Installing some applications that run under Windows is
like wiping a toffee apple on a suede jacket: try as you might, you
can never get rid of the sticky mess.
Dynamic link library (DLL) files used by these applications can
sometimes be left on the machine; uninstalling the software
sometimes fails to automatically delete Windows registry entries,
forcing administrators to live with a polluted registry or waste
time manually cleaning it. Redundant folders can also litter the
file system as the uninstaller shrugs and tells you that some
things could not be removed.
Combine these problems with incompatibilities between different
applications on the same machine, and it is no wonder savvy IT
managers try to standardise hard drive images as much as they can.
The problem is that it is not always possible.
But application virtualisation could help to solve that problem.
A relatively new development, virtualisation usually describes the
separation of logical assets from physical resources.
Companies such as VMware and Microsoft offer machine
virtualisation. VMware's Assured Computing Environment and
Microsoft's Virtual PC products provide virtual operating systems
that run on top of native Windows, providing what is essentially an
operating system within an operating system.
Although such software offers a type of virtualisation, Gartner
vice-president Brian Gammage advises users to wait for the
technology built into Intel and AMD chips to move virtualisation
into the hardware.
The difference between machine and application virtualisation is
that instead of virtualising the operating system, the latter
virtualises only the file system and registry. Applications think
they are being installed on the native file system but are actually
stored on a virtual file system.
The benefits of virtualising applications are varied. Because
applications never directly see real Windows resources, the native
file system and registry will not be polluted.
When implemented properly, virtualisation can lead to very fast
installation, and applications with DLLs saved in their own virtual
space do not conflict with one another and crash the system.
It also enables multiple versions of an application to be run on
the same PC. This is useful because it allows IT departments to
test applications in the field, for example, and to wipe all traces
from end-users' machines when they have finished.
Applications can be switched on and off very quickly, making
them available or unavailable as required. Richard Bentley, product
segment manager at software services firm Altiris, said, "There is
also the ability to fix an application very quickly so that if I
have a problem, it is a case of flicking a switch so that it's back
to its original state."
Altiris will soon be launching Software Virtualisation System
(SVS), which uses technology acquired when it bought out FSLogic in
2004.
Administrators use a tool to capture a conventional software
installation and create a virtual package to be distributed over
the network. The package can be sent to a PC and "installs"
instantly into a virtual file system. But it will introduce about a
3% increase in application start-up times, said Steve Morton,
Altiris vice-president of product management and marketing.
Altiris' approach is to provide enterprise service management,
tying inventory, helpdesk systems, patch management and security
configuration into a back-end configuration management database.
Administrators will be able to remotely administer, remove, and
roll back virtualised applications from a central point. The system
will be priced per user mode.
Altiris also wants to move nearer to the operating system kernel
with its technology. Its next release of SVS will include the
ability to virtualise operating system patches as well as
applications. This will please IT administrators who have spent
years agonising over operating system patch deployments, worrying
that they will cause more system problems than they solve.
Theoretically, an application virtualisation product supporting
operating system patches could remove some of that pain, although
it remains to be seen how well the company tackles this task.
That raises interesting questions about the security
ramifications of such software. If the virtualisation layer is
intercepting communications between the application and Windows
resources, it becomes possible to watch for suspicious behaviour,
such as putting a DLL file with a known signature in a certain
place, or writing suspicious keys to the registry.
Given that more advanced anti-malware tools already monitor
application behaviour, it does not take much imagination to
envisage an application virtualisation system with inbuilt
anti-malware features.
It is far too early in the game for that to happen, and we are
likely to see more players flock to the market before feature sets
mature. In the meantime, though, Altiris will be complementing SVS
with more functions.
When it bought FSLogic it acquired Protect, a software tool that
saves a baseline operating system configuration, which can be
restored after someone has used a PC. This would be useful, for
instance, for public computers in hotel lobbies that need to
restore themselves to a standard configuration after guest use.
Protect and SVS were developed using different code bases, and
currently cannot run on the same machine. But by the summer, the
company said it would merge the code paths of the two products.
