Top
Wanna talk?
What Am I Doing?
Categories
Friday
May182012

BYOD From a Different Perspective

DateFriday, May 18, 2012 at 9:50PM

I'm sitting on this plane doing my usual thing: Working. Part of my job is to read...a lot.

I follow a variety of people. One of them is Mike Rigsby. Recently he wrote an article where he lays out the opinion that BYOD (Bring Your Own Device) just wouldn't work in today's enterprises.

Obviously this peaked my interest. :)

Mike lists out the concerns that he believes he would have. And I have to tell everyone, they are valid issues. But at the same time, I don't believe they're as bad as he anticipates. I have the benefit of seeing first hand what this would be like...because I've deployed technologies that enable BYOD in enterprise environments. Let's hit the list…

1. Standardization

I believe the consumerzation of IT is forcing this issue. You can actually make the argument that the same force is applying to BYOD as well. But the question Mike is raising is "Do you really want them in the enterprise?". Well, the reason you want standardization is for support most of all, and also easy procurement. With a BYOD technology like VDI (Virtual Desktop Infrastructure), you rely less on the client hardware and more on the operating environment and infrastructure. This has the potential to reduce hardware support costs because you don't support as much hardware. Enterprises are realizing this and taking advantage.

  2. Security

Security is a tough one. I think it really depends on the business requirements that drive the functional requirements to make this determination if BYOD is a good fit for you. Typically there is risk assessment performed to evaluate if BYOD is acceptable, but a risk assessment is going to take into consideration technology that can prevent and mitigate a lot of these concerns. From VLAN's, 802.1x, NAP/NAC and ACL's, many companies have discovered limited and acceptable risk when contained appropriately.

VDI can also help reduce the attack surface for the company in question. Mike describes a situation where users have their laptops stolen. In the case of VDI, since nothing is on the end users laptop, the impact of stolen property is limited to the end user.

3.Liability

Mike frames this topic in the context of user productivity, which is absolutely a concern. What if the user loses or damages their equipment? Even if it's their own, the business still has to deal with lost productivity. I've discovered that most companies who employ BYOD don't deploy it company-wide. There are certain scenarios that require company owned hardware (like a dependency to interface with another hardware device or a security policy in place). But depending on your business, the vast majority of users are probably information workers. In this case, VDI can be ideal for a BYOD solution. Several companies I know simply have hardware on reserve for this type of scenario.

In conclusion, are there reasons not to deploy BYOD/VDI? Absolutely. It's a large capital expense. You need to purchase the backend infrastructure and software licenses, which are not cheap.

But is it worthwhile? I believe more companies are asking themselves that question and the answer may surprise Mike.

AuthorMichael Sainz | CommentPost a Comment | Reference1 Reference |
tagged in
Saturday
Feb252012

View 5 Parent VM's

DateSaturday, February 25, 2012 at 8:49PM

Been working on a VMware View 5 pilot for the past couple months and I wanted to share with you a gotcha we discovered.

First off, I should stress that how you build the Parent VM's is extremely important. I would suggest that you use MDT or SCCM OSD in creation of your image (as always) and that you carefully design your image with the idea that you're running within a shared resource environment.

A short description on Parent VM's. A Parent VM is a virtual machine that is the basis for other virtual machines in a Linked Clone desktop pool. The idea is similar to differential disks in virtualization 101. You have a parent disk and then create/link a second disk to the first. Any additional writes to the VM are written to this second differential disk. The hypervisor then determines which disk to pull from when a read IO occurs. When talking about Parent VM's and Linked-Clones, when a new VM needs to be created, the template it uses is the Parent VM.

Our problem started when we took the snapshot of our parent VM for View to use as our template. Whenever we started provisioning the pool, the VM's would hang at the customization phase. I won't bore you with the details, but first we thought it was hardware we used within the Parent VM. It was built on hardware version 8 (the newest for View 5.0) and that we were using an incorrect storage controller driver with the OS. Whenever we turned on those VM's, it wasn't joined to the domain and we received the "New Hardware Detected" Windows dialog box wanting us to restart the computer.

Easy! Just update the driver and then take another snapshot.

Turns out this wasn't the case.

