Download Virtual Desktop Virtual Desktop

Virtual Experience Infrastructure
Richard Dodsworth, Lai KwaiSeng
© 2009 Cisco Systems, Inc. All rights reserved.
Desktop Virtualization: XP EOL
© 2009 Cisco Systems, Inc. All rights reserved.
2
Desktop Virtualization : Intellectual Property
Protection
© 2009 Cisco Systems, Inc. All rights reserved.
3
 "The worldwide hosted virtual desktop (HVD) market will
accelerate through 2013 to reach 49 million units, up from more
than 500,000 units in 2009, according to Gartner Inc.
 Worldwide HVD revenue will grow from about $1.3 billion to $1.5
billion in 2009, which is less than 1 percent of the worldwide
professional PC market, to $65.7 billion in 2013, which will be
equal to more than 40 percent of the worldwide professional PC
market."
- Gartner, Inc.
http://www.gartner.com/it/page.jsp?id=920814
© 2009 Cisco Systems, Inc. All rights reserved.
4
Challenges of Traditional PC Environment
Transition Opportunities
Microsoft Windows 7 Migration
Data
Security
Compliance
Lost Agility
 Reduce migration costs
 Reduce application incompatibility
 Extend life of existing desktop software
Remote Office and Branch Office
 Reduce costs by single point of
management
& Productivity
 Centrally control sensitive data
Contractors and Employee-Owned IT
 Manage desktop image on
employee-owned assets
High TCO and
Lifecycle Costs
 Provide separation between
corporate and personal desktops
Business Continuity
 Endpoint Independence
 Rapid Provisioning
Heavy
Administration
User End
point and
Application
Demands
© 2009 Cisco Systems, Inc. All rights reserved.
Remote and Mobile Users
 Enable desktop access regardless of
network connection type
 Extend security and control
 Centrally control sensitive data
5
Virtual
eXperience
Infrastructure
© 2010 Cisco and/or its affiliates. All rights reserved.
6
Desktop Virtualization
 Refers to the separation of the physical endpoint from
the logical desktop
 Endpoints may be variety of devices; applications are
hosted where ever the best user experience is offered
(locally at endpoint or data center)
 Access from the endpoint to the logical desktop is
delivered through the network
© 2009 Cisco Systems, Inc. All rights reserved.
7
Centralized
Virtual Desktops
Datastore(
s)
HTTPS
Secure
Tunnel
Desktop
Client
Any Device
Media Rich
slot 1
slot 2
slot 3
slot 4
slot 5
slot 6
slot 7
slot
Display
Brokers
DMZ
End
Station
vCenter
Internet
Security
Desktop Brokers
Security
Bandwidth
& Latency
Secure
Access and
Accessibility
HTTPS Load
High Availability
Scalability
© 2009 Cisco Systems, Inc. All rights reserved.
slot 1
slot 2
slot 3
slot 4
slot 5
slot 6
slot 7
slot 8
AD
Core Compute
(Virtual Desktop)
High Availability
Scalability
Edge Security
Desktop Mobility
8
What Cisco Does with VXI…
VXI
Validated
Integrated
Optimized
Video / Audio
Scalable
Data Center
Streaming
Interactive
UCS Compute
Bundles




Open
Borderless
Network
Services
Security
Power Mgmt
Branch Survivability
Delivers an enhanced user experience
Leverages the network as a platform
Integrates with 3rd party technology in open ecosystem
Drives ROI in the DC
© 2009 Cisco Systems, Inc. All rights reserved.
9
Virtualization Experience Infrastructure (VXI)
End-to-End System
Virtualized Data Center
Virtualized
Collaboration Workspace
Virtualization
Endpoints
CUPC
MS Office
Video
Virtualization Aware Network
Microsoft OS
Branch
Data Center
Network
Desktop Virtualization Software
ACNS/
WAAS
Cisco
WAN
Desktop Virtualization Client
Nexus
ISR
Hypervisor
Broker
Virtual
QUAD
Virtual
CUCM
Endpoint Ecosystem
WAAS
ACE
Wyse, Devon IT, iGEL
FC
FC
End-to-End Security, Management and Automation
© 2009 Cisco Systems, Inc. All rights reserved.
