Jimmy Chang, Author at Workspot

Announcing Workspot on Amazon WorkSpaces Core: Migrate VDI to Managed, High-Performance Cloud PCs on AWS

Jimmy Chang — Mon, 13 Feb 2023 14:40:30 +0000

Remote work is now mainstream. Many organizations have accelerated the transition to cloud computing to provide resources for users working from anywhere and to access hard-to-source talent globally. However, many companies are still struggling to figure out how to balance hybrid work models with productivity and security.

CIOs have tried various methodologies to support remote work – traditional VDI deployments and remote access through a VPN (Virtual Private Network), laptops on SD-WANs, and shipping hardware back and forth, among others. These approaches suffer from many problems including unreliable user experience, lack of performance due to high latency, serious security risks, and complex and expensive management. The result of these outdated approaches is low productivity, high complexity and costs and greater security risk – surely not a formula for success.

Workspot and Amazon are partnering to address the challenges enterprises face. Today we are announcing Workspot on Amazon Workspaces Core. You can read the AWS announcement here. Workspot integrated the Amazon WorkSpaces Core APIs to create a simple connection between the Workspot Cloud PC management console and the Amazon WorkSpaces purpose-built VDI infrastructure. This allows Workspot customers to easily deploy Cloud PCs and scale VDI capacity on AWS Cloud directly from their existing VDI management solution. This new offering combines Workspot’s F500, enterprise-grade, exceptionally reliable global Cloud PC platform with Amazon Workspaces’ deep knowledge and experience operating virtual desktop infrastructure on a massive scale across Amazon Web Services Regions. Want to see Workspot Cloud PCs in action? You can schedule a demo here and we’ll show you how it works!

Cloud PC Platform with Global Reach, High Reliability, and Zero Trust Security

Workspot Cloud PCs on Amazon WorkSpaces Core are for enterprises that require high-performance Cloud PCs featuring enterprise-grade, zero-trust security for a global user base.

Key features:

Global Automation: Workspot on Amazon WorkSpaces Core automates delivery of Cloud PCs in Amazon Web Services (AWS) Regions to deliver the highest performance by placing each Cloud PC in the AWS Region closest to the end user, minimizing the latency between user and Cloud PC. Enterprises can use one, two, or all AWS Regions concurrently to obtain the highest performance for all users. Workspot Control, which is the web-based management console integrated with the WorkSpaces Core APIs, enables IT to manage all Amazon Workspaces Core regions from a single management console:

- - Manage and automate delivery of all Cloud PCs in any combination of AWS Regions from one place. IT can manage and change images as needed.
  - Automate all provisioning and maintenance workflows without having to access the VMs, network, or storage directly in AWS, thus removing complexity for IT.
  - Manage all Cloud PCs in all regions as a single deployment.

Cost Optimizations and Flexible Options: Optimizing cost is the #1 concern for most IT organizations. Workspot integrates and leverages cost optimization features built into Amazon WorkSpaces Core, such as Cloud PC hibernation and dedicated host management, to deliver the lowest-cost infrastructure options for AWS customers. Workspot also enables customers to choose hourly, monthly, and annual pricing options for their Cloud PCs and workstations so they can select the option best suited for each use case. Amazon offers flexible pricing options so customers can deliver the right resources for every end user.

Global Visibility: All user activities, performance monitoring, and SIEM (Security Information and Event Management) data is delivered to IT through a single admin console with a unified time stamp. The Workspot Network Operations Center (NOC) enables the organization’s operations team to have a real-time, contextualized view of the health of all Cloud PCs globally in a single view. This capability can minimize the impact of an outage and it accelerates both root cause and blast radius analysis.

Adhere to Enterprise Security Requirements: Workspot’s unique architecture separates control of the system from the data transmission. Each organization uses unique proxy gateways; thus, they can use their existing, corporate-standard identity provider, multi-factor authentication, zero trust security policy, and existing security and updating tools. Security teams can connect the Workspot platform to their SIEM, making use of user and platform data to create custom security monitoring and alerts for all activity globally.

Hybrid and Multi-Cloud: Not all workloads may be ready for migration to AWS. Workspot Cloud PCs can also be deployed in hybrid mode using on-premises hypervisors such as VMware vSphere and Linux KVM as well as other cloud infrastructure, including Microsoft Azure and Google Cloud Platform. From a single management console, Workspot uniquely provides IT with complete observability of all Cloud PCs, across on-premises and cloud providers.

Workspot Center of Excellence for Cloud PCs: Many organizations do not have end-user computing expertise available on staff. The Workspot Customer Success Team partners with our customers’ IT teams as trusted advisors and acts as an extension to IT. They make use of innovative, proprietary tools to proactively manage and monitor the Cloud PC environment. They collaborate with the customer’s IT team on an ongoing basis to identify Cloud PC performance and connectivity issues and analyze root causes. When needed, Workspot interfaces with key third parties such as AWS, Intel, AMD, and NVIDIA on our customer’s behalf to get to a quick resolution. The Customer Success Team also focuses on ensuring customers benefit from ongoing platform innovation.

Workspot on Amazon WorkSpaces Core will be available across Amazon WorkSpaces commercial regions and zones globally, except Africa-Cape Town.

