[cs615asa] HW#N: Attend a relevant Meetup/Talk/community event
gbasile
gbasile at stevens.edu
Mon May 2 16:16:26 EDT 2016
I attended a webinar on VMware Mirage; a desktop management solution
that stores OS instances in a cloud that can be quickly pushed to
restore any desktop on the network. I chose this meeting because I am
looking to implement a desktop management solution at the company I work
for.
About the environment:
Automall 46 inc is a medium sized car retail and service enterprise with
multiple locations and departments that have different end user use
cases depending on the franchise the store is under (Nissan, Mitsubishi,
or Chrysler Jeep Dodge Ram) and department (parts, service, sales,
finance or accounting). Different manufacturers all have different
software products necessary to service vehicles, and order OEM parts.
Each finance department works with various different banks that have
certain security specifications for running customer credit and applying
for financing. All stores and departments use CDK dealer management
system for various tasks; archiving, invoicing, CRM, and inventory.
The Problem:
Currently, this company has 600 workstations, distributed across
multiple locations, without any central management to deploy new
software, or fix issues.
Goal of the project:
Deploy a centralized desktop management system. greatly reducing the
labor intense task of managing each desktop individually.
Constraints:
- Solution must be cost effective.
- The system must not create any new system wide issues that will effect
business operations.
How I am approaching the problem:
I have been shopping for various solutions to this problem for the past
6 months. Originally, I was looking at full desktop virtualization. This
implementation ended up being extremely costly, when taking into account
VMware licencing, repurchasing windows licences for mobility, networking
costs, and physical server equipment. Full virtualization has many areas
where the system can fail; hardware failure, or a network failure from
the central servers to any location can result in a complete shutdown of
a location's business operations. Fof this reason, I started shopping
for systems that achieve the goals outlined above with more cost
efficiency and reliability.
Which bring me to the purpose of attending the talk on VMware's mirage
product.
What I learned from the webinar:
Mirage provides unified image management across all PC workstations. It
is designed for distributed environments, desktop recovery, and OS
migration. The central admin can create images for multiple different
use cases, and push them down to any workstation on the network without
physically having to access the machine. The images are hardware and
driver independent, thus a single image can be used over different PC
makes and models. It accomplishes this using a layered model for
creating the images, drivers at the bottom layer, OS on the next layer,
applications on the third layer, and a user personalization layer for
data. This layered model also allows for rapid OS migration without
having to worry about reinstalling applications, or losing user data.
From an infrastructure standpoint, Mirage is significantly less complex
to implement than full virtualization. Mirage server nodes hold image
data, and MSSQL servers hold user data for the personalization layer.
The server nodes have minimal hardware requirements in comparison to
servers for virtualization; a cluster of two servers with a single intel
Xeon and 8GB of ram will suffice for 1000 workstations. In the case of a
system failure, networking or hardware, business operations should not
be significantly affected. Image synchronization will not be possible in
the event a workstation needs to be restored during the downtime, but
this case is considered to be a minor event with low probability.
Mirage will not only be a sufficient solution to the problems listed
above, but if implemented for automated image restoration during off
business hours, can mitigate some malware security concerns. Working PC
help desk for many years has lead me to a few conclusions. 1) A perfect
malware prevention tool does not exist. 2) A perfect malware scan and
cleanup tool does not exist. 3) Most modern malware has mechanisms to
prevent a windows system restore operation. I can implement Mirage to
automatically restore workstations to a safe working image on a
scheduled timetable. Distributing the load of this task over each day of
the week to avoid network congestion.
Summary and Conclusions:
Mirage seems to be the perfect product for my environment. Next week I
am planning on negotiating the cost of licencing and equipment. After
negotiating comes what i find to be the most difficult task in IT
management; convincing the owners of the company, whom do not have any
technical background, to spend more money on monthly overhead to solve
issues that they are very far separated from. Unlike working at public
companies whom have certain standards and guidelines for IT compliance,
many private enterprises like like mine have no such standards, and it
is up to you as the admin to create such standards given you have the
proper funding for these operations. The ethical guidelines outlined in
this course for an admin are often difficult to comply to in an
underfunded department. It is up to you as the admin to educate the
owners with our knowledge about the threats we face in the virtual world
in order to get that funding.
More information about the cs615asa
mailing list