Desktop virtualization is not a "free pass" for lack of desktop management

Some people suggest that I don't like desktop virtualization because of some recent articles I've written.

Some people suggest that I don't like desktop virtualization because of some recent articles I've written like Desktop Virtualization is NOT about saving moneyWhy Microsoft is not getting serious with desktop virtualization in Windows 8, and The myth of the desktop transformation. (You should also check out Simon Crosby's amazing post, VDwhy?)

From my perspective, I don't feel that I'm down on desktop virt, rather, I feel like there are still a lot of people who go down the path of desktop virtualization where it doesn't make sense or with the wrong ideas about what it can do, and they end up getting in trouble. And fundamentally, I want to avoid that so that everyone's desktop virtualization initiatives can be successful.

That said, I'd like to address another disturbing misconception that I'm starting to see with desktop virtualization, namely, that people think that desktop virtualization itself somehow means you can avoid actually managing Windows desktops.

Desktop virtualization doesn't "automatically" give you easy desktop management

This misconception is tightly tied to the "desktop virtualization saves you money" myth. People say things like "if you use desktop virtualization, you don't have to manage Windows desktops because all users can share the same desktop image." Or they'll say "With desktop virtualization, you virtualize the apps and virtualize the user environment, and then there's nothing left to manage!"

Both of these are false.

The reality is that desktop virtualization is a tool that changes the way desktops are delivered and managed. Sure, certain types of desktop virtualization might ease certain aspects of desktop management, but no type of desktop virtualization will remove 100% of your Windows management issues.

For example, as soon as you talk about sharing one Windows image across different devices or different hypervisors, now you're dealing with driver management and Windows hardware profiles. This doesn't mean that these image sharing schemes are bad, but it does mean that you still need to understand how Windows works.

As soon as you start talking about app virtualization, you're looking at how applications are packaged, installed, and executed. You have to become familiar with how they touch the registry, which files they put where, and how they link to and interact with other applications (both virtual and locally-installed). This is classic Windows stuff.

If you're thinking about user environment virtualization, you have to think about filesystem drivers and kernel mode versus user mode changes and folder redirection and virtual file systems. You have to understand how and where users save their data and where applications write their settings. You have to know how to scan the registry for old settings and how side-by-side DLLs work. User environment virtualization can make your life easier, but only if you have a solid understanding of Windows.

Then when you put all these pieces together, you'll be dealing with different technologies and different delivery methodologies for different groups of users. You'll end up combining VDI, Remote Desktop, client VMs, and traditional desktops with streamed apps, web apps, and virtual profiles. And after you combine all of this, what's the one thing in common? The Microsoft Windows 7 operating system.

How to become an expert in desktop virtualization

The only way to have a comprehensive desktop virtualization strategy is to have a comprehensive desktop strategy. And today that's going to be around Windows 7. Windows 7 is that one commonality across the entire rainbow. If you want to become an expert in desktop virtualization, become an expert in Windows 7. In fact if you want to become a desktop virtualization effort, you only have to read one book:


The Windows 7 Resource Kit is published by Microsoft. It's about 1700 pages, but if you read this cover-to-cover I guarantee you'll be a better desktop virtualization expert than 99% of IT Pros who attempt to understand desktop virtualization! (Heck, just knowing that desktop virtualization is more about Windows 7 desktops and less about virtualization will put you ahead of about 80% of the pack.)

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

You are right, Desktop virtualization is not a "free pass" for lack of desktop management.

Desktop Virtualization refocuses the desktop management effort to people management. You will still have to manage the desktop, but it won't be your sole effort. It's taking the personality of your employees out of the OS.

Forgetting about DV for a while, you really have two options:

1) Manage a single instance infrastructure

2) Manage a multiple instance infrastructure

Both options have their own costs and complexities but to fully understand the roots and immense benefits of Single Instance Management it goes all the way back to application development and successful implementations of Agile software development.

In order to successfully enable the agile software development methodologies, you need to build common baseline functions that provide the foundation of your operations. Since a generic approach can only get you so far and it's not a "one size fits all" you will most likely be required to deviate from time to time targeting specific cases (however maintaining the same mindset, this can also be done in a generic approach). All of this enables you to rapidly respond to any fixes or upgrades.