The post Announcing Workspot on Amazon WorkSpaces Core: Migrate VDI to Managed, High-Performance Cloud PCs on AWS appeared first on Workspot.

On the Roadmap with Workspot Cloud PCs – June 2022

Matthew Davidson — Fri, 15 Jul 2022 21:22:06 +0000

By: Matthew Davidson

Welcome to the June 2022 edition of “On the Roadmap with Workspot Cloud PCs,” our at-a-glance blog series highlighting new features you can use to maximize your Workspot Cloud PC experience. In June our focus is on the areas of business continuity, security , imaging, and end-user performance.

Let’s jump right in and look at some of the recent features you can use to maximize your Workspot experience.

Spotlight Feature:

Our spotlight feature this month is our Global Desktop! The global desktop allows your end-user to click a single VM icon in their client that is connected to one or more Cloud PCs. Those Cloud PCs can be setup in multiple clouds and/or regions and are used to deliver one of the following experiences:

Never-fail Cloud PC – Always available regardless of what is happening with a cloud provider
Traveling Cloud PC – Delivers a Cloud PC closest to the user as they travel, reducing latency

The Global Desktop has a 99.95% guaranteed SLA on the entire virtual desktop, not just the broker, as with other solutions. Did you know that Workspot is the only company that offers an SLA on the desktop!?

Other Key Workspot Cloud PC Features:

Focusing on security, you now can assign multiple Protocol Policies per “Desktop VM” or “Pools” allowing you to deliver different policies depending on the end-user’s location – internal or external – to your corporate network.

Our Google Cloud Platform (GCP) customers can now set an Extended Time Limit after the Pool is updated with their new golden image to allow their software solution (SCCM, Desktop Central, etc.) to push application installations before the VM is shutdown. By default, in GCP, the VM is powered off after the pool is updated.

The end-user experience is everything. As part of our continuing focus on end-user performance, clients using Progressive Web Apps (PWA) for Chrome and Chromebook devices, now have multi-monitor and printing support.

If you would like to take a deeper dive into these Workspot Cloud PC updates, please reach out to your CS team and we will be more than happy to discuss them with you and even show you how they specifically apply to your environment.

Stay tuned for the July edition for more updates and innovation spotlights!

The post On the Roadmap with Workspot Cloud PCs – June 2022 appeared first on Workspot.

Workspot Watch is Your Cloud Desktop Reliability Sentry

Jimmy Chang — Fri, 23 Jul 2021 21:38:18 +0000

It’s pretty likely that if you’re an IT person with responsibility for End User Computing (EUC), a VDI implementation and/or for the physical desktops and workstations in your organization, you’ve lost sleep at some point over managing, upgrading, troubleshooting or refreshing these systems. That’s not to mention the nights and weekends spent struggling to ensure that virtual desktops are up and running to meet end user demands. Many of our customers tell us that the management overhead of legacy VDI is so resource-intensive that it overshadows any value they might be deriving from having virtual desktops. Similarly, physical desktops and workstations require constant attention: for the OS upgrades needed to stay secure, and every few years yet another refresh cycle has to happen, consuming time and money, both of which are scarce these days.

These challenges and more make a strong case for moving to SaaS cloud desktops, because our Enterprise Desktop Cloud platform shields your IT team from all that complexity, and the service takes care of upgrades, troubleshooting and management of your cloud desktops, offloading the management burden that can be so overwhelming. But what’s the best approach?

Cloud PCs, cloud VDI, cloud desktops? It’s getting crowded out there! That’s why it’s important to understand the fundamentals. The first consideration for a virtual desktop evaluation is the solution architecture, because the architecture dictates whether or not you can fulfill your end user computing requirements, including performance, scalability and security. From there, you probably want to know more about reliability.

In this blog, I want to introduce what sets the Workspot Enterprise Desktop Cloud platform apart from other virtual desktop solutions when it comes to virtual desktop availability. That difference is Workspot Watch.

What’s Your Virtual Desktop SLA?

Do you even know what desktop service level you’re delivering? If you’re running on-prem VDI, it’s a tough question. Many IT teams just don’t know. If you’re using a virtual desktop broker for cloud PCs from another vendor, there will be a service level agreement (SLA) for accessing their broker, but not for the uptime of your virtual desktop. That’s your problem, like it or not.

Workspot is different. Our enterprise-proven SaaS platform consistently achieves an SLA of 99.95% or greater – an industry leading uptime for your cloud desktops. There’s a whole bunch of innovation that enables us to deliver such robust reliability.

24×7 Cloud Desktop Monitoring with a Twist

What if you had a way to “watch” your cloud desktop implementation, even while you are peacefully sleeping without a cloud desktop care in the world? That’s the mission of Workspot Watch. Workspot Watch is a sophisticated, big data trending and correlation engine that drives the Network Operations Center where our support teams monitor, troubleshoot and analyze the health of Workspot cloud desktops globally. Think of our operations center as the “NASA Mission Control Center” of cloud desktops, operating continuously to anticipate, identify and help mitigate problems that may arise that could impact your cloud desktop operations. Workspot Watch collects millions of messages from endpoint devices, virtual machine agents, protocol gateways, enterprise connectors, and other Workspot control plane services. The data is gathered from multiple clouds, spanning thousands of locations around the globe, and hundreds of networks in dozens of regional data centers. Workspot Watch is fully operational as part of your Workspot cloud desktop subscription, and our operations center staff begins monitoring your implementation on day one.

