Cisco Public © 2010 Cisco and/or its affiliates. All rights reserved. 1
Cisco Virtual Experience Infrastructure Erik Lenten Product Manager VXI
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 2
Overview The Network Is the Desktop
Personal Computer is disaggregated
Keyboard, Video, and Mouse stay with user
Compute and storage move to the data center
Network availability is required for all application access
Network performance is critical to user experience
Broker
Compute Storage
Keyboard, Video, Mouse
Network
Thin Client
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 3
Terminal Services Application Streaming
Virtual Desktop Streaming Remote Virtual Desktop
Server Hosted Computing Client Hosted Computing
O/S
De
sk
top
A
pp
lic
ati
on
Presentation Server
Display Data
OS
App App
Server
App OS
App
Main OS
Guest OS
Guest App
Hypervisor
Apps
OS
Apps
OS
Apps
OS App
Server
Synchronized
Desktop
OS
OS
Apps
OS Apps
OS Apps
OS Apps
OS
Overview Virtual Desktop Models
Display Data
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 4
Reasons for Desktop Virtualization: Real-world example of large European bank
Lifecycle management cycle for desktop computing
Session portability
Free Seating -> save on office space
Risk free migration to Windows 7
Faster application access
Working from Home
Lower Operational Costs
Security / Data Leakage concerns
Bring Your Own Device
Execute on Cloud Computing strategy
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 5
Moving Through VDI Rather Than To VDI
2010
Distributed
Client/Server
2005 2015+
Distributed Client
Centralized Server
Centralized
Client/Server
Pervasive
Hypervisor
Pervasive
Network, Flash,
Ajax, JS, HTML5
Limited
Networks
WAN
Acceleration
Virtual
Desktop
Distributed Client
Efficient Server
Presentation
Desktop
Distributed
Creation/Data
Distributed Creation
Centralized Data
Centralized
Creation/Data
Distributed Creation
Centralized Data
Centralized Creation
Integrated Data
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 6
Overview Virtual Desktop Components
Client Devices (~25%)
Network
Software (~25%) Broker
Virtualization (OS, application, profile)
Display protocol client/server
UCS Compute (~25%)
Storage (~25%)
Virtual Machine Storage
User Data Storage
Broker UCS Storage
Desktop
Profile
Data Display Protocol
Clients Network
Web Access
500 Million Total Enterprise Desktops
Gartner Predicts 50 Million Hosted Virtual Desktops (10%) by 2013
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 7
Lower Operational costs => non-persistent
Non-Persistent or Pooled
Generic virtual desktop assigned to users on a per session first come first server basis and then returned to the pool (possibly with profile removed) or destroyed
Persistent or Assigned
Permanently assigned to a user statically or by first to connect
Users and
Groups
Desktops Pool of Virtual
Machines Entitle Group
to Desktop Assign
Pool
Entitle User to
Desktop Assign
Individual
Template
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 8
Display Protocol Channels
Display protocols operate at the session layer
Channels provide a means to extend remote virtual desktop services
Channels cannot leverage network services like QoS, security, media bridging, stream splitting, or multicast
New developments:
Multi-channel ICA
Image rendering adjusted based on available bandwidth
Display Protocol
TCP
USB
Video
Sound
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 9
VXI Network Design considerations
Security
Optimization
Availability
Display protocol
over the Network
Branch Office Datacenter
Load balancing of connection
brokers
Global Site Selection (GSS) for DC
redundancy
Virtualization-Aware
Borderless Network Virtualized Data Center
Virtualized
Collaborative Workspace
Survivability using Network
redundancy
Bandwidth issues:
Printing
USB flash drives
Driver issues:
Point of Sale devices
Scanners
Power over Ethernet
Bandwidth Voice/Video
# Concurrent users
Multicast support
Caching
Protocol visibility
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 10
What is Cisco VXI?
