Brian & Gabe LIVE #22 - Part 2: Guise Bule joins us to discuss the use of multiple VMs for security


Listen to the whole interview with Guise Bule here!



Brian: So again why VDI instead of terminal server?

Guise: Because terminal servers, I see it as a step backwards, terminal server. For start, it’s a technology that’s decades old designed to let admins look into a server. I just don’t get why you’d want to expose users to that kind of risk? Why would you want to step away from the idea of multiple desktops in multiple VMs which from a cyber-circle security perspective makes a lot of sense, back to a model where you’re sharing server images?

  Here’s the problem I have with the terminal server hosting virtual desktop space. They’re lying to their customers. They’re telling them they’re Windows 7 desktops. Their sales Guises sell them as desktops, but they’re not. They’re slices of server that you’re sharing with other users. One user gets hit; every user on that server gets hit. There’s no persistency. They’re persistent desktops. There’s no non-persistency in that equation, typically with most hosting virtual desktop, all hosted virtual desktop offerings out there. 

The thinking behind that, Brian, is that it’s easy to kind of migrate a traditional persistent desktop user across to a persistent server slice skinned to look like Windows 7. It is, but why would you do that when you have non-persistent desktop virtualization models that can handle this kind of thing much more efficiently? It’s just a better, more beautiful, more elegant model. It really is.

Jack: You just said the terminal server approach is non-persistent? I’m sorry, is persistent? I’m sorry because our argument is that it is non-persistent. It’s the best non-persistent solution.

Guise: You’re saying terminal servers is?

Jack: Yes. We’re saying that is the original non-persistent solution. That we’ve been doing non-persistent for several years.

Guise: It’s not being done. It’s not being done. If you go out there into the hosted virtual desktop market and pick any terminal server house that sells what they call desktops  on the Net Office or any of them, they’re all selling persistent desktop images with persistent applications running on that desktop. The persistence exists between sessions. 

It’s not a non-persistent equation. They’re not thinking in non-persistent terms. It’s not being done. You’re talking about it because you Guises know about the desktop space and the way to flip a virtual desktop. These Guises don’t.

Jack: We’re talking about it because we’ve been doing it for 13 years. We’ve both delivered thousands and thousands of seats that are non-persistent terminal server based seats. We’ve been doing that in a successful way as an industry for a very long time, maybe not in a hosted capacity, but definitely within our organizations. 

People use the stuff in a non-persistent way all the time and in some ways they’re deploying desktops and in some ways they’re deploying seamless applications. In very, very few circumstances is anybody really trying to sell that this is a copy, this is Windows 7. We can skin it. We can make it look like it, but I don’t think anybody’s saying hey, this is the exact same desktop you have at home. We’re just trying to make it a little bit better.

Guise: That’s what they’re saying. That’s what they’re saying.

Brian: I think that this is what Guise’s saying is about the hosted companies are going out and selling a Windows 7 desktop even though it’s terminal server. 

Jack: That could be.

Brian: I agree with what Ron says in the comments. He says I agree also which is I think also more than in this aspect of the terminal server versus VDI, it seems like Guise’s point is around the security, the fact that a VM isolation around a user is more secure. I’ve done this terminal server versus VDI conversation. We’ve been talking about this for six years now and last week when I was in Phoenix I had that conversation again. This is sort of part of that. 

My question and I come to this truly not knowing the answer. Maybe someone in the chat room knows this. Guise, you mentioned the security risk, which I am conceptually on board with. My question is do you know of documented cases of when there was some kind of security breach from like one user surfing the internet, for example, within a terminal server session and that affected the integrity of the entire terminal server.

Guise: Yes, I do. I know from, excuse me, previous conversations, Brian. I just want to preface it with I’m not the technical man. I’m the song and dance Guise. I’m the chief executive, but I’ve had lots and lots of conversations with specifically the Israeli cyber defense institute. We are collaborating with them to build this next gen VDI platforms with layers of tech wrapped around them. 

Be it deep packet inspection, deep content inspection, intrusion detection, and the general consensus is within Israeli circles, bear in mind this is the most attacked nation on earth, that you need that absolute separation of desktops. You need these non-persistent virtual machines and that terminal server based platforms are less secure. 

That’s the general consensus I’m getting. It’s accepted that VDI is the way forward if you’re going to talk about the deploying desktops to users that are going to use them as desktops. It has to be the non-persistent VDI model. That’s the demand we’re getting from customers. Nobody’s asking for terminal services. Nobody wants terminal services outside of small businesses who don’t know any better.