Watch simplifies compliance, strengthens security

We made a critical architecture design decision to separate the control and data planes. This has significant implications for performance and scalability, but it also sets Workspot far apart from other virtual desktop solutions when it comes to security and compliance. Workspot was designed to enforce your Zero Trust Security policy, but we go way beyond just supporting zero trust endpoints.

Workspot Watch trending capabilities reveal activity patterns that can indicate a brewing security issue. As a result, Workspot support teams have been able to identify and quickly diagnose ransomware attacks, and then proactively alert the customer. Workspot makes the valuable cloud desktop health data that Watch generates available to individual customers too. Highly regulated organizations channel the data feed into their Security Information and Event Management (SIEM) systems to enable security alerts, monitoring and optimize day to day operations to ensure compliance with internal governance.

Although the Workspot Enterprise Desktop Cloud platform is instrumented throughout to feed activity data to the Workspot Watch big data engine, the fact that our cloud desktop control plane is completely separate from the customer’s data plane means that Workspot never sees, nor does it have access to customer data. This has important implications for meeting regulatory requirements, because unlike other virtual desktop solutions, this separation dramatically simplifies compliance audits because the Workspot platform is outside the scope of the audit.

How is Watch better than other vendors’ monitoring systems?

1) Workspot goes way beyond providing a monitoring tool and letting IT figure out what might be the issue – that’s what other vendors do. The Watch correlation engine feeds global cloud desktop activity data to the operations center to surface and alert on issues, trends and root causes. This unmatched data gathering and analysis is what enables our industry-leading cloud desktop SLA. Workspot Watch enables more predictive, proactive, and less reactive operations to ensure the highest possible availability so your users can always access their desktop.

2) Because we provide a global service, we can see system health both for your implementation and across customer implementations and clouds around the world. Our monitoring capabilities go beyond just the Workspot platform, often revealing patterns that could become a real issue for a single customer or for multiple customers. That comprehensive monitoring is how we were able to alert Microsoft about a problem that arose with a software update they implemented, because we witnessed it having a negative impact across our customer base. That saved Microsoft days of troubleshooting and ensured that our customers stayed up and running. No other virtual desktop solution can do that.

Workspot Watch enables Workspot to make a commitment to our enterprise IT customers for an industry leading SLA, so you can sleep well!

Why Not Just Build it Yourself?

Some organizations we’ve spoken with during their virtual desktop evaluation process believe they can build a monitoring engine that will provide what they need for a virtual desktop implementation. However, when they’ve taken a closer look, two obstacles emerge. First, they might be able to use a set of tools to achieve limited visibility to see what’s happening with an individual user, a desktop pool, or all of the pools in a single location. With a heavier investment, they might even be able to see what’s happening in their desktop pools in multiple locations. This definitely has some value. But at what cost? How long will it take to build this, and how many people will you need to hire to monitor the monitoring platform to make the data actionable? How much will that cost? How do you correlate signals from separate systems and time stamps to understand the trends and root causes?

Second, what you won’t be able to do with a DIY monitoring tool – at any cost – is benefit from visibility at massive scale into problems that may be arising across all implementations of that virtual desktop solution globally, or across all cloud regions around the world. That’s a huge blindspot.

Workspot Watch Has Your Cloud Desktops Covered

Large enterprises have complex environments, and staying on top of a global cloud desktop implementation requires a sophisticated big data engine that continuously gathers system health data globally, analyzes that data in real time to look for emerging patterns, and determines the “blast radius” of the problem so customers can be alerted to a potential issue. Workspot Watch, in conjunction with our Network Operations Center, is holding down the fort to protect your cloud desktops!

Ready to learn more? Schedule a demo so we can show you how it works.

The post Workspot Watch is Your Cloud Desktop Reliability Sentry appeared first on Workspot.

3 Tough Questions CISOs Must Ask Cloud Desktop Vendors

Jimmy Chang — Fri, 01 Nov 2019 21:56:30 +0000

In a recent blog post, we discussed how adopting the right cloud desktop solution can help fulfill an enterprise organization’s Zero Trust security model. Although CIOs and CISOs have reached a greater comfort level with public clouds, the need to conduct broad and deep diligence when evaluating cloud desktop solutions is essential. Each vendor’s approach is architected differently, and architecture matters, especially when it comes to security.

In our discussions with CISOs and other security leaders, the same questions are posed to us again and again, so we have a good understanding of what CISOs care most about. Based on that understanding, we’ve crafted 3 tough cloud desktop security questions you must ask vendors as you evaluate the options for moving desktops workloads to the cloud, – a move that is almost inevitable for enterprises because of the agility and flexibility it brings to enable growth. As attractive as that is, you have to make sure technology choices don’t expose your organization to increased risk. Rather than increase risk, a cloud desktop solution should augment your Zero Trust model. To achieve this, here’s what you need to find out.

