Brkvir 2002 PDF

BRKVIR-2002
Deploying Virtual Desktop Infrastructure (VDI)

and
Cisco Virtual eXperience Infrastructure (VXI)
Jim French, CCIE 4074, CISSP
jifrench@cisco.com
BRKVIR-2002
2013 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Abstract
Many companies are pursuing virtual desktops to enhance data protection, improve disaster
recovery, increase agility, enable mobility, support bring your own, migrate to Windows 7, and
more. Shortly, hosted virtual desktops are expected to exceed 10% of the current 500 million
enterprise desktops. What will companies gain? What will they give up? To start off, we'll cover
the application trends and VDI drivers behind the growth and the commonly used solutions and
technologies with a review of Cisco Virtual eXperience Infrastructure (VXI). For enterprise
Collaboration, well review the implications of deploying hosted virtual applications and desktops
on interactive voice/video and corporate communications/streaming. For the enterprise
workspace, we'll address thin, hybrid, and thick client strategies for various types of users
addressing their general benefits and/or limitations. For Borderless Network, well look at the
implications of deploying hosted virtual desktop on existing network services like call control,
bridging, Quality of Service (QoS), Content Delivery Networks (CDN) streaming, multicast
streaming, WAN acceleration, campus switching, printing, etc. We'll cover how to deliver the
virtual desktops over the WAN using acceleration with details on the network bandwidth and
latency requirements and expectations. For Data Center, we'll review how to plan design data
center compute, storage, network, load balancing, and security for large scale hosted
applications and desktops. Lastly, well put it all together with architectures for large scale highly
available hosted virtual desktop deployments. The primary takeaways for attendees will be how
to: 1. Scale the data center 2. Secure hosted virtual desktop 3. Preserve the user experience
while centralizing client/server applications. 4. Reduce the Total Cost of Ownership (TCO)
BRKVIR-2002
Cisco Public
Housekeeping
We value your feedback- don't forget to complete your online session
evaluations after each session & the Overall Conference Evaluation which
will be available online from Thursday
Visit the World of Solutions and Meet the Engineer
Visit the Cisco Store to purchase your recommended readings
Please switch off your mobile phones
After the event dont forget to visit Cisco Live Virtual:
www.ciscolivevirtual.com
BRKVIR-2002
Cisco Public
Meet the Engineer

To make the most of your time at Networkers at Cisco
Live 2013, schedule a Face-to-Face Meeting with a top
Cisco Engineer.
Designed to provide a "big picture" perspective as well as
"in-depth" technology discussions, these face-to-face
meetings will provide fascinating dialogue and a wealth of
valuable insights and ideas.
Visit the Meeting Centre reception desk located in the
Meeting Centre in World of Solutions
BRKVIR-2002
Cisco Public
Deploying Desktop Virtualization

Agenda
Overview
Software
Collaboration
Borderless Network
Data Center
Architectures
Strategy
BRKVIR-2002
Cisco Public
Overview
Overview
Virtual Desktop Models
O/S Desktop
Virtual Desktop Streaming

App
Guest App
App
Guest OS
Synchronized
Desktop
Hosted Virtual Desktop

Apps
Apps
OS
Apps
OS
Apps
OS
OS
Apps
Apps
OS
OS
OS
Hypervisor
Main OS
Display Data
Server
Terminal Services or Published Applications
Application Streaming
Application
Apps
App
OS
App
OS
Server
OS
Client Hosted Computing

BRKVIR-2002
App
Display Data
OS
Presentation
Server
Server Hosted Computing

Cisco Public
Overview
The Network Is the Desktop
Keyboard, Video, Mouse
Thin
Client
Broker
Large OS
Many local applications
Compute
Vulnerable
Storage
Constant patching
Data backup
Complex management
Software distribution
delivery challenges
Skilled local support staff
required
Network
Personal Computer is disaggregated

Keyboard, Video, and Mouse stay with user
Compute and storage move to the data center
Network availability is required for all application access

Network performance is critical to user experience
BRKVIR-2002
Cisco Public
Overview
Hosted Application/Desktop Early Adoption
Regulated Industries
Task Workers
Finance
Government
Healthcare
Banking
Data Protection
Disaster Recovery
Capabilities
Flexibility/Mobility/Ubiquity
Faster application time to market
Moves, Adds, Changes
Real estate
BYOD
BRKVIR-2002
Retail
Education
Cost of Ownership
Use Cases
Call centers
Consultants
Off shore development
Partners/Extranet
Windows 7 migrations
Cisco Public
Overview
Moving Through VDI Rather Than To VDI
Centralized
Client/Server
Display Desktop
Pervasive Network,
Flash, Ajax, JS,
HTML5
Distributed Client
Efficient Server
Distributed Client
Centralized Server
WAN
Acceleration
Limited
Networks
Virtual
Desktop
Pervasive
Hypervisor
Distributed
Client/Server
Distributed Creation
Centralized Data
Centralized Data
BRKVIR-2002
Enterprise
Centralized
Creation/Data
Cloud
Integrated Data
If you were to develop a new

application today, would it be
web or client/server based?
Distributed
Creation/Data
2005
Distributed
Cloud Web
Desktop
2010
2015+
Cisco Public
Software
Software
Broker Desktop Entitlement
Non-Persistent or Pooled - Generic virtual desktop assigned to users on a
per session first come first server basis and then returned to the pool (possibly
with profile removed) or destroyed
Persistent or Assigned - Permanently assigned to a user statically or by first
to connect
Personalized Non-persistent Abstracted persona applied to non-persistent
desktops
Pool of Virtual
Desktops
Machines
Entitle Group to
Assign
Desktop
Users and Groups
Pool
Entitle User to
Desktop
Assign Individual
Template
BRKVIR-2002
Cisco Public
Software
VMware and Citrix Components
Function
VMware View
Citrix XenDesktop
Display Protocol Client
View Client
Citrix Receiver
Desktop Agent
View Agent contains PCoIP

and RDP with Wyse TCX
Citrix Virtual Desktop Agent

contains ICA and HDX
Servers
Broker Provisioning
Composer / Thinapp
Citrix Provisioning Server
Broker Routing
Connection Server
Citrix Desktop Delivery

Controller (DDC)
Broker Proxy
Security Server
Citrix Access Gateway
Portal
View Portal
Citrix Web Interface
Administration
View Administrator
Citrix Management Console
Personalization
RTO Persona Management
Ringcube Personal vDisk
Hypervisor
VSphere ESX
XenServer
Orchestration
Virtual Center
XenCenter
BRKVIR-2002
Cisco Public
Software
Desktop (OS) Virtualization
Remote Connections Directed by Broker
Agent
Agent
Agent
Agent
Agent
Agent
Agent
Agent
VM
Guest #1
VM
Guest #2
VM
Guest #3
VM
Guest #4
VM
Guest #5
VM
Guest #6
VM
Guest #7
VM
Guest #N
VMTools
VMTools
VMTools
VMTools
VMTools
VMTools
VMTools
VMTools
ESX
Service
Console
VMware ESX Host VMKernel (ESXi Console)

Cisco Nexus 1000v or Distributed Virtual Switch
SCSI
Fibre
Channel
VMKernel
iSCSI
NFS
SCSI , iSCSI, FC SAN

VMFS Block Data Store
Virtual Machine (VM)

Small Computer System Interface (SCSI)
Storage Area Network (SAN)
Virtual Machine File System (VMFS)
BRKVIR-2002
NAS File
VM
Network
Service
Console
LAN
VC Mgmt
IP Data Networks
Fibre Channel (FC)

Network File System (NFS)
Network Attached Storage (NAS)
Virtual Center (VC)
Cisco Public
16
Software
Display Protocol Server Components (Agent)
VMware Tools
Broker Agent
Multimedia
Redirector
(Windows Media
and Flash)
Rich Sound
Server (Analog
Mic/Skr)
USB
Virtualization
Server
BRKVIR-2002
Cisco Public
Software
Thick Desktop Display Protocol Clients
Thick client devices refer to standard PC or Laptops running a standard

