virtu l

DATA CENTER
v
Volume 23

03 Backup Strategies for Virtual Servers

Administrators can mix technologies and tactics for safer,
more efficient virtual server backups. BY STEPHEN J. BIGELOW

10 Building a Private Cloud

IT automation, security and standards are the places to start
when considering a private cloud. BY BILL CLAYBROOK

13 How to Gauge Server Resources

for Endpoint Virtualization
Learn some practical guidelines for determining server requirements
for endpoint virtualization and ideas for managing the load.
BY DANIELLE RUEST AND NELSON RUEST
 Mixing and Matching
Server Backup
T
EDITOR’S
LETTER
7
BACKUP
HE OVERALL NEED for backing
STRATEGIES up data is about the same
FOR VIRTUAL
SERVERS
for virtualized servers as it
7 is with traditional nonvirtu-
alized servers. But there are
BUILDING A
some big differences: One is that vir-
PRIVATE CLOUD tual infrastructures often have more
7 data to deal with. More applications
are producing larger data files today,
HOW TO and each virtual machine (VM) is also
GAUGE SERVER
RESOURCES
a large file that needs to be protected.
FOR ENDPOINT Another difference is that server
VIRTUALIZATION
virtualization places more demands
7 on storage and networks. A majority
of virtual data centers store data cen-
trally in a shared storage resource like
a SAN, which has to transfer data to
and from a multitude of VMs. To keep
up with all these storage demands,
organizations need to adapt their
existing backup strategies to meet
the unique demands of virtualization.
Smart backup planning should con-
sider a variety of storage needs over
time. Stephen J. Bigelow offers some
tips on the best ways to mix and
match backup technologies in “Back-
up Strategies for Virtual Servers.”
Looking to move into cloud comput-
ing? A private cloud can automate
2 VIRTUAL DATA CENTER E-ZINE JUNE 2010
workflows and remove human tasks
like configuring routers or setting up
firewall rules. The downside is that
you may have to pull together your
own slate of management tools
because vendors still don’t have a lot
of products available. Bill Claybrook
helps you to weigh your options in
“Building a Private Cloud.”
Now that many organizations
embrace some form of virtualization,
a few are ready for endpoint virtual-
ization, known as EPV. Although EPV
is not a new idea, the push to improve
endpoint management, enhance secu-
rity and support the needs of mobile
users has placed a renewed emphasis
on this technology.
Get some insight on why moving
away from a physical PC per employ-
ee is a solid value proposition in “How
to Gauge Server Resources for End-
point Virtualization” by Danielle Ruest
and Nelson Ruest.
How’s your move into cloud com-
puting? Send an email to ccasatelli@
techtarget.com and let me know. ■
CHRISTINE CASATELLI
Editor, Virtual Data Center
 Backup Strategies
for Virtual Servers
ADMINISTRATORS CAN MIX TECHNOLOGIES AND TACTICS FOR SAFER,
MORE EFFICIENT VIRTUAL SERVER BACKUPS. BY STEPHEN J. BIGELOW
EDITOR’S
LETTER
7
V
BACKUP
STRATEGIES
FOR VIRTUAL
SERVERS
7 IRTUALIZATION HAS brought
a new focus on manage-
BUILDING A
ment efficiency and the
PRIVATE CLOUD effective use of valuable
7 computing resources. But as
fewer physical servers host increasing
HOW TO numbers of virtual machines (VMs),
GAUGE SERVER
RESOURCES
IT administrators face a new series of
FOR ENDPOINT data protection and backup chal-
VIRTUALIZATION
lenges. Today it’s more than just mak-
7 ing a copy of important data files.
Each VM state must also be protected
and kept readily accessible.
Each organization must reevaluate
its backup needs within the context of
its virtual infrastructure and then select
the most appropriate technologies to
provide the best data protection. That
may mean adapting traditional back-
up approaches to a virtual environ-
ment, while other cases may warrant
a shift to other backup paradigms.
The need for server backups is fun-
damentally the same in a virtualized
server as it is for traditional nonvirtu-
alized servers. Backups guard against
data loss caused by factors such as
3 VIRTUAL DATA CENTER E-ZINE JUNE 2010
hardware failures, application or oper-
ating system failures and human error.
But there are some important differ-
ences in a virtual environment that
will influence an organization’s back-
up choices.
First, virtual infrastructures often
have to contend with more data. More
applications are certainly producing
larger and more plentiful files, but each
VM is itself a large file—such as VM-
ware .VMDK files—that must also be
protected. Because a VM file is essen-
tially an image of server memory that
reflects the complete operating state
of a VM at some point in time, VM
backups usually occur frequently
throughout the course of each day.
Backup demands translate to server
computing performance. In traditional
nonvirtualized servers, a backup
process normally consumes up to
100% of the server’s processing and
I/O resources—nothing else was run-
ning on that server anyway. With vir-
tual servers, there may be 10, 20 or
even more VMs all sharing a portion
 of the server’s resources. A backup
process will need to operate effective-
ly within the resources allocated to
that respective VM.
If the backup of any single VM
makes excessive demands on the
physical server, the performance of
other running VMs can be adversely
affected. A similar consideration
EDITOR’S
LETTER
occurs when VM backups are
7 restored to a server. Each VM that
comes back online will use a portion
BACKUP
of the server’s computing resources,
STRATEGIES leaving fewer free resources to restore
FOR VIRTUAL
SERVERS
subsequent VMs. Thus, restoration
7 can take longer as more VMs are
restored.
BUILDING A
This delicate balancing act of time
PRIVATE CLOUD and performance is often overlooked
7
when backing up in a virtual setting.
Server virtualization also places
more demands on storage and net-
works. Unlike traditional servers that
use local storage for operating sys-
tems, drivers and applications, most
virtual data centers store virtual serv-
er data centrally in a shared storage
resource like a SAN. This includes
application data along with the latest
image of each VM and certain types
of backups. As a result, the SAN must
perform adequately enough to ex-
change data among dozens—even
hundreds—of VMs.
The network that connects storage
to the physical servers must also sup-
port the simultaneous data traffic pro-
duced by myriad independent VMs.

