The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :( - Brian Madden - BrianMadden.com
Brian Madden Logo
Your independent source for desktop virtualization, consumerization, and enterprise mobility management.
Brian Madden's Blog

Past Articles

The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(

Written on May 25 2010 13,869 views, 17 comments


by Brian Madden

Citrix and VMware have been challenging each other on several fronts over the past few years. It seems like every few months a new proxy war pops up (over simplicity of installation, display protocols, disk cloning capabilities, etc.). Last week we learned of the latest battle: What type of client hypervisor (Type 1 or Type 2) is better for local VMs / offline VDI?

When VMware started talking about the features of the upcoming View 4.5 earlier this month, they started pumping up the benefits of a “Type 2” client environment where the corporate VM runs on top of the existing laptop’s OS. (This is similar to VMware ACE, Workstation, Fusion, etc.)

Then at Citrix Synergy last week, Citrix made a release candidate available of Citrix XenClient, a “Type 1” bare-metal client hypervisor that installs directly on a client device in place of a general-purpose OS like Windows.

Of course anyone who’s been in the IT industry more than a few minutes knows there’s no “one size fits all” solution. What’s unfortunate is that Citrix and VMware seem to have forgotten this, as VMware is really pushing the benefits of Type 2 client environments and bashing Type 1 solutions, while Citrix is touting the benefits of Type 1 environments and bashing Type 2.

Type 1 versus Type 2 client VM environments

I’ve written quite a bit over the past few years about the differences between Type 1 and Type 2 environments and why you might choose one over another, but here’s a quick refresher:

Type 1 bare-metal client hypervisor advantages

  • Hypervisor can “own” the device, for security, performance, SLAs, etc.
  • Users can’t break the base environment
  • Possibly more secure due to the smaller attack surface of the hypervisor
  • Better performance since your “OS” is a purpose-built hypervisor instead of a general purpose OS (And the user can’t run something stupid in the host OS that will degrate VM performance)

Type 1 bare-metal client hypervisor disadvantages

  • Very small hardware compatibility list
  • Destructive install

Of course when we move over to the Type 2 list, it’s pretty much the inverse of the previous list:

Type 2 client hypervisor advantages

  • IT doesn’t have to “own” the device
  • The user can install their own hypervisor
  • Adding the hypervisor doesn’t destroy the existing OS
  • Runs on just about any existing hardware that can run Linux, Windows, or Mac

Type 2 client hypervisor disadvantages

  • Possibly not as secure since the client can’t “trust” the base. (End user could run a screen recorder, key logger, etc.)
  • No guarantee of performance (End user could run a crazy app in the host OS that would have to share resources with the hypervisor)
  • Two OSes to manage (host OS and guest VM OS)

Which type of client hypervisor is better? Again, it depends, It Depends, IT DEPENDS. Right off the top of my head, I’m thinking:

Use cases for a Type 1 bare metal client hypervisor

  • IT owns the device (and thus can pick from from the small HCL and can make sure the hypervisor is there)
  • User experience is most like traditional laptops today
  • Users aren’t smart enough to understand the whole Type 2 thing

Use cases for a Type 2 client hypervisor

  • The user owns his or her device
  • Temporary workers (contractors with their own laptops)
  • Users with their own devices working from home
  • Users who are savvy enough to maintain their own base OS

I’m sure that none of these six lists is complete, but I’m just trying to outline some of the things to think about as you consider where Type 1 and Type 2 client environments will fit into your overall desktop delivery infrastructure.

How VMware and Citrix are fighting this battle

Unfortunately it seems like both Citrix and VMware are taking somewhat fundamentalist (almost dogmatic?) stances on where Type 1 or Type 2 environments fit. (Type 1 for Citrix and Type 2 for VMware.)