Several more troubleshooting steps later we finally determine what the problem was: Microsoft App-V. The App-V agent was baked into the Parent VM. When QuickPrep does it's thing, it enumerates all of the drives registered with Windows. App-V creates a logical drive (Default is Q: I believe...) and when the VMware View Agent grabs those registrations and discovers the App-V drive, it handles it incorrectly. When we stop/disable the App-V agent service and started it back up post load it works like a charm.

Whether it was the fault of VMware or Microsoft/SoftGrid (this was using App-V 4.5, no SP so it was pretty old) is unknown. But hopefully this can help someone else who doesn't have to pull their hair out as much as we did.

AuthorMichael Sainz | CommentPost a Comment | Reference2 References |
tagged , , in
Sunday
Jan152012

Yes, I'm still here.

DateSunday, January 15, 2012 at 9:53PM

Sadly, I have neglected this blog for far too long. I am constantly reminded that I have this site due to the amount of spam comments I get. The Internet is a wonderful thing, isn't it?

Suffice to say, since my last update I have a few new things going on. I've switched jobs twice but I still love what I do. I'm excited as ever and looking forward to some new experiences. But if there is anything that I've learned in my industry it's that change is constant.

At the beginning of 2011 I moved away from ACS/Xerox and moved to Dell Services. I was part of a team named GICS, or Global Infrastructure Consulting Services. We did exactly that: consulted with companies regarding their IT infrastructure and gave advice and guidance on their current and future projects they're considering. Naturally, I specialized in OS Migrations: Windows 7 stuff. It was awesome...for the first couple weeks...

See, my team was a "national" team. That is code for travel! Awesome, right? To a certain extent. I do enjoy travel...especially when you have a company card. ;) But there was a significant toll on the family. I was traveling every week from February until the middle of July. My first stint was New York/Jersey, then Atlanta and topping it off in Dallas/Ft. Worth. From April through July I was in Texas and let me tell you...that Texas heat is something of a shocker for someone who has lived in the Pacific Northwest his entire life. And if you know me personally, you understand that my favorite seasons are Fall and Winter...not those "other two". More importantly though, it was grueling on my kids and wife. I was given some advice from someone who I trust to be mindful of travel and I'm glad he gave it to me. I didn't like the way we were heading so a change was needed.

July came and I got headhunted away to a smaller but up and coming IT consultancy. Slalom Consulting is based in Seattle, but we have a national presence. This company is AMAZING! Voted by Glassdoor.com as the 7th best company to work for! Great people, amazing relationships and opportunities and a great culture. Our next company retreat is in Whistler. I better get that snowboard out.

Hurray for awesome job???

As of December we're fully in Seattle (Issaquah really...). We're prepping our house down in Portland for rental on the weekends. Probably do this SEA to PDX thing for a couple more weekends so if anyone is interested in getting together, hit us up and let's get coffee.

Oh...that sounds good right about now.

AuthorMichael Sainz | CommentPost a Comment | Reference1 Reference |
in
Friday
Jan072011

Determine TPM State via Script

DateFriday, January 7, 2011 at 9:00AM

I'm currently working on another Windows 7 migration where there are several hundred laptops have TPM chips but we needed a way to determine if they were enabled and activated. Although we didn't use this solution/script I wanted to let readers know of this. This comes from Tim Mintner, one of the deployment guru's at Microsoft.

http://blogs.technet.com/b/deploymentguys/archive/2010/12/22/check-to-see-if-the-tpm-is-enabled.aspx

AuthorMichael Sainz | CommentPost a Comment | Reference1 Reference |
Friday
Dec102010

Deployment Resources

DateFriday, December 10, 2010 at 12:36PM

I've been asked to share the resources I use regarding operating system deployment (MDT/SCCM OSD) and the people I follow. Something that i've been trying to push myself lately is to give back to the community. Been a long time practitioner of leveraging community support for questions and problems I have had but really haven't been active in blog comments and forums until now.

The resources I use are blogs, forums and Twitter. Below is a list of the blogs I read on a daily basis. Thanks Google Reader!

In terms of more formal websites and forums here is what I got -

And other engineers I follow:

There are plenty more resources I'm sure so don't expect this to be exhaustive. I'll try and keep this updated with any more resources I find.

 

AuthorMichael Sainz | CommentPost a Comment |
tagged , , , in ,
Page 1 2 3 4 5 ... 7 Next 5 Entries ยป