HOW TO
GAUGE SERVER TAPE AND VIRTUAL SERVER BACKUPS
RESOURCES
FOR ENDPOINT
VIRTUALIZATION
THERE IS NO question that disk-based data protection schemes have largely dis-
7 placed tape-based systems for many backup tasks. But the move to server virtual-
ization raises the issue of its affect on the use of tape technology.
There is a general consensus that tape technology does not provide the speed
and reliability that disk-based storage can offer, but experts agree that tape has a
potential role in virtual data centers. Tape can still serve in long-term data protec-
tion tasks in areas like compliance and archival storage.
In actual practice, tape storage can provide a viable and economical alternative
to disk storage in both traditional and virtualized data centers. Consider an enter-
prise that must archive its long-term data but rarely needs to access that data.
Disk storage can certainly serve those needs, but the cost of disk space, along with
the cost of powering, cooling and maintaining those storage resources could be
prohibitive.
By comparison, disk-based backups—often used in concert with data reduction
technologies—can serve day-to-day backup needs and even short-term archival
storage, but data that “ages out” of disk storage can easily be passed to tape—
lowering costs and freeing that disk space for reuse. ■

4 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 This is one of the reasons that a sepa-
rate high-performance Fibre Channel
SAN is deployed for a virtual data
center, though IP-based SANs like
iSCSI, or even NAS, will work in many
situations.
Increasing volumes of data, heavier
demands on server computing
resources and the changing implica-
EDITOR’S
LETTER
tions of storage and network architec-
7 tures all conspire to complicate long
established backup processes. Organ-
BACKUP
izations will now need to adapt their
STRATEGIES established backups or shift to alter-
FOR VIRTUAL
SERVERS
native backup methods.
7 puting resources and network per-
BUILDING A
UPDATING ESTABLISHED BACKUP
PRIVATE CLOUD TECHNIQUES FOR VIRTUAL SERVERS
7 Virtualization certainly does not
exclude tape, and organizations that
HOW TO currently use tape-based backups can
GAUGE SERVER
RESOURCES
continue to use those products. For
FOR ENDPOINT
VIRTUALIZATION
7
SERVER RESILIENCY AND BACKUPS
example, each VM exists as an inde-
pendent server, so it’s a simple matter
to add a tape backup agent to each
VM and back up to a tape target.
Tape is relatively inexpensive, well
understood and supported by many
different backup tools. In fact, organi-
zations that are new to server virtual-
ization often leverage their existing
tape backup approach while research-
ing methods better suited for virtual
environments.
Tape works fine with small or non-
critical virtualization deployments,
but it’s easy to see that server com-
formance can quickly become over-
whelmed with backup traffic,
especially if multiple VMs attempt a
backup simultaneously. The main
problem here is time.
You must quiesce a VM before a
backup starts, so it’s unavailable to

MISSION-CRITICAL SERVER deployments are implementing high-availability (HA) tech-

nologies to ensure continued server operation in the face of physical server prob-
lems. These technologies usually include clustering servers or operating redundant
virtual machines (VMs) across multiple servers. It may seem that an HA server
deployment may need fewer backups, but this is not the case.
It’s important to note that HA does not directly affect backup strategies or
processes. The principal purpose of HA is to protect the server hardware, but it
offers no benefit to the data those servers operate with. File corruption, virus infil-
tration, storage system issues and even user errors—such as deleting a file or even
an entire VM—can result in data loss that will require backup recovery. Adminis-
trators must implement backups that are appropriate to meet the recovery point
and recovery time objectives of that high-availability deployment. ■

