6th Annual Conference. June 04, 2014. San Francisco

Why DaaS (Desktops as a Service) is a pain in the aaS

Session Details

Date:
Time:
Location:

Session Abstract

We've all heard the pitch about centralized desktops are easier to secure and administer than conventional ones. Desktops as workflows have very unique requirements in order to be provisioned as a cloud-based service, the net of which makes most use cases untenable.

1. Virtual desktops have a very demanding IOPS requirement (Input/output operations per second) which is very expensive to maintain in both public and private clouds. In the private cloud each random IO is a spindle head movement. With an average of 20 IOPS per desktop, the total random IO required of a SAN is 20,000 IOPS. This translates to 300 spindle disks without accounting for RAID. With RAID 5 or 6, the number of disks required is 600-800 just to support steady state random IO coming from these 1,000 virtual desktops. While the hardware cost may be abstracted in the public cloud, the service cost could easily outweigh it: Consider the going rate of $6 per IOP per second per month, at 20 IOPS per desktop the cost of 1,000 desktops on a public cloud would be $120,000 per month! The presentation will dive deeper into how existing DaaS service providers skirt these costs today, but the net outcome of any cost savings is usually poor end user experience.

2. Enabling true multi-tenancy is close to impossible (read: ridiculously expensive and complicated). Multi-tenant management is the ability for a cloud tenant to have single-pane-of-glass visibility and control over the instances, data, and networks in their cloud-hosted solution. In terms of a DaaS solution this would mean the desktops, the master images, patching, user data, networks, access policies, etc. Essentially, the tenant’s management portal would need the ability to administer multiple isolated virtual desktop silos. In addition, the multi-tenant management solution would need to have the ability to securely provide this level of access to multiple tenants. None of this functionality exists in any of the desktop virtualization offerings available today (don’t blame the vendors, blame Microsoft – who puts the final nail in the DaaS coffin).

3. Microsoft Virtual Desktop Access (VDA) licenses are very expensive and are priced at per-device rather than concurrency. In short, Microsoft doesn’t have a Service Provider License Agreement (SPLA) for virtual desktops. That’s why the VDI vendors don’t allow multi-tenancy, and that’s why the whole thing is a non-starter.

4. Lastly: The security benefits of virtual desktops are vastly overhyped, especially in the private cloud scenario where virtual desktops could create greater security vulnerability than physical ones by allowing an attacker who has compromised a desktop direct access to the datacenter network.

Speaker

Tal Klein, Senior Director of Products, Bromium
Tal Klein is Senior Director of Products at Bromium. Previously he managed integrated product strategy at Citrix where he developed cross-platform technologies focused on virtualization, autonomic computing and cloud. Prior to Citrix he led the Technical Marketing team at NetScaler (which was acquired by Citrix). Tal has also spent over a decade in the hosted datacenter industry developing managed cloud services. He is author of several research papers and patents.

Cloud Slam Sponsors

Stay Connected

Announcements, changes and promotions. Get important updates about Cloud Slam. Sign Up

Educational Hub

Cloud Slam provides year-round, world-class education, news and insight for computational scientists, engineers, developers and IT managers. Stay sharp on all that you need to know to advance your career and company. Learn More

Conference Registration

Eventbrite - UP 2012 Cloud Computing Conference

Testimonials