Getting serious about a Client Hypervisor

January 22, 2009

We are pleased with Citrix and Intel announcing their intentions to further advance XCI. As one of the founding members of XCI, we believe it and similar open source initiatives can be a leading force in the industry creating an eco-system of third-party ISVs around type 1 client virtualization delivering applications and supporting client usage models which can only be delivered with virtualization.

The keys to making this successful are:

  1. Leverage the collective development efforts of the community
  2. Be a catalyst for innovation: Xen needs to be the core of a ubiquitous, possibly commoditized, client hypervisor allowing others to deliver best-of-breed client virtualization solutions

Neocleus has presented device pass-through as the cornerstone of delivering a best-of-breed type 1, bare metal, client hypervisor while others have failed to recognize it. Citrix and Intel’s announcement today publicly reaffirms this. Additionally, we are pleased to see that Citrix has validated one of our most prevalent targeted use cases of Bring-Your-Own-Computer (“BYOPC”) as they believe this will also be a major way that customers will derive benefits from the client hypervisor platform.

We expect to fully cooperate with Citrix, Intel and others in the industry, including VMware and Microsoft, in making the concept of client hypervisors a reality that provides exhaustive benefits to our customers. We also see this announcement as another possible forcing function for the industry to look at how software and OS licensing should change to accommodate this new world where a user can have multiple instance of OSes and applications running on their one computer.

Yes, in some areas we will be competing with Citrix yet we believe that our undivided focus on client virtualization solutions in the areas of security and a flexible management will allow us to build an independent and successful company. Neocleus is well positioned to be a leader in this market, as we continue to innovate and overcome the technical obstacles in delivering a full pass-through client hypervisor plus device switching capabilities. This is necessary to provide the native OS look and feel that will make the client hypervisor a viable platform for end users and IT.

In the meantime, our customers are excited by our upcoming of Neocleus’ 2.0 client virtualization solution, currently available in Preview stage to select customers and Partners, presenting side-by-side Windows plus our central management system.

Leave a Comment » | Contenders, Eco-System, Intel, Microsoft, VMWare, Xen | Permalink
Posted by Etay Bogner

Design Principles of a Client Hypervisor

January 20, 2009

When considering the design principles of client hypervisors and client virtualization solutions, one needs to look at the variety of available solutions today and understand how to make the quantum leap in order to bring a better product to the market (since it wasn’t available before).

When considering all use cases, most of our customers are already aware of Client-Hosted, Type 2, Client Virtualization solutions. Those solutions suffer from architectural limitations which prevent them from being used as a ubiquitous client hypervisor.

Type 2 Client Virtualization solutions are typically installed on top of a user-accessible operating system such as Windows. The flaws of this architecture are in the areas of security (if the “host” is infected, so is the “guest”), performance (since the “Guest” is competing for hardware resources as any other normal process) and hardware compatibility (the “guest” is using a completely emulated or para-virtualized device model).

The common knowledge advantage of Type 1 is its security architecture. Other not-so-easy to realize advantages are performance and hardware compatibility. Performance is realized because a Type 1 client hypervisor can be better tuned than a Type 2 client hypervisor providing more granular resource allocation to a specific virtual machine.

A Type 2 client-hosted hypervisor has one architectural advantage over Type 1 client hypervisors: It is non-intrusive. If you do not use any virtual machines, no runtime overhead is incurred on the “host”. The primary disadvantage associated with Type 1 is therefore that it is intrusive, in that it must be permanently installed on the bare-metal hardware, below the OS.

From an architectural point of view, Type 2 client-hosted hypervisors shortcomings cannot be resolved, and, a Type 1 Client Hypervisor is intrusive by design. The question is then, how to design a best-of-breed client hypervisor? It is evident that architecturally, a Type 1 client hypervisor has the most promise. Therefore, the critical success factor would be to overcome the intrusiveness and I would also add “transparency” to the mix. Other properties such as Security and Performance are intrinsic, in terms of design, to Type 1 hypervisors.

The intrusiveness of Type 1 hypervisors in general and client hypervisors in particular stems from the fact that the current design of Type 1 hypervisors is to in effect control most if not all of the hardware platform and devices and provide a near complete emulated and/or para-virtualized device model to the virtual machines running on top.