Applications /Desktop OS
MS Office
Virtualized Data Center
ACE Unified
CM
Quad
ASA Nexus
1000v
Virtual Security Gateway
WAAS
Cisco Collaboration Applications
Hypervisor
Desktop Virtualization Software
Storage
Compute
UCS
AnyConnect
Virtualized
Collaborative Workspace
Cisco VXC 6215
Thin Client
Cisco Virtualization Experience Clients
Cius Business
Tablet
Cisco VXC 4000
PC Client
Cisco VXC
22xx &
21xx Zero
Client
AnyConnect
WAAS
Virtualization-Aware
Borderless Network
Routing PoE
Switching
SiSi
CDN
Cisco®
Identity
Services
Engine
End-to-End, Management and Optimization
VXI 2.5 System
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 11
Cisco Validated Design (CVD) Benefits
Cisco Validated Designs, validated through System Level Testing, enable
customers to:
• Lower risk of deploying technology solutions
• Increase speed of technology solution deployment
• Deploy a scalable, reliable, predictable foundation
• Ease technology solution integration
• Ease deployment of business critical applications
• Utilize Cisco Advanced Services to customize a CVD to meet specific requirements
Detailed system design and/or implementation guidance are available to provide:
• Customer use examples
• Products, Software and Configurations used in design testing
• Design limitations uncovered during testing
http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns1100/landing_vxi.html
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 12
Globally
Available
Q4 2011
New
Strategic Alliance to Drive
Desktop Virtualization
Adoption
• Enable Cisco Networks to become Citrix HDX-aware
• Commitment for joint technology development reaching from data center to network to endpoints
• Broad go-to-market partnership to deliver desktop virtualization solutions to customers
Cisco WAAS
optimized for Citrix
XenDesktop
• Single solution for virtual and physical desktops over the WAN
• Validated, supported and certified Citrix Ready at availability
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 13
Cisco WAAS offers WAN Performance at Scale for Citrix XenDesktop
Before
Cisco
WAAS
After
Cisco
WAAS
0
10
20
30
40
50
60
Seco
nd
s (
s)
70%
faster
Up to 70% Faster
Response Time
80ms T1
WAN
80ms T1 WAN + WAAS
0
20
40
60
80
100
120
140
60%
Savings
2X+
Users
Kb
ps
Bandwidth Consumption
Up to 3X More Users
80ms T1
WAN
80ms T1 WAN + WAAS
0
5
10
15
20
25
30
Fra
me p
er
seco
nd
HD Quality
Pixelated
Choppy
Out of Sync
Video Quality
HD Quality User Experience
LAN 80ms T1 WAN
80ms T1 WAN + WAAS
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 14
Solving UC hairpinning problem with VDI
Uncompromised user experience
Routes voice and video point-to-point
Optimized resources
Bandwidth reduction from megabytes to kilobytes
Reduced processing in data center
• Enterprise-grade voice and video based on Cisco UC
VM-User 1
VM-User 2
CUCM VXI Cloud
Desktop Virtualization Protocol
Desktop Virtualization Protocol
Media Flow
Media Flow
Data Center
Signalling
(SIP)
Signalling
(SIP)
Signalling
(SIP)
Signalling
(SIP)
Media Flow
VXC 4000
VXC 6215
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 15
Zero Clients Zero Clients Software
Appliance
Thin Client Enterprise
Tablet
VXC 2100
Series
VXC 2200
Series
VXC 4000 VXC 6215 Cisco Cius
Shipping Shipping
Q4 2011
Q4 2011/
Q1 2012
Shipping
New New
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 16
Cisco Cius for the Knowledge Worker
External display with unique Android keyboard/mouse control
Native desktop content creation when docked
Mobile content consumption and presentation
Anywhere business phone and email
Disconnected access with QuickOffice
Display Port
Keyboard/
Mouse
Virtual
Desktop HDMI
USB/BT
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 17
Administrator
User
Administrator
User
Cisco Applications Partner Applications Market Applications
Customer Applications
Android Mkt Place
“Admin Controlled Access “
