IT shops that are worried about security – think healthcare, government, and financial services – still want to have a hypervisor on their PC clients. This makes it easier to isolate malware and control what users have on their machines, particularly if that PC hypervisor is linked to and coordinating with a virtual desktop infrastructure (VDI) broker.
To meet this need Citrix Systems will unveil an updated XenClient next week, which more tightly couples the PC hypervisor with its XenDesktop broker. In addition, XenClient is getting retrofitted with the Personal vDisk technology that Citrix got through an acquisition, making it possible to deliver semi-custom hosted desktop images to users.
This latter thing is a big deal for users, Sham Sao, senior director of product marketing at Citrix, tells El Reg, and so is the integration of a bare-metal hypervisor for PCs with hosted PC sessions being streamed from the data center.
IT shops like hosted VDI sessions because they allow for the creation and maintenance of a single gold image for all end users. This is sufficient for end users who work from a homegrown app (through a screen scraper or a web browser) – think call center workers.
But the minute an end user has unique needs, then IT has to create a unique PC image for that end user, thus undermining one of the main benefits of hosted PC images, which is maintain once but use many times. Alternatively, you package up selected apps with XenApp, ThinApp, or App-V and stream them out to end users. But this is a pain, too.
Shao says that what end users really want is to be able to load their own apps on their own machine so they can use them locally, even when the machine is not linked to a network, and then link back to a hosted VDI image that has the same look and feel when they are working from a smartphone or tablet or their laptop and have sufficient connectivity.
Now that XenClient is integrated with XenDesktop and both are making use of the Personal vDisk created by RingCube, they can compute in whatever way makes sense given the circumstances and the devices at hand, he explained.
With XenClient 5, which was code-named "Thunder" if you follow such things, all of the user profile data for XenClient instances and for hosted images in XenDesktop are shared, and you can even store personal data in a ShareFile repository or use the Citrix User Profile Manager to coordinate data exchange between the two virtualized environments. And now, you can bop back and forth between XenClient on your PC and a XenDesktop hosted image in a transparent fashion, with all of your apps and data coming with you.
The use of Personal vDisk with XenClient allows for the hosted operating system image to be separated from the application layer, just as is currently possible with XenDesktop. What this means is that end users can install their own applications in a layer on the local image on the XenClient hypervisor and in the event that it is corrupted by malware, then XenDesktop admins can reach in and nuke that layer.
The rest of the operating system image running in XenClient remains unaffected and secure, and all that end users have to do is reinstall their own apps. The underlying operating system image remains a gold one maintained by and secured by XenClient and XenDesktop working together.
The management of data and profiles across XenClient and XenDesktop are now unified, but administration of the XenClient and XenDesktop images is still done through separate tools. Sao says that customers have not been clamoring for an integrated management tool, but it is something that Citrix is working on.
XenClient is a bare-metal hypervisor and it has been tested on 345 different PCs. Version 5.0 runs on the latest "Haswell" Core processors from Intel and has been certified to run on Windows Server 2012.
Citrix says XenClient 5.0 supports higher resolution Windows 8 instances and instances that can drive multiple monitors. You can also deploy Windows 7-alike images using the Aero skinning feature of Windows 8 and XenClient won't get confused.
There is a variant of XenClient, called XT and currently at the 3.1 release, that only installs on Intel vPro clients and makes use of hardware security features in the vPro platform – trusted execution being the main one – to provide an even more ruggedized hypervisor environment for a PC image to run on. The current XenClient 3.1 has been tweaked to support Intel's "Ivy Bridge" Core processors and will presumably be updated to Haswell chips soon.
You can buy XenClient 5.0 as a standalone product if you want to. It costs $175 for the license plus $39 for the tech support contract. But XenClient is also bundled into the XenDesktop Enterprise stack, which is a Swiss army knife of desktop and app virtualization. XenDesktop Enterprise costs $225 per seat. You might as well spend the extra $9 and get everything. ®