OS but have similar software as the thin client installed as an application
Thick client devices allow users to work offline and are often the choice of
the Road Warrior user
BRKVIR-2002
Cisco Public
Software
Example Direct Mode Broker Exchange
<broker version="3.0">
<broker version="3.0>
<?xml version="1.0"?>
<configuration>
<id>CN=dc1-p,OU=Applications,DC=vdi,DC=vmware,DC=int</id>
<broker version="3.0">
<result>ok</result>
<name>dc1-p</name>
<desktop-connection>
<offlineSSOdisabled>false</offlineSSOdisabled>
<type>sticky-lc</type>
<result>ok</result>
<broker-guid>c4b2711c-55aa-4b2a-9e5a-31f61e7ee566</broker-guid>
<state>disconnected</state>
<id>CN=dc1-p,OU=Applications,DC=vdi,DC=vmware,DC=int</id>
<authentication>
<session- <address>10.87.121.28</address>
<screen>id>COMPANY\jifrench(cn=XXX,cn=foreignsecurityprincipals,dc=vdi,dc=vmware,dc=int)/0@c
<port>3389</port>
<name>disclaimer</name>
n=XXXX,ou=servers,dc=vdi,dc=vmware,dc=int:RDP:3389</session-id>
<additional-listeners>
<params><reset-allowed>true</reset-allowed>
<additional-listener name="MMR">10.87.121.28:9427</additional-listener>
<param><reset-allowed-on-session>true</reset-allowed-on-session>
</additional-listeners>
<name>text</name>
<user-preferences>
<protocol>RDP</protocol>
<values><value>Welcome
<preference<user-name>jifrench</user-name>
name="height">0</preference>
to the Cisco Iselin NJ VDI Lab</value></values>
</param>
<preference<password>YzZmNGFlMTMt</password>
name="width">0</preference>
</params>
<preference<domain-name>COMPANY</domain-name>
name="useForThinClient">false</preference>
</screen><preference<enable-usb>true</enable-usb>
name="alwaysConnect">false</preference>
</authentication>
<preference<enable-mmr>true</enable-mmr>
name="screenSize">Windowed</preference>
C1
WAVE
WAN
WAE
ACE
Broker
UCS
NAS
</user-preferences>
</desktop-connection>
</broker> </broker>
VMFS via DAS,

FC, NFS, iSCSI
HTTP/HTTPS Request To Broker

Welcome Response and Challenge
Capabilities Exchange
BRKVIR-2002
Direct Connect RDP/PCoIP
User Data
CIFS
Cisco Public
20
Software
Application Virtualization (Terminal Services)
Remote Connections Directed by Broker
Virtual
App
Instance
#1
Virtual
App
Instance
#2
Virtual
App
Instance
#3
Virtual
App
Instance
#4
Virtual
App
Instance
#5
Virtual
App
Instance
#6
Virtual
App
Instance
#7
Virtual
App
Instance
#8
Virtual
App
Instance
#N
Host Operating System

SCSI
Fibre
Channel
LAN Interface(s)
iSCSI
SCSI , iSCSI, FC SAN

VMFS Block Data Store
No device or kernel drivers
No Windows services
No Windows class names or window name
Installers cannot require a restart during install
BRKVIR-2002
CIFS/NFS
Application Data
NAS File
IP Data Networks
Support shared IP addresses

No Inter-Process Communications
No Distributed Component Object Model (DCOM)
Registry/App Objects must link to USER32.DLL
Cisco Public
21
Software
Hosted Desktop with Streamed Virtual Application
Display Connection #1
Empty Windows Virtual Desktop #1
Agent
Display Connection #N
Empty Windows Virtual Desktop #N
Agent
VMTools
VMTools
Windows OS
Windows OS
Cisco UCS with Hypervisor
Desktop
Application Streaming Server
Profile decoupled from desktop OS using tools

like AppSense
Desktop provisioned with minimal or fixed set
of applications installed
BRKVIR-2002
Profile
Data
Applications reside on File (VMware) or

Streaming Server (Citrix)
Administrator manages one master copy of an
application that is streamed at run time
Cisco Public
22
Software
MultiUser Hosted Shared Desktop (HSD)
Desktop
Challenge
Windowing
Broker
Security (AAA)
Monitoring
Publishing
Routing
Display
Desktop
Data Center
Storage
Display
Windows 2008 R2
Desktop Experience
BRKVIR-2002
Cisco Public
Co-Located
Storage
Software
Published Desktop
Desktop
Challenge
Windowing
Broker
Security (AAA)
Monitoring
Publishing
Routing
Display
Desktop
Data Center
Storage
Display
Display
Display
Display
Display
Display
Terminal Services XenApp

Hosted Applications
BRKVIR-2002
Cisco Public
Co-Located
Storage
Software
Presentation Desktop
Presentation
Publishing
Access
Hosting
Data
Interactive
Voice/Video
SIP/Web
Hosted
Client/Server
Applications
And
Desktops
Display
Display
Display
Display
Web
Web
Desktop
Challenge
Windowing
Broker
Security (AAA)
Monitoring
Publishing
Routing
BRKVIR-2002
Web
SAAS
HTML5
Cisco Public
Software
Web, Collaboration, & Application Publishing
BRKVIR-2002
Cisco Public
Virtual Experience Infrastructure (VXI)

Cisco Validated Designs (CVD)
Virtualized Data Center

Client Apps
SaaS
Web
Desktop OS
Cisco Collaboration
Apps
Contact
Center
UC Mgr
DESKTOP
VIRTUALIZATION
Borderless Network
Cisco Jabber
Identity
Services
Engine
Adaptive
Security
Appliance
Any Device
Virtual Desktop End-points
WAAS
vASA
Routing
(ISR)
Nexus
1000v
Unified
Fabric
Unified
Computing
System
Network
Services
Collaborative Workspace
AnyConnect
HYPERVISOR
vWAAS
Wireless
Wired
Unified Access
STORAGE
Validated Designs, Services, Training and Support
BRKVIR-2002
Cisco Products
Cisco Public
Collaboration
Communications
Peer to peer
Real time experience
Call Admission
Control
Telephony
Client
Collaboration
Forms of Hosted Applications
PX
Call
Control/Proxy
Media
Services
PY
Poor
Experience
Client to server
Mix of real time and
bulk transfer
Allow all
Display
Client
Client/Server
Connection
Broker/Proxy
Virtual
Desktop
Poor
Experience
Browser
Client
Web/Streaming/SAA
S
Client to server
Network tolerant
Mostly bulk transfer
Presentation
Server
Google.com
Quad/DMS
Web/SAAS
Ironport
Salesforce.com
Webex.com
Azure.com
BRKVIR-2002
VXC 6215
Cisco Public
Zoho.com
Collaboration
History of Network Services
Unified Communications
Virtual Experience Client (VXC) Zero
Client
Cisco IP Hard Phone
Branch Call Control, Voice Gateway, and

Voice Mail
Borderless Network
Wireless
WAN / PSTN
Wide Area Application Services (WAAS)

for better performance and user density
Content Delivery System (CDS) for
streaming video caching, splitting, and
branch multicast
WAAS
WAAS
Data Center
Si
Si
Si
Si
Unified Compute System (UCS)

Centralized Call Control with Cisco
Unified Communication Manager (CUCM)
on UCS
Digital Media System (DMS)
Broker
Stream
Server
Partners
Broker
UCS
Broker
Stream
Server
Storage
Storage
UCS
Storage
BRKVIR-2002
CUCM
Encoder
Cisco Public
CUCM
Collaboration
Desktop Video Call Before VDI (BV)
Cisco Unified Personal
Communicator (CUPC) or any
softphone
Branch call control, voice
gateway, and voice mail
Media is peer to peer within
sites or across MPLS sites
WAN / PSTN
Borderless Network
QoS provides low latency
queueing
Call Admission Control (CAC)
Business applications
protected
Si
Si
Si
Si
Data Center
Centralized Call Control with
Cisco Unified Communication
Manager (CUCM) on UCS
BRKVIR-2002
CUCM
Cisco Public
CUCM
Collaboration
Virtual Desktop Video Call After VDI (AV)
Centralized call control
Broken call admission control
High client CPU
Poor video
Out of Sync Audio
WAN / PSTN
Borderless Network
Best effort queue
Bandwidth up to 150 Mbps
Media hair-pinned through data
center
Server farm network loaded
BRKVIR-2002
Si
Si
Si
Broker
Data Center
High server CPU
Si
Broker
UCS
Storage
CUCM
Storage
Cisco Public
UCS
CUCM
Collaboration
Live Streaming Video Before VDI (BV)
PC has local browser with
media player
Borderless Network
CDS and/or multicast split
video in a display protocol
resulting in one stream per
user on the WAN
Bandwidth/experience is
native 100/300/700 kbps
QoS protects business
applications and other traffic
Data Center
Encoder sources a single
stream to CDS which unicasts
or multicasts to scale
CDE
CDE
WAN / PSTN
Si
Si
Si
Si
Stream
Server
Stream
Server
Encoder
BRKVIR-2002
Cisco Public
Collaboration
Live Streaming Video After VDI (AV)
Zero/thin client with display protocol
client only needs capacity to decode
Borderless Network
CDS and multicast cannot split video
in a display protocol resulting in one
stream per user on the WAN
CDE
Bandwidth/experience varies
depending on display protocol &
streaming format
CDE
WAN / PSTN
No QoS so entire experience suffers

if congestion
Data Center
Stream sourced from encoder
Servers are loaded by transcoding

and/or transrating
Server farm is loaded by all streams
Broker
UCS
Si
Si
Si
Si
Stream
Server
Stream
Server
Storage
Storage
Encoder
BRKVIR-2002
Broker
Cisco Public
UCS
Collaboration
Interactive Media Solution
Leverages the existing network
services for voice, video, data
Data Center
Cisco
VXME
User Desktop
Automatically prioritizes voice

and video traffic through
existing network-based QoS
with Cisco MediaNet
Integration
Media
Flow
Optimizes network and server

resources: bandwidth reduction
from megabytes to kilobytes
Supported by leading desktop
virtualization partners, Citrix
and VMware
BRKVIR-2002
Cisco UC
Manager
Across All Devices
Desktop Virtualization
Protocol
Signaling
Cisco Public
Collaboration
Software Strategy for Virtual Environments
Virtualization Experience Media Engine
(VXME)
Software that enables Jabber to run in
virtualized environments
Thin client and Windows PC