Cius Enterprise Application Head Quarters
AppHQ
CUSTOMER
#1
CUSTOMER
Developed
Apps
CUSTOMER
#2
https://marketplace.cisco.com/apphq/store
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 18
Data Center Optimizations for Virtual Desktops
Validated Designs and Reference Architectures End-to-end reference architectures reduce risk for optimized stack
Flexibility and Bandwidth for Converged Multiple Networks Unified ports and 80G burst b/w allow for convergence with performance
Prioritization of Desktop Pools UCS QoS and bandwidth controls deliver prioritization to desktop pools
Rapid Provisioning of Desktops Service profile templates for rapid provisioning of desktop pools
Desktop Density and Scalability Great virtual desktop density with linear performance scalability
Networking Visibility and Security to the Desktops Nexus 1000V with VSG and VM-FEX provide VM level controls
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 19
Scaling considerations for UCS
Per Windows XP/ Windows 7 Virtual Machine:
300 Mhz per VM (absolute minimum)
2GB of RAM per VM -> 1.5GB physical memory
Example:
A UCS B200 blade with 96 GB of RAM with 2 Intel 5640:
Memory: 96 / 1.5 = 64 Virtual Machines
CPU: 2 x 4 cores x 2.53Ghz = 20.24Ghz x 1000 = 20240Mhz / 300 = 67 Virtual Machines
Conclusion: 64 VM per blade
More cores is always better
‘It depends’….but a general guideline
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 20
Optimizing Memory for Desktop Virtualization
Xeon 5600 Xeon 5600
Xeon 5600 Xeon 5600
12 DIMMs, Max 96GB
Higher Performance 18 DIMMs, Max 144GB
Lower Performance OR
48 DIMMs
Max 384GB
Higher Performance
Cla
ssic
C
isco U
CS
with
E
xte
nded M
em
ory
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 21
UCS Compute Options B
lade
Rack M
ount
B230 M2 2-Socket Intel E7-2800, 2 SSD, 32 DIMM
B200 M2 2-Socket Intel 5600, 2 SFF Disk, 12 DIMM
B250 M2 2-Socket Intel 5600, 2 SFF Disk, 48 DIMM
B440 M2 4-Socket Intel E7-4800, 4 SFF Disk, 32 DIMM
C200 M2 2-Socket Intel 5600, 4 Disks, 12 DIMM, 2 PCIe 1U
C210 M2 2-Socket Intel 5600, 16 Disks, 12 DIMM, 5 PCIe 2U
C250 M2 2-Socket Intel 5600, 8 Disks, 48 DIMM, 5 PCIe 2U
C460 M2 4-Socket Intel E7-4800, 12 Disks, 64 DIMM, 10 PCIe 4U
C260 M2 2-Socket Intel E7-2800, 16 Disks, 64 DIMM, 6 PCIe 2U
*UPDATED*
*UPDATED*
*UPDATED*
*UPDATED*
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 22
View 4.5 Validation Results
Server Profile Summary Workload Profile CPU Util # of Desktops
Cisco UCS B250-M2
Proc: 5680 @3.33 GHz
Mem: 192 GB
View 4.5 on ESXi 4.1
W7 32b (1.5G memory/20G disk)
NOTE; No HIMP,
No memory balloning
Knowledge Worker
Profile 83.7% 110
Cisco UCS B250-M2
Proc: 5680 @3.33 GHz
Mem: 192 GB
View 4.5 on ESXi 4.1
W7 32b (1.5G memory/20G disk)
NOTE; HIMP
with no memory balloning
Knowledge Worker
Profile 90+% 130
Cisco UCS B250-M2
Proc: 5680 @3.33 GHz
Mem: 192 GB
View 4.5 on ESXi 4.1
W7 32b (1.5G memory/20G disk)
NOTE; HIMP,
with ~5%memory balloning
Knowledge Worker
Profile 90+% 160
Single Server Performance of View 4.5 (with scale tested)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 23
Innovating with Embedded Unified Mgmt Reduced Points of Management
Single-click configuration of LAN, SAN and firmware parameters
Service Profile: HR-App1
Network: HR-VLAN
Network QoS: High
MAC: 08:00:69:02:01:FC
WWN: 20:65:32:25:B5:00:A4:28
BIOS: Version 1.03
Boot Order: SAN, LAN
• Unified Management Domain
Automatic discovery
Dynamic Provisioning
• Building Blocks of Resources for rapid provisioning
• Simplify infrastructure management for datacenters
Tightly Coupled Partner Mgmt. Tools
XML API
Existing Customer Mgmt. Tools
Traditional APIs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 24
• Separate firmware, addresses, and parameter settings
• Physical servers become interchangeable hardware components
• Service profile templates allow rapid provisioning of new virtual desktops