5 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 users during a backup cycle. A backup
cycle can take a great deal longer for a
VM because of contention with com-
puting and network resources. Conse-
quently, backing up a VM to tradition-
al tape may result in unacceptably
long backup windows.
“Those processes take a lot of net-
work bandwidth and storage band-
EDITOR’S
LETTER
width and throughput,” said Ray Luc-
7 chesi, president and founder of
Silverton Consulting Inc. in Broom-
BACKUP
field, Colo. “So when you start loading
STRATEGIES virtual machines, all doing backups
FOR VIRTUAL
SERVERS
within an 8 p.m. to 5 a.m. window,
7 there can potentially be a problem.”
Unfortunately, there is no practical
BUILDING A
way to alleviate these drawbacks with
PRIVATE CLOUD direct tape backup architectures. The
7 most common adaptations used to
improve performance all require the
HOW TO inclusion of disk storage. Virtual tape
GAUGE SERVER
RESOURCES
library (VTL) technology is one
FOR ENDPOINT avenue. It passes backup data to disk
VIRTUALIZATION
storage that the backup software has
7 provisioned to emulate a tape system.
The disk storage target can be a SAN
or a NAS storage subsystem, and a
tape drive will typically create a sec-
ondary copy of the VTL backup.
Most organizations that adopt vir-
tualization today are embracing a
variety of newer disk-based data pro-
tection options, relegating tape to
long-term or archival storage roles.
CONSIDERING NEW VIRTUAL
SERVER BACKUP TECHNIQUES
The main challenge with virtual server
backups is to minimize the backup
window while keeping network traffic
6 VIRTUAL DATA CENTER E-ZINE JUNE 2010
at manageable levels. Virtualization
technology can be combined with a
SAN to provide a variety of powerful
backup options.
The most versatile disk-based data
protection technique to appear for vir-
tual servers is the snapshot. A snap-
shot is just what the name implies—a
fast point-in-time (PIT) copy of a VM
file to high-performance storage such
as a Fibre Channel SAN. Because a
snapshot can be accomplished in
minutes or less, there is very little
application disruption.
In many cases, users don’t even
realize a snapshot has taken place.
Snapshots can be full and capture the
entire VM, or they can be incremental
where only changes are collected.
Once captured to storage, the snap-
shot can be used in several important
ways. It can be replicated—or mir-
rored—to a remote facility for disaster
recovery, it can be cloned to other
servers, and it can even be copied
to a dedicated backup server that can
move the snapshot to tape—such as
VMware Consolidated Backup.
Snapshots do require some man-
agement. Each snapshot requires
storage space, so storage monitoring
and capacity planning can play a
greater role when using snapshots.
It’s likely that you will only choose to
store a limited number of snapshots,
so be sure to configure the snapshot
tool to delete snapshots that “age
out” and reuse that disk space.
It’s also important to flush any data
buffers so that the exact machine
state is captured in its entirety. Other-
wise, the machine state may be left
 incoherent or corrupted, which makes
recovery impossible.
A close cousin of the snapshot is
continuous data protection (CDP),
which closely tracks and journals any
changes to a data set, such as a virtu-
al machine state. Although you can
take snapshots frequently, CDP is
regarded as up-to-the-moment data
EDITOR’S
LETTER
protection best for VMs that are con-
7 stantly changing. The continuous
nature of CDP alleviates the need to
BACKUP
flush buffers, but it’s still important
STRATEGIES to manage storage consumption.
FOR VIRTUAL
SERVERS
The live migration of VMs between
7 physical servers is certainly not a
backup option, but it can affect data
BUILDING A
protection behavior, and administra-
PRIVATE CLOUD tors must account for that. Even
7
though VMs can be migrated on
demand, they must still be able to
access data, and applications must
still know where to find VMs.
In many cases, data files must also
be relocated to accommodate VM
migration. Administrators must con-
sider how migration interacts with
snapshot, replication, backup and
other data movement tools.
Here is another wrinkle to consider.
VMs typically sit on top of a virtual-
ization platform—the hypervisor. This
means an additional backup is needed
to protect the underlying “system
platform,” which normally includes
an operating system and hypervisor
such as VMware ESX, Citrix Xen or
Micro-soft Hyper-V.

HOW TO
GAUGE SERVER CAPACITY PLANNING AND BACKUPS
RESOURCES
FOR ENDPOINT
VIRTUALIZATION
CAPACITY PLANNING CAN become a factor in backups, though the actual importance
7 of backup capacity planning is a matter of debate. A virtual data center still has to
back up data generated by applications—that hasn’t changed. But what has
changed is the uncertainty caused by a convergence of virtualization and new
backup approaches.
For example, some experts say that each virtual machine and host platform
need backups as well, and it’s easy to see how storage needs can swell with snap-
shots, continuous data protection journals, virtual tape library records and other
backup data that is often copied multiple times across different physical locations.
But other experts note that technologies like data deduplication and incremental
snapshots mitigate storage demands. Most organizations keep only a limited num-
ber of snapshots, and older snapshots that “age out” of storage are typically delet-
ed, and the space is reused.
Ultimately, coherent backup planning should involve some consideration of stor-
age needs over time. Once an administrator knows what storage is available for
backups, how it’s used, how it’s performing and how storage demands are chang-
ing, it’s possible to make informed decisions moving forward. ■