Cisco Virtualization Experience Client
(VXC) 6215
Windows-based 3rd party thin clients and
PCs
VXME for Cisco VXC 6215: March 2013

VXME for Dell Wyse Z50D: H12013
Enable the Jabber experience running

on virtual desktop as available today
on your PC
Presence & IM
High definition video & wideband audio
VXME for Windows PCs: H12013

VXME for Windows Thin Clients: H12013
Conferencing
BRKVIR-2002
Cisco Public
Collaboration
VXC 6215 or Windows Based Software Stack
Applications
Virtual Experience Media Engine (VXME)

HVD Broker
Web/HTML5
UI (Video Render/SRST/EM)
OAM&P/ Serviceability
CSF2G
Enhanced Call Control
SIPPC, CC API, Media Engine
Accessories Manager
Hardware Operating
Platform
System
OEM
Display
USB
DECT
RDP
Client
VmWare
View
Browser
HVD Agent (Virtual channel Interface)
AnyConnect
VPN
A/V
Device Manager
Blue
Tooth*
Citrix
Receiver
EnergyWise
Client
CDP
LLDP
IPv4
MediaNet
Client Framework
IPv6
VXC 6215 Hardware GT56N Dual Core 1.6GHz

Dual Display
BRKVIR-2002
Cisco Public
Collaboration
Any Device with Cisco Jabber
Desktop
Presence
& IM
BRKVIR-2002
Mobile
Voice
Video
Thin Clients
Conferencing
Cisco Public
Messaging
Collaboration
What Do End Users Need?
Call Center or Clerical
Professional
Design Professional
Administrative
Rich Media
Graphics or Custom
Remote/Task Worker
Knowledge Worker
Power User
Thin Clients
BRKVIR-2002
Capable Clients
Cisco Public
Collaboration
Client Strategy Depends On Hosted Applications
User
Hardware
OS
Software
Execution
Storage
Security
Life (Yrs)
Zero
Task
Chip
Firmware
None
All remote
None
Low risk
7-10
Thin
Task/Knowled
ge
Limited
Hardened
Display
All remote
None
Low risk
5-7
Hybrid
Knowledge
Capable
(possible
media
offload)
Hardened
General
(Linux or
Windows
Embedded)
Display
Rich Media
Web
Client/Server
remote
Rich media
local
Transient
Encrypted
Medium
risk
5-7
Thick
Knowledge or
Power
High End
Open
General
(Windows,
Linux, Mac)
Unlimited
Mostly local
Some remote
Persistent
High risk
3-5
1.
2.
3.
4.
Status-quo - Use whatever desktop/notebook/etc you already have

Recycle PC - Convert old PC hardware to a homebrew thin-client
New PC - buy new desktop/notebook hardware with HVD and application virtualization rollout
New thin/zero clients
BRKVIR-2002
Cisco Public
40
Collaboration
UC Accessories Exclusively Designed with Cisco
Logitech UC Keyboard
K725-C with Logitech
Mouse M525-C
Logitech Webcam C920-C
Jabra Handset 450 for

Cisco
Jabra Speak 450 for
Cisco
Available March 2013
BRKVIR-2002
Cisco Public
Collaboration
VXC Feature Comparison
VXC 2100 Series
VXC 2200 Series
VXME
VXC 6215
Form Factor
Backpack Integrated
Tower
Standalone
Software
Tower
Standalone
Platform
Zero Client
Zero Client
Win7, Win7 Embedded
Linux Thin Client
HVD Protocol Support
2111 PCoIP
2112 HDX,RDP
2211 PCoIP
2212 HDX,RDP
Citrix XenDekstop,
VMware View
HDX, RDP, PCoIP
UC Protocol Support
(add on)
N/A
N/A
Software
HDX, RDP
PCoIP (Q1CY13)
UC Client Support*
CUPC, Connect
CUPC, Connect
CUPC, CUCILync
CUPC, CUCILync
Voice
IP Phone 8961, 9951, 9971
N/A, can be used with IP

Phone
Yes
Yes
Video
IP Phone 9971, 9951
N/A, can be used with IP

Video Phone
No
Yes
Monitor Support
Single or Dual, 1920x1200
Single or Dual,
1920x1200
Varies based on
underlying HW
Single:2560x1600
Dual:1920x1200
PoE
PoE
PoE
N/A
No
Encoding & Decoding
Via IP Phone
Via IP Phone
Audio only. Video on the

roadmap.
Standard Video
HD Capable*
BRKVIR-2002
Cisco Public
Collaboration
VXC Manager OR Wyse Device Manager (WDM)
Centralized device and software management

VXCM is automatically discovered through DNS and DHCP options
Distributions may leverage WAAS or CDS in lieu of a local repository
High availability policy and software delivery but not config changes
BRKVIR-2002
Cisco Public
Collaboration
Traditional Network Services Work For All Clients
Softphone in VXI runs native
locally
Supports Survivable Remote Site
Telephony (SRST) supported
Use local services (gateways,
call control, vmail, etc.)
No voice hairpinning
CDE
CDE
Network
Borderless Network
Use local internet access
Use CDS/ACNS/WAAS to cache,
split, and/or multicast streaming
media
Provide QoS for rich media
WAAS
Broker
Data Center
Offload server CPU
Offload server bandwidth
BRKVIR-2002
WAAS
Si
Si
Si
Stream
Server
UCS
Si
Storage
CUCM
Broker
Stream
Server
Storage
Encoder
Cisco Public
UCS
CUCM
Borderless Network
Borderless Network
Universal Power Over Ethernet (uPoE) 60 Watts
Country Specific
Wall Plugs with UPS
Global Common
Power Cable
Catalyst 4500
OPEX
CAPEX
High efficiency bulk power supplies are

more efficient than power cubes
Power regulation using EnergyWise
Increase business productivity through
reduced downtime
BRKVIR-2002
Lower cost devices without power bricks

Building construction savings
Minimal power routing
Lower maintenance for power cables
Cisco Public
Borderless Network
Decoding the VDI Protocol Stack
VMware View
Application
PCoIP
4172
Underlying
Protocols
Microsoft
RDS
RDP
3389
Client-side hardware often

used for optimal experience
Server side hardware
available
MMR with Win7 desktops not
supported
TCP 4172 used for control
AES-256 bit encrypted
BRKVIR-2002
ICA/HDX
2598/1494
TCP
UDP
Deployment
Considerations
Citrix XenDesktop
No Client-side hardware dependency

Remote FX requires H/W assist (server
GPU)
Standards-based encryption model
SSL encrypted
No client-side or server-side
hardware dependency
Announced hardware specification
for 3rd parties
Standards-based as well as
proprietary encryption models
RC5 or SSL encrypted
Cisco Public
Borderless Network
Display Protocol Considerations Checklist
Network
Transport TCP, UDP, RTP

Behavior - bandwidth, congestion, latency,
drop
Channels
Inband
Out of band
Voice
USB headset
Analog microphone/speaker
Graphics/Video
Quality Lossy or lossless
Streaming - Windows Media, Adobe
Flash, QuickTime, or SilverLight
Acceleration
Encryption
Compression
Telephony Jabber, Skype, Lync,

Google, etc.
USB
Headset
Print
Drive
Security
BRKVIR-2002
Print
Print server
Printer location
User mobility
Cisco Public
Borderless Network
Display Protocol Summary
Protocol
Vendor
Transport
Bandwidth without
WAAS
(Approx)
Bandwidth with
WAAS
(Approx)
Remote Desktop Protocol