Then when you introduce DevOps in the mix you are surely setting yourself up for success. Now you are talking about single instance management on a new paradigm, which is utilizing the same people that develop the code throughout it's lifecycle. DEV > QA > PROD.

DevOps enhances the effectiveness of Agile development by following the new changes throughout it's lifecycle.

I also want to stress that while DevOps is important, so is BizDev. BizDev is a term that isn't really well known and it applies to Business/Development. After DevOps is understood you will definitely know the benefits of BizDev.

Now that all of this is said, where does DV fit? DV, while still immature, was intentially or unintentially created with Agile Software Development and DevOps methodologies in mind.

Sure, I can manage my infrastructure that provides multiple instance management by implementing DevOps to automate OS and App Updates. The Agile Development model can still be maintained in a form, but reverting changes back can be a pain if not impossible.

In addition, I would still fall short when it comes to offering superior High Availablity in DR scenarios or on mobile devices and superior security of mobile data. Consumerization would crush me.

Alternatively, I can manage my infrastructure that provides single instance management by implementing DV. DV will allow me to further enhance DevOps and Agile Development methodologies by offering a more complete approach to lifecycle management.

In addition, I would be able to offer superior High Availability and Security while enabling consumerization.

In reality, this is just about automating lifecycle management of the OS, Apps, and User Persona. When you break it down like this and introduce single instance management you will see that you're main focus is actually on the people and not the OS or Apps.


Desktop Management != Desktop virtualization

Absoloutely true.

The myth of desktop virtualization is that it simplifies desktop manageability by: Centralizing the desktops and offering single-image mgmt.

As for centralizing the desktops, unfortunately this introduces two *bigger* problems: Unacceptable user experience for mobile/knowledge/power/offline users;

And huge cost of deployment. As a result, invariably organizations end up with a mix of virtual and physical users.

As  for single-image management -- It only works for task workers with no need to personalized apps and environment, and only for cases where the (virtual) hardware is identical. It can't work on knowledge workers with user-installed apps, and it can't be applied to a mixed user population consisting of virtual and physical desktops -- which is the vast majority of organizations !

Organizations that have a large number of mobile/laptop users and still want a unified management system should look at hybrid approaches that:

1. Blend centralized management with local execution and

2. offer Single-image management WITH personalization AND support for hardware variability through full-stack image layering.


VDI is not another application/OS it’s a journey

We’ve been among the largest VDI users for several years now. I have been tracking many blogs about the challenges or myths about the VDI which are being discussed at a 10,000 feet level and conclusions are being made basis these as well. I agree that these discussions kindle a constructive thought but at the same time I also see these discussions are being referred as a real challenge of VDI and new users get scared of looking at this arena. I thought I should share my views on them.

First of all the organization should be ready for a real transformation if VDI has to be adopted. If the intention is to manage everything as it’s being managed currently then most of the challenges being talked about on blogs and online forums will be true. The fundamental change is that VDI is moving control from end-point to datacenter. Traditionally a lot of discipline has been adopted in datacenter management as most of the control lies within the IT team.

Few years ago several blogs spoke about how the virtual server concept would fail and never take off. Questions were raised about hardware being shared, driver issues, memory allocation, storage etc. Today I don’t think anyone questions server virtualization capabilities; almost every organization has attempted it or is using it on a large scale.

Also, comparing speed of adoption of server virtualization adopted to that of desktop virtualization is incorrect. Desktops are tightly integrated with end-users. More than technology it’s a perception play and organizations should be ready to embrace it.

When we adopted this solution earlier we faced questions about the cost effectiveness of VDI (which was not seen as optimal), ease of management etc. but realized that we were trying to compare VDI to the bottom most layer of the desktop and not looking at it as a broader solution which can deliver much more than desktop can today.

Let’s talk about compliance and security now. I am sure many Desktop IT teams are struggling to manage tough compliance requirements, facing audit after audit which forces them to streamline the end-point solution, protect critical data on desktops (no one knows what qualifies as critical data on a desktop given the subjectivity of folders and file names created by users), complicated policies and scripts. The way out for these are stop-gap solutions or deploying enterprise wide complex applications which would be used only for about 5 – 10% of what it was supposed to take care of. The effort and investment needed for these are not attributed to desktop costs rather they all become part of the information security budget. Isn’t it logical to say that the current desktop is not capable of protecting itself and hence we need to look out for solutions? If yes, then why are these costs not attributed to desktop costs? On the contrary migrating to VDI brings about 70-80% of compliance without intervention of any additional application or technology. Are we consciously crediting VDI for this?

