the system configures applications based on their login. That means a common OS image can be used across the masses for untold IT efficiencies.

7. Increase the stability of endpoints.
Application virtualization separates applications from other applications and the OS so there are no dependencies or conflicts, resulting in greater availability of the workspace and less downtime for users.

8. Save time by eliminating pre-deployment testing of new and updated applications.
Pre-deployment testing is a necessary albeit time-consuming task that can delay installs or updates. With virtualization, there are no conflicts, so testing isn’t required, and installs and updates happen instantaneously to free IT resources and users alike.

9. Allow for instant application repair without redelivery.
Broken applications are a huge drain on IT resources with tasks like troubleshooting, testing, remediating, and redeploying software. Virtualization can reset applications to their “known good state” so folks can put those fixes behind them and get to work.

10. Central management of users, applications and workstations.
A desktop connection broker can dynamically allocate traditional and virtual computing resources like information, user profiles and applications to the endpoint regardless of device—thus reducing IT workloads.

11. Use Single Sign On to simplify and secure user access.
User access can be a one-step process, leveraging various authentication methods. They don’t have to re-authenticate as they move from application to application, so they’re more productive.

12. Simplify endpoint management.
A single, centralized management system is used across all platforms—local or remote, virtual or not. There’s one setting per user, per application no matter the endpoint, yielding much less resource-intensive management and huge cost savings.

Info/Security Impact:
A Day in the Life of an IT Staffer – Virtual workspace management frees IT resources from the many challenges that plague traditional desktop environments. Consider Steve, a harried IT guy who is hit with a particularly nasty virus that’s corrupting Microsoft Word—a popular application that can potentially impact all employee workstations, local and remote. In the old world, Steve would have had a busy morning, traipsing from desktop to desktop reinstalling the application. But in virtual reality, Steve sits back and in a matter of a couple of keystrokes he reverts Word back to its last known working state—on all 350 workspaces. Crisis averted, and his users remain unawares.

“Security can be a tough sell, regardless of the economy,” concludes Enterprise Management Associates’. “And risk management is not always a top priority.” But when you consider the impact that workspace virtualization has on an institution’s top- and bottom-line, as outlined in these twelve sound business points, then you might agree: A well-managed workspace is a secure workspace. And what price do you put on that?

Source: Symantec.com

Reduce Costs By Streamlining PC Management

2017-07-27T00:01:12+00:00 October 25th, 2009|Uncategorized|

Microsoft PC ManagementThe cost and administrative challenges in managing a modern desktop infrastructure are daunting. Envisioning the desktop infrastructure as a strategic asset rather than a cost center can benefit both users and the organization as a whole. Microsoft, in collaboration with IDC and the Massachusetts Institute of Technology, has created a strategic roadmap for desktop infrastructure optimization that characterizes an organization’s desktop management practices along a curve that moves from simple and reactive to mature and optimized:

Basic Desktop Infrastructure

Characterized by manual, localized processes with minimal central control, the basic desktop infrastructure is fundamentally reactive—both in terms of process and security—and  a highly dependent cost center.

Standardized Desktop Infrastructure

Standardization of desktop technology— hardware and software— results in an increasing degree of coordination between management and end users, making administration of the standardized desktop infrastructure more efficient.

Rationalized Desktop Infrastructure

Consolidation and coordination of desktop and server assets, combined with a significant degree of automation, make the rationalized infrastructure highly effective and a business enabler.

Dynamic Desktop Infrastructure

Dynamic resource usage combined with fully automated functions and processes, which allow for business-linked service-level agreements, make the dynamic desktop infrastructure a strategic business asset.

An optimized desktop infrastructure can lead to greater business continuity, enhanced compliance, and better, more secure access to network resources. Organizations can increase agility and achieve notable improvements in the ability to provide faster, more responsive it service.

Higher levels of optimization can result in savings of up to 80 percent in it labor costs, according to a 2009 idc study. Standardization alone pays dividends. According to idc, companies that maintained a standardized desktop strategy for three years or longer decreased

Pc labor costs by an additional 34 percent over the initial short-term gains.

The Windows optimized desktop is intended to support an organization’s effort to optimize its overall desktop infrastructure. it does this first by facilitating standardization and consolidation through the use of a single, stable, familiar and well-integrated client-server architecture. But it also offers technology managers capabilities and tools that facilitate coordination, automation and dynamic resource allocation, including:

Microsoft Application Virtualization (App-V) this reduces the application deployment effort because technology managers no longer need to test how different groups of applications work together every time one is upgraded. it removes an application from the desktop footprint, which allows it to deploy a smaller master Pc image across a variety of business groups.

Microsoft Enterprise Desktop Virtualization (MED-V) this resolves application-compatibility problems by letting legacy applications run in a virtual environment.

Windows 7 Advanced Image Management and Deployment Tools these enable it to ease os deployments and reduce the cost and complexity of managing PCs and virtual machines.

The DirectAccess network access technology so effective in supporting mobile workers works both ways: it not only allows users to access corporate resources directly, it enables administrators to configure and manage Pcs remotely across the internet, especially when used in conjunction with these tools:

  • Group Policy Management Console, which allows it administrators to centrally manage Pc and application settings.
  • Windows PowerShell 2.0, which enables technology managers to automate repetitive tasks.
  • Internet Explorer Administration Kit, which can be used to configure an initial internet explorer setup or manage user settings after internet explorer has been deployed

Return on investment can be measured two ways: Lower costs and more effective use of resources. the Windows optimized desktop helps lower the cost of desktop administration and increase dynamic resource usage by providing tools that help both users and administrators resolve problems faster—and therefore return to productive work quicker:

Microsoft Diagnostics and Recovery Toolset this tool helps technology managers and administrators identify and repair Pcs that have become unusable by offering tools that analyze and solve the problem.

System Center Desktop Error Monitoring through agentless crash-monitoring technology, this tool identifies the impact, probable cause, and resolution of application and operating system failures, which helps to make desktop Pcs more stable and reliable.

Windows Troubleshooting Platform the Windows troubleshooting Platform can reduce calls to the help desk by diagnosing and resolving common Pc issues, and by providing built-in troubleshooting help, including audio, video, and networking, for several different types of problems.

Virtualization may be intimidating to it managers unfamiliar with the technology. the Windows optimized desktop provides tools to manage both physical and virtual assets.

System Center Configuration Manager

System center configuration manager 2007 assesses, deploys and updates software on servers, clients and mobile devices across physical, virtual and distributed environments. Organizations leveraging Microsoft system center configuration manager will benefit from internal end-to-end hardware and software inventory and metering capabilities. The solution’s asset intelligence component translates the inventory data into information, providing rich reports that it administrators can use to optimize hardware and software usage.

System Center Virtual Machine Manager

System center Virtual machine manager enables dynamic and responsive management of a virtual infrastructure, rapid provisioning of new virtual machines, and unified management of physical and virtual machines. These days, lowering cost is imperative, and most organizations are looking for short-term return on any investments they make, including technology. The

Windows optimized desktop provides a cost-effective way for it administrators to begin the upgrade and optimization of desktop infrastructure by serving both short-term goals—for instance, by providing a platform to test the efficacy of desktop virtualization technology—

and long-term needs, by being able to implement new desktop technology quickly and recycle used equipment efficiently.

Source: Microsoft.com

Load More Posts