VMware's recommendation to manage physical and virtual desktops differently is WRONG

One of the big things that came out of last week's Horizon Suite announcement from VMware was that they are recommending different management strategies for physical desktops versus VDI desktops. For physical desktops, VMware now offers Horizon Mirage (which they got from their 2012 acquisition of Wanova).

One of the big things that came out of last week's Horizon Suite announcement from VMware was that they are recommending different management strategies for physical desktops versus VDI desktops.

For physical desktops, VMware now offers Horizon Mirage (which they got from their 2012 acquisition of Wanova). Mirage adds layering and application management to Windows desktops, irrespective of whether they're physical or virtual. (In other words, Mirage manages Windows, and it doesn't care whether that Windows is on a laptop, a desktop, a VM on a client, or a VDI instance in a datacenter.)

Gabe and I have loved Mirage since the product was launched several years ago and we've said things in the past like, "Yes! THIS is the way to manage Windows!" So when VMware bought Wanova, we were generally happy. The typical "onboarding" of a Mirage into an existing environment is that you install the Mirage agent on a user's existing laptop, it starts scanning and figuring out what's what, then it copies any unique bits up to the datacenter. (This happens continuously as the user makes changes.) Then moving forward, admins can push out or replace certain applications or layers, and if the user ever loses their laptop, they can get a new generic one, install the Mirage agent, and get their environment put back together. Again, very cool!

One of the biggest reasons we love Mirage is because it works with persistent, non-shared desktops. So if you have 500 users, you can have 500 different desktop images. You don't have to virtualize every single app with ThinApp or App-V, and Mirage can support user-installed software, users being their own admins, drivers, etc. Basically Mirage allows desktops to work exactly how they work today before Mirage.

Compare that to the way that many vendors who try to scam you into the whole "shared image" thing. The claim many users sharing a single disk image is easier to manage than each user having his or her own unique image. While it's true that managing 1 image is easier than managing 500, the challenge is that existing desktop environments are built around every user having their own image. If image sharing was so easy, you'd be doing it today (either using using Ghost, or Terminal Server). The reality though is that image sharing requires that your users can't install their own apps and your users can't have admin rights—and that's just not the way that Windows desktops work today in many environments.

So that's why I've always advocated building VDI environments based on the same type of desktop imaging and management as your physical environments. If you blew away your physical desktops every few months with new images, great, then use Linked Clones or master images. But if you image your desktops once and let users customize them from there and manage them with SCCM, fine, but you need to make your VDI environment so it also uses SCCM and allows users to customize as they want.

So for me, VDI is nothing more than a form-factor change for your existing desktops and laptops. VDI has several great benefits, like centralization for business continuity, accessible desktops from anywhere, and desktop portability. If you need this, great, then you should use VDI! But don't try to completely change the way all your existing persistent / personal desktops work. Just rebuild that in your VDI environment and you're all set. (Again, I'm not saying that moving to a single image shouldn't be a goal. That's a fine goal, but it shouldn't have anything to do with your move to VDI.)

How to be successful with VDI? Do *not* create a VDI strategy!

For the past few years at our desktop virtualization seminars (25 cities this year, all free :) and in our book, I've specifically said, "if you want to be successful with VDI, do not create a VDI strategy!"

At first that might seem counter-intuitive, but since VDI is just another way of delivering a Windows desktop, what you really need is a Windows strategy, not a VDI strategy. After all, this has served you well over the past 20 years as you've gone from desktops to laptops to huge powerful machines to small ultraportable weak machines. You don't fundamentally change your Windows management / application / profile / security strategy based on what type of device you're using, so why should you change it just because you add some VDI? In fact creating a brand-new Windows strategy just for VDI is another big reason that many VDI projects fail. As long as VDI is "different" within your organization, it will always be an outlier.

VMware's split strategy

That brings us around to the problem I have with VMware's recommendations around their launch of the new Horizon Suite. Prior to buying Wanova last year, VMware never had a strategy or product for physical desktops. While some might argue that if you used VMware you would always have a split strategy, but I never saw it that way. Like I said, for me VDI is all about the persistent desktops, so if I used VMware View for VDI, then I wanted to use it with persistent desktops. Doing so would mean that my desktops were managed in the same way regardless of how I delivered them. If I wanted to use ThinApp or App-V or SCCM or Altiris or Browsium or AppSense or antivirus of whatever to manage them, I would do that for all my desktops—physical and virtual, since it's completely crazy to manage different desktops in different ways.

But now that VMware bought Wanova, they're saying that Wanova is the way to manage physical desktops. This is great and we love it. But they're saying that you should NOT use Mirage to manage your View VDI desktops!!?! That's crazy! [UPDATE FEB 26: VMware believes this statement of mine is factually inaccurate. Read more here.]

It took awhile for us to understand the reason. When we asked about it they initially claimed it was because the management consoles weren't integrated and that they only wanted to deliver a suite with one console, but then we pointed out that the suite still has plenty of different management consoles once you look at all the components (Workspace, Mirage, Fusion Pro, Workstation, vCenter Operations), so that didn't fully make sense. Then they clarified (a bit on the phone and more fully the next day via email (as Gabe mentioned in his coverage of the Horizon Suite announcement) that it was also because Mirage doesn't have good performance within View, so there are performance issues and while it technically works, they don't recommend it at scale.

Okay, so that sucks, but whatever. Personally I would have thought that the whole point of buying Wanova was so that you could use Mirage for physical and virtual desktops, and I also would have thought that nine months was enough time to get that work done, but I'm not a developer or a product guy so I don't know what it would take. The bigger point though is that now VMware has come out with their own version of Mirage and they're telling customers to use that for physical desktops only while telling them to use different strategies for their View-based virtual desktops.

But that's crazy. Why would a customer want to do that? Because if the Linked Clone / master image sharing works for VDI, why is the customer even using VDI? Why not just use RDSH and get the same functionality for 1/3 the cost? And if the customer is using View for persistent one-to-one images that they have to manage with something like SCCM, then why not just use SCCM for all desktops rather than SCCM for some and Mirage for some?

The more VMware encourages customers to manage physical and virtual desktops differently, the more VDI will be viewed as an awkward cousin of "real" desktops, and that's not good for any of us. So as long as VMware says that using Mirage with View is a "future design goal," then customers should be advised to keep Mirage as a "future purchasing goal."

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

For me it's all about use cases which is loosely related to form factors...

If you're using VDI for value add rather than desktop replacement and physical is still the primary desktop, then non-persistent desktops make more sense... RDSh is still my first choice here but NOT all apps work on RDSh or can be licensed to do so.

3rd party User environment solutions help to bridge the gap here too.

If you are using VDI to replace desktops, then again it depends on the users... For example non-persistent desktops are ideal in a student environment.

Personally if I had Mirage I wouldn't use VDI or RDSh to replace traditional desktops in the first place ;)


I do agree with you.

</enable strong sarcastic mode>

Correct me if I'm wrong but VMWare never had a Enterprise solution for End User Computing. They have GREAT technologies and tools but nothing for Enterprise in that segment.

View VDI only as we all know the benefits of RDS for both desktop and applications.

Mirage is only for physical desktop.

ThinApp was a great utilities but have never been and enterprise application deploiement solution...

And not talking about mobility...

</disable strong sarcastic mode>


Personally, I think this is much ado about nothing and that the content of this blog and its title are a bit misleading.  I don't think VMware is *recommending* you manage physical and virtual desktops differently.  They have a product that currently manages physical desktops but not virtual/View desktops.  They have stated that it's their goal to integrate both products but that it's not ready yet.

So their recommendation seems to be to manage physical/virtual desktops the same way, they just don't have a product that can currently do that.  I would, however, agree with not using Mirage until it is integrated with View.  Most people already have some other tool they are using to manage physical desktops, no reason to muddy the water with Mirage until it can do both.


Sometimes I wonder about you guys... You just went through mental masturbation about Mirage concept for VDI yet this is all I have been talking about w/ you (single image mgmt and layering for persistent desktops) for 4 years.

I wont even get into why Mirage doesnt work for VDI (it doesnt... try it, and try it for 50 or 100 desktops not even hundreds or 1000's)  or how bad the "layering" itself is....

BUT the premise of persistent desktops, with managed OS layer, full persistence and application layers... not a new new idea.

Anyway... I would put Unidesk against Mirage any day, applications, conflict resolution, persistence, desktop repair after issues and of course use in VDI.


Yeah Unidesk for VDI seems awesome.. totally agree. Question now is does Unidesk work for physical? Or do  I still need to have two different management stories for virtual versus physical? Or do you think I'm blowing that whole thing out of proportion?


no, I think there is some valid concern around running two mgmt systems for desktops. Though most people striving to VDI are moving there BECAUSE the want to manage in a simpler more effective way than today's traditional mgmt systems.

I agree, a system that covers both is ideal. Though if you are going to VDI heavy and your phys machines become the minority instead of the majority of desktops then which system is more important? A physical system or a VDI mgmt system?

That is a question lots of people are going to have to ask because very few mgmt tools can do both well...


@Brian Is it not about that time for another "geek week"? Be good to see all these layering technologies go head to head... (virtual and physical).

If Unidesk does physical then they need to sack their marketing and sales guys  ;)


Well written article Brian.  The first question of any management tool should be does it manage across multiple platforms.  Unfortunately the answer for Mirage and Persona Manger in View is “No.”  While those management techniques are good for isolated use cases (a call center for instance), real world admins want to manage all of their Windows desktops with one solution regardless if it is physical, terminal services/XenApp, or virtual.  Users can get very frustrated too.  If you work in a highly mobile environment like a University or Hospital with multiple delivery methods you want, in fact NEED, your user experience to be the same everywhere you logon – regardless of delivery method.  Often times we start working with a customer with Liquidware Labs ProfileUnity that is a small VDI POC but then it expands to thousands of physical desktops right away.  The customer may not want to move those users or desktops to virtual but they do love the flexibility that singular management gives them. I also cannot stress enough how happy it makes users to have a seamless user experience in mixed environments –and rest assured, we do work well across Mirage and View environments. If you are an admin responsible for the enterprise, why would you not want one singular way to manage every type of desktop and user?  


My favorite continued articulation if I understand it correctly from the Brian Madden team is that until a desktop in the cloud allows for persistent, and consistent usage that is individualized...  Which keeps allowing for my physical and virtual cloud resources to blur, but to remain mine...  Which is focused on the desktop management strategies themselves, as opposed to VDI or Layering...

VDI will not meet the demand we are forecasting.  I think VMWare's approach here is noteable, and a great step forward, however leaves a lot on the table.

My own view, is that layering like a lot of other technologies which originated by putting things on top of streamed sessions or non-persistent desktops is just a band aid, and something truly better will come along.  I wonder about dedup of IO as opposed to IOPS with local storage with say....  pool to pool replication technology delivered as an appliance doesn't get us to a  much closer answer? :)


Simply use what you have to manage for a mixed world to start with. Everything else as stated above is use case based. For most that's SCCM now that MS is giving it away in EAs for many.

Neither Citrix or VMware are going to become desktop management companies.

Unidesk has grown on my over the years as it's got better for smaller scale environments, but I still worry about app compat/support at scale just like it was for RDS for years. I don't think however Unidesk is capable of becoming a physical mgmt play which is why I think they will remain focused for some use cases only.

I think storage solutions which make persistent VDI cheaper and keep both management models for desktop and VDI consistent are the way to go longer term, until management moves to the next generation which it won't...


Hi Brian,

let me be clear: Uniform management of Windows machines, whether they are physical or virtual, central or local, remains our strategy at VMware's EUC. In the first stage, we focused on developing and delivering a state of the art multi-level app layering technology, which is fully applicable for both physical and virtual Windows desktops. I encourage you to download the new version and play with our app layering in both physical and virtual configs.

We are continuing to execute against our strategy to offer interpoperability and integration between Mirage and View-VMs, for both fully-cloned as well as linked-cloned persistent desktops. For the latter, Mirage will also enable IT managers to maintain additional layers of IT-managed or user-installed apps on top of the commonly stored and managed linked-clone. Stay tuned.


Issy, I do see your team making great progress and it will be a big win for customers to have unified image management across physical and virtual desktops by VMware when that time comes.  

The benefits of robust image management in any desktop strategy is a huge benefit IMO.  It seems the (general) community is not always clear on the difference between robust image management vs. user management…with vendors like Liquidware Labs and AppSense providing the later and very necessary component to make the user environment seamless across any enterprise desktop environment.

Today you can use ProfileUnity to float user state between mirage and view, heck add FUSION in there for the mac users.

I was looking at a powerpoint @brianmadden did in 1999 on thin client server computing - good history lesson that is just as important today - slide #2 specifically. I remember i downloaded it here.




The Wanova architecture is fundamentally incompatible with the way VDI works.  Wanova is an agent that runs *inside* the virtual machine that does patching, updates, and backups.  So if you have 10,000 desktops you want to update, you need to boot all 10,000, let the Mirage agent run to download the update, and go through multiple reboot cycles, for each of those 10,000 desktops.  Not to mention each desktop is managed and stored separately so it will blow up your storage, and you have to rely on some dedup at the storage layer which is far less optimal than not blowing up all the images in the first place.  This is very different from true layering solutions like Unidesk or MokaFive where you can get actual single-image management and you can manage the virtual machines out-of-band, so you are not reliant on an agent inside the VM.  Wanova is much closer to traditional software distribution agents like SCCM combined with a backup agent to back up user data.  Wanova is actually a good backup solution for distributed endpoints, it is just not a good desktop management solution, despite all their pretty layering marketecture diagrams that they ripped off from the actual layering solutions.  In our hundreds of customer bake-offs and deployments, we never once saw Wanova/Mirage.  That’s because it is not a desktop management system, so people who are looking for next-generation desktop management don't look at Wanova/Mirage.

Given how utterly clueless VMware has proven to be about desktop management, I'm not surprised they decided to buy something that doesn't actually work with View without some major architectural changes.  VMware is floundering.  They just laid off a bunch of people and much of their good technical talent has left.  And I see more and more resumes of VMware engineers who are jumping ship.  They can't hold onto their good technical people despite paying rockstar salaries.   All the signs are there that VMware is going to fade away without some major changes.

Regarding single management console for desktop and laptop (and mobile!), corporate and personal, that is something we have been shipping for years now, to many happy customers :-).



....and yes, we can float users STATE between TS and Xenapp too ;)


Lots of shameless vendor plugs here I see ;)

To be fair some have Merit...

At the end of the day I want the right tool for the right job even if it means managing images for physical and virtual separately the so be it. Complexity is a fact of live/IT - Deal with it!

@t.rex is spot on... RES, AppSense, Liquidware, etc... are the best way for user state to follow the actual end-user between all the different desktop models...

I agree with @John that Mirage is a great backup tool! But he's wrong saying "it is just not a good desktop management solution"... Unlike Moka, users get NATIVE capabilities with Mirage and IT don't have to wait for weird Linux devs to come out with drivers for new hardware and the special function keys, etc. Mirage also works on any hardware too! No requirement for super bitchin fast VT enabled devices to power a VM that can't use the bitchin fast GPU, etc. No requirement for memory for the host and then a chunk for the guest. Quest were right not to move forward for a Moka acquisition IMO.

If I were VMware, I would try and capitalise on Mirage's amazing dedupe tech and see what that could offer with View.

From what I can tell Mirage pushes aside and turns the "next generation management solutions" into legacy and shows the industry the right way of doing things.

To add... I currently am not a Mirage customer but have done POCs and Pilots with most layering solutions that operate in the physical world.


And why can't we edit comments! ;) the iPad doesn't always predict things correctly!


Does this matter? I was told the world was going Mac anyway :)


Wow, John, so many inaccuracies in one posting.. I'm glad other folks stand you corrected...anyways, I will not relate further to this posting (except I have to say the comment about "VMware fading away" is almost hillarious...)

but I do encourage tech folks who are interested to put their hands on our newest app layering technology and give us  feedback. I will just say it is not marketing, it is for real, and it works on *any* Windows client system, including virtual and physical machines. It contains a simple packaging utility that allows you seamlessly capture one or more apps into a layer, and deliver those layers to be merged with the rest of the image at the endpoint using our unique merge technology that was used for base-layer, now extended to app layers. You can package apps that are not typically virtualizable including those with kernel drivers, and you can eaily add/remove/upgrade a layer on a collection of endpoints, all managed from the central maangement console. Finally, you can also drop into a Mirage layer Thinapp packages, to be delievered to the endpoint through the optimized Mirage delivery infrastructure as isolated capsules.  Finally, our built-in point in time snapshot mechanism allows you at any time to revert back your system to a previous state. This is not "just backup". This is break-fix/system-repair type functionality.


@Daniel: It is very tricky to use Wanova for single-image management across disparate hardware. You need to build and manage "driver packs" to work across different kinds of hardware. Anyone who has maintained their org's Windows golden image for installation on physical desktops and laptops using slipstream knows what a PITA it is to manage all those drivers and updates.  Guess what, if you want to use Wanova for single image management across different types of hardware, you have to go back to that. Wheee...!

Not to mention Mirage is missing all the enterprise features like encryption, remote wipe, security, etc.  Sure, you can use separate products for those. But then it is not much of a next-generation desktop management solution.  It is more of a patch management and backup solution.  Their dedup technology is used for WAN acceleration, which is not very useful in the datacenter with VDI.  VMware/EMC already has a ton of good enterprise-level dedup technology that is designed for datacenters so I doubt they will use anything from Wanova for that.

Wanova has a very nice backup and restore agent. If I drop my laptop I can be up and running again on a new machine in a few hours which is nice.  Also, the admin can click a button and reset a user back to "golden" after an hour or so delay.  Of course, that assumes their machine is connected to the network, the Wanova agent is running, and the machine is not so hosed as to get in the way of the agent (got malware, etc.)  But wait, usually if I want to go back to golden, it is because the machine is hosed and I want to fix it. Oops... That's the problem with all agent-based approaches like Wanova and similar patch management software.  If the agent doesn't run or the machine gets hosed (which happens often because the management is happening alongside everything else), you lose all management capabilities.

Contrast that with what true layering solutions do, which is on every boot you are loading from the pristine golden image, with apps and other customizations layered on top. To update all the users you just update the golden image once, instead of trying to push out patches to agents running on thousands of endpoints and hoping they successfully apply.


@John If people think building driver profiles (“packs”) is an issue then clearly there in the wrong job. In our pilot we have 13 different hardware profiles (so far) created (inc bootcamp drivers)… It took less than an hour – so what’s the big deal? #NonIssue – It’s worth it for the superior user experience with native hardware performance. In fact it’s just the next step from MDT which is super easy.

Fair point Moka has built in remote wipe and encryption but then that’s a use case issue… VMware/Wanova have not once tried to have a play here. They recommend using a dedicated solution for this. As a desktop/workspace admin I wouldn’t expect the deployment and management solution to do this anyway.. Moka adds a good value add here.

“"golden" after an hour or so delay.” So you haven’t used Mirage then ;) It’s 10 – 15 mins depending on hardware to revert back to 32GB image. Oh and the user can continue to work (if the system lets them) during this time.

I really like Moka’s approach to layering and it’s great for IT.. Just not the end-user who I have to answer too!