This is crazy because Citrix talks about this whole “FlexCast” thing where they purport to understand that there’s no one-size-fits-all delivery mechanism. And they show that they can do Terminal Server, VDI, OS streaming, and now client hypervisors. Great! But then they go on to talk about why their Type 1 client hypervisor is a better approach than Type 2. And it’s like, “What?? What just happened to all that awesome messaging about FlexCast? Shouldn’t there be a FlexCast Delivery Option #5 that’s a client-based VM for Type 2 environments?”

But VMware’s no better. They first started talking about a Type 1 bare-metal client hypervisor back in 2008. And they spent the better part of the past two years talking about how much better Type 1 environments are than Type 2 (as they prepared to position their future Type 1 solution against current Type 2 solutions like MokaFive, MED-V, or RingCube). So now all of the sudden VMware decides to do a Type 2 solution instead, and it’s like they suddenly forgot about all the reasons they liked Type 1 over the past two years!?!

I can’t imagine any customers choosing to buy View because VMware’s Type 2 local client is better than Citrix’s Type 1. And I can’t imagine anyone choosing to buy XenDesktop because Citrix’s Type 1 local client is better than VMware’s Type 2.

I hope that both Citrix and VMware are each able to offer both Type 1 and Type 2 clients at some point in the near-ish future. And I hope that customers don’t become the collateral damage in this latest war.

 
 




Our Books


Comments

Mr. Incredible wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 12:56 AM Link To This Comment

Hi Brian,

Actually, this was discussed by Peter Blum in his blog post at community.citrix.com/.../Explaining+XenClient+to+Our+Friends+at+VMware where he acknowleges the value of BYOPC, but also explains that there is also another way of managing those users with hosted desktops or apps or streamed apps with the new safe-zone technology, negating the need for a client-side hypervisor.

Granted that no one model will fit all use-cases, but having many tools in your tool box _helps_ to achieve the desired outcomes!

As the saying goes - if your only tool is a hammer, then every problem looks like a nail.

The truth at the moment is that no matter how you look at it right now, neither company has 100% coverage for all use-cases, and there are some scenarios where one is better than the other, but to suggest that client hypervisors aren't of use to end-users/customers (at no extra cost might I add)? That really is a questionable call...

Kimmo Jernstrom wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 3:54 AM Link To This Comment

How about type 1.5, meet in the middle? Nah, that's invented already, t's called KVM ;)

appdetective wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 5:15 AM Link To This Comment

<NOTE: A few bits of this comment have been removed as they were inappropriate for our site. (replaced with **** below. But the sentiment is still there. --Brian  >

It’s very simple to me. If you promised to deliver Type 1 and then didn’t you FAILED! EOM. The rest is just marketing BS to cover up a monumental F UP. If you then try to say back to the future in a year or so after marketing against Type 1, it makes you the greatest scum in the industry.

I’ve used Type 2 for a while. I’ve always liked Moka 5 due to their rich management. VMware ACE sucks in comparison. Note I like Moka 5 because of the management and policy not the Type 2. The Type 2 holds adoption back. It’s too heavy for mass deployment and the user experience of two reboots is not optimal.  It does provide a MAC option however, but again for regular use as a corporate desktop not a chance, occasional use yes. So again I like the management but performance and user experience is not there. Also security no matter what they say is always a concern. The bigger the attack surface AKA Type 2 Hypervisor the greater the risk. The more security crap you put on top, the worse the experience becomes. So the future to me really is Type 1 for ultimate flexibility, performance and security. Also I have not had a chance to read much about the Citrix Safe Zones, but at first glance it seems like a good idea. It’s like a virtual USB stick with policy I guess. I think for occasional use this is a good thing. Protect the data vs. protect the perimeter and solve the problem in a different and most likely in a more elegant way.... The real battle IMO is who builds the best management and policy for Type 1 and changes the game. There are those that are trying like Virtual Computer, Moka 5 has no strategy here, just a crappy CEO who talks a big game.  Those that I am surprised are still in business like Neoclues (because they never understood that the game was about management not the hypervisor which could only be built by the big boys). Of course there is a also Ringcube, but that is a different discussion and I have yet to see them get traction.

