A public sector reality

Government organisations – like many private sector companies – are faced with a number of delicate IT balancing acts. At a high level one of these has always been cost versus innovation. Every IT department wants the latest and greatest technology, but this comes at a price, and in the current economic climate budgets are under tighter scrutiny than ever before.
    
As public sector organisations have looked to rein in costs, one technology that has proven to be incredibly popular is virtualisation. The public sector is not alone here – organisations of all types have been quick to embrace virtualisation – but certain characteristics of government IT departments make it a very good fit. By allowing IT departments to reduce their hardware footprint, lower power and cooling costs, and simplify management and maintenance, virtualisation is ideal for those public sector organisations with a small IT staff working within a tight budget.
    
A more recent conundrum facing IT organisations is striking a workable balance between enabling flexible working patterns for its end-users with the potential cost, productivity and security concerns that may arise. End-users want a rich and fully-functional experience while IT departments need to ensure that demands for flexibility and accessibility do not override the need to safeguard data and minimise overheads.

Security
Perhaps the main issue for public sector organisations is how to stop sensitive data being lost or going outside the network. The fundamental requirement to manage and secure this type of data typically conflicts with an essential, flexible working capability of employees. The ability for users to access information and applications while working from home, alternative locations or while they are mobile is also key. Many government organisations also require more secure authentication standards, such as smartcards or biometric controls, before the user can access applications and data.
    
There are specific security accreditations that many public sector IT departments now consider a crucial requirement. Many organisations are looking for EAL4+ (Evaluation Assurance Level Four) accredited technology, and CESG (Communications-Electronics Security Group) approved products. Other fairly common standards – such as 256-bit AES (Advanced Encryption Standard) encryption – ensure that data remains as safeguarded as possible.
    
It is virtualisation that is also now offering a solution to this problem – something that VMware CEO Paul Maritz referred to in his keynote at VMworld 2008 as the ‘desktop dilemma’. This is the choice of whether to provide thick or thin clients for employees. Thick clients, or fully loaded PCs, give employees a rich set of applications in their desktop environment, but can be a management nightmare because applications can be distributed across thousands of PCs that must be provisioned, updated, patched and secured individually. Thin clients are cheaper, more secure, and more cost-effective to manage, but traditionally have not been able to deliver the richness, flexibility, or compatibility of a thick client.
    
Virtualisation at the desktop level is one technology that is being touted as a solution to the problems being faced by IT departments trying to enable flexible working and rich end-user experience but still wishing to retain tight control over sensitive information and a straightforward approach to management.
    
Virtual desktops are simply desktop environments run in a virtual machine located within the data centre, in much the same way that server environments are run as virtual machines. These virtual desktop machines are running desktop operating systems such as Windows XP or Vista. Depending on the strategy an organisation takes, virtual desktops can be accessed securely in a number of ways – through a thin or fat client within the corporate network or over a remote desktop protocol.

Drivers for Desktop Virtualisation
As IT departments review their desktop technologies a number of key areas are accelerating the adoption of virtualisation.
    
Desktop Replacement and Centralisation: standard PCs have relatively short refresh cycles, which adds to financial and maintenance overheads. Virtualisation can extend the life of old PCs and reduce hardware acquisition, maintenance and management costs through the adoption of thin client devices.
    
Desktop Disaster Recovery and Business Continuity: IT departments can provide automated back up, data protection and disaster recovery abilities for desktop environments. These levels of protection were traditionally reserved for server applications. Because virtual desktops are not tied to one appliance, users have a number of options for accessing the environment.
    
Virtualisation delivers far greater levels of availability than physical environments can deliver, so end-users are ultimately more productive. The more advanced virtualisation platforms can move virtual machines between hosts without any downtime so hardware failure on a physical machine in the data centre no longer has to affect end-users.
    
Desktop security: One of the main issues for IT organisations is how to stop sensitive data being lost or going outside the network. Central enforcement of security policies and control over desktops gives organisations even greater control over desktop security, while features such as network encryption ensures that information is protected wherever virtual desktops are being accessed from.
    