10
Cisco Desktop Virtualization Solution
 Removes VDI
deployment barriers
Partner Solution
Elements
App
Desktop Virtualization S/W
VMWare/Citrix
Storage
Cisco
MDS9000
Family
Unified
Fabric
Clients
WAN
Data
Desktop O/S
 Combined joint partner
solutions with industry
leaders
 Cisco Validated
Designs & Services to
accelerate customer
success
App
Hypervisor
VMWare/Citrix
VDI Broker
Cisco
ASA
Cisco
WAAS
Cisco
ACE
Unified
Network Services
Unified
Computing
Cisco Data Center Business Advantage Framework
Virtualized Data Center
© 2009 Cisco Systems, Inc. All rights reserved.
11
Current =
VXI Technology Partners
Endpoints
Desktop
Virtualization
Software
Hypervisor
Management
In Progress =
Storage
Optimization
Storage
HW Acceleration
Virus Scan Offload
Monitoring Tools
Monitoring Tools
© 2009 Cisco Systems, Inc. All rights reserved.
12
 Cisco Validated Designs, validated through System Level Testing, enable customers to:
•
Lower risk of deploying technology solutions
•
Increase speed of technology solution deployment
•
Deploy a scalable, reliable, predictable foundation
•
Ease technology solution integration
•
Ease deployment of business critical applications
•
Utilize Cisco Advanced Services to customize a CVD to meet specific requirements
 Detailed system design and/or implementation guidance are available to provide:
•
Customer use examples
•
Products, Software and Configurations used in design testing
•
Design limitations uncovered during testing
www.cisco.com/go/vxi
© 2009 Cisco Systems, Inc. All rights reserved.
http://iwe.cisco.com/html/index.html#url=/web/cisco-vxi
13
VXI Components
- End Points -
© 2010 Cisco and/or its affiliates. All rights reserved.
14
 Voice/Video embedded
in the display protocol
Data Center
Virtual Desktop
Display Protocol
Media Flow
Thin
Client
Signalling
Cisco
Unified
CM
WAN
 Heavy processing on
virtual desktop in data
center
 Bandwidth explosion
 Latency and jitter
Signalling
 Display protocol and
possible endpoint
become unstable
Display Protocol
Media Flow
Virtual Desktop
 Media flow goes all the
way back to data center
and back
Thin
Client
© 2010 Cisco Systems, Inc. All rights reserved.
15
VXC
App
App
Data
Desktop O/S
End User
Signalling
Unified
CM and
Unified
Presence
Server
Media
Flow
Outside of Display
Protocol
Connection
Broker
Signalling
Data Center
Data Center
© 2010 Cisco Systems, Inc. All rights reserved.
16
• Video & Voice
Support
• Linux based endpoint
• Monitors
Single:2560x1600
Dual:1920x1200
• No PoE
App
Data
VXC 6215
Desktop O/S
Signalling
End User
• Software Appliance
on XP and Windows
7
• Voice Support only
• Enables VXI
Collaboration for
refurbished PCs
App
Unified
CM and
Unified
Presence
Server
VXC 4000
Signalling
Connection
Broker
Media Flow outside of Display Protocol
© 2010 Cisco Systems, Inc. All rights reserved.
Data Center
17
 Zero client endpoints
 Integrated form factor for Cisco
Unified IP Phone 8961, 9951*, 9971
 VXC-2212 supports HDX/ICA, RDP
 VXC-2211 supports PCoIP
 Powered via Phone – Leverages
existing Power over Ethernet (PoE+),
or PWR-CUBE-4
 Works with Cisco IP Phones to deliver
voice, video, virtual desktop
* NOTE: 9951 IP Phone must have Serial Number
FCH153681E0 and above, OR VID V05 and above
© 2010 Cisco Systems, Inc. All rights reserved.
18
 Zero client endpoints
 Standalone form factor
 VXC-2212 supports HDX/ICA,
RDP
 VXC-2211 supports PCoIP
 Powered with Power over
Ethernet (PoE+ - 30W) or with
PWR-CUBE-4
 Works with Cisco IP Phones to
deliver voice, video, virtual
desktop
© 2010 Cisco Systems, Inc. All rights reserved.
19
 Enterprise tablet that combines
voice, video, collaboration, and
VDI
 Supports external Bluetooth/USB
mouse & keyboard when docked
 Supports external display in
“mirror mode”
 Supports Citrix Receiver, VMware
View Client and Wyse
PocketCloud
© 2010 Cisco Systems, Inc. All rights reserved.