What pisses me off the most is how bad the leadership is in this industry and is holding us all back. You’ve got VMware on one end who FAILED to deliver Type 1, and are led by a ******, and there is also of course MS, forward video to ~4 mins and listen to her. www.citrix.com/tv she ********* f’ed up Kiadro and MS still keeps her on board and has the nerve to go on video and claim type 1 is a niche use case. Two ******** in technology holding the industry back and unfortunately in leadership positions. I have nothing against ********* but have a lot against stupid people. Citrix is not better, **********, who know nothing about what it takes to deliver desktops in the real world. They still haven't delivered on Reverse Seamless and still there is no direct connect method, their VDA sucks and broker is one the poorest quality production pieces of code in the industry. It’s amazing to me how smart people like Maritz and Templeton allow these jokes to stay around. Are they asleep?

Nathan Richmond wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 9:43 AM Link To This Comment

App Dective for President, THAT was an Awesome riff!

Mr. Incredible wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 9:47 AM Link To This Comment

AppDetective - I thought I lacked tact & diplomacy - lol - you are the champion there! Good to see you have an opinion on these things ;-)

PeterTheXenClientGuy wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 9:54 AM Link To This Comment

Hi Brian,

First let me say that I agree completely with your statement that type-1 and type-2 client hypervisors both have a role, and that the role depends entirely on the use case. I was disappointed, however, to read that Citrix is coming off as “bashing” type-2 solutions. I hope that’s not the impression. In my recent blog on this topic (community.citrix.com/.../Explaining+XenClient+to+Our+Friends+at+VMware), I tried to make it clear that we absolutely see clear use cases for type-2 products, even if our strategy is to rely on partners like Microsoft in this area rather than trying to build something new ourselves. If our excitement over XenClient is somehow coming off as bashing type-2 hypervisors, I’d like to apologize and set the record straight.

The main thing we’ve come out strongly against are some of the proposed USE CASES for type-2 products. Until someone convinces us otherwise, for example, we will continue to question the notion that customers will use type-2 hypervisors for “offline VDI” (letting employees “check-out” a VDI desktop when they go on the road, then expecting them to check it back in when they return). While it’s certainly possible, it’s hard to imagine any CIO doing that at scale… or any user bothering to spend hours downloading and uploading their full desktop every time they go offline. Nor are we convinced that any client hypervisor…type-2 or otherwise… is the best model for BYOC programs at scale.

We certainly don’t believe type-1 bare-metal hypervisors like XenClient are right for every use case, either. Expecting IT departments to lay down a bare metal hypervisor on an employee’s personal laptop in a BYOC model, for example, is nuts. While it could be done technically, it seems like an unlikely scenario. For customers looking to extend desktop virtualization to the world of corporate-owned laptops, however, we do indeed believe a bare metal hypervisor like XenClient is a fundamentally better option with better security, performance and stability. With nearly 40% of corporate employees now receiving laptops as their primary device, we see plenty of market opportunity there to keep us busy.

As excited as we are about XenClient… and the role it will ultimately play as a feature of our XenDesktop FlexCast technology….we fully agree that there are clear use cases for type-2 products. If we weren’t clear in that position before, I hope this helps.

Peter Blum

Director of Product Management, XenClient

Citrix Systems

Icelus wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 10:56 AM Link To This Comment

I am extremely glad that Peter addressed this.

Personally I find VMware shoe-horning their type-2 solution into too many use cases that it's ideal for.

In my opinion, Type-2 does not scale well and is geared for a smaller use case in the grand scheme of things.

It's more ideal to address offline local computing with a type-1 hypervisor approach.

Rick Eilenberger wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 10:59 AM Link To This Comment

I don't do as much posting as I used to, as I am a Citrite these days, and am kept busy engaging customers.  For those of you in the LA, OC, and San Diego portions of the country, we are coordinating Citrix User Groups.  For our next round Peter Blum will be presenting XenClient.  Dates for these events are June 8th in SD-OC, June 9-10 for LA.  Events on the 9th and 10 will include Simon Crosby.  These events are free and a great opportunity to extend this discussion, more info at http://lacitrix.com.