One of the overarching benefits of the virtual desktop model is that IT departments have far greater control over desktops and the corporate assets they hold. Retaining centralised control of desktop environments makes security maintenance far easier to manage. Security updates and upgrades to applications and operating systems can be performed centrally rather than being pushed out over the network and disrupting end-users.
    
A newer concept is ‘offline desktops’ – that is the idea that virtual machines can be checked out from the data centre to a device, used offline and then checked back in when they get back on to the network. In checked out mode the virtual machine will be fully locked down so data security will not be compromised.

Environmental effects
The green agenda is now an accepted part of IT, and virtualisation has become synonymous with this trend. Hosting desktops in the datacenter as part of a virtual desktop initiative doubles the replacement cycle of PCs or thin clients, reducing the significant environmental impact associated with manufacturing new equipment. Thin clients generally consume around 15 per cent as much power as a standard desktop computer so many organisations are looking to move to this model as part of their CSR initiatives.
    
The Greening Government ICT white paper published in July 2008 laid out a clear direction for public sector organisation to consider the energy efficiency, and disposal of IT equipment. Desktop virtualisation is driving the adoption of more energy efficient thin clients as well as extending the life of current desktop systems and can be a significant contributor to progress in any green initiatives.
    
Performance and end-user experience is a key consideration in selecting a desktop strategy. Previous centralised desktop approaches often suffered from latency issues and their hunger for computing resources often meant it was difficult to deliver particularly resource intensive applications using these methods. By providing end-users with all the applications they are accustomed to, virtual desktops ultimately optimise productivity and ensure end-user acceptance. Happy and productive end-users are often the litmus test for any IT initiative, and desktop virtualisation tends to score well with particularly demanding employees
     
Another of the benefits of the virtual desktop approach is that computing resources can be dynamically allocated to address varying performance demands. With virtual desktops, resource utilisation can be monitored and virtual desktops moved between host machines, ensuring loads are balanced across the infrastructure and resources are allocated appropriately. If a company has a number of power-users or staff members whose usage peaks at certain times e.g. during end of month payrolls, then IT departments can build in rules that­ automates the allocation of suitable resources to those users at specific times.

Summary
Desktop computing strategies for public sector organisations have reached a key inflexion point. The benefits of a centralised strategy driven by virtualisation technologies are more compelling than ever and offer benefits over both thick client and proprietary thin client approaches. Whether the drivers are cost benefits, security, continuity and disaster recovery or achieving environmental targets, virtualisation now offers public sector IT new options that are worthy of consideration.Case study: Southgate College
Southgate College is a London-based institute of learning providing learning and support services to students from across North and West London. It has around 12,000 students enrolled on a full and part-time basis in a wide range of subjects.
  
Having successfully updated its server strategy using virtualisation, the College’s IT team turned to virtualisation at the desktop and application level in order to standardise its approach to delivering desktops and minimise the costs and maintenance efforts associated with rolling out new terminals.
  
In June 2008 the IT team began an eight week project to replace 600 desktop machines with virtual desktops based on VMware Virtual Desktop Infrastructure (VDI) and a further 10 HP blade servers. These centrally-hosted virtual desktops are accessed on-site through 600 HP Thin Client terminals, or remotely through a web browser.
 
In order to simplify the delivery and security of the desktop deployments, Southgate College implemented VMware ThinApp, an application virtualisation product that encapsulates the application from the operating system and streams it to the client without the need for any installation on the client end. Using ThinApp, Southgate delivers its applications from a central ThinApp server into a standard Microsoft Windows XP virtual machine image, making the management and provisioning of desktop resources far easier for the IT team.
 
The implementation has helped the college significantly lower its IT infrastructure costs. Replacing its server and desktop estate with virtual machines as opposed to physical versions saved the college around £450,000 in acquisition costs. The combination of virtual desktops and thin clients delivered a further saving on power of £20,000 per year. On top of this the college has fully centralised control over all of the desktops within the college and has dramatically simplified the maintenance and management of their estate.

Please register to comment on this article