We've talked a bit about VMware's "Project Horizon" over the past few weeks, but it's worth having a full and dedicated conversation. Why? Because Project Horizon has the potential to answer the fundamental "What will IT be in ten years"? question, and if VMware can get this right, they'll be in a stellar position in the desktop and application space. And if they fail? Make room ACE, CVP, View hype....
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
We first talked about Project Horizon on BrianMadden.com last month when it was known by the codename "Project Origami." Then at VMworld we learned (via a press release) that the Origami efforts have evolved into Horizon. VMware demoed Horizon in their VMworld opening keynote (live blog transcript). I also recorded a 15-minute video interview with VMware's Noah Wasmer--Horizon's creator.
At the most basic level, Horizon is VMware’s attempt to bridge the old-school Windows apps and new style web/SaaS apps gap. This is something we've talked about quite a bit in the past--actually going as far back as 2003! As everyone knows, you can talk cloud or SaaS or web all you want--the basic reality is that the vast majority of today's business apps are Windows apps. Sure, web-based SaaS apps are making inroads, but I don't think there's any company with more than a few dozen employees that's 100% SaaS-based. Even if a CIO was gung-ho on SaaS, there's still a Windows long tail legacy to deal with.
So in some ways, web-based SaaS apps are actually making things WORSE for companies, since they add additional complexity. At least we know how to deal with Windows apps. We know how to provision and deliver them. We know how to control access to them and how to integrate them into our AD and domain structure. But web-based SaaS apps add new complexity outside of that. Sure, it's great that we're moving to an enterprise web-based corporate expense app, but now the IT department has to manage user accounts and passwords with their account with that SaaS vendor in addition to managing the internal AD. Want to use Salesforce? Great! Except now that's ANOTHER vendor's product which requires discrete management. And of course none since all of these SaaS apps come from different suppliers, they're all managed separately. When a new employee comes on board it could take a week to get all the accounts and access configured properly in all the various SaaS systems. Same goes for when an employee leaves.
Figuring out how to efficiently deal with SaaS apps is critical for a company, because if the company doesn't embrace them, the users will just buy access on their own. Does your company only provide an old-school network share which is only accessible when users are VPNed in? Guess what? Half your employees are using Dropbox then, whether you like it (or know it) or not. Most folks agree that dealing, integrating, managing, and securing web-based SaaS apps is become more critical to companies every year. But what's been done so far?
One of the earliest efforts to "bridge" web and Windows apps actually came from Citrix in the late 1990s. In addition to publishing seamless Windows apps, Citrix MetaFrame (and XenApp today) allows admins to publish content links to users. While this seems cool at first (since you can dynamically drop a Salesforce icon in an app list based on group memberships), at the end of the day it's little more than a shortcut--it doesn't take into consideration single sign-on or application provisioning.
This is where VMware's Horizon plans come in.
What is VMware Project Horizon?
Horizon is fundamentally an app store. The initial demos we saw last week came in web, desktop, and native iOS (iPad, iPhone, etc.) flavors, with talk of native apps for Blackberry, Android, etc. Like most app portals / app stores, a user logs in and sees links to his or her applications. In Horizon's case, the "native" Windows apps could be ThinApp streamed or VMware View desktops. VMware is also planning to embrace competing Windows native app delivery systems, for example allowing Horizon to integrate and publish Citrix XenApp seamless & streamed apps, as well as Microsoft RemoteApp and App-V applications.
The real power (and potential) of Horizon, however, is how it ties into web-based SaaS apps. Last week we learned that VMware bought Tricipher, a company whose identity management platform is used to provide single sign-on to over 4,000 SaaS apps via integration with enterprise directories and desktops. Tricipher also has a service provider program which allows SaaS vendors to tie their authentication into corporate directories via SAML, ADFS, or OpenID. In other words, Tricipher (and by extension, VMware Horizon) allows corporations to tie authentication of SaaS apps into their own corporate directories. This is more than password management--it's real split-key multi-party single sign-on.
The idea is that an IT admin can use the Horizon interface as the primary user interface for providing access to applications--regardless of whether they're Windows apps from VMware, Citrix, Microsoft, or SaaS apps from the cloud. All app types--client-based, Windows, and SaaS, will be one-click integrated via the SSO process and presented to the user via one single app list. (Again via web, local desktop icons, smart phone apps, etc.)
VMware is also integrating Zimbra into Horizon which while hopefully provide some base collaboration and data sync capabilities across multiple devices and integrated apps.
So that's the vision. VMware's Noah Wasmer stressed that the v1 product (due in 2011) won't quite have everything initially, but that they'll release this as a SaaS platform which will enable them to rapidly roll out additional features and capabilities. (I highly recommend watching my video interview with Noah from last week if you haven't yet.)
The success of Horizon is far from assured. While VMware is saying all the right things today, the ultimate test will be whether they're able to get the critical mass of full integration (for both SSO and provisioning/deprovisioning) from all the SaaS vendors. But if they can make it as easy to deploy Salesforce as it is to deploy a Windows app, then they're really on to something.
What do you think? Will they pull it off? Does it matter? How will Citrix and Microsoft respond?