Jack: Well, sure because it’s a cost play. Frankly, beyond this person who asked for documented examples, I’m curious on this myself. I will commit to sort of take this as an action item. I wish I had probably signed a check. Let’s dig out... I’m not a security Guise either. I don’t know.

Guise: I’ll be happy to bring in Chuck or Jerry Pallak. We’re going to begin a series of conversations around this exact subject over the next month and a half, but I’m sure he would be happy to join us in conversations to talk specifically about the technical security aspects of a terminal server platform compared to a VDI platform. These Guises are more focused on things like identity access management, intrusion detection, deep packet deep content inspection. 

They will be able to answer these specific security questions about the two different platforms in more detail. I’m happy to coordinate that conversation with you. I leave this conversation to my CTO and COO Tom and Matt, right? Like I said, I’m the song and dance Guise, Brian, but it’s certainly a conversation that’s worth having more of. We intend to over the next month and a half.

Brian: I’m surprised VM ware hasn’t played that up because VM ware looks like, I would have been surprised over the past five years they didn’t really play up that angle. They always sort of looked at the incompatibilities, the application incompatibilities with terminal server and things like that since all they have is a VDI solution when it comes to desktops in the data centers. 

They have a lot of smart people. Maybe they’re listening now and they can go do some digging on this too. I’m just curious overall. I think I’ve said this in the past. My long term vision is that absolutely VDI is going to sort of… the cost differentials between terminal server VDI are getting as the costs go down and down and down and down, it still be 3x difference, but that 3x is measured in like single dollars per user at some point. 

It doesn’t almost matter. The other advantages of having VDI, it’s the same OS you have for your physical desktops, client VMs, same level of application compatibility. You can have fully persistent desktops, whether it’s a layered solution or good old fashioned persistent. 

I definitely believe there’s a lot of advantages that VDI has over terminal server and it’s been primarily sort of a cost thing. That’s kind of why I always thought the hosters were going after terminal server hosting because it seems to me, and I’m not a hoster either so I don’t know how this works, but it seems that the model is rack them and stack them and make them as cheap as possible and sell as many as you can.

Guise: Exactly so.

Brian: I was thinking a terminal server was their sweet spot.

Guise: Exactly so. It’s down to identity and that’s the reason you have as many users as possible crammed on to the same persistent server image. It’s a recipe for cyber tech disaster. It really is. They way they’re building their platforms is wrong.

Jack: You were saying the server image is persistent and obviously that can be done in a non-persistent way, but in most situations the server image itself isn’t. The user’s session is not, but yeah.

Guise: From what I’m seeing non-persistency is kind of this new novel idea that people talk about, but nobody really does still in the virtual desktop space. Nobody really talks about non-persistency on the desktop front other than you Guises. You give a traditional desktop user a slice of a server that’s persistent with all the apps on it, with Office on it and they’ll use it just like the use a normal desktop. 

They don’t really see any difference and neither do the people behind these platforms. They kind of rack them and stack them and squeeze as many as they can onto a server. It’s just got no security in mind. It’s cost driven module, plus it’s legit licensing right? What else can you do?

Brian: One of the commenters is asking to elaborate on the cyber-attack disaster and if I may elaborate and, Guise, you tell me if I understand this properly. The cyber-attack disaster with terminal server primarily is the fact that if one user’s session is compromised all of the users could be compromised and because the terminal server itself is not sort of blowing it all away. 

Sure, there’s no explanation which means other user sessions could be compromised, but then when a new user logs on, they’re logging on to a compromised system. Whereas the VDI, they have got the isolation since they’re separate VM, so a compromised VM does not affect other users, but B when a user logs off, it’s blown away and that same user logging on again is getting a new snap shot from the original locked gold masters. 

Guise: Exactly so.

Brian: The compromised… so it’s two fold.

Guise: Yeah. That’s the gist of it. It depends on how the infrastructure’s built, of course, but that’s how typically they’re built out there. These security people, they’re just seeing a way of building desktops in a legal manner and the demands increasing for hosted virtual desktops. I turned down 70% of my leads. I know they go somewhere else. They go to the TS Guises. 

Brian: And turning down the leads because…?

Guise: Because they don’t have software assurance in place. If Google hosting virtual desktops, TuCloud is number one. I get a lot of leads pass through my hands. We qualify them all and if they’re too small we pass them and we pass them to our partners. What other option do we have? We can’t handle them ourselves. It’s another conversation, Brian. Yeah. That’s how things are being built out there. 

Jack: I’m Googling hosted virtual desktop. Oh look at you. You are number one. I did it with an incognito window also, so it’s actually legitimate results. 