20
Zero Clients
Zero Clients
Software
Appliance
Thin Client
Enterprise Tablet
VXC 2100 Series
VXC 2200
Series
VXC 4000
VXC 6215
Cisco Cius
Shipping
Shipping
Available
Q4CY11
Available
Q1CY12
Shipping
Recent additions to the Virtualization
Experience Clients (VXC) portfolio
© 2010 Cisco Systems, Inc. All rights reserved.
21
 Enables UC voice capabilities
for repurposed windows PCs
for virtual desktops
 Introduces unique voice
processing capabilities that
efficiently use network and
data center CPU resources,
eliminating the hairpin effect
 Supports Citrix XenDesktop
and VMware View
 Based on CIPC (Cisco IP
Communicator)
 Endpoint support: WinXP,
Win7
 Target Availability: Q4CY11
© 2010 Cisco Systems, Inc. All rights reserved.
22
 A thin client that unifies voice,
video and virtual desktop in one
device
 Supports high quality, scalable
voice and video, delivering optimal
user experience
 Introduces unique voice, video
processing capabilities to
eliminate the hairpin effect
 Linux based platform supports
HDX/ICA, PCoIP/RDP
 Target Availability: Q1CY12
© 2010 Cisco Systems, Inc. All rights reserved.
23
 Innovative form factor that reduces real estate and simplifies
management
 Power over Ethernet (POE) delivering energy savings and
compliance to green initiatives
 Thin Client endpoint that provides a single converged desktop
asset for rich media, voice and video collaboration in a hosted
virtual desktop (HVD) environment
 Software appliance option that leverages existing PC
investments
 Collaborative mobile virtual workspace on an enterprise tablet
 Cisco Validated Design (CVD) that provides blueprint for
successful deployments and lower TCO
 Cisco Technical Assistance Center (TAC) support for end to end
solution
© 2010 Cisco Systems, Inc. All rights reserved.
24
VXI Components
- Borderless -
© 2010 Cisco and/or its affiliates. All rights reserved.
25
Borderless Network
 What happens to the network services?
Bandwidth Reduction
Protocol Optimization
File caching
Security
QoS
Print
Gateway
Call control
Compute
 Network services depend on client
Zero – Minimal local services
Hybrid – Local UC and Web applications and services
Thick – Traditional local applications and services
© 2010 Cisco Systems, Inc. All rights reserved.
26
• Hairpinning
•WAN’s effects on Users Experience
• Display Protocol Opaque to the Network
Video Source
Video processed on HVD
causing bandwidth and
server compute overload
Branch Office
End-users see pixelization
and bad UE without WAN
Optimization/Acceleration
Branch Router
T1
Data Center
Increasing bandwidth
might not help
Routing
Protocol
Campus
Display
Video Protocol
End-users experience
no pixelization on LAN
© 2010 Cisco Systems, Inc. All rights reserved.
27
Borderless Network
Network Strategy
 Display protocols are proprietary
 Display protocols attempt to deliver media streams,
text, and bulk transfer in a single or set of
connections
 WAAS increases WAN user density from 2X to 8X
 Network Intelligence to disaggregate data types so
the network can appropriately differentiate
 Offer a seamless migration to web
© 2010 Cisco Systems, Inc. All rights reserved.
28
Borderless Network
Display Protocol Channels
 Display protocols operate at the
session layer
 Display protocols were intended to
remote applications and not desktops
USB
Display
Protocol
TCP
Video
Sound
Print
 Desktop interactions require that some
local client services be extended to the
remote virtual desktop
 Channels provide a means to extend
remote virtual desktop services
 Channels cannot leverage network
services like QoS, security, stream
splitting, or multicast
© 2010 Cisco Systems, Inc. All rights reserved.
29
Citrix XenDesktop and ICA/HDX
•
Latest release: XenDestion 5.5 – Improved HDX for WAN, better
management
•
HDX MediaStream and Adaptive Orchestration
• Leverage client-side resources
• Better server scalability
• More simultaneous users over WAN (Controlling Bandwidth
Explosion)
• Handle changing network conditions
•
HDX Flash Redirection
• Now can handle 300 ms RTL
• Linux now supported
• Fallback to Server-side rendering adaptively
•
HDX VoIP-Over-ICA
• Inline with Cisco VXI approach of separating media
• SDKs for VOIP providers
• Multi-Stream ICA for QoS
• Larger Audio Jitter buffers
•
Basic Characteristics
• 64 Virtual Channels
• TCP based protocol
• Encryption/Compression
© 2010 Cisco Systems, Inc. All rights reserved.