7 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 “Testing for virtual server backups
needs to take into consideration both
restoring the guest [and] restoring
the entire system,” said Greg Schulz,
founder and senior analyst at The
Server and StorageIO Group in Still-
water, Minn. “That means an extra
layer of testing may be required to
make sure that a guest can be restored
EDITOR’S
LETTER
into a VM, as well as the entire sys-
7 tem being able to be restored.”
Any backup strategy—or change in
BACKUP
strategy—should include a considera-
STRATEGIES tion of backup testing. Testing disk-
FOR VIRTUAL
SERVERS
based backups in a virtual environ-
7 ment is generally much easier than
testing traditional tape backups.
BUILDING A
Snapshots and CDP files can be re-
PRIVATE CLOUD stored quickly to idle servers and test-
7 ed without any disruption to the pro-
duction environment. This makes it
HOW TO much easier to train and drill IT staff
GAUGE SERVER
RESOURCES
on effective restoration, which vastly
FOR ENDPOINT raises their confidence and provides a
VIRTUALIZATION
more responsive vehicle for evaluat-
7 ing, refining and improving backup
processes.
TACTICS FOR MORE
EFFICIENT BACKUPS
Today’s data protection technologies
offer far more flexibility than tradition-
al tape systems. As you saw earlier,
snapshots of each VM can be taken in
a matter of minutes—even seconds—
and then backed up from the storage
system without impacting the produc-
tion environment. But other tactics
can enhance the backup process even
further.
Consider the use of data deduplica-
8 VIRTUAL DATA CENTER E-ZINE JUNE 2010
tion technologies for storage sub-
systems. VM files contain a great
deal of empty space and redundant
data. For example, if you run 50 VMs
across 10 servers, most of those host
and guest machines will probably
run the same operating system, which
can be deduplicated, which signifi-
cantly reduces the amount of storage
needed for snapshots. And the small-
er data set means speedier backups
to other media and faster replication
off-site.
Data protection will always require
some amount of storage and network
bandwidth, so try staggering the
scheduling of VM snapshots. For
example, if a physical server hosts 10
VMs, it’s probably a bad idea to take
snapshots of all 10 VMs simultane-
ously. Stagger the snapshots so that
only one or two VMs are affected at a
time. This limits the spike in network
and storage I/O.
Finally, it’s common for virtualiza-
tion users to adopt multiple data pro-
tection schemes and apply them dif-
ferently to each VM depending on its
relative importance to the organiza-
tion. For example, CDP may be used
to protect a mission-critical VM, while
standard business applications may
receive snapshots once an hour.
Noncritical VMs may receive snap-
shots only a few times per day. And
all of that PIT data can be periodically
replicated to a DR site or offloaded to
another backup medium such as VTL
or tape. Administrators should feel
free to mix and match their data
protection in ways that best fit the
respective VM being protected. ■
THINK AGAIN.
Enterprises around the world are relying on virtualisation to increase datacenter efficiency and, unknowingly,
leaving themselves more vulnerable. That’s because conventional security isn’t able to protect virtual machines
or see the traffic between them — leaving data and networks exposed. Which is why in 2009 sixty percent of
virtual machines were less secure than their physical counterparts. But with Trend Micro™ Enterprise Security,
powered by the Trend Micro™ Smart Protection Network™ infrastructure, you can mitigate the risk and
maximize the benefits of virtualisation. It’s a different kind of security that protects your physical and virtualised
environments and helps set the foundation for your company to move confidently into the cloud.

Learn how to protect your virtualised datacenter.

Download the Trend Micro eBook at www.trendmicro.com/thinkagain
 Building a Private Cloud
IT AUTOMATION, SECURITY AND STANDARDS ARE THE PLACES
TO START WHEN CONSIDERING A PRIVATE CLOUD. BY BILL CLAYBROOK

EDITOR’S
LETTER

C
7

BACKUP
STRATEGIES REATING AN internal ist, a load-balancing expert, a storage
FOR VIRTUAL
SERVERS
or private cloud that expert, someone who is responsible
7 gives IT managers the for the operating systems and more.
benefits of a cloud Cloud computing goes well beyond
BUILDING A
running inside the server virtualization because it gives
PRIVATE CLOUD data center isn't easy. IT pros will customers more options for increas-
7 have to glue it together themselves ing data center flexibility and reducing
because no single vendor currently costs. There is a big difference be-
HOW TO provides all of the pieces that are tween setting up VMware ESX clusters
GAUGE SERVER
RESOURCES
needed. Some packaged software is
FOR ENDPOINT beginning to appear to help create pri-
VIRTUALIZATION
7
vate clouds, such as Ubuntu Enter- A typical private cloud
prise Cloud, but the software is limit-
ed to Linux-based clouds. relies on the security
What is a private cloud anyway? It measures available
resides on the premises, inside your within the cloud and
data center giving IT managers com-
plete control over the available the data center.
resources. A typical private cloud
relies on the security measures avail-
able within the cloud and the data
center. It automates workflows and
removes human tasks like configuring in a data center for server virtualization
routers and load balancers or setting and implementing an internal cloud.
up firewall rules. For private clouds to be useful and
These are steps that many enter- continue in the direction set by public
prises with virtualized servers are clouds, IT pros need to automate as
doing by hand. Enterprises often have many manual tasks as possible to
a firewall specialist, a router special- bring up capacity on the fly and put it