For my part, I was working at a large bank here in the U.S. during 2007.  I needed remote access to get my work done.  In the end the only option that was viable was to spin up an OS on VMWare Workstation, encrypt the drive of the VM guest, install the required apps to make it through the gateway policy environment (non-Citrix), and I was good to go.

Did this approach circumvent the security procedure for the network?  Absolutely.  Would the business prefer a better means of affording a consultant like myself access to the network?  Absolutely.  The ability to assign a secure OS to an individual for streaming to an offline context, byte level backup of IP generated from the OS instance, and a kill pill to assure the VM and associated data are rendered non-accessible at a time of the business choosing, these are all strong value propositions for business, and speak to type 1 flexibility.  I still have that bank VM I mentioned somewhere in a backup file somewhere on my network I suspect (I don't look for it though..:-).  Business wants better options than this scenario.

We are at the beginning of something.  Kudos to PB and team, but the best any of us can do in the beginning is deliver version 1 to the market.  Given the scenario I described above, twenty four months from now, will consultants be walking into customers network environments and receive streamed offline OS instances with all the application, client configuration, and security of a type 1?  Or, will business prefer that type 2 approach where the VM sits forever in a network removed from control of the business?  I have a bias in all of this, but I have a feeling based on my own experience that Type 1 has a future for itself.  Thanks.

RTE

Stephan Ortman wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 11:07 AM Link To This Comment

One size may not fit all...  but the marketplace may not be big enough to make all sizes commercially viable.  I think that is what the difference in approaches between VMWare and Citrix is telling us.  They are picking the option they think will fly (a lot like VHS vs Betamax,...  Blueray vs HD DVD).  Specialists and nerds like me will wail and gnash our teeth when options die or wither, but the world will keep turning.

Icelus wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 11:56 AM Link To This Comment

@Brian:

Now following your prediction that 90% of the future "VDI" will be client based. which hypervisor approach will you think be dominant?

I am willing to bet the majority will say Type 1.

www.brianmadden.com/.../prediction-90-of-the-future-quot-vdi-quot-will-be-client-based.aspx

Damien Bruley wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 3:32 PM Link To This Comment

Hi, I guess you guys have already tested NxTop from Virtual Computer, but for those wwho need  "proof of performance" videos, have a look at our videos :

www.youtube.com/watch

www.youtube.com/watch

Coments on youtube are welcome :)

Mr. Incredible wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 3:38 PM Link To This Comment

@Icelus - I agree there.

For existing machines without a type 1 installed, a type 2 or streamed offline apps with safe-zone makes most sense for offline use (for online use, hosted desktops or apps make most sense).

As new machines start to ship with type 1 hypervisors pre-installed later this year, and as individuals rebuild their compatible laptops with type 1 hypervisors, the type 2 benefit starts to disappear - and of course if you have a type 1 hypervisor, there is nothing stopping you from running a type 2 hypervisor on a hosted VM, so yes, the future is type 1, but the future isn't quite here yet, but it's close....

Doug Lane wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 10:51 PM Link To This Comment

While I agree with the general view there are pros/cons/valid use cases for both type-1 and type-2 client hypervisors, I have to take exception with the two disadvantages Brian called out with the type-1 approach.

If we are defining the type-1 client hypervisor as XenClient only, then yes they have started with a limited set of platforms, which I am sure will grow over time.  However, if you assume you probably want a processor with VT-x extensions even if you are running a Type-2 hypervisor, I think you would be hard pressed to find many PC platforms that are capable of running a Type-2 with good performance that could not run NxTop.  We have support for both new vPro/VT-d and older VT-x Intel systems.  We support numerous flavors of Intel and NVIDIA graphics today.  We even have official support for AMD processors and ATI graphics coming in a couple of months.  (We were actually demoing an AMD/ATI system at Synergy—literally just smoothing the edges and testing.)