(RDP)
Microsoft
TCP 3389
384 Kbps
96 Kbps
Independent Computing
Architecture (ICA)
Citrix
TCP 2598 CGP

TCP 1494 ICA
120 Kbps
60 Kbps
PC over IP (PCoIP)
Teradici /
VMware
Media UDP
50002/4172
Control TCP
50002/4172
192 Kbps
192 Kbps
BRKVIR-2002
Cisco Public
Borderless Network
Display Protocol Channels
Display protocols operate at the
session layer
Display protocols were intended to remote

applications and not desktops
Display
Protocol
TCP
Desktop interactions require that some local

client services be extended to the remote
virtual desktop
Channels provide a means to extend
remote virtual desktop services
Channels cannot leverage network services

like QoS, security, media bridging, stream
splitting, or multicast
BRKVIR-2002
Cisco Public
USB
Video
Sound
Print
Borderless Network
Fundamental Problems with In-Band Channels
Mixing interactive and bulk
transfer traffic types in a
single TCP connection
Client copies file from local
USB with packets #1 and #2
Client clicks with packet #3
If network could provide

better service to packet #3,
it would reach host before
#1 and #2
Destination host TCP stack
will wait for the rest of the
TCP window to send to the
application
Display Client
Display Server
Remote
Virtual
Desktop
Local
Desktop
Display Client
2 BRKVIR-2002
Display Agents
Cisco Public
Tools
53
Borderless Network
Wyse/VMware TCX (like Multistream ICA)
Out of band media
Rich Sound on UDP 6901
USB Redirection on TCP 17185
Multimedia Redirection on TCP 9427
URL Redirection
Content Source accessed by Thin Client
Complete network and CPU Offload on the
Server
MultiMedia Redirection
Rendering Redirection (Transcoding)
Content opened and decoded by the Server
Client renders multimedia

Universal codec support (codec not required on the Thin
Client)
Least efficient for the Server (e.g. ~5x Bandwidth needed)
Decoding Redirection (Bypass)

Content opened by Server
Client Decodes and Renders Multimedia
Great for Multicast and URLs
Significant network and CPU Offload on the Server
Very limited use cases are currently supported
Requires Codec Support on the Client
Local
Desktop
Decoder
Display Client
B
Remote
Virtual
Desktop
Display Protocol TCP 3389

Rich Sound UDP 6901
USB Redirection TCP 17185
BRKVIR-2002
Multimedia TCP 9427

Cisco Public
Display Agent
Tools
Borderless Network
WAN Acceleration Increases User Density 27x
Data Redundancy Elimination (DRE) eliminates redundancy within or between
flows
LZ compression eliminates redundancy within flows
TCP Flow Optimization (TFO) fills the pipe over high latency links
Transport Data De-duplication No byte pattern crosses the network twice
Unidirectional DRE for display protocols and video streaming
Origin Connection
Origin Connection
WAN
Optimized
Connection
DRE CACHE
DRE CACHE
LZ
Decode
BRKVIR-2002
Window Scaling
Large Initial Windows
Congestion Mgmt
Improved
Retransmit
2013 Cisco
and/or its affiliates.
All rights reserved.
LZ
Encode
Cisco Public
Borderless Network
WAAS Citrix XenDesktop Feature Expectations
Feature
Function
Impact to WAAS 4.5
Common Gateway Protocol

(CGP)
Session reliability
Inserts varying data to each packet that

pollutes the DRE cache and negatively
affects server side flow control.
Citrix Receiver client cache
Receiver caches a substantial history
Minimizes WAAS DRE to near 0 in a single

user environment. Test in a multiuser
environment.
No MMR
Flash request made my hosted virtual

desktop (HVD), media rendered in the HVD,
and sent through ICA as bitmaps
Increases bandwidth AND minimizes WAAS

reduction to about 30%
Flash MMR server side fetch
Flash request made by hosted virtual

desktop, media passes in ICA channel, and
stream is decoded on the client
>95% DRE hit between successive on

demand video views but stream still be
delivered through the desktop server farm.
Flash MMR client side fetch

URL redirect
URL is redirected to the client which then

directly makes the video request bypassing
the hosted virtual desktop
>95% DRE hit between successive on

demand video views and stream does not
pass through the hosted desktop
Intelligent USB redirect
Apply intelligent compressions on USB

extension based on the device type
WAAS not effective for real time media over

USB but is effective for data transfer over
USB
BRKVIR-2002
Cisco Public
Borderless Network
WAAS Citrix XenDesktop Situation Expectations
Variable
Implication
Impact to WAAS 4.5
Print USB attached printer
USB redirection used to delivery

print job
>80% BW reduction and

latency mitigation
Print local print server
CIFS/MSRPC accelerated from

hosted desktop to branch print
server

latency mitigation
Print hosted print server
PS/PCL file delivery from data

center to branch printer

latency mitigation
Print direct print from hosted

desktop to branch printer
CIFS/MSRPC accelerated from

hosted desktop to branch printer

latency mitigation
Bitmap graphics
~30% overall but WAAS

DRE is zero
3rd party print redirection

Powerpoint presentation
mode
BRKVIR-2002
Cisco Public
Borderless Network
WAAS Citrix XenDesktop Experience Expectations
Variable
Implication
Impact to WAAS 4.5
TCP flow control
Client/Server operating system

dependent
Recent release client/server operating

systems support more aggressive TCP
stacks resulting in limited WAAS TFO
latency benefits.
High latency with recent OS
Compression reduces data amount
Interactivity improved by passing less

data
BRKVIR-2002
Cisco Public
Borderless Network
WAAS Performance Results for ICA and RDP
Latency Reduction
Native
Bandwidth Reduction
With WAAS
Native
60
300
50
250
40
200
60%
faster
30
20
60%
faster
10
Kbps
Seconds (s)
With WAAS
150
50%
Improvement
100
70% Improvement
50
ICA
RDP
ICA
RDP
Measuring response time improvements for internet browsing with IE

BRKVIR-2002
Cisco Public
Borderless Network
WAAS Reduces MMR Bandwidth up to 99%
Rich Media Streaming w/ MMR (Direct Connect)
BW Optimization for VIEW MMR Traffic
50
45
40
35
30
25
20
15
10
5
0
Overall BW Consump.: 1.75 MB

(After WAAS Optimization)
0:50
0:53
0:56
0:59
Overall BW Consump.: 20 MB
1:02
1:05
1:08
1:11
1:14
Original (MB)
1:17
1:20
1:23
1:26
Optimized (MB)
1:29
1:32
Ratio = 20 MB: 1.75 MB

BW Capacity = 11x
PCoIP Session
RDP Session
Solutions Setup
2 Concurrent View Clients
Display Protocol: RDP and PCoIP
View Deployment Mode: Direct Connection
BW/Latency: T1/80 ms
Play Time: 5-6 Minutes of Repeat Tracks
BRKVIR-2002
Audio: Format: MP3

Bitrate/Size: 192 Kbps/8.3 MB
Video: Format: WMV v.9
Bitrate: 1527 Kbps and 1772 Kbps
Size: 18.8 MB and 62.4 MB
WAAS Applied Policies: TFO, DRE, LZ

WAAS Classification Map:
- MMR TCP Port 9427
- USB TCP Port 32111
Overall Compression: 79.8%
Cisco Public
Borderless Network
Virtual Desktop Print Options
1. USB attached printer via display protocol USB extension
2. Centralized print server
3. Branch print server (physical machine or Windows on WAAS)

4. Direct print
C1
C2
P1
WAVE
WoW
WAN
WAE
UCS
NAS
RDP with USB Extension Channel

RDP
CIFS/MSRPC
PS/PCL Files
RDP
PS/PCL
CIFS/MSRPC
CIFS/MSRPC
Origin Connection
BRKVIR-2002
Optimized Connection
Origin Connection
Cisco Public
Print
Server
Borderless Network
Quality of Service in a Cisco VXI Network
Protocol
Desktop Virtualization Protocols
RDP7
PCoIP*
TCP/UDP Port
TCP 3389
TCP & UDP 50002
& UDP 4172
DSCP /CoS Value
TCP
DSCP af21/CoS 2
DSCP af21/CoS 2
af21/CoS 2
DSCP
ICA/HDX
Session
TCP 1494
DSCP af21/CoS 2
Session Reliability
TCP 2598
DSCP af21/CoS 2
Web Services
TCP 80
DSCP af21/CoS 2
USB Redirection (PCoIP)