10 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 back when it's not needed.
This requires an inventory manage-
ment system that does not exist com-
mercially today—one that can keep
track of all IT space, the operating
systems running on each machine,
the number of physical devices you
have, the amount of access capacity
that is available, the trigger points for
EDITOR’S
LETTER
adding more disk space on storage
7 area networks, the software stored
on each machine and more.
BACKUP
It also requires orchestration to
STRATEGIES ensure that tasks are executed in the
FOR VIRTUAL
SERVERS
right order. When a user asks for a
7 server with one CPU, one GB of RAM,
a 250 GB hard drive and Red Hat
BUILDING A
Enterprise Linux (RHEL) 5.3, the cloud
PRIVATE CLOUD software layer has to go out and grab
7 an IP address, set up a virtual local
area network (VLAN), put the server
HOW TO in the load balancing queue, put the
GAUGE SERVER
RESOURCES
server in the firewall rule set for the IP
FOR ENDPOINT address, load the correct version of
VIRTUALIZATION
RHEL, patch the server software when
7 needed and place the server into the
nightly backup queue.
AUTOMATION BEYOND
CURRENT MEANS
This type of automation replaces hun-
dreds of discrete tasks normally per-
formed manually by specialists. The
investment that cloud vendors are
making is in using the correct cloud
layer to automate in hours the tasks
that used to take many days. None of
the current external cloud providers,
however, are close to providing this
level of automation.
The data center staff will have to
11 VIRTUAL DATA CENTER E-ZINE JUNE 2010
create the automation layer for its
internal cloud because no current
vendor provides a complete software
layer. The staff will essentially have to
buy the pieces and put them together.
IT managers will have to meld
together tools to manage private
clouds and other resources in a data
center. The tools to manage both
physical and virtual resources have
been slow to emerge. Even though
server virtualization is growing rapid-
ly, the management tool industry is
playing catch-up.
There are no system management
tools to manage a mixed environment
that incorporates existing data cen-
ters and cloud computing. System
management tools were developed at
a time when hardware was expensive
and difficult to replace. Clouds are
de-signed based on a different
assumption: Hardware is cheap,
and it will fail.
Cloud providers also build in redun-
dancy, which requires a different man-
agement philosophy, one that public
cloud providers such as Amazon and
Google have adopted. But not all IT
pros believe that applications should
be virtualized in their own data cen-
ters using server virtualization or run
on private clouds. IT managers should
considering using Software as a Serv-
ice (SaaS) as a delivery model for
their applications, said Hylton van
Zyl, R&D specialist at Credit Suisse,
a financial services provider. SaaS
providers, such as Salesforce.com,
will likely have good security because
they own the entire software stack,
he said.
 PRIVATE CLOUDS ARE NOT PERFECT
Public clouds and external private
clouds have a number of barriers and
risks that cause many IT shops to
balk. Some of the risks that surround
public clouds are also risks for private
clouds, but the degree of risk is gener-
ally less. In some cases, such as con-
trol of resources and security, the
EDITOR’S
LETTER
risks are much less.
7 Cloud security is always a top risk
when using external clouds, and it’s
BACKUP
one of the major reasons that IT
STRATEGIES managers favor private clouds over
FOR VIRTUAL
SERVERS
public clouds for many of their appli-
7 cations.
Chris Hoff, a security guru at
BUILDING A
Cisco Systems Inc., said that security
PRIVATE CLOUD is just one of several issues with pub-
7 lic clouds. On Amazon EC2, you have
virtual machines, virtual appliances,
HOW TO and Amazon Machine Images running
GAUGE SERVER
RESOURCES
on hundreds or even thousands of
FOR ENDPOINT servers, he said. You have no idea
VIRTUALIZATION
what’s in these images, who built
7 them and where they came from.
With private clouds, though, IT man-
agers have the control that public
clouds are missing.
The degree of a risk can be much
less with private clouds, but compli-
ance and regulatory issues, soft-
ware licensing, availability, scalability,
service-level agreements and the
effects of new technology like server
virtualization on IT workers and their
jobs are still issues with private
clouds.
One of the issues with public clouds
is that cloud providers oversubscribe,
and oversubscribing can lead to the
equivalent of downtime—the loss of
12 VIRTUAL DATA CENTER E-ZINE JUNE 2010
availability—for unlucky users. Cloud
providers occasionally move work-
loads around because there are too
many users sharing the same
resources at one time and perform-
ance suffers. That’s less likely to hap-
pen with private clouds, but it can
without proper management tools.
ADHERING TO CLOUD STANDARDS
Private cloud users must work with
standards organizations to ensure
that their clouds are tracking the
important standards when they ap-
pear. The reason standards are so
important is that users will eventually
want to move applications from cloud
to cloud, and this is very difficult with-
out standard interfaces.
Amazon's EC2 interface is currently
as close to a standard as we have,
and it’s the reason that Canonical
adopted it for UEC. Red Hat's Delta-
cloud open source project is an effort
to try to make it easier for a data cen-
ter, through a single interface portal,
to work with differing cloud providers'
using drivers to communicate with
each cloud application programming
interface.
Given the almost nonexistent cloud
interface standards, companies like
Johnson & Johnson are working with
RightScale to develop an abstraction
layer for Amazon that will make it
easier to deploy and move applica-
tions onto clouds. Management soft-
ware that creates an abstraction layer,
such as RightScale, will serve as fill-ins
until real cloud standards are created
and adopted. ■
 How to Gauge Server Resources
for Endpoint Virtualization
LEARN SOME PRACTICAL GUIDELINES FOR DETERMINING SERVER
REQUIREMENTS FOR ENDPOINT VIRTUALIZATION AND IDEAS FOR
MANAGING THE LOAD. BY DANIELLE RUEST AND NELSON RUEST

EDITOR’S
LETTER
7

BACKUP

N
STRATEGIES
FOR VIRTUAL
SERVERS
7
most organi-
OW THAT cially when organizations realize that
BUILDING A
zations are using their move to Windows 7 may well be
PRIVATE CLOUD some form of server their last. With the increased reliance
7 virtualization, many on new platforms—slate PCs such as
are moving to the the iPad, netbooks, even iPhones—
HOW TO next level in virtualization: endpoint and the increased mobility of task
GAUGE SERVER
RESOURCES
virtualization (EPV)—or more pre-
FOR ENDPOINT cisely, the virtualization of end user
VIRTUALIZATION
7
desktops in central repositories. EPV EPV is making more
is similar to server virtualization in
that it relies on central hardware that
sense, especially when
runs virtualized instances of each end organizations realize
user desktop. In this regard, EPV that their move to
reuses several components that were
implemented during an organization’s Windows 7 may
move to server virtualization. well be their last.
EPV also relies on physical host
servers, usually running in some form
of cluster to provide highly available
virtual machines (VMs), storage fab-
rics to host VM disk files and virtual- forces and employees as well as the
ization management software to increase in home-based employment,
orchestrate the launching and closing moving away from a physical PC per
of the VMs that make up each user’s employee is a solid value proposition.
productivity environment. If you can get rid of a complex phys-
EPV is making more sense, espe- ical endpoint device such as a full-