Workspot’s Answers to Cloud Desktop Security Questions

I can’t say it strongly enough – architecture matters for security. Workspot’s architecture design follows the Principle of Least Privilege (POLP). POLP is closely tied to Zero Trust policy where no one is trusted, either inside or outside the organization. POLP allows for people and processes to only have the bare minimum access to complete a task. That means that everyone, including the cloud desktop vendors you’re considering, needs to prove how they make your organization more secure. When you double click on Workspot, here’s are the answers to the 5 questions above:

All customers are isolated. The keys are automatically managed by Azure key service per customer, so keys are not shared or auto rotated, and no humans are involved. Customers can bring additional keys for an added layer of security.
Active directory is fully under your control. Workspot doesn’t have any access to it for security reasons.
All customers are isolated. Attacks are localized to just a tenant. You don’t have to worry about your neighbor breaking down your fence.
All Workspot customers bring their corporate standard AV, AM, DLP and MFA into Azure. There is no need to create a separate security process, which increases the risk of gaps.
Workspot’s architecture leverages an independent security layer to prevent unauthorized access to your data.

Architecture matters for security. From the beginning, we designed our cloud desktop solution to separate the data and control planes. This was a crucial architecture decision, that among many other benefits, allows our solution to stand apart from any other when it comes to security.

Find out more about how Workspot addresses the toughest cloud desktop security questions. Today, Fortune 500 companies with the most stringent IP protection and governance requirements trust their cloud desktops to Workspot. Schedule a demo so we can discuss your requirements!

The post 3 Tough Questions CISOs Must Ask Cloud Desktop Vendors appeared first on Workspot.

Workspot’s Day One Support For Windows Virtual Desktop (WVD)

Jimmy Chang — Fri, 28 Sep 2018 04:32:05 +0000

We’ve seen many compelling announcements emanating from Microsoft Ignite this week. One measure of the significance of where Microsoft is headed can be seen in the jump in their stock price! Another measure is the resonance with what customers want. Windows 10 first became available 18 months ago on Azure, and Workspot was there on day 1, working with thought leaders to deploy cloud PCs on any of the Azure regions around the world. Today, with so many organizations going to the cloud, it’s very clear that one of the things customers really want is a cloud PC service. That’s why Workspot is excited to announce day 1 support for Windows Virtual Desktop, Microsoft’s new cloud-hosted service that delivers virtual desktops and apps.

Workspot is an RDP Protocol Partner

Our Remote Desktop Protocol (RDP) partner relationship allows us to stay completely aligned with new Microsoft technology and to deeply integrate Workspot solutions with Azure. This means we can build on the best of the best and continue to provide unprecedented value to our customers. That’s where the rubber meets the road: Customer value. Here are some of the ways we leverage this technology in Workspot Desktop Cloud, Workstation Cloud, and Disaster Recovery Cloud today to deliver that value:

Deep integration with Azure compute, networking and storage technologies on both Azure Commercial and Azure Government regions
Support for fast, multi-region cloud PC and GPU workstation deployments
Support for multiple identity options including Azure Active Directory, Azure Active Directory Domain Services, and on-premises Active Directory integration
Support for multi-user Windows 10 and Windows Virtual Desktop when available from Microsoft in early 2019

Accelerating Cloud PC Momentum

Workspot is a proud Microsoft Cloud Service Provider (CSP); we achieved this important designation more than a year ago, and we have continued to deepen our engagement with Microsoft product, technology and field teams as we help companies make the move to Azure.

Recently, Workspot was recognized by Microsoft when they honored us with their 2018 US Partner Award for Partner Seller. What’s the significance of that? In bestowing the award, the Microsoft executive team noted Workspot for having “shown leadership in customer impact, solution innovation, deployment and exceptional use of advanced features in Microsoft technologies.”

All of this is available to you today to pursue your possibilities. Ready for a demo? We’d be happy to show you how it all works.

Don’t miss the Microsoft & Workspot webinar!

Watch it on-demand now!

The post Workspot’s Day One Support For Windows Virtual Desktop (WVD) appeared first on Workspot.

The Secret Sauce of Cloud Desktop Security

Jimmy Chang — Fri, 27 Jul 2018 04:56:29 +0000

When an organization considers moving their desktops to the cloud, data security becomes a primary concern. The prospect of relinquishing control of IT assets and possibly introducing risk to the business makes everyone pretty uncomfortable – to say the least. When it comes to virtual desktops in the cloud, the art is in balancing security and control on the one hand, with deployment speed, management simplicity, and cost containment on the other. At the end of the day, however, data security is paramount. When adopting cloud desktops, you essentially have two options, and there are trade-offs to consider:

Option A: DIY: Implement virtual desktops in the cloud on-your-own. You’ll have full control, but the deployment will take longer, be more difficult to maintain, and the related cloud compute costs can be wildly variable. Significantly, this option also comes with somewhat scary security trade-offs.

Option B: Turnkey Service: Workspot offers a turnkey service for deploying your virtual desktops and workstations in the cloud. We do it for you, so in that sense, you don’t have as much control (although we work side-by-side throughout the deployment process) but your deployment is faster, easier to manage, and you’ll have predictable costs each month. Plus you have complete control to add desktops, remove desktops, and otherwise manage your entire implementation through a single management console. And though it’s counterintuitive, you will get stronger security than any other cloud desktop provider. And that’s where the secret sauce comes in, but more on that later!