Also, while it is possible to have our installer wipe the target PC, it is also possible to install NxTop in a non-destructive dual-boot mode where the existing native OS partition is shrunk but preserved.   If you want to remove it, you can just run our installer again to remove NxTop Engine and restore the regular Windows boot loader.  Now, I won’t claim that this isn’t a fair bit more intensive than a type-2 hypervisor install, but it is a viable option and there will be some IT folks who prefer taking this on to dealing with some of the type-2 support and security challenges.

Regardless of what you think about type-1’s viability for things like BYOPC where the PC can’t be wiped, the fact of the matter is that not all of the advantages / disadvantages outlined above have equal weighting.  The overwhelming majority of business PCs will be corporate owned (type-1’s sweet spot) for the foreseeable future.  If BYOPC grows dramatically to represent a meaningful portion of the user population, type-1 vendors will respond accordingly with options (be it offering a type-2 option or other methods) and it will be a much smaller leap than what it would take to turn a type-2 solution into something that can fully manage the company owned PCs that represent the larger and more immediate ROI win for adopting desktop virtualization.

Purnima Padmanabhan wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Tue, May 25 2010 11:46 PM Link To This Comment

Thanks Brian for dealing with this topic again and refocusing it from a being religious debate to a use case based discussion.

That said, from a strategic perspective at MokaFive we have designed our  management solution to be platform agnostic (both client OS and client hypervisor) and intend to continue to broaden the support matrix. Watch for our announcements regarding this topic at Briforum. We'll be demo’ing something significant. http://bit.ly/cXIk4g

Michele Borovac wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Wed, May 26 2010 2:21 PM Link To This Comment

Agree there are valid use cases for both type 1 and type 2 hypervisors. But don’t forget it’s possible to centrally manage, support and protect endpoints *without* a hypervisor.

Dan Olds of Gabriel Consulting recently commented about Wanova Mirage (unsolicited, by the way): “What’s interesting is that Mirage doesn’t fit neatly into any of the standard industry buckets. It’s not just virtualization, or just back-up, or just system ghosting – it’s all of these and more. What Wanova has done is to use the problems causing the most pain in desktop support/management as their starting point, and then build a solution. This is a much better approach than that of vendors who are attempting to force-fit server virtualization onto end-user client systems.”

The important thing is to solve the customer problem – how you get there is only part of the equation.

Simon Bramfitt wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Wed, May 26 2010 8:13 PM Link To This Comment

It has always puzzled me why Citrix choose not to offer a type II client hypervisor. It seemed to be such an obvious step to take, especially given the difficulties in developing a type I client hypervisor. That said, I am reasonably sure that the type I client hypervisor will become ubiquitous in time (just don't ask me to say how soon that will be), and a long-term winners will be the management system vendors and their customers.

Should anyone be interested in further exploring the client hypervisor, I'm hosting a Geek Speak session tomorrow where representatives from Citrix, VMware, MokaFive as well as Gabe Knuth will be available to answer questions on the topic. More details etc. here

community.citrix.com/.../viewpage.action

Kimmo Jernstrom wrote re: The next proxy war: Citrix’s Type 1 client hypervisor versus VMware’s Type 2. Who wins? Definitely not the customer :(
on Fri, May 28 2010 11:28 AM Link To This Comment

Great comments guys + kudos for rasing this topic. For my own part (+ some collegues)  

I'm leaned towards  "type 1" for admittingly boring reasons such as easng deployment and management within corporate owned assets.

In quite uncool fashion, in real life, I mainy look forward for type 1 being the next layer of HAL...sometime

Yeah, bummer. Sorry.

(Note: You must be logged in to post a comment.)

If you log in and nothing happens, delete your cookies from BrianMadden.com and try again. Sorry about that, but we had to make a one-time change to the cookie path when we migrated web servers.