30
PCoIP Optimizations – View 5.0
Benefits
Description
• New optimization controls to reduce bandwidth
• Client Side Caching
• Lossless CODEC
• Build to Lossless GPO
• Customize to reduce bandwidth usage on both
the LAN and WAN
• Up to 75% reduction in bandwidth usage
• Improve scalability on WAN links
• Increase user density on WAN
• Configure by user case, user expectation and network
requirements
WIN7 Aero
& Win 8
Metro
Interfaces
• Optimization Controls available in GPO
View
5.0
Power User
• Build to lossless
(default)
• Direct CPU/GPU to
endpoint
mapping
• Superior image quality
Task Worker
• Disable build to
lossless
• Client side caching
• Best performance on
constrained WAN
All use cases = UDP, Secure, future proof, OS & application
independent, session resilience
All
video
codecs
© 2010 Cisco Systems, Inc. All rights reserved.
Office Worker
• Dynamic network management
• Correct codec for each media type
• Best image quality on available
network bandwidth
Network
latency
independent
31
WAAS 4.5 Optimization with Citrix ICA
AO
 WAAS optimize encrypted and compressed ICA desktop session
traffic ( no changes required on ICA client, HVD, or DC
infrastructure) for all versions of XenDesktop and XenApp
 Includes WAAS 4.4 Application aware DRE feature for
unidirectional caching of desktop session traffic which improves
the scalability and Application performance
Head quarters
Branch Office
Display
Protocol
Edge Router
Citrix HVD
WAN Acceleration for Display Protocol
ICA client
Branch WAE
Data Center WAE
Note: Multi-Session ICA (MSI) in XenDesktop 5.5 is not supported in the current release. If MSI is used only one initial session (port 1498) will be optimized
automatically. Other flows will be treated as regular TCP flows
© 2010 Cisco Systems, Inc. All rights reserved.
32
Citrix ICA AO Capabilities
 Interoperate w/native ICA encryption
− Without requiring manual registry changes or changes to XenDesktop
and XenApp settings
− 3 flavors of RC5 (40b,56b,128b keys) with DH key exchange
− SSL deployments with Citrix Access Gateway + Secure Gateway
 Target Bandwidth reduction of 40% - 60% (mileage will vary)
 Supports XenDesktop (4.0/5.0/5.5) XenApp (6.0/6.5) and ICA
 Supports HDX Mediastream redirection for client multimedia rendering
 Fully supported by Citrix and Cisco
© 2010 Cisco Systems, Inc. All rights reserved.
33
WAAS Acceleration for vmView Connection
Status
 RDP-in-HTTPS session
 WAAS performs optimization of HTTPS flow from View Client
to Cisco ACE VIP
 Multiple RDP direct mode sessions running MMR streams
 The byte counts give an indication of where the bulk of the data
is coming from flow-wise
© 2010 Cisco Systems, Inc. All rights reserved.
34
Value of WAAS in VDI environment
 WAAS can optimize both VDI (ICA, RDP, MMR, USB) and non-VDI traffic
and represents more comprehensive solution
 WAAS can be deployed in different form factors : hardware appliance,
network module in ISR, IOS feature in ISR, as a software aplication running
on SRE module, as a virtual appliance in vSphere. and as an application
running on laptop.
 WAAS compression ratio and performance is better than most competitor
offerings
 WAAS licensing is also more favorable and reduces TCO of large scale
deployment.
© 2010 Cisco Systems, Inc. All rights reserved.
35
Bandwidth Reduction
Protocol
Vendor
Transport
Bandwidth
without WAAS
(Approx)
Cisco KW+
Bandwidth
without WAAS
(Approx)
Task Worker
Bandwidth
with WAAS
(Approx)
Task Worker
Remote
Desktop
Protocol
(RDP)
Microsoft
TCP 3389
1.5 Mbps
384 Kbps
96 Kbps
Independent
Computing
Architecture
(ICA)
Citrix
XenDeskt
op
4.0/5.0/5.5
TCP 2598
CGP
TCP 1494
967 Kbps
120 Kbps
60 Kbps
PC over IP
(PCoIP)
Teradici /
VMware
Media –
UDP
50002/4172
Control –
TCP
50002/4172
1.5 Mbps
192 Kbps
192 Kbps
© 2010 Cisco Systems, Inc. All rights reserved.