Philosophical & Practical Differences Around Security

When comparing virtual desktop solutions, it’s important that you really drill down on the vendor’s approach to security. Workspot has a multi-pronged approach that no other vendor can approximate. The first aspect of security stems from our cloud-native architecture. Unlike other vendors, we developed our cloud virtual desktop solution from the ground-up. The Workspot Desktop Cloud architecture completely separates the configuration and provisioning control signals from the flow of data. Here’s what that looks like:

In a traditional VDI/DaaS solution, both data and control flow through the same paths – they are not separated as they are with Workspot. With these legacy solutions, the user has to connect to a broker to authenticate and the broker contacts a VM to provide the user with a virtual desktop. If the broker is managed by a 3rd party, that 3rd party can see all of the traffic flowing between the user and the virtual desktop. That is scary!

Workspot is different because of our architecture. When a user comes in from anywhere in the world from their laptop to connect to their virtual desktop, their data never traverses through the Workspot Cloud. Once the encrypted VMs are configured, users authenticate (via AD or MFA) and connect from any location (on-site or remote) to get a direct connection to their virtual desktops and resources; in other words, the client connects directly to the virtual Windows 10 desktop running in Azure, never through Workspot Control.

The second aspect of security is that we believe in the Principle of Least Privilege (PoLP). PoLP ensures the absolute minimum amount of access necessary to do the job. In this context, it’s about “access control”. Since there is no such thing as “fully secure”, what we can do is limit the plane of attack. See that tiny little white box on the left in the diagram below? That’s the plane of attack with Workspot. By following the PoLP and requiring the minimum access privileges to our customer’s corporate resources, Workspot has minimized the surface of attack to that tiny little white box while also providing the customer with full access to their AD, networking, firewalls, OS, VMs/Disk, data, and GPOs – along with the ability to control their own environment. In practice, this means that when we deploy your desktops in Microsoft Azure, we do it while having the absolute minimum admin access. This access is limited to configuring, deploying and managing the Windows 10 desktop VMs. Because we handle this for you, you get fast deployment (a few days, usually) and reliability (we’re always monitoring & we boast 99.95% uptime). All this WITHOUT having any ability to even peek into your VMs.

Conversely, see that big white box on the right side of the diagram? That’s all the other VDI/DaaS vendors; they can access your entire environment – the OS, disk, files, AD, data traffic. That’s a pretty big attack surface.

Workspot has no access to the customer’s corporate resources (left), whereas other VDi/DaaS providers have full visibility into these sensitive corporate resources.

When you talk to those other cloud VDI vendors, ask these important questions :

– How much access to my environment will you have?
– Where is my data?

The third aspect of security is top-secret! It’s our Secret Sauce. All you security experts reading this don’t expect us to reveal that in a blog do you? For that, we’ll need to talk!

Workspot Benefits

Deploy in days, in any Azure region in the world!
Robust enterprise security
Better-than PC performance
Flat rate subscription pricing
99.95% Desktop Cloud uptime and availability

With Workspot Desktop Cloud on Azure, your IT team retains full control of all corporate assets and has the ability to define granular user access controls according to the use case.

Now, how about some secret sauce? Schedule a live demo and we’ll show you how it works!

The post The Secret Sauce of Cloud Desktop Security appeared first on Workspot.

Why Choose Born in the Cloud Virtual Desktops

Jimmy Chang — Fri, 22 Jun 2018 05:06:00 +0000

These days all kinds of software companies have jumped on the cloud bandwagon – and it’s easy to see why. All you have to do is take a look at some of the surveys by industry analysts to see the huge numbers of organizations that already have a cloud presence or are quickly moving in that direction. You hear the terms “born in the cloud”, “cloud-enabled” and “cloud-native” all the time, but often the differences between them are blurry and it’s confusing for customers. So let’s take a closer look for clarity.

Born in the Cloud Means Simplicity and More

You see the term “Born in the Cloud” referenced here and there, and we use it to describe Workspot. What do we mean by it, and why does it matter? Techopedia defines it as “a specific type of cloud service that does not involve legacy systems, but was designed for cloud delivery.” Techopedia also notes that born in the cloud products deliver certain benefits, such as “rapid elasticity” and “on-demand availability”. From the standpoint of Workspot Desktop Cloud solutions and our customers’ requirements, those cloud attributes support important features and benefits, such as desktop provisioning in minutes, instant scalability, and better-than-physical-PC performance. Sounds pretty compelling, right? Then there’s simplicity. If your virtual desktop solution doesn’t simplify your world, it’s time to re-evaluate.

Is it Cloud-Enabled or Cloud-Native?

