News & Analysis
Comment
R_Colin_Johnson
Virtualization is usually associated with benefits to the datacenter, but the ...
danmc
Great Article Colin. I think you've captured the industry quite well and you are ...
Client hosting takes virtualization mobile
R Colin Johnson
9/12/2011 11:45 AM EDT
Intel’s three tenets of IDV
The first principle of the concept Intel calls Intelligent Desktop Virtualization is centralized management/local execution. Intel’s two other IDV precepts—synchronized images and hardware authentication--are deeply rooted in its processor support for virtualization.
Intel’s lead in virtualization silicon dates back more than five years to its Virtualization Technology (VT-x), code named Vanderpool. Advanced Micro Devices followed on Intel’s heels with its own version, AMD-V, code named Pacifica. Both extended the X86 instruction set to handle system calls to the hypervisor more efficiently, ARM is adding similar first-generation virtualization support in its A-15 Eagle core.
More recently, Intel has extended its hardware support for virtualization with its vPro offering, which adds two further dimensions to VT-x: active management technology (AMT) and Trusted Execution Technology (TXT).
VT-x allows virtualization of processors, memory and I/O, facilitating the efficient running of hypervisors that permit multiple operating systems to run without rebooting. VT-x also assists hypervisors in creating isolated computing environments that increase security, since a breach in one cannot become a back door to all.
AMT supports the second principle of IDV, synchronized images, by adding the ability to manage OS and application layers remotely.
“Users want the ability to almost instantly compose an image,” said Dinesh Rao, director of Intel’s ISV program. “What is critical to getting that right is a discipline called layering with bidirectional sync, which delivers a layered image that intelligently recreates the user’s desktop on the endpoint of choice.”
Bidirectional syncing allows a managed image to be patched and updated as necessary on a single server, then synced with users’ devices whenever they come within the range of a broadband connection. Intel’s second-generation Core processors-—Ivy Bridge and Haswell, due in 2012 and 2013, respectively-—will have architected support for layered images kept fresh with bidirectional sync. Intel’s goal is to provide the same experience to virtualization users as they’d get with a locally installed Windows OS.
TXT enables the third leg of Intel’s desktop virtualization effort by verifying each new launch environment and establishing a “root of trust” that can be passed up to higher levels. Intel hopes to use TXT in an intelligent device management scheme that adds hardware authentication similar to subscriber identity modules.
“We believe that device-native security has become indispensable to both the enterprise and the individual PC user,” said Rao. “By borrowing from cell phones the idea of a subscriber identify module—a little SIM card or something similar—the security problem can be addressed with hardware authentication, managed access, provisioning, deprovisioning, syncing and tracking of users.”
Intel is betting its next-gen Core processors, which are being built into what it calls ultrabooks, will let users have their cake and eat it, too. Ultrabooks will support touchscreens, as the iPad does, but will also sport a keyboard and the ability to run layered Windows images.
“If the endpoint you want to deliver is a Windows session, then on an iPad there is no question of bidirectional sync, because the iPad is not going to run Windows natively,” said Rao. “With the iPad, you have to use remote control protocols that are available from server-hosted virtualization vendors.”
Ultrabooks could used client-hosted virtualization to run Windows images natively. That could possibly diffuse ARM’s plans to bring Windows 8 to tablets.
Intel Capital recently said it would start a $300 million ultrabook fund to nurture the technology.
The first principle of the concept Intel calls Intelligent Desktop Virtualization is centralized management/local execution. Intel’s two other IDV precepts—synchronized images and hardware authentication--are deeply rooted in its processor support for virtualization.
Intel’s lead in virtualization silicon dates back more than five years to its Virtualization Technology (VT-x), code named Vanderpool. Advanced Micro Devices followed on Intel’s heels with its own version, AMD-V, code named Pacifica. Both extended the X86 instruction set to handle system calls to the hypervisor more efficiently, ARM is adding similar first-generation virtualization support in its A-15 Eagle core.
More recently, Intel has extended its hardware support for virtualization with its vPro offering, which adds two further dimensions to VT-x: active management technology (AMT) and Trusted Execution Technology (TXT).