36
Visibility into Display Protocol
 Customer Benefits:
Hosted Desktop Architecture fix-up for rich media applications
No change needed at end-points for deployment
Display protocol agnostic
Leverage existing Cisco network services
© 2010 Cisco Systems, Inc. All rights reserved.
37
Borderless Network
Quality of Service in a Cisco VXI Network
Protocol
Desktop Virtualization Protocols
RDP7
PCoIP*
TCP/UDP Port
DSCP /CoS Value
TCP 3389
TCP & UDP 50002
TCP & UDP 4172
DSCP af21/CoS 2
DSCP af21/CoS 2
DSCP af21/CoS 2
Session
TCP 1494
DSCP af21/CoS 2
Session Reliability
TCP 2598
DSCP af21/CoS 2
Web Services
USB Redirection (PCoIP)
MMR
Other Protocols found within Cisco VXI
Network-based Printing (CIFS)
UC Signaling (SCCP)
TCP 80
TCP 32111
TCP 9427
DSCP af21/CoS 2
DSCP af11/CoS 1
DSCP af31/CoS 4
TCP 445
TCP 2000
DSCP af11/CoS 1
DSCP cs3/CoS 3
UC Signaling (SIP)
TCP 5060
DSCP cs3 /CoS 3
UC Signaling (CTI)
UC Media (RTP, sRTP)
TCP 2748
UDP 16384 - 32767
DSCP cs3/CoS 3
DSCP ef/CoS 5
ICA/HDX
 Display protocols obscure multiple traffic types in a single TCP
connection
© 2010 Cisco Systems, Inc. All rights reserved.
38
Data Center Network
Central Policy Engine
Differentiated
Access
•
•
•
Campus
VXI service only
Internet only
Full access
Controlled
Access
Broker
Internet
•
Policy Based Device/User
Network Access
 Enable differentiated network access to
Device/User type
 Utilize existing network access control
infrastructure
 Allow controlled access only to VXI
infrastructure for Employee owned
assets, Temporary workers etc.
•
Policy Based DC resource access from HVD
 Common VDI infrastructure for different user groups for cost and flexibility reasons
 Controlled access to sensitive resources in Data Center
 Using Security Group Access
 Goal: Extend existing SGA based access control to VDI (SMB)
 Using Virtual Switch and Virtual Firewall
 Goal: Provide access level security closest to HVD (including east-west
traffic Control)
 Open to separate policy management using virtual firewalls
© 2010 Cisco Systems, Inc. All rights reserved.
39
VXI Components
- Data Center -
© 2010 Cisco and/or its affiliates. All rights reserved.
40
Data Center
Considerations
 Compute
Scale
Cost
Performance
Power/Cooling
Space
 Storage Scale
Scale capacity (Linked and Flex Clones)
Scale IOPS
 Client Network Services
Separation
Monitoring
IP address management
© 2009 Cisco Systems, Inc. All rights reserved.
41
Objective: Maximize User Density and Improve ROI by Scaling the Data Center
Strategies
Increase HVD Density by Optimizing
Hypervisor Resource Usage
WAAS
Quad
ASA
UCS
Nexus
1000v
Virtual
Security
Gateway
Unified
ACE
CM
Increase HVD Density with Cisco UCS
Extended Memory; preserve user
experience with PCoIP Offload
Increase availability and load-balance
connection brokers with Cisco ACE
Compute
Extend Investment in Shared Storage with
Caching Technologies to Reduce IOPS
© 2009 Cisco Systems, Inc. All rights reserved.
42
Compute
Cisco UCS – Do More with Less!
How do you achieve a 30% savings
x86 Servers
50%
Infrastructure
Elements
Power
Consumption
VDI Instances
per Server
50%
24+%
100%
© 2010 Cisco Systems, Inc. All rights reserved.
