VMware holds a virtual edge for remote access

04.08.2005
Von Oliver Rist

I just have to say it: I love VMware. I"ve dinged around with several virtual-machine applications now, including Redmond"s own Virtual PC and Virtual Server, and VMware simply kicks booty.

I"ve run Virtual PC on a few lab machines for a while, but when you"re doing network testing rather than application development, you"re after breadth of OS support, and VMware still holds the lead in that department. Microsoft really has an edge on VMware only in one area, and that"s price.

Virtual Server 2005 sells for US$499 in the Standard Edition that most of us won"t buy, and for $999 in the Enterprise Edition that"s actually worth something. Standard Edition supports only four processors, so it"s really only good for poor techno journalist types who can"t afford servers with more than four brains. For enterprises with some budget and a real need for virtualization, Enterprise Edition"s support for as many as 32 CPUs is definitely where it"s at.

Virtual Server also integrates with MOM (Microsoft Operations Manager) 2005, which certainly has some benefits when it comes to health monitoring, although Microsoft also claims it helps with managing a large number of virtual machines. I"ve seen a native Virtual Server interface running 16 virtual machines as well as a MOM 2005 box that was managing the same infrastructure. Frankly, although the MOM 2005 interface looked a bit cleaner and certainly more familiar, I didn"t think it was such a slam dunk over Virtual PC 2005"s native screens. Different strokes, I suppose; but going through MOM 2005 purchasing and configuration simply for interface variety seems like vicious overkill.

VMware doesn"t have the same health reporting tools that MOM 2005 might offer but it"s got all the real-time health monitoring tools I might need. The interface does become a mite crowded when managing large numbers of virtual machines, but it"s still workable and does a truly credible job with performance reporting. And it"s really sexy when it comes to remote access.

In fact, it"s so sexy, I"m thinking of doing a bigger test piece on remote access solutions outside of the typical VPN architecture. For example, VMware recently released its VMware Ace suite, comprising a manager and a client. The client side works similar to how VMware"s remote console client works now. The manager, however, allows administrators to create virtual machines, assign users, and especially implement a wide variety of policy changes to each virtual desktop, including restricting network access, encrypting data, and customizing configuration files.

Although Ace is probably unsuitable for managing a really large number of virtual clients, it"s certainly workable for a few telecommuters. Tweak your firewall, and you"ve got an effective remote access solution without any of the phase 1, phase 2 handshake blistering commonly caused by overexposure to VPNs.

A good competitor for this kind of deployment, however, is a product like ClearCube"s IPort. So far, I think the IPort might get better performance (from the remote user"s point of view) than the VMware Ace desktop, but this is definitely worth testing. ClearCube also has the added flexibility of being able to assign actual hardware to specific users in addition to virtual machines -- or any combination, for that matter. Then again, it costs significantly more, too.

I"d be interested in hearing what folks in the real world have done when it comes to designing remote access solutions without using standard VPNs. E-mail me at oliver_rist@infoworld.com -- with "remote access" in the subject line -- and let me in on your creative notions, no matter how product-centric or downright crazy. My editors say the winner gets a free trip to Honolulu, a Ferrari, and a coffee mug, give or take Honolulu and the Ferrari.