Great desktop management tools and solutions do exist today. But even then it doesn’t reduce the need to manage each of the end-points. The accuracy of patching, achieving standardization in the hardware/software configuration, application rollout is not an easy task for a desktop engineer. VDI brings down this complexity and masks the hardware variation and provides a wonderful application layer which is completely standardized. While patching is still needed in VDI, it does reduce the volume of patching by using the right design of templates. VDI management is about managing 1 desktop vis-à-vis 500 desktops. If enough time is spent in designing and planning then the manageability of VDI can be lot simpler than actual desktops.

At times IT teams are challenged about their so called obsession with “VDI” and trying to make it work in whatever form? The answer is no because the audience you’re going to face is end-users and they are smart enough to know what works best for them. The concept of VDI is not new the logic behind sharing a common infrastructure platform has been around for many years. The evolution of many such technologies like client server architecture, terminal services, application virtualization etc. are driving the single point agenda of how effectively one can deliver application to the end-users.

To conclude I would encourage folks to look at solutions around how to deliver application to end-users using various methods and tools. Also VDI shouldn’t be compared to replacing a desktop but the complete chain of things which contribute towards end-user experience management. More on what to consider when investing in VDI, here:


While agreeing on lots of comments, from my point of view, the question is not only on the technical side but on the user side.

All projects I'm working on are focused on users.

The common goal I'm seeing while working with my customers is building an infrastructure that'll give more services to business users.

The main question is then how to deliver applications efficiently to all users.

You'll then end in building Application Delivery Strategies (App-V, XenApp ...)

You'll then have to build a access strategy where for some users, like taskworkers, it could be through a Published Desktop running App-V / Streamed Applications, for some others it'll be through an HVD solutions and for some through a local desktop.

We also have cases where the user, according to his access mode, can switch between these access modes.

So it's not "easy", it does not take "5 minutes" to go to Desktop Virtualization and it has to be well thought to be accepted by users.

Regarding the User Virtualization side, it can helps, although for most users, the main point will be cross platform settings management.

UEM depends on your strategy, but does it really matter for users if the desktop is Windows 7 or Windows XP ?

Is a Desktop with 50+ shortcuts a real business efficient tool ?

Won't Users prefer a single dashboard with all important applications / services (messaging ...) accessible ?

From my perspective, all access strategies (Desktops / Apps) we are building should be hidden from the end users and our goal is to provide them a single consistent way to access his applications.

Windows 7 can be part of it, but it's not mandatory ...


Brian, you are absolutely correct that VDI should not be about cost reduction or a hands-off Windows management solution.  In fact, these are the top two reasons I’ve seen desktop virtualization projects fail. The best reason for implementing desktop virtualization is to give users more flexibility, manageability, and access over any device.

A common misconception among IT folks is that desktop virtualization implementation works like magic – it will be easy and require no management at all. I always encourage IT to do its homework first – make sure desktop virtualization fits into existing infrastructure and management paradigms. Virtualization requires tools for effective management and should be integrated into existing management tools and business processes like service and license management. And all too often, this is simply overlooked, or even forgotten.

From my point of view desktop virtualization is just another delivery type of the users workplace. Whether it is a local VM, published or hosted in the datacenter. At the end of the day organization will end up with a mix of different workplace delivery methods, because user requirements are different and not every delivery type fits to all users. This means IT has to deal with heterougenous workplace environments including different types of Virtual Desktops, Physical Desktops and Mobile Devices. And frankly, all of these delivery methods need management. Regardless what Marketing folks try to tell us.

The common of those different delivery models is the same business problem. Give users an easy access to their work environment, but at the same time give IT an automated, efficient and secure way of doing it for all workplace delivery types. That's why I believe the real value comes with a unified management solution that covers all desktop virtualization types as well as PDI (Physical Desktop infrastructure) and Mobile Devices.

This past summer I wrote a blog post on the Five Biggest Desktop Virtualization Mistakes, please feel free to check it out and let me know your thoughts: