It's been just over a year since I wrote this article about where I thought virtualization was going. The primary idea behind the article was that while a lot of exciting things were happening around server/ x86 virtualization, the improvements we were seeing were just that: improvements. They were not major paradigm shifts in how we, as IT professionals and architects familiar with VMs, look at systems. I talked about how VMware and all VM platforms changed the way we thought about doing datacenter deployments, server implementations, etc.; but the improvements we were seeing at the time were not a huge change like the first time we actually “got” what VM's meant to IT as a whole.
With all that said, I suggested an idea about an embedded hypervisor shipping on laptops and desktops that could change the way we think about, manage and deploy desktops. This would also give some interesting (at least what I thought was interesting) use cases for security VMs and Internet browsing VMs, and how this could be a potential drastic change for IT and businesses.
I'm writing today's editorial as a follow up based on what was published a few days ago virtualization.info:
virtualization.info has learned that Phoenix is developing its own hypervisor, called HyperCore, designed to host traditional operating systems like Windows Vista, side by side with a special multi-purpose environment called HyperSpace, produced by Phoenix itself.
HyperCore is a true bare-metal Virtual Machine Monitor (VMM) which will load directly from Phoenix BIOS, while HyperSpace will be able to provide basic capabilities for daily tasks, like internet browsing and multimedia files view, in isolated virtual machines. The HyperSpace will also provide some security tools, like an anti-virus, to recover other compromised virtual machines.
HyperCore will also be able to run embedded OSes inside its virtual machines, developed by third party ISVs for different purposes.
While I initially wanted to call this “vindication,” it really is just the next step in virtualzation, and obviously people smarter than me are running with it. While some people argue about the value of going this direction and want to wave their hands about better-developed applications, better security tools, more elegant and more efficient ways of doing virtualization, the reality is this: it's not always the most elegant or technologically perfect solution that wins and takes hold in IT. I mean if the best technology always wins, would Windows have won the file server game versus NetWare? Or would we see Windows application servers and NetWare file servers still today?
In technology, we have to deal with reality. The reality is that for ten years now (since the first time I really started playing with applications from a Citrix level), I kept hearing the phrase “once apps are developed better, and standards are followed” or “once everyone gets to 32-bit apps” etc. What we have to deal with is that applications are developed as fast as possible, as cheaply as possible, for as many people as possible. Of course this cheap development is done in a constantly changing landscape of changing OSes, OS upgrades and patches, new hardware, changes in supporting apps like the dreaded .NET framework and ODBC versions, not to mention the changes in apps themselves that seem to come month-after-month.
With all this change we are not going to get the application nirvana any point in the near future. That said, the idea of the compact embedded hypervisor in a desktop is a GREAT IDEA! The concept of having a separate VM to run non-trusted applications (graphic diagrams and details in the previous article) is great. Hell, some of us do it now. We run the VMware player (or VMware workstation) and have a VM for clients with their anti-virus, their build, etc. This is just taking it to the next level.
Let’s use one specific example here that has me excited. I have a six-year-old daughter. She LOVES the computer. She likes to go to webkinz, Disney, etc. I love that she loves the computer. What I hate is her using my computer and the need to install ActiveX controls, player software, etc. I also worry about when she gets older having to keep her system up-to-date and secure.
What if she had one of these machines with the embedded hypervisor? Something with a separate security VM that I controlled, I updated, and I managed? Something she couldn’t get into? Heck, something I could even outsource to someone else and replace the native VM with a higher-end one for a few bucks that constantly updated automagically, and could do IDS, IPS, and even network blocking of malicious traffic in addition to the "traditional" security stuff on the desktop.
Let’s extend that idea to the enterprise. The ability configure security VMs, and outsource them if needed? Isolate the machine on the network while letting users have more freedom with their PC when they're gone from the office? All without “tattooing” the native Windows OS that we rely on for business apps. Or give users the ability to run a separate VM from home. Kids can mess that up, but the “work” VM that they hot-key to or that is automatically loaded when connected to the corporate network is only available for them and is the only OS that can conncet to the VPN to the corporate network?
I think the future of desktop virtualization hasn’t been written yet, but I know that these types of ideas will be a reality and are very exciting. This modularization and isolation of the things we do day today could solve a number of problems IT. I don’t think this is the end-all cure to our desktop woes, but I sure am excited about the tools that will be offered because of this. Will these ideas still be our reality in 2017? Who knows (probably not), but by then we’ll have a different set of issues to deal with. Or we may have applications that are all well written? Or I may have quantum computing laptops at my disposal with totally new apps and OSes, and all of this stuff will be laughed at kinda like when we look at the pictures of guys in top hats riding bicycles with a huge wheel up front and a roller skate wheel in the back.