James O'Neill's blog

Windows Platform, Virtualization and PowerShell with a little Photography for good measure.

Windows 7 XP mode: helpful ? Sure. Panacea ? No.

Windows 7 XP mode: helpful ? Sure. Panacea ? No.

  • Comments 3
  • Likes

ComputerWorld have an interesting piece up about XP Mode for Windows 7. Saying that it “could create support nightmares, analysts said today”

They quote Michael Cherry, an analyst at Directions on Microsoft as saying “I think that this will help the uptake for Windows 7, because it removes one more 'gotcha,' and that's never a bad thing to do”.Well indeed, as computerworld goes on to say: The idea of using virtualization to provide backward compatibility for older applications is neither novel nor surprising, Cherry continued. He called it a nice "safety net" for users concerned about abandoning XP who don't have access to centrally managed MED-V”

If you have more than 5 machines you can get Software Assurance and add the Microsoft desktop optimization pack (MDOP): so you get Microsoft Enterprise Desktop Virtualization (MED-V).  I’m surprised that no one has yet portrayed XP Mode as a way of raising the profile of MED-V to sell more MDOP packages. XP mode is managed locally with users “owning” the VM; anything deployed to hundreds or thousands of desktops without central management can earn the label of “support nightmare”. MED-V provides that central management. Computerworld have a quote from a Gartner analyst, Michael Silver: “You'll have to support two versions of Windows, each needs to be secured, antivirused, firewalled and patched. Businesses don't want to support two instances of Windows on each machine. If a company has 10,000 PCs, that's 20,000 instances of Windows”

I think he’s wrong on that point. You don’t have to support the whole of the legacy OS in this situation – for example you don’t need to provide all the drivers for it. You just have to support configuring the legacy app on it – which is what you have been doing for the life of that OS anyway. For many of these applications you can use the simplest firewall ever – disconnect the network. We won’t surf the internet from the VM, read mail on it or do most things that risk introducing malware: this smaller attack surface means a “compatibility VM” can get away with a lower level of security. When he says “If a company has 10,000 PCs” the rest of the sentence should be “they should be using MED-V”. In an organization of that size 10,000 user controlled / unaudited machines (physical or virtual) is not an option.

I agree with him on a different point in the Computerworld article: “Companies need to heal their applications," Silver said. "They'll be doing themselves a disservice if, because of XPM, they're not making sure that all their apps support Windows 7." If these apps need to be “healed”  does that make them “sick” ?  Whatever label we use, there are organizations that depend on outdated applications which they didn’t write. For some reason a new version which supports Vista/Windows 7  can’t be deployed – not least because Software vendors go bust. Silver makes the point “What happens in 2014, when XP isn't supported anymore ?”. XP is out of mainstream support now: customers can buy into extended support, but those running XP mode won’t. The applications are probably out of support too. But we have people running NT4 virtualized (but unsupported) in their data centres for some ancient-but-critical apps: the same will happen on the desktop. 

As well as the known “sick” apps, there are organizations who don’t have a complete list of applications deployed at user or departmental level: they can’t say “everything we have works on Vista/Windows 7” because they  can’t define “everything”: so XP mode is a useful safety net Michael Cherry put it ‘It removes one more “Gotcha”’.

I wouldn’t dream of arguing with the notion that “companies will be much better off if they make all their applications run on Windows 7.” as Silver put it. An application which was written properly in the 1990’s will run on 7 (I still like paintshop pro 5 and it has a copyright date of 1999): there isn’t a kind way to say it, but excluding drivers and utilities which need to get into the guts of the OS (anti-virus being the classic case) if an Application doesn’t work on an updated OS, it wasn’t written properly in the first place, so you have to ask what else is wrong with it. Sooner or later the cost of  keeping it going (whether that is lost productivity from staying on an old OS , or the cost of supporting it under virtualization) outweighs the cost of getting rid of it. Since developers have had access to Vista since early 2006 if there isn’t a fixed version now there probably never will be. It’s very easy to say that such applications should be thrown out and replaced, it’s just turns out to be hard to do in practice.

So the message should be clear

  1. Desktop virtualization is not a free excuse to avoid updating applications. It is a work around if you can’t update.
  2. Desktop virtualization needs work, both in deployment and maintenance – to restate point 1 – it you have the option to update, expect that to be less work to update the applications.
  3. As Scott Woodgate said in the first sentence we published anywhere about XP mode “Windows XP Mode is specifically designed to help small businesses move to Windows 7.” Home users and large organizations might benefit but they are not the target
    As I pointed out in my first post on the subject. MED-V is designed for larger organizations with a proper management infrastructure, and a need to deploy a centrally-managed virtual Windows XP environment  on either Windows Vista or Windows 7 desktops.

One final thought not all current Intel Processors have the VT technology that Windows Virtual PC needs. If you are thinking about buying a new PC or if advise small business buyers, make sure VT Support is checked for. Ed Bott has a good post with the details of the chips.

Comments
  • My take on XPM is pretty much a big fat, so what. We have had VPC and VS for years now and although it has it's uses it is not the answer to legacy apps in my opinion. The primary reason for legacy apps is legacy hardware and any form of Virtual Machine is not going to work. When an app needs to talk directly to the hardware VM's are not the answer.

    Second if I have a legacy app, in fact we just deployed a new app that is only Win2k/WinXP ready, the app vendor is unlikely to support it in a VM. Sure you can call them up and say "such and such isn't working" and not tell them it's in a VM but when the you know what hits the fan the vendor is going to want to know everything about how it is deployed and they will very likely say no way to supporting their app in a VM.

    Lastly since XPM broke Virtual Server in the RC what are the plans for getting VS working again because if my choice is XPM or VS I want VS or shall I just deploy Win2k8 at the desktop level?

  • James the thing about XPM is it gives you the app without the whole desktop. VPC on its own means two start menus, two desktops, and so on.

    As I blogged yesterday the latest VPC is pretty good at talking to USB hardware, and unlike its server counterparts can talk to COM ports. But if you have a specific PCI card then you're out of luck.

    I think we're sort of in agreement about your newly deployed legacy app. The chap from Gartner wouldn't approve of deploying an app which only works with an OS which is going out of support. I assume you wouldn't have done so if you had a choice, Unless the vendor actually validates the hardware platform it really shouldn't matter. Any conversation I had with the would start with "So your app is so poorly implemented it doesn't run any supported version of Windows. And you tell me that on certain kinds of machine it's flakey too. So what you're saying is it wasn't fit for purpose when we bought it ?"  The normal expectation , to be blunt here is that the app is embedded in the customer and because it is so poor the vendor went out of business years ago so support isn't an issue.

    As it is you're saying that the vendor of one app is forcing you to run an OS which is out of support to get support for their sick application. In your position I'd abandon that vendor.  

    You can't have two lots of virtualization going at the same time. If you need (and know how to use) VS go for that. The target customer for XPM would be scared stiff of VS :-)

  • Well said.  Especially your comment "if an Application doesn’t work on an updated OS, it wasn’t written properly in the first place".  I don't think we can shout that one from the rooftops loudly enough.

    If only more senior IT managers *got* that one, maybe the pressure would move to the supplier ("write well-behaved apps please or we'll do business with someone else") instead of the IT staff ("make this dodgy app we depend on work or you're fired").

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment