Join Blain, Dan, John, and Yung, your TechNet IT Evangelists as we hit the road again this fall to bring you the highlights of Microsoft’s great virtualization solutions. We’ll go from the desktop to the enterprise, starting with VHD native boot – a new feature for Windows® 7 and Windows Server® 2008 R2. Next, we’ll move into Windows XP mode, Windows Server 2008 R2 Hyper-V™, and finish with System Center Virtual Machine Manager (SCVMM).
Reservations are required and space is limited, so register today to save your seat.
For more information or to register, visit: www.technetevents.com OR CALL 1-877-MSEVENT
VHD Native Boot We’ll kick off the afternoon by exploring VHD Native Boot, which is a new feature for Windows 7 and Windows Server 2008 R2. VHD Native Boot can be used as the running operating system on designated hardware – without a parent operating system, virtual machine, or hypervisor. This is one of the best virtualization features to date for technology professionals of every kind – from enterprise to small and medium-size business pros and consultants.
Windows XP Mode With Windows XP Mode, it’s easy to install and run multiple Windows XP productivity applications directly from your Windows 7-based PC. Do you have application compatibility issues? Windows XP Mode can ease those compatibility headaches, because it gives you the best of both worlds. You can easily run older Windows XP business software – including web applications that require an old version of Internet Explorer® – while taking advantage of the many benefits of your Windows 7 desktop. This is a can’t-miss session for IT pros who juggle both new and established software and web applications.
Windows Server 2008 R2 Hyper-V It’s time to focus on enterprise with an overview of Windows Server 2008 R2 Hyper-V. In this session, we’ll look at how to create virtual machines in Hyper-V and demonstrate how the snapshot feature can easily revert the virtual machine to a previous state. You’ll come away from this session with a sold understanding of all the capabilities and new features in Windows Server 2008 R2 Hyper-V.
System Center Virtual Machine Manager Finally, no virtualization discussion is complete without a conversation about management. When it comes to managing virtual infrastructures, System Center Virtual Machine Manager 2008 (SCVMM) is the best of the best. This member of the System Center family of system management products provides a straightforward, cost-effective solution for unified management of physical and virtual machines.
Free Admission>
Reston, VA >> November 30, 2009 1:00pm - 5:00pm
Alpharetta, GA >> December 1, 2009 1:00pm - 5:00pm
Rochester, NY >> December 2, 2009 1:00pm - 5:00pm
Charlotte, NC >> December 3, 2009 1:00pm - 5:00pm
Bridgewater, NJ >> December 7, 2009 1:00pm - 5:00pm
Waltham, MA >> December 9, 2009 1:00pm - 5:00pm
Malvern, PA >> December 11, 2009 1:00pm - 5:00pm
Orlando, FL >> December 14, 2009 8:30am - 12:00pm
This is it! We had waited and waited, and it's finally here. Windows 7 is now generally available. With Windows 7, there's never been a better time to be a PC. For all you IT Professionals out there, let me highlight the 3 key deliveries:
and innovations introduced in Windows 7 and make pertinent information readily available for you here.
Making people productive anywhere
Making people productive is not that hard. In your office plugging company’s network with a laptop loaded with apps, you can be productive. Making people productive “anywhere” on the other hand is a very challenging effort for IT, while facing the mass amount of mobile devices and increasingly complex network computing environment today. The growing numbers of mobile workforce and branch offices are at the same time demanding corporate resources seamlessly available regardless the required infrastructure and organizational boundaries. Two Windows 7 solutions to facilitate remote access are BranchCache and DirectAccess.
Managing risks through enhanced security and control
Security is nothing we need to much justify the need in today’s network computing environment. It is critical, imperative, and all too often costly. From Windows Vista, Windows Vista SP1, to Windows 7, BitLocker has been expanded from a single drive, multiple drives, now to portable media. Windows 7 offers security enhancements enabling a user to secure data from unauthorized access very easily with BitLocker-to-Go, for example. In Windows 7 Explorer, highlight a portable drive, right-click to turn on BitLocker-to-Go. It is that readily available, easy to do, and readable with Windows XP. There is really no reason not to do it since it is so little to do, yet with so much control and so strong protection on data. As a memory stick is now with 32 GB and beyond capacity, BitLocker-to-Go is one very cost-effective way to protect data from unauthorized access. For a large company, BitLocker technology with group policies offers a software based enterprise solution of hard disk encryption. You don’t need to look for a solution and end up with a second-best solution. It is in Microsoft Vista and it is much enhanced in Microsoft Windows 7.
In an enterprise environment, software restriction is one of the most difficult enforcements. Not only it needs a mature infrastructure to provide software inventories, metering, and on-going monitoring, but the required skill sets to develop, test, and manage those software restriction policies are hard to find, take years to develop, and come with very high costs. Windows 7 and Windows Server 2008 R2 together present AppLocker as a vehicle with which a system administrator can provision a policy to deny/allow execution, installation, or usage of a target application based on the application's digital signature by deriving a publisher rule defined and enforced with a Group Policy Object without programming. A complex requirement, for instance allowing task workers to access Office 2007 and later, but not PowerPoint when accessed by contractors, can be done with AppLocker in a few mouse clicks without any scripting.
Reducing cost by streamlining PC management
Many thought without a direct migration path, i.e. in-place upgrade, from Windows XP to Windows 7, the deployment of Windows 7 must be a tedious and tricky process. In fact, Windows 7 offers a number of vehicles making the migration an intuitive and straightforward process. For consumers and small businesses, Easy Transfer makes migrating from Windows XP to Windows 7 absolutely “easy” and, in my view, fun actually. Scanstate and Loadstate, two key utilities in USMT (User State Migration Tools) make a migration process very logical and easy to understand. Hard-Link Migration leaves and remaps data in place and significantly reduces the time needed to place large amount of user data in a typical PC refresh scenario.
In the past two years, with Microsoft’s introduction of virtualization strategies and solutions, there are many options in resolving compatibility issues at an application or OS level while reducing TCO and increasing flexibilities in deploying and managing IT resources in the long run. Specific to Windows XP compatibility issues, Windows 7 Professional and above offer Windows XP Mode (via a free download) with a local virtualization of Windows XP SP3 machine. So those applications developed specific for Windows XP can now essentially run in a Windows 7 environment with a few steps to set up a virtualized Windows XP SP3 run-time environment to host those Windows XP specific applications. Further an application running in Widows XP Mode can be seamlessly integrated into the Start/All Programs menu of a host Windows 7 machine. Notice Windows XP Mode alone is designed for a relatively small deployment since there is basically no built-in system management function. For a large scale deployment, MED-V or Microsoft Enterprise Desktop Virtualization, one of the six offerings that come with MDOP (or Microsoft Desktop Optimization Pack available through Software Assurance program) is the solution to manage local desktop virtualization with the abilities to provision a MED-V workspace policy to deploy XP Mode with standardized settings and a consistent user experience, etc. While MED-V 1.0 SP1 to be available in the first quarter of 2010 with host support for Windows 7, notice that both MED-V 1.0, MED-V 1.0 SP1 will leverage Microsoft Virtual PC 2007 which does not required hardware assisted virtualization.
I am very excited to be delivering a Remote Desktop Services/Virtual Desktop Infrastructures (RDS/VDI) session in the upcoming Desktop Virtualization Technical Briefing. RDS/VDI is, in my view, one of the most compelling solutions to transform IT into a corporate business value delivery engine. I am most impressed by the architecture elegantly integrated into Windows Server 2008 R2 which makes the solution very easy to understand and implement. In my session, I will discuss the architecture and walk through the logical steps to implement a RDS/VDI solution. For technology decision makers and senior IT consultants, this session is highly recommended.
Notice the registration is open for invited guests only. Here are the additional information and registration link.
The traditional desktop computing model, as shown in Fig. 1, has been one where the operating system, applications, and user data and settings are bonded to a single computer. We will buy a computer either with OS and some applications pre-installed, or apply a hard disk image with targeted OS and selected applications to the computer hardware. Once a computer is deployed, a user can then log in the system, customize the environment, run applications, change settings, create data and files. This model is straightforward and easy to understand. With respect to desktop deployment, this means that the OS, application execution/presentation and user data are all self-contained within a single device. This model has the advantage of simplicity because it leverages well understood technologies that ship with Windows. In addition, because a PC with this model is configured to be completely self-sufficient, this solution is well-suited to mobile use. However, the tight binding between the various layers may not be a preference for all scenarios. This model has its limitations.
The tight couplings between each layer provide efficiency; they also introduce dependencies, hence complexities. And these complexities make it difficult for users to move the applications, settings, and files from one PC to another in case of upgrades or a lost or stolen laptop. When exemplified by thousands of desktops and laptops, as many enterprises do, the management of these laptops and desktops becomes a major concern. As mobile work force and the number of branch offices continue to grow with the proliferation of Internet and the advancement of networking technology, the work environment and data access patterns of information workers have become dynamic and been rapidly evolving. The long term maintenance associated with computing resources based on the traditional computing model is becoming cost-prohibitive for many companies, while impairing the IT’s ability to quickly prepare for or respond to a business opportunity.
Desktop Virtualization is the process of separating, or more precisely isolating, out these individual components, and managing each one separately. Fig. 2 shows by isolating these components, we can now abstract and virtualize the computing resources. Each layer can then reference a resource in other layers based in the abstraction or virtualization boundary and without specifying the specifics of how a referenced resource is configured within its host layer. Over all this reduces complexity and improves PC and application management.
When it comes to virtualization, not all solutions are equal. Microsoft has developed a number of virtualization solutions to address specific issues as depicted in Fig. 3. There are times a virtualization solution may not be cost-effective while offering deployment flexibility. It is crucial to recognize that and architect a virtualization solution accordingly to produce maximal business benefits.
Brought to you by your US East Microsoft IT Pro Evangelist: Blain, Dan, John, and Yung!
Come spend an afternoon with us as we highlight some of the great virtualization solutions Microsoft offers. We’ll go from the desktop to the enterprise starting with VHD native boot, a new feature for Windows 7 and Windows Server 2008 R2 followed by discussions of
It will be fast and it will be furious. 4 Evangelists, 8 City, and one focus: getting you fully charged with virtualization. Act quick and act now to register at the following links:
Firestarter is a TechNet event offering IT Pros and developers an opportunity to in a few hours review and go deep on a chosen subject. For this particular one in Atlanta, GA, we offer 4 sessions, two presenters, two formats (in-person or online), and one focus: Windows 7. Here’s the agenda.
Session
Topic
Presenter
1
What’s New with Windows 7
John Baker
2
Why VPN? Connect Seamlessly with DirectAccess!
Yung Chou
3
Take the Worry Out of Protecting Your Data… Encrypt Your Drives with BitLocker and Bitlocker-to-Go
4
Deploying Windows 7? Automate it with System Center Configuration Manager
Register before it is full. Hope to see you there.
During the TechNet Game-On Tour, many asked for the information and wanted to review the demos I did. Dan Stolts, a fellow Microsoft IT Pro Evangelist based in Boston area, has recently published the following on the topic and did a great job on providing additional details. Check them out.
Migrate Windows XP to Windows 7 Using USMT (User State Migration Tool) [Upgrade XP or Vista] Step By Step
Upgrading Windows XP to Windows 7 and Migrate Microsoft Office and Other Applications Using The User State Migration Tool (USMT)
Register early, register now. Also in the east coast, we are about to start the “Game On Tour.” Come to these events, meet your peers, hook up with the community, and update your skill set with Windows 7 and Windows Server 2008 R2 solutions.
Windows XP to Windows 7 migration has become a main topic actively discussed in IT Pro communities concerning enterprise desktop deployment. This is a good time to go full ahead and ramp up the skill set needed to do the job as we are approaching the general availability of Windows 7 on October 22, 2009.
This guide provides assistance on migrating from Windows XP to Windows 7, all the way from gathering information about your environment to deploying the operating system. As you move through each step in the process, you can leverage deeper resources by clicking on the individual icons. With this content, you can master the subject and make the best decisions to successfully transition your IT environment. There are 5 sections in the document and each section is led by an introductory video.
I have just finished developing the content of RDS and VDI to be soon delivered in the Session 3 of the upcoming TechNet events. To minimize the required hardware, both the RDS and VDI demos are to be carried out using one laptop. In this screencast I briefly described how my demo laptop was set up. In upcoming screencasts, I will walk through the steps to manage applications for remote access, integrate RDS components for VDI, and via a browser access a personal or pooled Virtual Machine running in data center without VPN.
RTM is the release to manufacturing, meaning the code is final and has been delivered to PC and server makers, who are preparing to deliver great new Windows 7 PCs and servers with Windows Server 2008 R2 for our mutual customers when Windows 7 is generally available on October 22nd, with Windows Server 2008 R2 available on or before that date. Here is the official press release.
Existing Volume Licensing customers as well as TechNet and MSDN subscribers will be able to download Windows 7 and Windows Server 2008 R2 in the second half of August.
Quick facts:
Reservations are required, so register today for a seat at this free and fun technology event.
The following is a list of 23 event cities which we will deliver the content from August 19, 2009 to October 6, 2009. Look forward to seeing you all there.
State
Event City
Madison
Tuesday, September 01, 2009 8:30 AM - 12:00 PM
Farmington
Tuesday, September 29, 2009 8:30 AM - 12:00 PM
Fort Lauderdale
Tuesday, September 15, 2009 8:30 AM - 12:00 PM
Jacksonville
Pensacola
Wednesday, September 23, 2009 8:30 AM - 12:00 PM
Tampa
Thursday, September 17, 2009 8:30 AM - 12:00 PM
Alpharetta
Wednesday, September 02, 2009 8:30 AM - 12:00 PM
Baltimore
Wednesday, August 19, 2009 8:30 AM - 12:00 PM
Chevy Chase
Thursday, August 20, 2009 8:30 AM - 12:00 PM
Augusta
Thursday, September 24, 2009 8:30 AM - 12:00 PM
Charlotte
Tuesday, September 22, 2009 8:30 AM - 12:00 PM
Raleigh
Friday, September 11, 2009 8:30 AM - 12:00 PM
East Windsor
Monday, September 14, 2009 8:30 AM - 12:00 PM
Hempstead
Thursday, September 10, 2009 8:30 AM - 12:00 PM
New York
Troy
Allentown
Monday, September 21, 2009 8:30 AM - 12:00 PM
Harrisburg
Malvern
Norfolk
Friday, September 25, 2009 8:30 AM 12:00 PM
Roanoke
As Microsoft is reaching a key development milestone in the Microsoft Office 2010 release cycle, a number of video clips introducing the product suite and new features are now available. With this preview, Microsoft is also introducing a new product lineup for Office and reduces the number of editions from eight to five while enhancing each edition with new applications and features. Also Microsoft will be delivering Office Web Applications to consumers at no cost through Windows Live, while mid- and enterprise-level customers can based on their Office licenses possibly host Office Web Applications on premise.
I received a few quick questions on Remote Desktop Services (RDS) and thought to share my answers.
1) Do the new remote desktop enhancements in Srv2008R2 & Windows7Ent/Ult require the upgrade of Active Directory to 2008R2 Native Mode?
The Domain functional level needs to be in 2008 R2 to take advantage of the VDI capabilities.
In Active Directory User Object with Windows Server 2008 R2 domain functional level, we now have a tab for Personal Virtual Desktop, for example.
2) Regarding publication of the server with ISA, since the authentication is now forms based, how is this done?
I have not had a chance to do this myself yet. However the process should be very similar, if not identical, with publishing Terminal Services Gateway (TSG) in Windows Server 2008 to an ISA external interface. There are a great TechNet Magazine article, Enhance TS Gateway Security with ISA Server 2006, and a TechNet page, Configuring the TS Gateway ISA Server Scenario, explaining the process well.
In part 1, I talked about what is Cloud Computing, what is Software + Services, and why IT Pros should care. Here in part 2, I focused on Microsoft’s efforts and offerings relevant to Cloud Computing, and introduced Microsoft Online Services with the following demos:
So what are Microsoft Online Services? Very simply, they are enterprise solutions delivered through the Cloud with subscription services hosted by Microsoft. Specifically, Business Productivity Online Suite (BPOS) includes Exchange Online, SharePoint Online, Office Communications Online and Office Live Meeting. With BPOS, Microsoft Online Services offer business the capabilities of Microsoft Exchange Server, Microsoft Office SharePoint Server, Microsoft Office Communications Server, and Microsoft Office Live Meeting quickly, easily, and without the upfront costs of an on-premise deployment by hosting these solutions online. The best way to understand it is to try it out.
Directly form a just published case study:
Without MED-V, TÜV NORD employees in India would have had to connect to the company’s Terminal Services system in Germany, which would have required significantly more bandwidth (4MB instead of 500KB) at an additional annual cost of approximately U.S.$585,000. “It’s much cheaper to install a MED-V image on a client than to give an inspector in India a separate computer and Internet connection,” Boerger explains. “Moving forward, we anticipate that offices in some countries won’t need complete, local IT infrastructures. With MED-V, we’ll be able to provide what they need at a fraction of the cost.”
Without MED-V, TÜV NORD employees in India would have had to connect to the company’s Terminal Services system in Germany, which would have required significantly more bandwidth (4MB instead of 500KB) at an additional annual cost of approximately U.S.$585,000.
“It’s much cheaper to install a MED-V image on a client than to give an inspector in India a separate computer and Internet connection,” Boerger explains. “Moving forward, we anticipate that offices in some countries won’t need complete, local IT infrastructures. With MED-V, we’ll be able to provide what they need at a fraction of the cost.”
Click the following image to bring up the case study and notice all Microsoft published case studies are available at http://ww.mircosoft.com/casestudies/
Recently there have been active discussions on Cloud Computing and Microsoft also has brought in a new IT service delivery model called "Software + Services." This series highlights Microsoft’s strategies and efforts in extending the Windows experience to the cloud, and talks about how to take advantages of what cloud computing is offering by extending and transitioning existing IT infrastructure into the so-called “Software + Services” model. Here in Part 1, let's take a 50,000 foot view and get a perspective on what has happened in the past two decades and appreciate:
To continue the discussion, in Part 2 we will walk through the process of acquiring Microsoft Online Services and basic administration including creating users, configuring SharePoint Online, and managing Exchange Online.
I won't repeat the information here. Just read the Windows 7 team post. If not already, absolutely now need to pay full attention on how to move from Windows XP to Windows 7. Also do pick a few Windows 7 technologies and get really good at them. Direct Access, Boot from VHD, BitLocker to Go, and Windows XP Mode are Windows 7 solutions on top of my list to master. I have been putting in many weekends and hours. Probably too many. What do you have on your list? And are you ready for Windows 7?
John (Baker), a good friend and a colleague of mine in the Microsoft US East Evangelist team, and I both attended TechEd 2009 in L.A. and the first thing that Monday we did was to walk in a little onsite studio and record a TechTalk session. Since we needed to get it done in our time slot which was 30 minutes including getting in and out, mingling with the crew, getting John off email (that was a tough one, if you know what I mean), and finding the right angle for me (which was the most important thing as far as I was concerned for the whole recording), etc. Everything happened real fast and basically we sit down, put on the microphones, smiled, talked, thanked you, then got up and left, so the crew could start recording the next session. And yes, we did it in one take. It was a little bit intense and stressful, yet I had a lot of fun doing it. John is fun to work with and we always have a good time hanging out. Not to mention I got to talk about Self-Service Portal, something I consider one of the key objectives for implementing a virtual machine manager infrastructure.
Take a look. It’s a 10-minute fame of me and Sir Baker in TechEd 2009. Maybe we will do it more on other interesting and frequently asked topics like Direst Access, Windows XP Mode, boot with VHD, Bitlocker to go, and many more.
Two sessions in the upcoming TechEd 2009, I will be presenting. One is on prototyping Groove solution with a laptop and the other is a TechTalk recording on System Center Virtual Machine Manager Self-Service Portal. Here’s some information:
OFC309 Prototyping Microsoft Office Groove Collaboration Solutions with a Laptop 5/15/2009 2:45PM-4:00PM Room 150
TTK60 Virtual Machine Manager Self-Service Portal: What, Why, and How
For those who are not going, look for my screencasts on these topics in upcoming weeks. Else have a great trip and look forward to meeting you all in the city of angels next week.
Windows XP Mode includes a pre-packaged virtual Windows XP environment and Windows Virtual PC to run the virtual Windows XP environment. Applications installed in Windows XP Mode are automatically available on the Windows 7 Start Menu or Task Bar and can be launched just like any Windows 7 program. Further Windows XP Mode is pre-configured with the Windows XP firewall and to apply updates automatically from Windows Update.
You may find that Windows XP Mode is a bit similar to the seamless integration in MED-V by making applications installed in the Virtual PC of a MED-V workspace available in the All Programs menu of the hosting OS as shown in my Screencast: Mad About MED-V Part 2 of 4, User Experience. Still notice Windows XP Mode is developed with small business in mind and in a standalone setting. While MED-V is part of Microsoft Desktop Optimization Pack (MDOP) available to only Software Assurance (or SA) customers at this time and offers an enterprise virtual machines lifecycle management capability. In essence, Windows XP Mode does not replace MED-V.
Either Windows XP Mode or MED-V, since a hosting OS will need to run a session of Virtual PC the resource requirements for RAM and disk space are higher. When it comes to virtualization, 2GB of memory in current PC computing environment should be considered as an entry point. Additionally, Windows Virtual PC requires a PC with Intel-VT or AMD-V enabled in the CPU, as it takes advantage of the latest advancements in hardware virtualization.
Here are two selected readings:
and also Windows 7 RC is now available from TechNet/MSDN subscription sites.
This is the part 2 of a 4-part Mad About MED-V series. This screencast presents the user experience of running MED-V applications by going through essential user operations of a MED-V client.
The Mad About MED-V screen series include:
and each link is to be updated once the associated screencast is published. The remainder of this posting highlights some of the content presented in Part 2.
As discussed in Part 1 of this series, a MED-V workspace policy optionally allows a MED-V application integrated into the All Programs menu of the host computer as shown below, despites the fact that the MED-V application is configured and running in a Virtual PC behind the scene.
To run a MED-V application, the workspace must first be started. A MED-V client can be loaded at Widows startup time if specified in the MED-V Client Settings, in such case a workspace can be also set to start automatically. This ensures the workspace is always in place, should a user require running a MED-V application once the computer has been started. And if the workspace has not been initialized, it will start on demand followed by bringing up the application upon completing the workspace initialization. Once a workspace is started, additional options like locking/restarting/stopping workspace become available when right-clicking the MED-V client icon in the system tray. A user also at this time has the access to utilities like the File Transfer tool as shown below. The Fire Transfer tool enables a user to transfer files between the host computer and the MED-V application running in the Virtual PC in the background.
In MED-V workspace policy, a MED-V administrator can optionally configure a color border to surround a running MED-V application as shown above. The setting of showing a color border can be easily changed or disabled within workspace policy by a MED-V administrator.
A MED-V workspace policy can be configured to automatically redirect a request for a target website from the host computer to the browser in the Virtual PC. This allows every request to a target URL with a web application incompatible with the browser installed on the host computer gets redirected to a compatible browser running in the Virtual PC behind the scene. The following screen capture shows a request redirected from the host computer which runs IE7 to the IE6 (with a red border) running in the hidden Virtual PC.
Microsoft Enterprise Desktop Virtualization, or MED-V, is a desktop virtualization solution providing a self-contained computing environment including the OS, intended applications, and customized settings, if any. Desktop virtualization allows an application to run in a specific OS environment different from the OS running the hosting computer. MED-V uses Virtual PC 2007 to provide a virtualized and customizable computing environment required by an intended application, yet incompatible or conflicting with that in the hosting computer. In other words, MED-V allows computing environments which are incompatible, conflicting, or with different requirements to run currently in the same physical device. For instance, running a legacy or line-of-business application requiring Windows XP SP2 in a Vista SP1 desktop or deploying a managed computing environment (like a corporate-managed desktop) to a non-managed (like a personal or home) desktop are some of the business challenges MED-V addresses.
MDOP now includes 6 tools and solutions as below and is available to Software Assurance customers.
Customers interested in MDOP should review the faq and contact their software vendor or Microsoft for additional information. For a comprehensive guide on Microsoft Virtualization from data center to desktop, download it here. I have produced the 4-part Mad About MED-V screencast series to offer a quick review of MED-V solutions including the following. I will update each link, once the associated screencast is published.
The following is the part 1 screencast with a focus on the MED-V fundamentals to establish a baseline for subsequent discussions in the series. The remaining of this post highlights the key concept, architecture, and pertinent information of a MED-V solution.
MED-V is perhaps the least understood piece in Microsoft Virtualization Solutions. A desktop virtualization solution MED-V is as opposed to App-V, an application virtualization. This distinction is an important one since they solve two different areas of business problems. Desktop virtualization addresses the incompatibility between a target application and the host operating system by virtualizing an entire desktop, i.e. a self-contained runtime environment including the operating system and the application. Such that a target application requiring, for instance, Windows XP SP2 and incompatible with Windows Vista can still be deployed to a Vista desktop by running the application in a hidden Virtual PC running Windows XP SP2 while using MED-V to seamlessly make the application accessible from the Start-All Programs menu on the host computer. App-V, on the other hand solves the incompatibility between two applications by offering a virtualized application runtime environment, the so-called bubble, while allowing these applications running on the same operating system instance. The following illustrates the concept.