Gabe: You’re not picking Gartner’s term for VDI.

Jack: Unfortunately who calls it that, but those who do, they’re going to find you. And you’re ahead…

Guise: 70% of the leads that pass through my hands, I cannot handle. I refuse to touch anything that’s not true desktop virtualization. I just don’t want to. I’m a desktop virt Guise.

Brian: And you define desktop virt and VDI. 

Guise: No. Not necessarily anything that specific that handles a desktop in a virtual format. I’m a huge fan of virtual computers and Nex top and you can do exactly the same thing with non-persistency on the client using a Nex top. This isn’t just a VDI conversation. It’s a security conversation. It’s about deploying multiple desktops to mitigate risk into each of them, to protect yourself proactively in a way you can’t with any other kind of solution.

Jack: Is this something that’s just going to change like Psyche because I’m sure when condoms were first invented like 500 years ago, but I don’t know like in the ‘60s… I don’t know. I’m talking out of my ass right now, but I mean in the old days, before AIDS and stuff, people were not really down on condoms because it’s like who cares and everything. 

Then when people started realizing they had to protect themselves, it just became kind of a fine. Then there’s a bunch of years where it was tough and then it’s just kind of like standard now a days. Maybe I could say like drunk driving also. Before MADD got involved, people really didn’t much care about drunk driving. Now it’s just hey we recognize that we have designated drivers and that kind of stuff. 

I wonder if we’re in the early stages of now that people are like hey we have to use multiple virtual desktops to protect ourselves and you want your serious banking transactions in one desktop, your porn in another desktop, your work in a third one, everything else in the real one.

Guise: Yeah. Just from another aspect as the question pops up. Guise is yapping for publicity, not as a viable infrastructure architect. Let me through a used case out for you if you want to talk about infrastructure and the cost efficiency behind using the non-persistent virtual desktop model to serve any more named users then you have concurrently running desktops. 

The extreme end of this is our customer UCLA we’re serving desktops to 70,000 students. Each of those students have their own named desktop, their own bookmarks, their own little persistent user profile let’s call it. How many concurrently running desktops do you think we run at peak to deliver desktops to that many users? Have a guess, Brian. What do you think?

Brian: If it’s students. I don’t know if you have 70,000 named students you have 69,000 logged on between like midnight at three a.m. before finals.

Guise: No. These desktops are delivered through the library service. So in the libraries scattered throughout the campus, I think it’s 15 or 16 libraries there are banks of terminals running clients that we through desktops at. The answer’s 250 concurrently running desktops. We’re serving 70,000 named users with just 250 concurrently running desktops.

 If you kind of consider the infrastructure savings behind that model compared to any other on the market, it just makes sense from an infra perspective. It really, really does. Nothing can touch it. This is model that’s resonating with any organization that has multiple users spread across different time zones that only use the resource at a certain time. 

The non-persistent model allows that because you know if someone’s not using the desktop, it’s destroyed. Its resources returned for use by others. It’s an elegant model.

Brian: In your case, you don’t even have to do any fancy user personalization. You’re just talking kind of basic user profile stuff.

Guise: We can do. We can layer application lets on top of that and use a virtual… It depends on the requirement because remember we’re building private clouds to spec, rather than we can’t do multi-tenancy. If I could build a national US multi ten infrastructure, the cost efficiencies involved named users to concurrent desktops running would be really impressive. You could do something wonderful there. You could flip desktops all around the US and only have half the amount of concurrence you actually need at any given time. You could do something really nice there. 

OnLive are kind of reaching that a little bit there. They’re saying gamers game during the day and sorry… people work during the day on desktops and gamers game at night, so they’ve got all these kinds of resources in there doing nothing. It’s the same concept you need the multi tendency to get the cost efficiency, to get the true efficiency behind the non-persistent model. Without multi tenancy the model is restricted to use within private clouds.

Brian: For those listening, I guess probably most people are familiar, but the quick recap is even in your case, you’re only talking to customers who have SA, which means they’re allowed to have their Windows desktops from you, but even as a provider, multi tenancy is describing you’re not allowed to have two VMs from different customers on the same physical server.

Guise: Correct.

Gabe: Does that go beyond server. Can you store the VMs on the same storage?

Guise: There’s interesting ways of approaching the problem.

Brian: But even like blades, what if they’re in the same box with different circuit boards, but then what if they’re in a different core, what if they’re in different memory. That’s so crazy.

Guise: You can get creative for sure. We don’t really touch Blades.


View All Videos

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.