VT-x allows virtualization of processors, memory and I/O, facilitating the efficient running of hypervisors that permit multiple operating systems to run without rebooting. VT-x also assists hypervisors in creating isolated computing environments that increase security, since a breach in one cannot become a back door to all.
AMT supports the second principle of IDV, synchronized images, by adding the ability to manage OS and application layers remotely.
“Users want the ability to almost instantly compose an image,” said Dinesh Rao, director of Intel’s ISV program. “What is critical to getting that right is a discipline called layering with bidirectional sync, which delivers a layered image that intelligently recreates the user’s desktop on the endpoint of choice.”
Bidirectional syncing allows a managed image to be patched and updated as necessary on a single server, then synced with users’ devices whenever they come within the range of a broadband connection. Intel’s second-generation Core processors-—Ivy Bridge and Haswell, due in 2012 and 2013, respectively-—will have architected support for layered images kept fresh with bidirectional sync. Intel’s goal is to provide the same experience to virtualization users as they’d get with a locally installed Windows OS.
TXT enables the third leg of Intel’s desktop virtualization effort by verifying each new launch environment and establishing a “root of trust” that can be passed up to higher levels. Intel hopes to use TXT in an intelligent device management scheme that adds hardware authentication similar to subscriber identity modules.
“We believe that device-native security has become indispensable to both the enterprise and the individual PC user,” said Rao. “By borrowing from cell phones the idea of a subscriber identify module—a little SIM card or something similar—the security problem can be addressed with hardware authentication, managed access, provisioning, deprovisioning, syncing and tracking of users.”
Intel is betting its next-gen Core processors, which are being built into what it calls ultrabooks, will let users have their cake and eat it, too. Ultrabooks will support touchscreens, as the iPad does, but will also sport a keyboard and the ability to run layered Windows images.
“If the endpoint you want to deliver is a Windows session, then on an iPad there is no question of bidirectional sync, because the iPad is not going to run Windows natively,” said Rao. “With the iPad, you have to use remote control protocols that are available from server-hosted virtualization vendors.”
Ultrabooks could used client-hosted virtualization to run Windows images natively. That could possibly diffuse ARM’s plans to bring Windows 8 to tablets.
Intel Capital recently said it would start a $300 million ultrabook fund to nurture the technology.
 Intel promotes three aims for client-hosted virtualization—local execution, layered images and device management—supported in hardware by its VT-x, AMT and TXT, respectively. SOURCE: Intel Click on image to enlarge. |
|
|
|
|
|
Navigate to related information
chanj
9/12/2011 12:17 PM EDT
Server-hosted virtualization has a benefit of utilizing the performance of the server. What's the benefit of client-hosted virtualization except the user can have multiple OSs running on his/ her computer?
Sign in to Reply
danmc
9/12/2011 5:38 PM EDT
Great Article Colin. I think you've captured the industry quite well and you are right in highlighting the ultrabooks. they are going to create a serious change in how the market views the "lagging PC platform"
Regarding chanj's question regarding the benefits of client-hosted virtualization. it's all about the ability to make a PC more manageable, reliable and secure w/out sacrificing the end-user's computing experience.
the ability to run multiple OS's has a very real benefit to management as well. IT can deliver a corporate image that's more locked down and controlled (and thereby reduce their management costs and improve security) while the user can have a separte OS to install their own applications. And when they break it (which they always do when they install their own apps), the fix is to roll-back in about 5 seconds to a previous auto-generated snapshot of the environment. Everyone wins.
disclaimer: i'm an insider at Virtual Computer but since we started the company w/ that vision in mind, I thought I might as well share it!
dan mccall, CEO virtual computer
Sign in to Reply
R_Colin_Johnson
9/13/2011 11:59 AM EDT
Virtualization is usually associated with benefits to the datacenter, but the coolest thing about client-side virtualization is that it runs on a laptop, so you can instantly switch between different flavors of Windows and LInux without rebooting. Of course, IT benefits too by empowering its laptop users, but you don't need IT to use client-side virtualizaiton, since the instant OS switching works on any free-standing computer, whether its desktop, laptop, netbook, whatever.
Sign in to Reply