So if “born in the cloud” is inherently designed for cloud delivery, how does that fit in with the notions of “cloud-enabled” and “cloud-native”? These two terms are sometimes used interchangeably and can be easily confused, yet the difference between them is VAST. Here is the heart of the matter: A cloud-enabled VDI solution is a legacy product that was originally designed for a traditional data center and was then plunked into the cloud. A cloud-native virtual desktop solution is built from the ground up using micro-services; it’s multi-tenant, and it features fast and easy scalability. Cloud-enabled VDI drags along all the same baggage it had in its data center incarnation: It’s complex, single tenant, and hard to scale. The cloud-native solutions deliver all the simplicity, elasticity and scalability benefits I mentioned above. So, born in the cloud and cloud-native are the same thing. That’s Workspot. It’s the cloud-enabled solutions you need to worry about.

There are only two cloud-native virtual desktop solutions: Amazon Workspaces and Workspot, and they are both great choices depending on your specific needs. All the other vendors have cloud-enabled VDI solutions, which cannot deliver the simplicity, scalability and performance benefits that made moving to the cloud so attractive in the first place!

Go Cloud-Native!

When you choose a cloud-native, born in the cloud virtual desktop solution, you have an unprecedented opportunity to simplify. You can reallocate IT resources to more strategic projects, fortify security, support mobile workstyles, achieve greater business agility to serve new markets and deliver as good or better performance than PCs and workstations to your users. Those are just a few reasons why it’s time to go cloud-native!

Find out more about how it works. Schedule a live demo with one of our product experts.

The post Why Choose Born in the Cloud Virtual Desktops appeared first on Workspot.

The Tao of DaaS Monitoring

Jimmy Chang — Fri, 02 Mar 2018 06:26:15 +0000

Workspot’s raison-d’être is to improve the lives of everyone involved in the “virtual desktops” food chain, whether it’s the CIO, the CISO, the hands-on IT staff, IT leadership or the end-users using virtual desktops, apps, and workstations. Among the many innovations, Workspot has introduced to the VDI and Desktop as a Service (DaaS) industry over the last few years is our cloud-based monitoring capabilities.

Top 3 Support Calls

The following are the top 3 issues that generate most help desk calls, based on our interactions with thousands of VDI customers over the last decade:

User is not able to connect to the virtual desktop

Desktop login takes a long time

User complains that the performance is not good for desktop applications

Too Many Moving Parts in Legacy VDI

So what happens when the help desk phone rings and a user reports one of these issues? A legacy VDI solution has tens of components to the solution: servers, storage, networking, databases, hypervisor, provisioning servers, brokers, portals, load balancers, VPNs, end points, and thin clients. Our experience has been that no tool provides a good, holistic view of the end user problem. So every support call becomes a multi-faceted hunt for the truth; networking, storage, hypervisor, desktop, broker and server teams all need to collaboratively debug problems. And often the problems are in the white spaces between these teams where there is even less useful forensic data to be found.

Troubleshooting Skills Can Be Learned

As customers move to cloud solutions, all the infrastructure becomes invisible. There are no hypervisors, SANs, hyper-converged nodes, switches or firewalls. The elegance of cloud software is automation and moving up the stack! In the cloud, the infrastructure is completely abstracted away from the customers, and not only are there fewer operational issues and therefore fewer support calls, but now, (with the right tools), help desk personnel can handle the calls they do get themselves. There’s no more need for valuable and expensive IT personnel to spend their time troubleshooting support calls.

How is it different? There are fewer moving parts in a DaaS solution. DaaS vendor is responsible for the infrastructure and management components. The Workspot solution holistically captures all the data required to fix incoming support calls. Our monitoring features are both comprehensive and less noisy, which means it’s a huge improvement over other solutions. Let’s look at some of the Workspot features that address the problems highlighted above and make troubleshooting a problem much easier than ever before.

Comprehensive Events Feed

One of the reasons customers are surprised by our monitoring dashboard is that for years they’ve been dealing with an incomplete view of the end user’s interaction with the VDI product. Workspot Client runs on the user’s device; it’s heavily instrumented and captures all relevant interactions when the user launches it on her device.

For example, let’s consider the following common issue: The user calls and reports that she is not able to connect to her virtual desktop. Here are the steps the help desk staff can use to troubleshoot the issue:

1. Find the user profile: Use the search box to find the user

2. Check if the user has an active desktop or app entitlement

3. Check if the user has an active session

4. Look up event information to see if the user unlocked the client application and tried to connect to the application.

Notice that in this example, we simulated a problem with the gateway. The error shown below shows code: 50331670. We provide our customers with a rich list of error codes and support collateral to deal with the most common software and infrastructure issues. The error code suggests that “It’s an issue related to RD Gateway”. The actual error message shown to the end user is also captured in the event feed.

The steps above a) confirm that the end user has a valid problem and b) quickly helps the support person to get to the root cause.

The actual reason why the user is not able to connect could vary based on the client device, network connectivity, network topology of the DaaS deployment, DMZ setup with the RD Gateway, or anything related to authentication. The event feed captures the relevant information like “the user activated the client”, “the user opened or clicked on an application icon”, “the user got an error”, etc.

The causality of events is integral to the troubleshooting process.

The richness and quality of events for all the users across thousands of tenants running on the same cloud service is only possible because of Workspot’s unique cloud architecture.

It takes just 1-click in Workspot to get to the user profile, with all the details required for troubleshooting presented in a single view.