Rack Space
30%
Distribution
Layer Ports
30%
In Rack
Cabling
75%
43
Increase performance and capacity for demanding virtualization workloads
=>
Higher
HVD
Density
Cisco UCS Servers
Cisco UCS With
Extended Memory
Xeon 5600
Xeon 5600
48 DIMMs
Max 384GB
Higher Performance
© 2009 Cisco Systems, Inc. All rights reserved.
44
Compute
UCS Virtual Desktop Densities
slot 1
slot 2
slot 3
slot 4
slot 5
slot 6
slot 7
slot 8
slot 1
slot 2
slot 3
slot 4
slot 5
slot 6
slot 7
slot 8
Blade
Server
CPU
Server
Memory
B200-M1
Xeon5570 2.93 GHz
48 GB
B200-M1
Xeon5570 2.93 GHz
B200-M1
slot 1
slot 2
slot 3
slot 4
slot 5
slot 6
slot 7
slot 8
Per
Blade
Per
Chassis
WinXP 512 MB
128
1,024
40,960
96 GB
WinXP 512 MB
160
1,280
51,200
Xeon5570 2.93 GHz
96 GB
WinXP 1024 MB 150
1,200
48,000
B250-M1
Xeon5570 2.93 GHz
192 GB
WinXP 1024 MB 332
1,328
53,120
B250-M2
Xeon5600
192 GB
Win7-32 1.5 GB
110
440
17,600
B230-M1
Xeon6500/7500
128 GB
Win7-32 1.0 GB
80
640
25,600
© 2010 Cisco Systems, Inc. All rights reserved.
Desktop
Configuration
slot 1
slot 2
slot 3
slot 4
slot 5
slot 6
slot 7
slot 8
Per
Domain
45
Offloads PCoIP image processing to reduce CPU load, enable more users per server
APEX 2800
PCoIP Offload Card
• Insures consistent, reliable user
experience regardless of server
demand
• Reduces server CPU utilization up
to 50%; adapts to fluctuating
workloads
• Supports up to 64 displays
© 2009 Cisco Systems, Inc. All rights reserved.
Cisco UCS C Series
• Validated with Cisco UCS C Series
Rack Mount Servers
• Offload card plugs directly into
server
• Can increase user density, enable
existing users to run intensive apps
46
Storage
Scaling IOPS With UCS and Atlantis iLio
Desktop images
(vmdk) on top of
cache memory
Desktops
APP
OS
APP
OS
APP
OS
Virtual Storage
Appliance
iSCSI/NFS
Hypervisor
ESX server
The desktop
vmx/vmdk file is
actually created in
the vmfs namespace
NAS
© 2009 Cisco Systems, Inc. All rights reserved.
SAN
DAS
47
Storage
Atlantis UCS Storage IOPS Offload
Atlantis ILIO IOPS Offload (OnBlade)
IO Reads
IO Writes
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
80%
90%
100%
Atlantis ILIO IOPS Offload (Top-of-Rack)
IO Reads
IO Writes
0%
10%
20%
30%
40%
 Storage IOPS are critical to scaleable VDI
 Win7 with AV requires around 80 IOPS
 ILIO appliance with UCS Extended Memory
Technology helps in reducing IOPS over
network and to disk
50%
60%
70%
 ILIO on UCS benefits
Storage Optimization
Performance acceleration
Support for Stateless or Persistent desktop models
Cut storage cost
Improves overall user experience
© 2010 Cisco Systems, Inc. All rights reserved.
48
4
Network
Nexus 1000v Per VM Network Services
 Client LAN Features
DHCP Snooping
Dynamic ARP Inspection
IP Source Guard
 Virtual Ethernet Module (VEM)
Networking capabilities at the hypervisor level
L2 switching, CDP, Netflow, ACLs, QoS, SNMP, etc
Local Switching
Port Profile to simplify Network Policy
 Virtual Supervisor Module (VSM)
Mgmt, monitoring and config of VEM instances
Sees each VEM as a virtual chassis module
Configuration done through port-profiles
Tight integration with Virtual Center
Runs on dedicated appliance or virtual machine
 Virtual Chassis Concept
Redundant Supervisors (VSMs)
Currently up to 64 VEM instances (64 ESX hosts)
Presents a network view of the virtual access layer
© 2010 Cisco Systems, Inc. All rights reserved.