Conceptually desktop virtualization using Virtual PC is easy to understand. Nevertheless to deploy desktop virtualization to enterprise, system administration and scalability are rather challenging. In essence, a Virtual PC lifecycle management solution is the key to make enterprise desktop virtualization a reality, and this is where MED-V comes in. MED-V makes Virtual PC deployable and saleable with a centralized lifecycle management solution including: image creation, delivery, monitoring, and maintenance.
To run a MED-V application the associated workspace must be first started. And if a user tries to start a MED-V application while the workspace is not in place, the workspace will start on demand and once the workspace is loaded, the application will start. A workspace is a Virtual PC image with a usage policy defined by a MED-V administrator. An administrator will use MED-V management console to configure usage policy which is a set of settings defining how MED-V applications will behave for a target Active Directory users or groups. Notice that the Virtual PC is where a MED-V application is configured, and the Virtual PC is also running in the background. MED-V workspace policy allows a MED-V application to seamlessly integrate into the All Programs menu on the host computer and runs transparently with the locally installed applications. A conceptual model of the integration is shown below.
The high level MED-V architecture as shown below starts with: (1) and (2) to create, test and upload Virtual PC images encapsulating a target computing environment of an OS, applications and optional management and security tools to the image repository by administrator; (3) MED-V Management Server, the brain of the whole system, enabling an administrator to control image repository which is an IIS virtual directory and (4) provision images for targeted Active Directory Users and Groups along with usage policies; and finally (5) delivering the images and usage policies to clients. And a client starts a MED-V application, the client will authenticate against the management server, retrieve the workspace policy, and acquire the workspace image.
Notice a MED-V Management Server also aggregates clients' events, and stores them in an external database (MS SQL) for monitoring and reporting purposes. Also a MED-V client has two functional components – the first connecting to the server and retrieving the usage policy and an associated image form the repository, while the second offering the end-user experience and managing the Virtual PC from user experience and troubleshooting aspects.
The information provided here is as of March of 2009.
In order to prevent antivirus activity from affecting the performance of the virtual desktop, it is recommended where possible to exclude the following Virtual Machine file types from any antivirus or backup processing running on the host:
*.VHD *.VUD *.VSV *.CKM *.VMC *.INDEX
One very interesting piece of MED-V solution is the Trim Transfer technology as illustrated below. Trim Transfer accelerates the download of initial and updated Virtual Machine images over the LAN or WAN, thereby reducing the network bandwidth needed to transport a Workspace Virtual Machine to multiple end-users. It uses existing local data to build the Virtual Machine image, leveraging the fact that in many cases, much of the Virtual Machine (e.g., system and application files) already exists on the end-user's disk. For example, if a Virtual Machine containing Microsoft Windows XP is delivered to a client running a local copy of Windows XP, MED-V will automatically remove the redundant Windows XP elements from the transfer. To ensure a valid and functional Workspace, the MED-V Client cryptographically verifies the integrity of local data before it is utilized, guaranteeing that the local blocks of data are absolutely bit-by-bit identical to those in the desired Virtual Machine image. Blocks that do not match are not used.
The process is bandwidth efficient and transparent, and transfers run in the background, utilizing unused network and CPU resources. When updating to a new image version (e.g., when administrators want to distribute a new application or patch), only the elements that have changed ("deltas") are downloaded, and not the entire Virtual Machine, significantly reducing the required network bandwidth and delivery time.
You can configure which folders are indexed on the host as part of the Trim Transfer protocol according to the host OS. These setting are configured in the ClientSettings.xml file which can be found in the Servers\Configuration Server\ folder.
I had the opportunity to be one of the reviewers of the just published Hyper-V Security Guide. And want to invite those who are interested in virtualization security to download and review it as well. This document is about Hyper-V in Windows Server 2008 and provides IT professionals with guidance, instructions, and recommendations to address key security concerns about server virtualization. Specifically how to harden Hyper-V role, safely and securely delegate administrative access to virtual machine resources, and protect virtual machines are examined. Check it out.
The demo environment as shown above included MyHost (my laptop running Windows Server 2008 Enterprise with Hyper-V Server Role) and 2 running virtual machines were APEX (the domain controller of contoso.corp) and SC (a member server with SCVMM installed) while MyHost also joined the domain.
This screencast walked through the steps to add MYHOST into the SCVMM as a host.
Here are the screencasts of this series:
Yung Chou on Hybrid Cloud - Site Home - TechNet Blogs