13 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 blown Windows PC and move it to a
virtual instance of a PC—especially
one that is required only when the end
user is working with it—then you can
control initial costs, reduce deploy-
ment expenses and lower administra-
tive overhead. And, if you already
have a server virtualization infrastruc-
ture in place, then moving to EPV is
EDITOR’S
LETTER
nothing but a step further into the
7 virtualization arena.
BACKUP
STRATEGIES ESTABLISHING EPV
FOR VIRTUAL
SERVERS
SERVER REQUIREMENTS
7 There are, however, some key differ-
ences in the way you implement EPV
BUILDING A
compared to server virtualization.
PRIVATE CLOUD After all, the VMs required for EPV
7 will be productivity machines running
end-user applications, not VMs run-
HOW TO ning server-based workloads.
GAUGE SERVER
RESOURCES
No one interacts directly with a
FOR ENDPOINT server VM. Instead, they interact with
VIRTUALIZATION
the remote service the server VM
7 runs—directory services, file shares,
printer shares, email systems and so
on. With an EPV VM, the end users
are working directly with the machine,
interacting with various applications
and controlling the machine’s environ-
ment to suit their tastes. Because of
this, EPV requires additional compo-
nents to run.
These components include:
■A directory server such as
Microsoft Active Directory. Although
a directory service is useful for a serv-
er virtualization environment because
it helps centralize all administrative
access to the server virtualization
14 VIRTUAL DATA CENTER E-ZINE JUNE 2010
environment, it is essential in an EPV
environment because it is the element
that ties an end user’s account with
his or her own particular desktop VM.
■ A desktop VM coordination serv-
ice. This service links a user’s desktop
VM to the user account once the user
has been validated by the directory
service. It is also responsible for gen-
erating the VMs as required.
■ A remote access protocol. This
protocol, often Microsoft’s Remote
Desktop Protocol (RDP), is responsi-
ble for linking the user’s physical end-
point device to the endpoint VM.
Note that both Citrix and VMware
have their own remote access proto-
cols and do not necessarily rely on
Microsoft’s RDP.
■ Other server components, such
as file servers and application reposi-
tories. The inclusion of these compo-
nents in your EPV architecture will
depend on your EPV model of choice.
Another major difference between
EPV and server virtualization is the
nature of the VM. Server VMs are
composed of a server operating sys-
tem and then, usually, one single serv-
er application. Desktop VMs, on the
other hand, are composed of a desk-
top OS, end-user applications that
can vary from desktop to desktop and
the user’s machine state or data and
machine configuration.
In fact, end-user VM construction
can be viewed as a bull’s eye with the
(Continued on page 16)
 USING MICROSOFT HYPER-V HOSTS

MICROSOFT HAS RELEASED its own virtual desktop infrastructure (VDI) or endpoint
virtualization (EVP) product. This offering runs desktop virtual machines (VMs)
on top of Microsoft Hyper-V and relies on Remote Desktop Services, or RDS, to
connect end users with their centralized VM. It requires System Center Virtual
Machine Manager as the VM management tool, and EPV implementation
requires a full deployment of all Remote Desktop Services (see Figure A-1).
EDITOR’S
In Windows Server
LETTER
7 2008 R2, Hyper-V runs
in clusters of 16-nodes
BACKUP
with each cluster mem-
STRATEGIES ber able to support up
FOR VIRTUAL
to 64 VMs for a total of
SERVERS
7 1,000 VMs per cluster.
But there are a few
BUILDING A
caveats for this con-
PRIVATE CLOUD figuration to work:
7 Each VM must
■

be a low requirement
HOW TO Figure A-1: Required server roles for a
GAUGE SERVER
machine and must have
Microsoft Hyper-V EPV deployment
RESOURCES a small amount of RAM
FOR ENDPOINT
VIRTUALIZATION
assigned to it. For ex-
7 ample, if your server includes 64 GB of RAM, you will not be able to run 64
VMs with 1 GB of RAM each because of required Hyper-V overhead. You must
assign more RAM to the server to run the 64 VMs.
■ Hyper-V supports volatile EPV machines through the use of the Hyper-V
Snapshot feature. Snapshots divide virtual disk files into a set of parent and
child files. The parent file includes the source VM and the child files include
any changes. Child files are discarded once the VM is closed. Parent files, how-
ever, usually require at least 10 GB of storage for each running desktop VM.
The Remote Desktop Virtualization host servers will, therefore, require ade-
quate storage to run your required number of VMs.
■ Running EPV on Hyper-V requires the use of the Virtual Enterprise Central-
ized Desktop license, which lets each end user run up to four desktops per OS
license.
■ Remote Desktop Services also now include Microsoft’s Application Virtu-
alization tools in support of the volatile EPV model. ■