MMR
Other Protocols found within Cisco VXI
Network-based Printing (CIFS)
UC Signaling (SCCP)
TCP 32111
TCP 9427
DSCP af11/CoS 1
DSCP af31/CoS 4
TCP 445
TCP 2000
DSCP af11/CoS 1
DSCP cs3/CoS 3
UC Signaling (SIP)
TCP 5060
DSCP cs3 /CoS 3
UC Signaling (CTI)
UC Media (RTP, sRTP)
TCP 2748
UDP 16384 - 32767
DSCP cs3/CoS 3
DSCP ef/CoS 5
Display protocols obscure multiple traffic types in a single TCP connection

BRKVIR-2002
Cisco Public
Borderless Network
Ports Used During Classification for QoS
ip access-list RDP
permit tcp any eq 3389 any
ip access-list PCoIP-UDP
permit udp any eq 50002 any
ip access-list PCoIP-TCP
ip access-list PCoIP-UDP-new
permit udp any eq 4172 any
ip access-list PCoIP-TCP-new
ip access-list ICA
!
ip access-list View-USB
ip access-list MMR
!
ip access-list NetworkPrinter
permit ip any host 10.1.128.10
permit ip any host 10.1.2.201
!
ip access-list CUPCDesktopControl
permit tcp any host 10.0.128.125 eq 2748
permit tcp any host 10.0.128.123 eq 2748
Cisco's Nexus 1000v deployed with its ability to

safeguard against DHCP snooping, dynamic ARP
inspection and IP source guard
In testing done, the markings were done on the Nexus 1000v whenever possible
BRKVIR-2002
Cisco Public
Borderless Network
These example provides a guideline for deploying QoS in a Cisco VXI
Network
Class-maps
Policy-map
class-map type qos match-any CALL-SIGNALING
match access-group name CUPCDesktopControl
class-map type qos match-any MMR-STREAMING
match access-group name MMR
class-map type qos match-any TRANS-DATA
match access-group name RDP
match access-group name PCoIP-UDP
match access-group name PCoIP-TCP
match access-group name PCoIP-UDP-new
match access-group name PCoIP-TCP-new
class-map type qos match-any BULK-DATA
match access-group name View-USB
match access-group name NetworkPrinter
BRKVIR-2002
policy-map type qos pmap-HVDPort

class CALL-SIGNALING
set cos 3
set dscp cs3
! dscp = 24
class MMR-STREAMING
set cos 4
set dscp af31
! dscp = 26
class TRANS-DATA
set cos 2
set dscp af21
! dscp = 18
class BULK-DATA
set cos 1
set dscp af11
! dscp = 10
Cisco Public
Borderless Network
Quality of Service Validation with MMR
Viewing QoS Policy Statistics
DC-WAN#show policy-map interface
GigabitEthernet0/0
Service-policy input: HQ-LAN-EDGE-IN
Class-map: MMR-STREAMING (match-any)
3532 packets, 5249960 bytes
30 second offered rate 9000 bps, drop rate 0
Match: dscp af31 (26) af32 (28) af33 (30)
0 packets, 0 bytes
30 second rate 0 bps
Match: access-group name MMR
QoS Set
dscp af31
Packets marked 3532
BRKVIR-2002
Serial0/0/0:0
Service-policy output: WAN-EDGE
Class-map: MMR-STREAMING (match-any)
30 second offered rate 393000 bps, drop
Match: dscp af31 (26) af32 (28) af33 (30)
Match: access-group name MMR
0 packets, 0 bytes
Queueing
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 5456/8052828
bandwidth 5% (76 kbps)
Exp-weight-constant: 9 (1/512)
Cisco
Public
Mean queue
depth:
25 packets
Borderless Network
DMZ Deployments
AnyConnect aggregates enterprise display, telephony, and web
DMZ secured with a firewall (ASA)
SLB balances and offloads display protocol proxy/gateway

SLB provides backend broker availability and scale
Identity Services Engine (ISE) provides user/group policy enforcement
Client
Network
ASA
SLB
Proxy
ASA
SLB
Broker
UCS
ISE
ISE
AnyConnect Tunnel
Display Protocol
over HTTPS
Display Protocol
BRKVIR-2002
Cisco Public
Borderless Network
Bring Your Own Device (BYOD)
Use Case Requirements
Design Requirements
Telephony
Client/Server
Local Apps/Data
VDI
VPN
MDM
Yes
Yes
Yes
No
Yes
Yes
No
Yes
Yes
No
Yes
Yes
Yes
Yes
No
Yes
Yes
No
Yes
Yes
Yes
No
Yes
Yes
No
No
No
Yes
Yes
No
No
Yes
Yes
No
Yes
No
BYOD or Not Who cares who bought it?

Company buys
Employee buys
Mobile Device Management (MDM) or Not

Often coupled with local device apps/data and VPN
VPN or Not
Often used with local device apps/data beyond
mobile mail and display client
Gift if youre lucky
VDI or Not
Offers access to legacy hosted client/server apps
Allow display only access to client/server with no local
data
Cisco Communications or Not

Local communications software commonly using
VPN (future embedded VPN)
VPN generally not required

BRKVIR-2002
Cisco Public
67
Borderless Network
VDI Firewalls
Non-Persistent desktops
Intranet
No direct network to network VPN
Reduce data leakage risk

Control access of consultants,
contractors, developers, extranets
connections, BYOD users, etc.
ASA provides access gateway
Identity Services Engine

Apps
Apps
Apps
OS
OS
OS
BRKVIR-2002
App
OS
Secure Hypervisor
ASA Firewall / Access Gateway
ISE provides user based access

controls
ISE may also provide access client
user identity, location, and device
access controls
App
ISE
Display data only
Internet
Guest Net
Cisco Public
Extranet
Data CenterCompute
Data Center
Considerations
Storage Scale
Compute
Cost
Scale capacity (Linked and Flex

Clones)
Performance
Scale IOPS
Scale
Client Network Services
Power/Cooling
Space
Security
Cabling
Monitoring
IP address management
BRKVIR-2002
Cisco Public
Data Center
Statelessness For Automation & Efficiency
Application virtualization decouples
application from OS (i.e. ThinApp,
AppV, Provisioning Server, etc.)
Hypervisor decouples OS from
compute hardware
UCS Service Profile decouple server
from BIOS
Nexus Port Profile decouples cabling
from server
APP
APP
APP
APP
AppVirt
AppVirt
AppVirt
AppVirt
OS
OS
Hypervisor
Server
BIOS (UCS Service Profile)
Port Profile
Network (LAN/SAN)
BRKVIR-2002
Cisco Public
Compute
UCS Blade Servers
B22 M3
B200 M3
B230 M2
B420 M3
B440 M2
Slots
CPU
E5-2400
E5-2600
E7-2800
E5-4600
E7-4800
Cores
16
16
20
32
40
DIMMs
12
24
32
48
32
Max GB
384GB
768GB (with 32GB, coming
(with 32GB DIMMs)
soon)
512GB
1.5TB
1TB
Disk
2 x 2.5
2 x 2.5
2 SSD
4 x 2.5
4 x 2.5
Raid
0/1
0/1
0/1
0/1/5/6
0/1/5/6
Integrated I/O
Dual 10Gb
Dual 20Gb
No
Dual 20Gb
No
Mezz
BRKVIR-2002
Cisco Public
Compute
UCS Virtual Desktop Densities
Blade14
Server
CPU
Server
Memory
Desktop
Configuration
Per
Blade
Per
Chassis
Per Domain
20 Chassis
B200-M1
Xeon5570 2.93 GHz
48 GB
WinXP 512 MB
128
1,024
20,480
B200-M1
Xeon5570 2.93 GHz
96 GB
WinXP 512 MB
160
1,280
25,600
B200-M1
Xeon5570 2.93 GHz
192 GB
WinXP 1024 MB
150
1,200
24,000
B250-M1
Xeon5570 2.93 GHz
384 GB
WinXP 1024 MB
332
1,328
26,560
B250-M2
Xeon5600 3.33 GHz
192 GB
Win7-32 1.5 GB
110
440
8,800
B230-M2
Xeon2870 2.40 GHz
512 GB
Win7-64 2.0 GB
175
1,400
28,000
B200-M3
Dual E5-2690 / 8 Core CPU
384 GB
Win7-64 2.0 GB
184 HVD
225 HSD
1,472
29,440
BRKVIR-2002
Cisco Public
Compute
CPU Considerations for Virtual Machine
CPU class
CPU class is affected by number of cores, CPU clock speed, amount of cache
memory and CPU virtualization technology
CPU core count

CPU core count affects virtual machine scalability and performance
CPU over commitment

CPU over commitment occurs when the number of virtual CPUs assigned to the
virtual machines exceeds the number of physical CPUs available to the host
Virtual machine role priority

Virtual machine role priority determines how CPU resources are distributed
across virtual machines
BRKVIR-2002
Cisco Public
Compute
Example CPU Capacity Planning
Win XP % Processor Time average 5% on 2