49
Network
VM Segmentation and Zoning
Zone 1
VM
#1
VM
#2
VM
#3
VM
#4
VSN
Nexus 5000
Internet
Zone 2
VM
#5
VM
#6
VM
#7
VM
#8
 VMs can form logical groups (aka. Zones) based on VM attributes for
easing policy writing and reducing policy scope
 VSN (Virtual Service Node) provides enforcement policy to control
network traffic flowing between VM zones.
 VSN will also provide a subset of firewall inspection functions such as
FTP stateful fix-up
© 2010 Cisco Systems, Inc. All rights reserved.
50
Architectures
© 2010 Cisco and/or its affiliates. All rights reserved.
51
Data Center
UCS High Density Fault Domains
 Client – 1 user
 Broker – Up to 2000
 Branch Switch – Up
to 250
 UCS Blade – Up to
332
 Building or WAN – 2
to 1,000
 UCS Chassis – Up to
1,328
 SLB – 2 to 20,000
 Storage – Up to
10,000
Client
LAN
WAE
WAN
WAE
© 2010 Cisco Systems, Inc. All rights reserved.
ACE
Broker
UCS
Storage
52
Architecture
Small Scale Virtual Desktop Architecture
 Branch
Thin Clients or display
protocol clients
WAN Acceleration (1
connection per
HVD/HVA)
 Data Center
WAN Acceleration From
Thin Client (1
connection per
HVD/HVA)
Disp Protocols
Desktop
And
Application
Data Centers
App Protocols
Broker
Virtual Desktops
Applications
© 2010 Cisco Systems, Inc. All rights reserved.
53
Architecture
Large Scale Virtual Desktop Architecture
 Branch
Thin Clients or display protocol
clients
WAN Acceleration (1
connection per HVD/HVA)
 Desktop Data Center
WAN Acceleration From Thin
Client (1 connection per
HVD/HVA)
Broker
Virtual Desktops
Limited applications
WAN Acceleration to
Application (10 connections
per HVD)
Disp Protocols
Theatre
Desktop
Data Centers
App Protocols
 Application Data Center
WAN Acceleration From HVD
Centralized applications
© 2010 Cisco Systems, Inc. All rights reserved.
Corporate
Application
Data Centers
54
VDI Storage
NFS Acceleration
 Display Protocols
 Storage
Remote Desktop Protocol (RDP) –
Microsoft
VMware Virtual Machine File
System (VMFS)
ICA – Citrix
SCSI local datastore
ALP - Sun/Oracle
iSCSI remote datastore (TCP)
PCoIP – Teradici
Fibre Channel remote datastore
Network File System (NFS) - TCP
or UDP
Many other RDP variants
CIFS for user data
C1
UCS
Display
RDP
ICA
ALP
PCoIP
© 2010 Cisco Systems, Inc. All rights reserved.
NAS
Storage
NFS
iSCSI
Fibre Channel
User Data
Client Protocols
CIFS
HTTP(S)
MAPI
Etc
55
VDI Storage
WAAS NFS Acceleration
 Storage
 Client LAN attached
terminal
 Native protocols over WAN
 Centralized VMDK and user
data
C1
C2
C3
UCS
WAE
NFS from ESX to NAS
WAAS between ESX and
NAS
99.6% compression (10 GB
reduced to <100 MB)
Network
WAE
NAS
RDP
NFS
Origin Connection
© 2010 Cisco Systems, Inc. All rights reserved.
Optimized Connection
Origin Connection
56
Conclusion
© 2010 Cisco and/or its affiliates. All rights reserved.
57
 Cisco’s VXI complements conventional Virtual Desktop solution
 Consistent End User’s experience across LAN, WAN
WAN Optimization is crucial for User’s Experience
 Security Simplifications at User’s End
Consistent Edge Security. Move to Data Center
 Scaling Out/UP options to improve OPEX
Offloading compression/encryption to network make sense
 Higher Virtual Desktop Densities improves OPEX
UCS’s allows higher vm densities, offers lower $$$/vm
 Cisco CVD for VXI
Proven validated design to mitigate risks
© 2009 Cisco Systems, Inc. All rights reserved.
58
Implementing XenDesktop on Cisco Infrastructure
Jan 10, 2012
Implementing vmView on Cisco Infrastructure
Feb 7, 2012
Security Design and Consideration on Cisco VXI
Feb 9, 2012
© 2009 Cisco Systems, Inc. All rights reserved.
59