As agencies look to telecommuting and open office plans to save costs and make employees more efficient, mobility and security become top concerns.
Enter virtual desktop infrastructures (VDI), which allows employees to pull an entire operating system down from the cloud, giving them the same work experience on any compatible device and a consistent level of security no matter their connection.
Bonus: Learn about the challenges and key lessons derived from establishing a virtual desktop environment within the DoD. Thomas Sasala, CTO of the Army's IT Agency, will speak in a special free webcast on March 10. Click here for more.
The virtual desktop can be managed centrally, greatly improving security and implementation of the newest apps and software. However, latency issues and cultural hurdles remain, leading to slow adoption in the federal sphere.
Use of VDI in the public sector is "not pervasive across the board," said Tom Simmons, vice president for U.S. Public Sector at Citrix. "We've got some visionaries in the ranks of IT leadership that have over the last two or three years gotten out ahead of the benefits that virtual desktop infrastructure and a software-defined workspace means to the agencies, to their employees and to their constituents."
Simmons pointed out that almost every agency has some kind of proof of concept or pilot program around virtualization, though whether those move forward depends greatly on the leadership.
Leaders at the Defense Department, Veterans Affairs, Homeland Security and General Services Administration have made virtualization a priority and are seeing the benefits.
GSA, for instance, is using VDI to implement an open office space concept, called hoteling, in which employees work out of whatever space is available.
"That mobility within a government building creates the need for a virtual desktop infrastructure," Simmons said. "I'm not going to go to the same place and sit at the same computer every day. I'm either going to bring my laptop with me — so I'll need a connection to my infrastructure — or I'm going to go to a thin client to access my virtual workspace."
On the defense side, the Defense Logistics Agency is working to employ VDI within its networks and the Pentagon is at the end of a pilot program with the Joint Staff.
There are some 200 virtual desktops running in the pilot program with a plan to roll out to an additional 14,000 at the Department of Army by the end of 2015. Using the architecture and lessons-learned from that roll out, the Department of Air Force will be next on the list.
The Benefits: security, cost, mobility
The Pentagon has reaped numerous benefits through its virtualization efforts, according to Gregory Garcia, executive director of the Army Information Technology Agency, which manages IT projects for the Pentagon and Washington Headquarters Service.
"One that I really like is the ability to patch a desktop or application almost instantaneously and do it once," he said, rather than pushing an update out across the network and hoping the users install the patch and reboot in a timely manner. "If someone's been off the network for a day, a week, a month, when they go to pull that desktop down, it is the freshest, most secure image that they're going to pull. And that's a huge benefit in terms of labor and cybersecurity."
Virtualization enabled headquarters to reduce average patch time from 27 days down to three.
Bonus: Learn about the challenges and key lessons derived from establishing a virtual desktop environment within the DoD. Thomas Sasala, CTO of the Army's IT Agency, will speak in a special free webcast on March 10. Click here for more.
Along with the most up-to-date security, VDI also provides users with the most recent technology offering without having to issue new hardware or manually update each computer.
"You can get rid of the technology obsolescence issue by being able to refresh that image, refresh the server back end of that, without having to go and touch all those individual machines," Garcia said.
He also noted the energy savings from using a virtual infrastructure, which is down 70 percent at the Pentagon.
"It saves labor, increases security and really reduces the energy consumption of our footprint," he said.
Combating culture and lag
Adding an extra layer through VDI comes with some problems, though, in terms of computers and people.
One of the first roadblocks the Pentagon encountered was lag.
"One of the things we found out in the Joint Staff prototype is that we had an architecture that was not really conducive for quality of service," Garcia said. "There were various hops that each one of these signals had to go through. So when you moved your mouse, that little signal had to go through 17 different little stops and when it came back, of course, you get the non-productive mouse movement."
Garcia's team was able to reengineer the architecture to reduce the number of hops by 50 percent, greatly reducing latency. However, this is an issue that will be at the fore as VDI usage expands throughout the Pentagon.
The biggest problems were with "culture and commitment and communication," he said. "Any time you change a process, there are going to be people that are naturally resistant to it."
They were able to combat the culture issue by being the first to adopt the new technology themselves, as well as being responsive to others in the pilot program.
Buying VDI
Much of the virtual infrastructure currently in operation in the public sector was built in-house, though the market is getting closer to being able to offer VDI as-a-service.
"Today, the lion's share of this capability is built in-house, managed in-house and upgraded as an on-site capability within the agency or within a shared services scenario among agencies," Simmons said. However, "The as-a-service requirement is definitely coming."
As of now, the intricacies of federal requirements and the operating systems and apps used in the public sector are too complex for industry.
"Today's technology is not meeting the needs of the federal government IT community," Simmons said. "That's an area where you're going to see improvement and investment over time. But today, to provide a full featured, fully functional, fully secured desktop, we're seeing it offered either as an on-prem service that the agency builds, manages and provides to the user population or, in a few cases, the government has contracted out with a systems integrator."
As virtualization and software-defined networks mature, the private sector will grow into the space, Simmons said, particularly as various virtualization technologies converge. With the integration of mobility, Infrastructure-as-a-Service and other cloud services, that convergence could come as early as 2016-17.
"In federal today, it's a telework solution, it's a thin client solution, it's an early bring-your-own-device solution in most of the organizations we're talking to," Simmons said. "VDI is a path to the workspace of the future and we do see government on that path today."
Bonus: Learn about the challenges and key lessons derived from establishing a virtual desktop environment within the DoD. Thomas Sasala, CTO of the Army's IT Agency, will speak in a special free webcast on March 10. Click here for more.
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.