GHz core
Requires 100 MHz per desktop (0.05 * 2 GHz)
10 desktops require 10 GHz processing (100 *
100 MHz)
Add 10% to 25% overhead for virtualization,
display protocol, and buffer for spike
100 desktops achieved with 12.5 Ghz via 4
cores at >=3.125 GHz per core
BRKVIR-2002
Planning
Windows XP 150-250 MHz
Windows 7 400-600 MHz
Cisco Public
Compute
Example CPU Capacity Planning
Win XP % Processor Time average 5% on 2

GHz core
Requires 100 MHz per desktop (0.05 * 2 GHz)
100 desktops require 10 GHz processing (100 *
100 MHz)
Add 10% to 25% overhead for virtualization,
display protocol, and buffer for spike
100 desktops achieved with 12.5 Ghz via 4
cores at >=3.125 GHz per core
BRKVIR-2002
Planning
Windows XP 150-250 MHz
Windows 7 400-600 MHz
Cisco Public
Compute
Example Memory Capacity Planning
Vmware ESX Transparent Page

Sharing to share master copy of
memory pages among virtual
machines
Windows XP - 4 KB page sharing
Windows 7 - 1 MB page sharing
BRKVIR-2002
Planning Without Memory

Oversubscription
Windows XP - 512-1024 MB
Windows 7-32 bit - 1-1.5 GB
Windows 7-64 bit - 2-3 GB
Cisco Public
Compute
Forms of Hosted Desktops
Characteristic Hosted Virtual
CPU Use
Memory Use
Storage IOPS
Personalization
Cost
High
High
High
High
High
Hosted
Shared
Medium
Medium
Medium
Medium
Medium
Published
Low
Low
Low
Low
Low
Web
Low
Low
Low
Low
Low
Hosted Virtual Desktop (HVD) One user per VM

Hosted Shared Desktop (HSD) Many users per VM
Published Desktop One application per VM
Web Desktop Many clouds per user
BRKVIR-2002
Cisco Public
79
Compute
C240 M3 Graphic Processing Unit (GPU) Support
C240 M3 Slot Support
NVIDIA GVX K1
4x Entry Level Kepler GPUs
Slot 2
768 NVIDIA CUDA cores
Slot 5
130W
OS Support
6pin aux power connector
NVIDIA GVX K2
XenServer 6.0.2, 6.1

WinServer 2012
2x High-end Kepler GPUs

3072 NVIDIA CUDA cores
ESX 5.1 / VMWare View 5.2

(Q12013)
Hypervisor Support
225W
8pin aux power connector
Citrix Pass Through

Windows Shared
VMware Pass Through and
Shared
BRKVIR-2002
Cisco Public
Compute
GPU Dedicated and Shared
Hypervisor
Virtual Machine
Virtual Machine
Hypervisor
Guest OS
Apps
NVIDIA
GPU
RemoteMachine
Virtual
Protocol
NVIDIA Guest OS
Driver
Remote
Apps
Protocol
NVIDIA
Driver
Remote
Apps Guest
Virtual
OS
Machine
Protocol
Translation
Execution
Readback
Remote
Guest
OS
Apps Driver
API Capture
(DX9)
Protocol
Remote
Apps
API Capture Driver (DX9)
Protocol
NVIDIA
Driver
API Capture Driver (DX9)
NVIDIA
GPU
NVIDIA GPU
Dedicated GPU per User

Designer User
Hypervisors
Citrix XenServer 6
Parallels Workstation 6
Vmware ESX Planned
BRKVIR-2002
Guest OS
Virtual
Machine
Shared GPU
Knowledge User
Hypervisors
Microsoft Server 2008 Hyper-V with
RemoteFX
Vmware ESX with View Planned
Cisco Public
Compute
Full NVIDIA VGX GPU
Shared GPU
Designer, Power or
Knowledge User
Virtual
GPU
Manager
Hypervisors
XenDesktop 5.x
Virtual Machine
Hypervisor
Hypervisor
Device
Emulation
Framework
Guest OS
Virtual
Machine
Remote
Apps Guest
Virtual
OS
Machine
Protocol
Resource
Manager
Remote
Guest
OS
Apps USM
NVIDIA
Protocol
Remote
Apps
NVIDIA USM Protocol
NVIDIA USM
XenDesktop 6.x
Microsoft TBD
Vmware TBD
State
GPU
MMU
BRKVIR-2002
Graphics
Commands
NVIDIA GPU
Cisco Public
Per-VM
Per-VM
Dedicated
Per-VM
Dedicated
Channels
Dedicated
Channels
Channels
Remote
Display
Data CenterStorage
Storage
Overview
Type
File Access
Virtual machine
User data
Profile
Virtual applications
Storage
Storage Area Network (SAN)
Network Attached Storage (NAS)
Direct Attached Storage (DAS)
File System
Block Transport
Small Computer System Interface (SCSI)

Internet SCSI (iSCSI)
Fibre Channel (FC)
FC over Ethernet (FCoE)
SCSI over FC over IP (FCIP)
Data Deduplication
NT File System (NTFS)

File Allocation Table (FAT)
Extended File System (ext3)
Virtual Machine File System (VMFS)
Raw Device Mapping (RDM)
BRKVIR-2002
Common Internet File System (CIFS) /

Server Message Block (SMB)
Network File System (NFS)
NetApp File Level Flex Clone

VMware Linked Clone
Atlantis Computing iLio
Citrix Intellicache
Cisco WAAS Transport
Cisco Public
Storage
Master, Replica, and Clone
Full clone wastes storage and is slow

to clone
Replica is a full clone created from the
gold master
Master VM can be updated or replaced
without affecting the replica
The replica is a protected entity within
Virtual Center
BRKVIR-2002
Linked clones bloats over time

Expect about a 50% savings depending on desktop
type/use
Operations
Refresh Clean desktop, Pristine image
Recompose Migrate existing desktops from one
version to the other
Re-Balance Re-locate desktops to enable efficient
usage of the storage available (add more storage or
retire existing array)
Cisco Public
Storage
NFS Linked Clone Storage Consumption
Replica is a full
clone
Linked clone
consumes
<10%
Linked clone
bloats over time
Expect about a
50% savings
depending on
desktop
type/use
BRKVIR-2002
Cisco Public
Storage
Example Desktop Storage Planning
IOPS are ~ 5 per second

Capacity equals base OS/App/Data size (10
GB) plus suspend/resume (512 MB RAM), page
files (100 MB), etc. ~ 11.1 GB
For 100 desktops
IOPS = 5 * 100 VMs = 500 IOPS
Throughput = 500 * 4096 Bps = 2048 KBps
Storage = 11.1 GB * 1.15 = 1.276 TB (no
storage reduction)
BRKVIR-2002
Common 15K RPM drive provides

200 IOPS so 2.5 spindles are needed
4096 Bytes per IOP
<1 Mbps average
Planning
Windows XP 5-10 IOPS
Windows 7 10-20 IOPS

Cisco Public
Storage
Acceleration
Agent
Agent
Agent
Agent
VM
VM
VM
VM
Guest #1 Guest #2 Guest #3 Guest #N
VMTools
VMTools
VMTools
VMTools
Hypervisor
Shared
Storage
Cache
Optimizations
Atlantis Computing ILIO

Read/Write acceleration (RAM
option)
Citrix Intellicache Accelerated read
with local write
VMware Storage Accelerator (VSA)

Accelerated read
BRKVIR-2002
Forms of optimization (~90%)