Dynamic Platform Provisioning with Service Profiles
Chassis-8/Blade-4 Chassis-1/Blade-2
Profile 1 UUID: 56 4d cd 3f 59 5b…
MAC: 08:00:69:02:01:FC
WWN: 5080020000075740
Boot Order: SAN, PXE
Profile 2 UUID: 56 4d cd 3f 59 5d…
MAC: 08:00:69:02:01:FF
WWN: 5080020000075742
Boot Order: SAN
Cisco UCS
Manager
Profile 3 UUID: 56 4d cd 3f 59 5f…
MAC: 08:00:69:02:01:FB
WWN: 5080020000075744
Boot Order: PXE, SAN
LAN SAN
Desktop Profile 1 120 Knowledge | HVD Win 7
B-250 192GB
LAN Connectivity
SAN Connectivty
Boot Order
Desktop Profile 2 140 Task | ThinAppOLTP
B-200 48GB
LAN Connectivity
SAN Connectivity
Boot Order
Desktop Profile 3 100 Power | HVD Win 7
B-230 384GB
LAN Connectivity
SAN Connectivity
Boot Order
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 25
Virtual Security Gateway (VSG)
Server Zones
Assistant IT Admin Doctor Guest
HVD Zones
Doctor
iT Admin Guest
Records Database Application Portal
VSG Deployment for VDI
Network
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 26
Cisco Integrated Security Features
Feature Capability Prevents
Port Security Restricting MAC addresses on a port Rogue VM spoofing MAC
address
IP Source Guard Maps IP address to MAC address IP/MAC spoofing
DHCP Snooping Monitors DHCP transactions Rogue DHCP Server
Dynamic ARP Inspection ARP: Maps IP address to MAC
Monitors ARP transactions, used in VMotion ARP attacks
Nexus 1000v
Feature Capability Benefits
In-hypervisor
inter-VM security
Firewalling inter-VM communication based
on policy
Handling of East-West Security
policy enforcement
Secure Segmentation Create secure segmentation of VMs Policy enforcement independent
of Network segmentation
Context aware
security policies Defined security policies based on context Simplified security policy
On-demand Trust –zones
& security templates
Enforcement of trust zones and
security templates Dynamic provisioning
Virtual Security Gateway
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 27
Automation Employee Onboarding
CUCM CUPS vSphere
XenDesktop 5
NewScale
Tidal
AD
AXL SOAP
Adapter
PS & Tidal
Adapter
PS & VMware PowerShell
Golden Images
IT Service Catalog, Lifecycle Management
Portal, Request Management
Tidal Enterprise Orchestrator
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 28
Automation Delivering VXI Service – Faster
InfoSec Creates ID
Server Admin Clone VM
Citrix Admin Configure PVS & DDC
Desktop Admin
Install Applications
Communication Group
provision’s Phone
Secure it
Ready for use…
Multiple requests from user for:
ID, Desktop, Phone, Email, Applications etc. Approved by Manager
Newscale order goes to TEO
TEO creates User ID
Configure Citrix PVS, DDC,
CUCM, VMware, CUPS
Install Applications
Secure it
Ready for use…
Single request from user, using service catalogue
Before: After:
• Manual provisioning
• Hard to control utilization
• Self-service; automated provisioning
• Elasticity (capacity-on-demand)
• High provisioning & ops cost
• Extended provisioning time
• Configuration risk
• Optimized provisioning & ops cost
• Rapid provisioning
• Increased Resiliency and Availability
Manual Process
take several
days
Automated
Self-service
On-demand
within minutes…
With
Automation
Conventional VDI Automated VXI Solution
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 29
New Services Solution-level Technical Support and Optimization
• Architecture review
• Operations audit
• Performance and validation testing
• Ongoing knowledge transfer
• Change, design, and project management support
• Single number for issue resolution
• Multi-vendor support
• Complements point product support
• Covers all technology partners
in Cisco Validated Designs
Cisco Allied Services for VXI Cisco Optimization for VXI Service
New Globally
Available
Q4 2011
Globally
Available
Now
New
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 30
Questions?
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 31