15 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 (Continued from page 14)
three required components. Each
layer of the bull’s eye requires the
appropriate support services to make
it run properly (see Figure 1).
DETERMINING THE EPV MODEL
You also need need to consider if you
EDITOR’S
LETTER
are creating persistent or volatile end-
7 user VMs. Persistent user machines
consist of one dedicated VM per user.
BACKUP
This VM will include the user’s
STRATEGIES required applications, data and user
FOR VIRTUAL
SERVERS
state within itself and requires little in
7 terms of external services to support
it. But it will need a significant amount
BUILDING A
of storage space within the central
PRIVATE CLOUD storage fabric because the VM’s disk
7 files will grow with use.
This means the VM’s disk files will
require long-term management to
help control its consistency and size
through the use of defragmentation,
compression and virtual disk file
maintenance utilities. Persistent VM
disk files usually start at 10 GB each
and can grow significantly as users
add data within the VM.
But persistent VMs do not resolve
many of the issues organizations face
when running physical desktops.
Because end-user data is contained
within the VM—as it is within a physi-
cal desktop—the organization must
apply various means to protect that
data, usually through endpoint backup
tools.
Volatile end-user VMs do not have
this requirement. That’s because a

HOW TO
GAUGE SERVER Figure 1
RESOURCES
FOR ENDPOINT
VIRTUALIZATION
The bull’s eye desktop construction model is ideal
7
for endpoint virtualization.

16 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 volatile VM is created on the fly as a
user logs in. A volatile VM requires
three core components to work prop-
erly:
1. A source desktop VM that con-
tains only the updated operating sys-
tem and required utilities such as
management and anti-malware tools.
EDITOR’S
LETTER
7 2. Virtual applications or applica-
tions that have been processed
BACKUP
through application virtualization
STRATEGIES (AppV) tools to capture their running
FOR VIRTUAL
SERVERS
state instead of their installation
7 process. Virtual applications are,
therefore, not installed on the end-
BUILDING A
point but rather streamed to the end-
PRIVATE CLOUD point—a process that is initiated by
7 end users when they actually work
with an application—and because of
HOW TO this, can be applied to any VM at user
GAUGE SERVER
RESOURCES
logon.
FOR ENDPOINT
VIRTUALIZATION
3. User state virtualization (USV),
7 through either custom tools contained
within the EPV suite or through stan-
dard Microsoft tools such as folder
redirection and roaming profiles. USV
constantly protects user data because
it stores it outside of the VM. It is also
applied when users log on to the VM.
In fact, because the VM includes
nothing but the OS and because appli-
cations and user data are applied at
logon only, each of the VMs becomes
volatile because the VM can be dis-
carded as soon as the user logs off.
Therefore, the volatile VM model is
much more versatile than the persist-
ent model.
17 VIRTUAL DATA CENTER E-ZINE JUNE 2010
It also requires significantly less
storage space because you are no
longer storing individual VMs.
Instead, you store the source copy of
the VM and generate new machines
as needed when needed. It’s impor-
tant to note that both AppV and USV
have their own benefits independent
of the advantages of EPV.
Finally, EPV VMs vary in size and
complexity based on the type of work
the user performs. VMware catego-
rizes end users into three different
types, each with its own require-
ments:
■ Task workers focus on a small set
of repetitive activities based on a
small number of applications. Ma-
chine requirements are relatively low.
■ Knowledge workers rely on pro-
ductivity tools to manage information.
They usually require a full productivity
suite such as Microsoft Office, and
they often require access to the Inter-
net. Machine requirements are mod-
erate.
■ Power users work with more com-
plex applications such as develop-
ment tools or graphical imaging tools.
Machine requirements are more
strenuous.
Understanding your user require-
ments is essential when planning for
the server resources required to sup-
port EPV because each VM will
require appropriate amounts of RAM,
properly sized paging files to reduce
(Continued on page 19)
 USING VMWARE ESX HOSTS

WITH THE RELEASE of View, VMware is now offering its most mature iteration of a
virtual desktop infrastructure. It relies on VMware’s Virtual Infrastructure 3 (VI3),
running the VMs on top of ESX Server hosts. It also relies on VMware ThinApp
for application virtualization (see Figure B-1). However, VMware EPV has several
advantages over other endpoint virtualization solutions now on the market:

EDITOR’S
■ VI3 offers special memory management features that can vastly reduce the
LETTER required amount of physical RAM to support multiple VMs running the same OS.
7 Transparent Memory Sharing will automatically deduplicate similar in-memory
contents from multiple VMs. Memory Ballooning will also automatically recover
BACKUP memory that was
STRATEGIES
FOR VIRTUAL
allocated to other
SERVERS VMs once they
7 no longer need it.
These two features
BUILDING A help reduce phy-
PRIVATE CLOUD
sical host server
7 requirements for
multiple VM
HOW TO
GAUGE SERVER
operation.
RESOURCES
FOR ENDPOINT VMware View
■

VIRTUALIZATION supports linked

7 Figure B-1: Required components to run a clones, which
VMware View EPV infrastructure greatly reduce the
operational stor-
age space required
for desktop VMs because differential files are considerably smaller than the par-
ent virtual disk image.
■ VMware View also includes its own remote access protocol, PC over IP, which
VMware designed to improve performance and graphics quality over remote con-
nections.
Reduced host server requirements, reduced storage requirements and improved
remote access protocols make VMware View an attractive offering for EPV. In
addition, the architecture required to run an EPV infrastructure with VMware View
is considerably simpler and includes fewer components than other virtual desktop
infrastructures. If your organization is already running VI3, then VMware View
might be the best solution for you. ■