Caching
Deduplication
Compression
Coalescing
Content-Awareness
Cisco Public
89
Storage
Planning
Storage Requirements
Total number of desktops
Type of desktops (persistent, nonpersistent)
Size per desktop
OS for desktop
Worker workload profile
Storage growth horizon
Disaster recovery, backup, and data
protection requirements
Size of NAS (CIFS) home directories
Roaming profiles
Transport De-duplication
Transport workload mobility solutions
Shared storage replication acceleration
(SRDF, SnapMirror, etc.)
Workload mobility acceleration (Clone,
VMDK access, etc.)
BRKVIR-2002
Planning
Consider DAS for Non-Persistent Desktops
Use shared storage with RAID and
replication for persistent desktops and user
data
Use Linked Clones or File Level Flex
Clones for storage capacity
IOPS (4096 Bytes/IOP)
WinXP 5-10
Win7 10-20
15K RPM drive 200 IOPS
SSD drive 10,000s IOPS
Reads versus writes
Consider hourly, daily, monthly, and

quarterly workload
Consider impact of antivirus
Use storage caching to scale
Consider data redundancy levels
Cisco Public
Data CenterNetwork and Security
Network
Deployment Considerations
WAN Edge
WAN Edge
DC-1 Core
DC-2 Core
VDI
VM
1
VM
2
Apps
VM
3
VM
4
VM
5
Data
VM
6
VM
7
VM
8
VDI
VM
9
Separate VDI from application

environments
Modular physical, network and compute
infrastructure
Predictable and repeatable scalability
Campus security best practice
IP address management
BRKVIR-2002
VM
10
VM
11
Apps
VM
12
VM
13
VM
14
Data
VM
15
VM
16
VM
17
VM
18
Hosted virtual desktops in the server farm

access considered east/west
Hosted virtual desktops considered as a
campus are north/south
WAN edge in the access block is
east/west?
Data center core is becoming an any to
any transport
Its all relative
Cisco Public
Network
Nexus 1000V Virtual Switch Architecture
Virtual Appliance
VSM-1 (active)
Network
Admin
Back Plane
VSM-2 (standby)
Supervisor-1 (Active)
Supervisor-2 (StandBy)
Linecard-1
Linecard-2
NX-OS
Data Plane
Linecard-N
Modular Switch
VEM-2
VEM-1
Hypervisor
VSM: Virtual Supervisor Module
VEM: Virtual Ethernet Module
NX-OS
Control Plane
Hypervisor
VEM-N
Hypervisor
Server
Admin
Hypervisors: vSphere (shipping); Win8/Hyper-V (planned)
BRKVIR-2002
Cisco Public
93
Network
Advanced Features of the Nexus 1000V
Switching
Security
Network Services
Provisioning
Visibility
Management
BRKVIR-2002
L2 Switching, 802.1Q Tagging, VLAN/VXLAN Segmentation, Rate Limiting (TX)
IGMP Snooping, QoS Marking (COS & DSCP), Class-based WFQ
Policy Mobility, Private VLANs w/ local PVLAN Enforcement
Access Control Lists (L24 w/ Redirect), Port Security, ACL Logging
Dynamic ARP inspection, IP Source Guard, DHCP Snooping
Virtual Services Datapath (vPath) support for traffic steering & fast-path off-load
Virtual Security Gateway (VSG), vWAAS, vNAM, CSR
Automated vSwitch Config, Port Profiles, Virtual Centre Integration
Optimised NIC Teaming with Virtual Port Channel Host Mode
VMotion Tracking, NetFlow v.9 w/ NDE, CDP v.2
VM-Level Interface Statistics
SPAN & ERSPAN (policy-based)
Virtual Centre VM Provisioning, Cisco Network Provisioning, CiscoWorks
Cisco CLI, Radius, TACACs, Syslog, SNMP (v.1, 2, 3)
Hitless upgrade, SW Installer
Cisco Public
94
Network
Securing VDI with Cisco Virtual Security Gateway (VSG)
Persistent virtual workspace for the
doctor
Flexible workspace for Doctors
assistant
Maintain compliance while supporting
IT consumerization
Server Zones
Healthcare
Portal
Database
Application
Virtual Security
Gateway (VSG)
IT Admin
HVD Zones
Leverage VM context (eg VM-name) to

create VSG security policies
Records
Assistant
Doctor
Guest
ASA
Network
iT Admin
Guest
Doctor
Cisco AnyConnect
Reference Architecture:
1000V and VSG in VXI Reference Architecture

BRKVIR-2002
Cisco Public
95
Network
vWAAS Out Of Path With vPath
Interception based on port-profile
policy configured in Nexus 1000v
Virtual
Desktop 1
vWAAS
Virtual
Desktop 2
Bidirectional Interception
Capture display traffic inbound
Capture desktop protocol traffic outbound
Pass-through traffic is automatically

bypassed in Fastpath
vPATH
Nexus 1000V
VMware ESXi Server
Cisco UCS x86 Server
vPath aware VM movement

Supports Vmware resource scheduling
Nexus 1000v VSM
Automatic application of vWAAS when

new virtual desktop gets deployed
BRKVIR-2002
Cisco Public
vCenter Server
Network
Security Options
Patching
Persistent desktop versus non-persistent desktop
Virus Scanning
Virtual machine virus scanning
VMSafe service in vSphere
NAS (file server) based virus scanning
Network or proxy based virus scanning (Scansafe/Ironport)
Virtual desktop access

Direct internally or proxied externally
Zoning by User/Group
Application
Desktop
BRKVIR-2002
Cisco Public
IO Planning
Sample Bandwidth Planning
Storage (in and outbound)
20 IOPS per desktop at 4K Bytes EA
671 Kbps EA (assume 1 Mbps)
1 Gbps for 1000 HVDs in UCS blade chassis
Assume 1 Mbps per HVD
Network Display (mostly outbound)
UCS Chassis
APP
APP
APP
APP
AppVirt
AppVirt
AppVirt
AppVirt
HVD-1
Assume 1 Mbps per desktop

HVD-1000
Hypervisor
Desktop Protocols (mostly inbound)
Server
Estimate 8 Mbps which opens 25MB in 25

seconds and handles streaming and interactive
video
BRKVIR-2002
Display
10 Mbps per HVD for storage, display, and

desktop protocols
Network (LAN/SAN)
Storage
Total
BIOS (UCS Service Profile)
Cisco Public
Desktop
Protocols
Architecture
Architecture
Large Scale Virtual Desktop Architecture
Branch
Thin Clients or display protocol
clients
WAN Acceleration (1 connection
per HVD/HVA)
Desktop Data Center

WAN Acceleration From Thin
Client (1 connection per
HVD/HVA)
Broker
Virtual Desktops
Limited applications
WAN Acceleration to Application
(10 connections per HVD)
Application Data Center

WAN Acceleration From HVD
Centralized applications
BRKVIR-2002
Disp Protocols
Theatre
Desktop
Centers
App Protocols
Corporate
Application
Data Centers
Cisco Public
Architecture
Fault Domains
Client
Client 1 user
Broker Up to 1000
Branch Switch Up to 250
UCS Blade Up to 332
Building or WAN 2 to 1,000
UCS Chassis Up to 1,328
SLB 2,000 to 20,000
Storage 1 to 10,000
LAN
BRKVIR-2002
WAE
WAN
WAE
ACE
Broker
Cisco Public
UCS
Storage
Architecture
WAAS NFS Transport DeDuplication
Client LAN attached terminal
Storage
NFS from ESX to NAS
Native protocols over WAN
WAAS between ESX and NAS
Centralized VMDK and user data
99.6% compression (10 GB reduced

to <100 MB)
C1
C2
C3
UCS
WAE
Network
WAE
NAS
RDP
NFS
BRKVIR-2002
Origin Connection
Optimized Connection
Cisco Public
Origin Connection
Architecture
Remote NAS WAAS NFS Storage Acceleration
Display protocols are
challenged by rich media
Mitigate display protocol

challenges by placing
compute close to user
Achieve data protection
by placing vmdk in data
center
Minimize network impact
with WAAS
BRKVIR-2002
WinXP
NFS Origin
NFS Optimized
Action
Percent
Optimized
Boot
204
2.922
98.61%
Login
91.781
1.938
97.89%
Office
201
3.584
98.26%
Web 5X
21.5
0.433
98%
On demand
Flash
3.333
0.062
98.18%
Cisco Public
Availability and Mobility

Virtual Desktop Architecture
Normal Conditions
Desktops provisioned to use
local NFS Filer
SnapMirror Replicates VMDK
files through WAAS
Netapp Flex Clones to reduce
storage
RDP
NFS
Replication
WAN
#1
WAN
#2
Event
NAS fails over to replicated
NAS using L2 extension or
Route Health Injection (RHI)
WAAS enables desktops to run
from NAS in remote data
center
View Clients maintain display
protocol connection with
stationary compute VM
r1
Si
r3
r2
Si
e1
c1
e3
r7
Si
Si
r5
c2
r9
r6
Server
Farm 1
Server
Farm 2
f1
r8
f2
r10
e2
BRKVIR-2002
r4
e4
Cisco Public

VMotion Acceleration
WAAS reduces 512 MB transfer to
just 31 MB if warmed with similar
WinXP desktop
VMotion uses TCP to reliably

migrate the contents of memory
from one compute to another
WAAS enables bulk VMotion between

data centers in the event storage
moves
Source host initiates a TCP 8000

connection to the destination host
WAAS enables efficient VMotion

from/to private to/from public clouds
UCS
WAE
WAAS can be in the path using

inline card or WCCP
IP Network
WAE
UCS
Vmotion TCP 8000

BRKVIR-2002
Cisco Public

VMotion Compute Follows Storage
Normal Conditions
Desktops provisioned to use
local NFS Filer
SnapMirror Replicates VMDK
files through WAAS
Netapp Flex Clones to reduce
storage
RDP
NFS
Replication
WAN
#1
WAN
#2
Event
NAS fails over to replicated
NAS using L2 Extension or
Route Health Injection (RHI)
WAAS efficiently migrates
desktop VMs to backup
compute following storage
Client VMs can preserve IP
with RHI, L2MP, or request
new IP through DDNS
r1
Si
r3
r2
Si
e1
c1
e3
r7
Si
Si
r5
c2
r9
r6
Server
Farm 1
Server
Farm 2
f1
r8
f2
r10
e2
BRKVIR-2002
r4
e4
Cisco Public

