virtualization.info already reported about several aspects ( features, GA availability and strategy ) of the new Citrix client hypervisor launched two weeks ago at Synergy 2010 (see event coverage ). Now, while additional feedbacks about the release candidate are being published by early adopters, and while Citrix is busy answering VMware on the value of client hypervisors for BYOC models , we are able to share additional details about its internals. During the conference in fact, Ian Pratt (Chairman of Xen.org and Vice President of Advanced Virtualization Products at Citrix) and Tom James (Desktop Virtualization Manager of Business Client Platform Division at Intel) shared interesting details about the XenClient and Synchronizer internals. About XenClient The client hypervisor doesn’t just run the end-user virtual machines. It also run a lightweight additional one called Service VM, where all Citrix management components are installed. They include the interface to switch from one virtual desktop to another, the control panel, the Citrix Receiver and Synchronizer agents (if available). XenClient can run more than one Service VM, and it’s probably here that Citrix looks for extensibility by third parties. Security vendors like McAfee , for example, may deploy their out of band security servers as Service VMs. Besides the Service VM, there’s a Control Domain, which is responsible for direct access to physical hardware and chipset capabilities (like the Intel vPro features). Part of physical components, like the GPU, can be exposed to the virtual desktops through Intel VT-d technology but there’s a severe limitation: only one virtual machine per time, the nominated VM , can have direct access to the GPU. This means that while one virtual desktop will have near native graphic performance, the other (or the others) will have worse rendering, solely relying on para-virtualized graphic drivers. Despite this direct GPU access for one virtual desktop, the Control Domain will still decide where and how pixels must be rendered on screen. This is done to prevent hacking attacks through the GPU, like screen scraping or pixel injection. PortICA is being used to expose the applications of one virtual desktop on another through the seamless window technology. As virtualization.info reported in a previous article, there’s no direct connection between virtual desktops and all traffic has to pass through the networking layer. Anyway PortICA traffic will not. It’s not clear if Citrix is allowing its flow across an internal virtual switch that is not exposed to the physical network or in other ways. XenClient features a so-called Secure Keyboard . All keyboard activities are directed to the Control Domain which routes them only on the currently active virtual desktop. This is done to avoid keyboard attacks like key injection and keylogging from non-active VMs. The Control Domain also owns the USB host controller. All virtual desktops have a para-virtualized driver that emulates their own USB host controller, and the Once a new USB device is connected to the laptop, the Control Domain will check and apply security policyt to it, then it will forward the USB messages from its controller to the emulated ones. XenClient will leverage Intel Trusted Execution Technology (TXT), which is part of Intel vPro, to verify its integrity and recognize any manipulation in its configuration states. The configuration states are encrypted. The encryption key is sealed in the Trusted Computing Platform , and released only if the checksum matches. About Synchronizer Citrix Synchronizer comes as a virtual appliance for XenServer. It listens to a single HTTPs port and features a web-based administration interface. The authentication to this interface can be done using a local user database or a remote Microsoft Active Directory directory service. Every time something changes in XenClient virtual desktops, a live snapshot is being taken in the background and sent back to the Synchronizer (it’s not clear with which frequency the whole thing happens). Snapshots are taken leveraging block level differencing and compression to reduce the size as much as possible. Synchronizer receives these snapshots from XenClient in the form of VHDs. Over time, multiple VHDs of the same virtual desktop are merged together in the background.

See the original post:
virtualization.info

Microsoft just published a series of four technical documents called Deploying Personal Virtual Desktops, which provides step-by-step guidance to install and configure a VDI environment based on Hyper-V, the Remote Desktop (RD) Connection Broker, the Session Host server the Web Access server, and Windows 7 virtual machines: Deploying Virtual Desktop Pools by Using Remote Desktop Web Access Step-by-Step Guide Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide Deploying Virtual Desktop Pools by Using RemoteApp and Desktop Connection Step-by-Step Guide Thanks to Bink.nu for the news.

More:
virtualisation.info

Microsoft recently launched a new, free TechNet Virtual Lab where customers can install and try Citrix XenDesktop 4.0 with Windows Server 2008 R2 with Hyper-V and System Center Virtual Machine Manager (SCVMM) 2008 R2. Users will work through the steps to simulate deploying multiple virtual desktops, and will first capture a reference image using the Citrix Provisioning Server for Desktops. Next, the user will verify that the computer can be booted from a diskless client computer. The user will create multiple virtual machines using the reference computer as a template.

Read more:
virtualisation.info

Just one week after the release of Stratosphere 4.5.3 , the US startup Liquidware Labs announces version 4.5.4. In this build the company included an Application virtualisation Assessment feature clarifying that its interest goes beyond hardware virtualisation and VDI. With the new capability, Stratusphere 4.5.4 can build an application inventory by assessing physical desktops and laptops. The inventory includes the following information: Executable size System services installed and used per application Device drivers installed per application Total number of application users Average launch delay (application load time) Application usage (total and average time) Application resource requirements (total and average CPU, memory, IO) Basically Liquidware Labs is betting on the advent of application virtualisation as a mainstream technology, something that doesn’t seem to happen anytime soon . It’s not the only one

Read the original post:
virtualisation.info

Leostream announces today a new minor version for its Connection Broker that arrives over five months after the 6.2 release. In this update the company introduces a number of new features: support for the open source version of Xen (the one released by Xen.org) support for Sun Secure Global Desktop technology support for Ericom Blaze (which comes from the technology partnership signed in November 2009) a web client to access virtual desktops over HTTP/S connections control over the remote desktop protocol used by remote clients when multiple protocols are available a more granular set of roles and permissions that separate end users and administrators rights While every feature above is welcome, the most interesting one is the support for Sun SDG. Th e Oracle acquisition of Sun , and its declared intention to continue investing in the existing virtualisation portfolio, is translating into new opportunities for those vendors that are struggling to compete with VMware in its own domain. And competing against VMware View can be pretty hard these days.

Read more:
virtualisation.info