[cs615asa] HW#N: Attend a relevant Meetup/Talk/community event

[gbasile]

I attended a webinar on VMware Mirage; a desktop management solution 
that stores OS instances in a cloud that can be quickly pushed to 
restore any desktop on the network. I chose this meeting because I am 
looking to implement a desktop management solution at the company I work 
for.

About the environment:
Automall 46 inc is a medium sized car retail and service enterprise with 
multiple locations and departments that have different end user use 
cases depending on the franchise the store is under (Nissan, Mitsubishi, 
or Chrysler Jeep Dodge Ram) and department (parts, service, sales, 
finance or accounting). Different manufacturers all have different 
software products necessary to service vehicles, and order OEM parts. 
Each finance department works with various different banks that have 
certain security specifications for running customer credit and applying 
for financing. All stores and departments use CDK dealer management 
system for various tasks; archiving, invoicing, CRM, and inventory.

The Problem:
Currently, this company has 600 workstations, distributed across 
multiple locations, without any central management to deploy new 
software, or fix issues.

Goal of the project:
Deploy a centralized desktop management system. greatly reducing the 
labor intense task of managing each desktop individually.

Constraints:
- Solution must be cost effective.
- The system must not create any new system wide issues that will effect 
business operations.

How I am approaching the problem:
I have been shopping for various solutions to this problem for the past 
6 months. Originally, I was looking at full desktop virtualization. This 
implementation ended up being extremely costly, when taking into account 
VMware licencing, repurchasing windows licences for mobility, networking 
costs, and physical server equipment. Full virtualization has many areas 
where the system can fail; hardware failure, or a network failure from 
the central servers to any location can result in a complete shutdown of 
a location's business operations. Fof this reason, I started shopping 
for systems that achieve the goals outlined above with more cost 
efficiency and reliability.
Which bring me to the purpose of attending the talk on VMware's mirage 
product.

What I learned from the webinar:
Mirage provides unified image management across all PC workstations. It 
is designed for distributed environments, desktop recovery, and OS 
migration. The central admin can create images for multiple different 
use cases, and push them down to any workstation on the network without 
physically having to access the machine. The images are hardware and 
driver independent, thus a single image can be used over different PC 
makes and models. It accomplishes this using a layered model for 
creating the images, drivers at the bottom layer, OS on the next layer, 
applications on the third layer, and a user personalization layer for 
data. This layered model also allows for rapid OS migration without 
having to worry about reinstalling applications, or losing user data.

 From an infrastructure standpoint, Mirage is significantly less complex 
to implement than full virtualization. Mirage server nodes hold image 
data, and MSSQL servers hold user data for the personalization layer. 
The server nodes have minimal hardware requirements in comparison to 
servers for virtualization; a cluster of two servers with a single intel 
Xeon and 8GB of ram will suffice for 1000 workstations. In the case of a 
system failure, networking or hardware, business operations should not 
be significantly affected. Image synchronization will not be possible in 
the event a workstation needs to be restored during the downtime, but 
this case is considered to be a minor event with low probability.

Mirage will not only be a sufficient solution to the problems listed 
above, but if implemented for automated image restoration during off 
business hours, can mitigate some malware security concerns. Working PC 
help desk for many years has lead me to a few conclusions. 1) A perfect 
malware prevention tool does not exist. 2) A perfect malware scan and 
cleanup tool does not exist. 3) Most modern malware has mechanisms to 
prevent a windows system restore operation. I can implement Mirage to 
automatically restore workstations to a safe working image on a 
scheduled timetable. Distributing the load of this task over each day of 
the week to avoid network congestion.

Summary and Conclusions:
Mirage seems to be the perfect product for my environment. Next week I 
am planning on negotiating the cost of licencing and equipment. After 
negotiating comes what i find to be the most difficult task in IT 
management; convincing the owners of the company, whom do not have any 
technical background, to spend more money on monthly overhead to solve 
issues that they are very far separated from. Unlike working at public 
companies whom have certain standards and guidelines for IT compliance, 
many private enterprises like like mine have no such standards, and it 
is up to you as the admin to create such standards given you have the 
proper funding for these operations. The ethical guidelines outlined in 
this course for an admin are often difficult to comply to in an 
underfunded department. It is up to you as the admin to educate the 
owners with our knowledge about the threats we face in the virtual world 
in order to get that funding.