View Offline Desktop Check Out/In Acceleration
View Client includes
VMware Player
Client checks out
(downloads) virtual
desktop VMDK
WAAS accelerates
check out and check in
BRKVIR-2002
Cisco Public
Strategy
Strategy
Approach
Centralized when you can
Communications Email
Productivity Office, Wiki
Information Management File, Sharepoint, iDisk, etc.
Business applications Client/Server
Business intranet web
Local when you must

Communications
IP Telephony (interactive softphone)
Video on demand (native encoding with local caching and prepositioning)
Video streaming (broadcast)
Rich media web

Experience
Branch split VPN with local web access
Print
BRKVIR-2002
Cisco Public
Strategy
Considerations
Business
Identify worker types (i.e. Task, Knowledge, Power, etc.)
Pursue when it makes business sense
Address security and compliance requirements
Consider the workspace (not just a desktop)
Consider the employ onboarding and off-boarding workflow
Design
Fault domains
Disaster recovery
Shared storage scalability
Application concurrency
Per application requirements (One bad app ruins a bushel!)
Rich media or graphic intensive applications have many caveats
Stateless desktop is the goal
BRKVIR-2002
Cisco Public
Automation
Employee Onboarding
Single request from user, using Cisco Cloud Portal (CCP)
Approved by Manager
Multiple requests from user for:

ID, Desktop, Phone, Email, Applications etc.
InfoSec Creates ID
CCP order goes to Cisco Process Orchestrator (CPO)
Server Admin Clone VM
CPO creates User ID
Citrix Admin Configure PVS & DDC

Desktop Admin
Install Applications
Configure Citrix PVS, DDC,

CUCM, VMware, CUPS
With Automation
Install Applications
Communication Group provisions

Phone
Manual Process
take several days
Before:
Secure it
Automated
Self-service
On-demand
within minutes
Secure it
Ready for use
After:
Conventional VDI
Automated VXI Solution
Manual provisioning
Hard to control utilization
High provisioning & ops cost
Extended provisioning time
Configuration risk
Self-service; automated provisioning

Elasticity (capacity-on-demand)
Optimized provisioning & ops cost
Rapid provisioning
Increased Resiliency and Availability
BRKVIR-2002
Cisco Public
Ready for use
Cisco VDI Benefits

Value Proposition Summary
Scale
Secure
Experience
Unify
Operate
BRKVIR-2002
Cisco Public

Virtual Desktops Deployments with VXI 2.6
Reduce virtual desktop
implementations costs
Reduce TCO through server technology

advancements
UCS B200M3 (1600MHz memory), VIC 1240
(80 Gbps I/O), UCS 2.0.2, Fabric Interconnect
6296UP
Customer
Needs
Simple and flexible

authentication
Increase virtual desktop server density

XenApp 6.5 hosted shared desktop, including
Jabber for Windows
Virtualized collaboration
Troubleshooting virtual
desktops
Decrease storage costs for View and

XenDesktop
Solid State Drives with Citrix PVS
VSA View Storage Accelerator (leverages
CBRC hypervisor caching technology)
BRKVIR-2002
Cisco Public

Flexible remote access authentication
Customer
Needs
Simple and flexible

authentication
Single or dual VPN tunnel from VXC
Clientless Single Sign On (SSO)

with ASA 9.0
Citrix XenDesktop
Citrix XenApp
Cisco Public
desktops
BRKVIR-2002

Realize OpEx benefits with virtualized

contact centers
Integration Contact Center in virtual
desktops
Customer
Needs
Simple and flexible

authentication
CTIOS tested and Finesse supported

Citrix XenDesktop and VMware View
VXC2xxx and VXC 6215
Pervasive Unified Communication

Jabber for Windows in virtual desktops (both
Hosted Virtual and Hosted Shared)
desktops
BRKVIR-2002
Cisco Public

Lower OPEX & increase manageability

MS Systems Center 2012 with Cisco UCS
Manager
Many other 3rd party plug-ins
Customer
Needs
Simple and flexible

authentication
Cisco VXC Manager 4.9

Easier installation and operation
desktops
BRKVIR-2002
Cisco Public

Upcoming Releases of VXI
3rd party endpoint ecosystem
WAAS 5.1 with Citrix Multistream ICA
Storage acceleration with FusionIO
VMware ESXi 5.1, Citrix XenServer, Microsoft

Hyper-V hypervisor updates
Jabber application and desktop virtualization
VXME integration with Windows 7 and Windows 7
Embedded
BRKVIR-2002
Cisco Public
Questions?
BRKVIR-2002
Cisco Public
Welcome to Cisco VXI Jeopardy!

Software
Collaboration
Borderless
Network
Ruins$100
a bushel
Outside the display

$100
protocol
Up to 90% bandwidth
$100
savings
The best server for

$100
VDI
DAILY
Wyse
$100
DOUBLE
Profile virtualization
$200
$200
VXC
1494$200
and 2598
$200
IOPS
Task$200
worker
$300
VXI
Web, Telephony,
$300
and Display
4172 and
$30050002
The best virtual

$300
switch for VDI
$300
$400
$400
$400
$400
$400
$500
$500
$500
$500
$500
$1000
$1000
$1000
$1000
$1000
$2000
$2000
$2000
$2000
$2000
BRKVIR-2002
Data Center
Pot Luck
Cisco Public
124

Links and Related Mailers
Cisco VXI External Page
www.cisco.com/go/vxi
(Solution Value Proposition and Marketing Collateral)
Cisco Design Zone VXI Page

http://www.cisco.com/go/designzone/vxi
(CVDs and Configuration Guide available here;
Performance Guide follows in October)
BRKVIR-2002
Cisco Public
Call to Action
Visit the Cisco Campus at the World of Solutions

to experience Cisco innovations in action
Get hands-on experience attending one of the Walk-in Labs

Schedule face to face meeting with one of Ciscos engineers
at the Meet the Engineer center
Discuss your projects challenges at the Technical Solutions Clinics
BRKVIR-2002
Cisco Public
126
BRKVIR-2002
Cisco Public
127

Brkvir 2002 PDF

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Brkvir 2002 PDF

Caricato da

Copyright:

Formati disponibili

BRKVIR-2002

Deploying Virtual Desktop Infrastructure (VDI)

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

Meet the Engineer

2013 Cisco and/or its affiliates. All rights reserved.

Deploying Desktop Virtualization

2013 Cisco and/or its affiliates. All rights reserved.

Virtual Desktop Streaming

Hosted Virtual Desktop

Terminal Services or Published Applications

Client Hosted Computing

2013 Cisco and/or its affiliates. All rights reserved.

Server Hosted Computing

Personal Computer is disaggregated

Network availability is required for all application access

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

If you were to develop a new

Users and Groups

2013 Cisco and/or its affiliates. All rights reserved.

Display Protocol Client

View Agent contains PCoIP

Citrix Virtual Desktop Agent

Citrix Provisioning Server

Citrix Desktop Delivery

Citrix Access Gateway

Citrix Web Interface

Citrix Management Console

RTO Persona Management

Ringcube Personal vDisk

2013 Cisco and/or its affiliates. All rights reserved.

VMware ESX Host VMKernel (ESXi Console)

SCSI , iSCSI, FC SAN

Virtual Machine (VM)

2013 Cisco and/or its affiliates. All rights reserved.

Fibre Channel (FC)

2013 Cisco and/or its affiliates. All rights reserved.

Thick client devices refer to standard PC or Laptops running a standard

2013 Cisco and/or its affiliates. All rights reserved.

VMFS via DAS,

HTTP/HTTPS Request To Broker

Direct Connect RDP/PCoIP

2013 Cisco and/or its affiliates. All rights reserved.

Host Operating System

SCSI , iSCSI, FC SAN

2013 Cisco and/or its affiliates. All rights reserved.

Support shared IP addresses

Cisco UCS with Hypervisor

Application Streaming Server

Profile decoupled from desktop OS using tools

Applications reside on File (VMware) or

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

Terminal Services XenApp

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

Virtual Experience Infrastructure (VXI)

Virtualized Data Center

2013 Cisco and/or its affiliates. All rights reserved.