18 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 (Continued from page 17) of constant operating system roll-
disk access and proper virtual disk file overs, distributed desktop manage-
sizes. ment and end users with administra-
tive access rights is drawing to an end.
Organizations will no longer need to
UNDERSTANDING manage complex hardware and soft-
EPV VM REQUIREMENTS ware configurations to give end users
Ideally, you will be able to pool EPV
VMs according to user types, running
EDITOR’S
LETTER
low requirement machines—1 GB to 2 Because all VMs are
GB of RAM per VM, a single virtual
7
processor—on one pool of host
generated from one
BACKUP
servers. Moderate requirement or two source images
STRATEGIES
FOR VIRTUAL
VMs—2 GB to 4 GB of RAM, possibly and then discarded
two virtual processors—would run on
SERVERS
another pool of host servers and once the user logs off,
7
strenuous requirement machines—4+ you only need to main-
BUILDING A
GB of RAM, more than two proces- tain and update the
PRIVATE CLOUD sors—on yet another set of host
7 servers. source images each
Grouping desktop VMs in this man- month, which vastly
HOW TO ner allows you to simplify the EPV
GAUGE SERVER
management model because you will
reduces your machine
RESOURCES
FOR ENDPOINT be able to host multiple low and mod- update overhead.
VIRTUALIZATION
erate requirement VMs on a pool of
7 hosts while running fewer strenuous
requirement VMs in a separate pool.
Another major advantage of EPV,
especially when you run volatile VMs, access to their desktop environments.
is that it greatly simplifies the Win- New devices with simpler operating
dows software update process. systems such as Apple’s iPad and
Because all VMs are generated from iPhone or Google’s Android are com-
one or two source images and then ing to the forefront and transforming
discarded once the user logs off, you the endpoint hardware model.
only need to maintain and update the Centralized EPV will maintain pro-
source images each month, which ductivity workloads within Windows
vastly reduces your machine update environments. But it will also continue
overhead. to simplify the way we manage these
EPV is here to stay, and once organ- machines. This transformation is on-
izations fully adopt it, it will provide going and threatens to affect Micro-
completely new models for desktop soft’s desktop dominance once and
management and utilization. The era for all. ■

19 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 AB OUT THE AUTHORS

Stephen J. Bigelow, a senior

technology writer in the Data
Center and Virtualization
Media Group at TechTarget
Inc., has more than 15 years
of technical writing experi-
ence in the PC/technology industry. He
holds a bachelor of science in electrical
engineering, along with CompTIA A+, Net- Cathleen Gagne
EDITOR’S
LETTER work+, Security+ and Server+ certifica- Editorial Director
7 tions, and has written hundreds of articles cgagne@techtarget.com
and more than 15 feature books on com-
Matt Stansberry
puter troubleshooting, including Bigelow’s
BACKUP Executive Editor
STRATEGIES
PC Hardware Desk Reference and Bigelow’s mstansberry@techtarget.com
FOR VIRTUAL PC Hardware Annoyances. Contact him at
SERVERS sbigelow@techtarget.com. Christine Casatelli
7 Editor
ccasatelli@techtarget.com
Bill Claybrook is a marketing
BUILDING A Marty Moore
PRIVATE CLOUD
research analyst with more
Copy Editor
7 than 30 years of experience mmoore@techtarget.com
in the computer industry,
with the last 10 years in Linux Linda Koury
HOW TO
and open source. From 1999 Art Director of Digital Content
GAUGE SERVER
to 2004, Claybrook was research director lkoury@techtarget.com
RESOURCES
FOR ENDPOINT of Linux and Open Source at Aberdeen
VIRTUALIZATION Jonathan Brown
Group in Boston. He is now president of Publisher
7 New River Marketing Research in Concord, jebrown@techtarget.com
Mass. He holds a Ph.D. in computer sci-
ence. Peter Larkin
Senior Director of Sales
plarkin@techtarget.com
Danielle Ruest
and Nelson
TechTarget
Ruest are IT 275 Grove Street
experts focused Newton, MA 02466
on continuous www.techtarget.com
service availabil-
ity and infrastructure optimization. They
are authors of multiple books, including © 2010 TechTarget Inc. No part of this pub-
Virtualization: A Beginner’s Guide for lication may be transmitted or reproduced
in any form or by any means without writ-
McGraw-Hill Osborne, as well as the ten permission from the publisher. For per-
MCITP Self-Paced Training Kit (Exam 70- missions or reprint information, please
652): Configuring Windows Server Virtual- contact Renee Cormier, Director of Product
Management, Data Center Media,
ization with Hyper-V for Microsoft Press. TechTarget (rcormier@techtarget.com).
Contact them at infos@reso-net.com.

20 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 LINKS FROM OUR SPONSOR

q Cloud Computing Security: Making Virtual Machines Cloud-Ready

q Meeting the Challenges of Virtualization Security: Server Defense

for Virtual Machines

q Protecting the Dynamic Datacenter

About Trend Micro: Trend Micro is both a market leader in Internet content security
and a security innovator. Always proactive, Trend Micro is leading the security
industry by recognising the unique challenges of virtualisation and developing dedi-
cated security solutions for virtual environments. While virtualisation offers many
benefits to our customers, it also poses several unique security challenges. Trend
Micro addresses these challenges with dedicated security for virtual infrastructure
and is working with virtualisation innovators like VMware to protect virtual machine
environments. Trend Micro helps organisations benefit from virtual computing by
deploying security that’s designed to meet these specific challenges, allowing our
customers to fully realise the cost and productivity advantages of virtualisation
without compromising the security of their data centre.

21 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 REGIONA L SOLUTION PROVIDER

22 VIRTUAL DATA CENTER E-ZINE JUNE 2010