Bentley said this would give administrators total state
management. "That means being able to virtualise an entire user
session," he said. "When I log on, if I download a virus that is
not supposed to be there [the administrator] can just wipe that
away when the user logs off because everything they are doing is
virtualised."
Another approach is to mix software virtualisation with
application streaming. This is what Softricity does: the
application sits on the server, but executes on the client. Chunks
of code are sent across the network to run locally as required.
On the desktop, the application uses Systemguard (a file
virtualisation layer similar to the Altiris technology) but it
forms part of a wider software caching product. When a user logs on
to a machine and starts to use an application, segments of code
begin streaming from the server and installing themselves in the
local virtual file system. They stay there so that they can be used
the next time that person logs on.
This all happens on the Softgrid Universal Desktop Client, which
forms one part of Altiris' Softgrid application streaming system.
The Softgrid Sequencer converts Windows applications into packages
that stream from the Virtual Application Server. Streaming is
administered using the Softgrid Management Web Service, which hooks
into active directory and third-party systems management tools to
handle details such as user permissions.
Softricity recently signed a strategic deal with Microsoft to
deliver application streaming via Systems Management Server.
The system includes a back-end licence-compliant component to
help manage end-user licences for streamed applications. It also
supports mobile users with cached virtualised applications,
enabling systems administrators to set time limits after which they
must reconnect to the network to authenticate their applications.
For £4,250 you can buy 25 end-user licences, with unlimited
sequencers and application servers.
Citrix, the company known primarily for running applications on
the server and streaming user interfaces to thin clients, is also
getting into the application virtualisation business.
According to Brian Nason, product line executive for emerging
products, its traditional server-side processing products are
already virtualising applications. Tarpon, a project that the
company began talking about late last year, will provide full
application virtualisation space by essentially mimicking
Softricity's streaming/isolation concept.
The technology behind Tarpon originally appeared in Presentation
Server 4.0 as a way of isolating centralised applications in a
protected environment to address software compatibility problems.
Expect to see Tarpon this year.
The availability of this new Citrix product should increase the
visibility of application virtualisation considerably. With its
£513m revenue, Citrix has more sales and marketing muscle than £96m
Altiris. Softricity is still privately owned.
With application virtualisation at the start of the growth
curve, it is not surprising that few firms are involved at present,
but one surprising omission is Microsoft.
It is clear that virtualisation is set to become a dominant part
of future datacentre architectures as users see the benefits. It
improves IT management and simplifies infrastructure by allowing
servers to be consolidated.
Other benefits include the ability to distribute sets of
applications on a USB key and having them run when you plug the key
into the client. The applications would run on the PC's processor,
but would write to a virtualised file system on the USB key.
Altiris is already pushing this model and Nason said Citrix has
been discussing this concept with portable storage companies such
as SanDisk.
"A lot of people are looking at that from a data protection
perspective," he said. "You can take your sensitive applications,
encrypt them and put authentication on them."
Why server virtualisation works
Server virtualisation, unlike many other emerging transformative
IT infrastructure technologies, offers companies practical benefits
today, in addition to long-term transformational potential.
It works with many or most existing applications. Because server
virtualisation mimics server hardware, only software that requires
direct control of hardware is incompatible.
It is supported by many leading software, hardware, and services
suppliers. VMware has been successful, in part, because it
recruited Dell, HP, and IBM as partners for reselling its
software.
Virtualisation lends itself to incremental deployments and
graduated use of its features. Initially, many firms used server
virtualisation to simulate server environments for test and
development purposes.
But as firms have gained experience with the technology - and as
support from suppliers has improved - they have gradually expanded
their use.
Virtualisation helps companies to cut hardware costs. Once firms
gained confidence with virtualised servers, they realised they
could consolidate many infrastructure servers, such as back-up
domain controllers, DNS servers and print servers.
It increases server management flexibility. Virtual servers can
be moved easily from one server to another by simply hibernating or
shutting down the server and then restarting it on a new box.
Source: Forrester Research