Performance Monitoring

When the user calls and complains about performance, the most important factor is to check the network conditions. If the user is connecting from a bad network with high latency and low bandwidth, the sluggish performance issues are well understood. In the user dashboard, Workspot displays the most important performance metrics, and high latency or jitter is typically the #1 culprit for lag seen by the user. High load on the desktop or RD Host can also cause common application performance issues.

User session view displays latency, bandwidth, memory & CPU usage

A detailed view of the user, shown below, includes logon speed, session duration, current session state duration, session state, client device, and more are also captured and presented on the same page. The drill-down of logon duration along with the snapshot of granular performance data captures all the relevant information IT needs on a single page.

Vroom! Remote Assist or End the User Session

The ability to start a remote assistance session (one-click Microsoft Remote Assist) or reboot the user desktop is also a time tested trick in the arsenal. Inline support and the ability to send messages directly to the user inside the virtual desktop further simplifies the round trips involved in closing the ticket.

As shown above, Workspot provides a user-focused monitoring and troubleshooting console without any confusing product SKUs. All customers get the same features with simple pricing. The data is also aggregated and presented across pools, user-groups, and geographies for summary reports.

What would be really cool is to be able to ask: “How does the average login time across all the users in ACME corp look compared to all the other customers managed by Workspot on Azure?” With anonymized and opt-in global comparisons, customers can leverage the power of cloud-based data insights. Imagine the key performance questions that you’d like to ask other DaaS customers and have them answered in the Workspot dashboard right away. We are excited to announce that we will be shipping global comparison features in Q2, 2018!

There’s no doubt that the future of VDI is cloud-delivered. Fewer moving parts and a cloud-native architecture will deliver better reliability, security, and scalability, and our holistic monitoring solution enables you to quickly debug any issues your end users may have.

The post The Tao of DaaS Monitoring appeared first on Workspot.

How to Benchmark a Cloud Desktop Service

Jimmy Chang — Fri, 08 Dec 2017 06:32:24 +0000

It’s amazing how fast the VDI market is changing and exciting because with these changes customers will finally realize some really great cost reduction and business agility benefits that have thus far been elusive. As the industry transitions to cloud deployments, we believe it will be helpful for IT execs to have a framework for comparing virtual desktop solutions in the market, but that’s easier said than done. Where to start? On-prem VDI? Virtual apps? Desktop-as-a-Service (DaaS)? And what constitutes a “real” desktop cloud service?

VDI and DaaS solutions can be evaluated through the lens of people in the “food chain” of virtual app and desktop evaluation, selection, deployment, use and management:

Who is the primary sponsor? CIO or the Application Owner?
Who are the end users? E-Staff, Power-Users, Knowledge Users, Remote Developers, Field Users, Contractors, Partners, Others?
What does the solution do for the CFO and CISO? Does it increase or decrease security, agility and cost?
Who are the people managing the solution? Generic IT Staff, VDI Specialists, Datacenter Specialists, Cloud Experts, Security Ninjas or Expensive Consultants?

Each has her/his special interests and goals when it comes to participating in the decision-making process, and from those special interests, we can derive a framework for evaluation.

But before I dive into that, let me ask a question: Does anyone know why the VDI vendors never agreed on a common benchmark for comparing the various protocols in the market?

Where’s the benchmark?

Let’s look at the database industry. The term transaction is commonly understood in the technology world. A typical transaction, as defined by the Transaction Processing Council (TPC), would include “an update to a database system for things like airline reservations (services), e-commerce (goods) or banking (money)”. TPC produces benchmarks that measure transaction processing and database performance in terms of how many transactions a given system and database can perform per unit of time, e.g., transactions per second or transactions per minute. How do you compare two full stack systems in the market to run your database? You look at the TPC score and the cost of the full system and make a judgment based on your needs. All the vendors in the industry use the same framework to present the results. It’s super helpful to buyers to be able to compare apples to apples.

As the database industry evolved, a single benchmark was not sufficient to capture the “quality” of the software for all possible use-cases. If you look at the TPC website, you will notice that there are several “flavors” of TPC benchmark; each measure different parameters:

TPC-C (the benchmark is centered around the principal activities of an order-entry environment)
TPC-DI (Data Integration, also known as ETL, is the analysis, combination, and transformation of data from a variety of sources and formats into a unified data model representation)
TPC-DS (PC-DS is the de-facto industry standard benchmark for measuring the performance of decision support solutions including, but not limited to, Big Data systems)
TPCx-V (The TPCx-V benchmark was developed to measure the performance of servers running database workloads in virtual machines)

and there are more!

The primary reason for not having a standard benchmark in the VDI industry is that there is no standard definition of a what a “transaction” could mean for a remote user experience.

What does it all mean?

Remote protocols transfer graphical frames or bitmaps from a machine running in the datacenter to a client device. There are various techniques of sending updates to the client side. For example, it could be commands or raw bitmaps. If the number of frames transferred is used as a metric, all vendors can compromise the quality of the frames. Unless a frame is captured on the client side and the quality of the frame is observed, it is impossible to quantify whether the fidelity of the frame has changed between the server and the client. An Excel sheet with heavy text and a web page full of pictures may require different encoding schemes. Does it really matter if the server is sending 30 frames/sec to the client but the client is showing lossy frames to the end user or dropping frames on the client side? The quality of the frame is one dimension for evaluating remote protocols.

The amount of bandwidth used is another vector. If hundreds of users are on a T1 line in a branch office, the density of users the line can accommodate is an important cost factor for the deployment. At the same time, if your deployment has all the users connecting from home or if your business depends on already-provisioned big bandwidth pipes, incremental 200-300Kbps traffic per user is not a problem. For instance, does it really matter if the client is using only 200Kbps for the remote protocol traffic but the client has 1Mbps bandwidth available and the rest of the bandwidth is not utilized? Should the extra bandwidth be used to improve the user experience?

The experience is also dependent on the latency between the client and the server. The user experience will degrade as the latency increases between the end user and the virtual desktop. VDI is generally not recommended by specialists when the round trip latency goes beyond 300ms. It may work but end users will never be happy. With modern cloud options and easy multi-region deployments, putting desktops closer to the end users will always result in better performance by reducing the latency between the end users and the virtual desktops.

If you combine the above three vectors (quality of frames, bandwidth used, latency), you will notice that capturing a TPS-like score for a generic workload will be challenging. Every business use-case will place a different weight on each vector. A call center use-case can not be compared with a hospital kiosk workload. Contractors accessing virtual desktops for security reasons should not be benchmarked with a trader using a Bloomberg application workload. There is no one-size-fits-all.

Let us consider what’s happening in the industry. You will find a lot of home grown micro-benchmarks and misleading results on the web comparing various protocols. A typical example is a benchmark with a video streaming workload. The benchmark author will compare the total amount of bandwidth used by the various clients. Based on the results, the author will describe that protocol A is better than protocol B because it uses less bandwidth. The author uses his magical insights to describe the quality of the frames and how sluggish or smooth the experience was when he was running the videos simultaneously. The author adds a disclaimer that the best test is with your own workload and the results are not reviewed by any third party.

Such results do not capture anything meaningful for buyers! It just adds confusion because it fails to connect the benchmarking exercise with business goals. It only focuses on one small part of what can be done inside a remote desktop session.

The key point is that benchmarking requires a scientific model to capture the frames on the client side and a well defined methodology agreed upon by experienced professionals. For example, this study sponsored by Microsoft compares RDP10 and PCoIP protocols and uses REX Analyzer to visualize the test results. Such studies take months of effort and the analysis does not provide a single score. It provides commentary on what the author observed in various network conditions. The above study says:

RDP 10 uses more aggressive compression algorithms which causes slight degradation of color quality under LAN conditions. Under the different WAN conditions, RDP 10 shows better quality in terms of frame rate and stuttering. This means that RDP 10 is better suited for network constrained connections than PCoIP.

It’s impossible to provide a definitive transactions-per-second-like score for comparing remote protocols. Even though the above study shows that RDP 10 is better suited than PCoIP for the common network constrained VDI use-cases, it is only capturing the experience of the end user in the overall system. The buyer will always need to consider the operational aspects of the solution before picking up a virtual desktop solution vendor. For instance:

Who are the people in the solution food chain? Remote protocol performance is an important metric for the end users. What about the IT staff responsible for setting up, managing and monitoring the solution? What about the CIO? What about the CISO?
What does the business demand to stay competitive? Agility to move to new countries, address new use-cases such as disaster recovery, the ability to acquire new companies and roll out VDI quickly?
Cost of the solution? There is a market for Audi. There is also a market for Honda.
Support and overall vendor engagement? It is unreasonable to assume that the solution will not break after the initial deployment. Plan for the worst-case scenario.

A scoring framework

With all that considered, here is a suggestion for a a simple framework to evaluate the overall “fitness” of the various cloud desktop products in the market. You’ll want to establish the following scores to compare the products:

CIO Score:
- Overall security
- Cost
- CapEx/OpEx
- Service reliability
- Solution agility
- Thought-leadership/innovation provided by the vendor

End User Score:
- Performance for typical business applications when inside the desktop
- Login speed
- Flexibility: support for different client OS’s and form-factors
- Performance in good network conditions
- Performance in average network conditions
- Performance in poor network conditions
- Performance for 3D apps (GPU use-cases)
- Performance under load (when 100’s of users are active on the same server and storage infrastructure)

IT Staff Score:
- What skills are required to deploy the solution
- Does the solution offer easy multi-site deployments
- What skills are required to monitor, maintain and upgrade the solution components
- How to troubleshoot issues reported by end users
- How to troubleshoot security alarms or events
- Scalability of the solution
- Availability of the solution. Historical uptime of the service.
- Does the solution provide elasticity? How easy is it to add more users? Add more infrastructure capacity? Add more cloud locations?
- Does the solution provide single pane of glass management? Is the solution a suite of badly assembled products or is it a coherent software-as-a-service offering?

A “sum of parts” evaluation methodology is always more comprehensive and meaningful than a single, magical score that is often misleading or irrelevant.

If you were looking at transportation options for your employees, you would want to understand the difference between “horsepower” and “mileage”. Why is the cloud desktop market growing so rapidly? Because CIO’s want the best mileage!

The post How to Benchmark a Cloud Desktop Service appeared first on Workspot.