The Type 1 virtualization solutions available today make perfect sense for server virtualization but not for client virtualization. Server virtualization is all about virtualizing I/O, mainly disk and networking, but not CPU and human “accessible” devices. Simply put, client virtualization must take into account that there is an end-user using the PC. Consequently, the specific criteria which a client hypervisor would be measured against would be native device support which directly affects the user experience and expectations.

Hence, Type 1 client hypervisors must support full device pass-through to the “guest” virtual machines. Not only that, a best-of-breed Type 1 client hypervisor will also support dynamic assignment and “switching” of devices between different “guest”s. In effect, without device pass-through, Type 1 client hypervisor solutions render the virtual machines as “pale” as Type 2 client hypervisors since both only provide an emulated and/or para-virtualized device model – and remember, this is a permanent installation!

By providing full device pass-through capabilities, a best-of-breed Type 1 client hypervisor will allow end-users and organizations the freedom to mix and match different device models in order to best fit their expectations and requirements.

Yes, some use cases require having a hardware agnostic virtual machine that can be deployed universally but when considering all use cases, a Type 1 client hypervisor must feature a “modus operandi” that will reflect the real capabilities of the device since otherwise our customers tells us that it doesn’t meet their requirements.

Leave a Comment » | Architecture, Research | Permalink
Posted by Etay Bogner

Missing the Point of Client Hypervisors

January 16, 2009

What is important in providing a best-of-breed Client Hypervisor?

Virtualization is not a new concept. Specifically, device pass-through, device para-virtualization and device emulation are all well known concepts and viable technologies that are used in virtualizing operating systems; each has pros and cons from the various aspects of technology, performance, compatibility and maintenance.

Neocleus’ Client Hypervisor architecture is based on the understanding that a best-of-breed Client Hypervisor needs to address and support multiple use cases hence must utilize and apply different device virtualization technologies where and when they fit. Being “religious” about a specific technology will not help in addressing all use cases that our customers need to solve.

Technology wise, there is no contradiction between device pass-through, device para-virtualization and device emulation; all of them can and probably will be utilized together. Our prediction is that, over time, device emulation will fade out as para-virtualization delivers better performance.

Neocleus delivers what our customers are asking for: a flexible Client Hypervisor which in turn is managed by a central management system to address each and every Enterprise use case — all in order to optimize the end-user experience.

Let’s see how a best-of-breed Client Hypervisor addresses two prevalent use-cases:

  • Bring-your-own-PC: This case is about employees using their desktops at home or personal laptops to either work a couple of hours at home or full-time. This scenario presents the problem of how to maintain the performance and user experience of the “personal” environment (Windows or Mac OS in most cases – your kids will want to continue to play their high-end graphics games) while allowing the corporation to provision a corporate image (which may or may not be hardware agnostic). With Neocleus’ best-of-breed Client Hypervisor, the personal operating system can fully utilize the physical devices, taking advantage of our unique Device Pass-Through technology. From an IT perspective, each organization can decide how to deploy the corporate image (which is the second one running on the device) meaning deciding what is more important: User Experience (using physical devices if supported by the hardware) or being hardware agnostic – Neocleus’ client virtualization solution supports both (and even hybrid modes).
  • Corporate Laptops and Desktops: Here, again, a best-of-breed Client Hypervisor and the accompanied management solution will allow an organization to better serve its needs in deploying their corporate images and optimize them even on a per end-user request or role. For example, end-users and/or devices can utilize a full Device Pass-Through operating system because their work flow requires various USB devices and peripherals such as webcams for video conferencing; which may be accompanied by a second virtual machine for non-corporate Internet access which may be para-virtualized.

In short, a best-of-breed Client Hypervisor must utilizes and apply various technologies such as device pass-through and device para-virtualization in order to deliver the best user experience possible – custom-made to the different needs and requirements of IT and end-users. Additionally, with Neocleus Client Virtualization solutions organizations can enjoy the full flexibility of addressing multiple end-user scenarios all controlled from a centralized, scalable management system.

Leave a Comment » | Architecture, Vision | Permalink
Posted by Etay Bogner

Best Management for the Best Virtualized Endpoints

January 12, 2009

As visionaries in the space of Client-Hosted Virtualization, we envisioned all PCs being virtualized in the next couple of years.

When we started defining the requirements for what we back then described as the best possible Hypervisor, we didn’t “forget” to define the requirements of the management system for this new type of endpoint, the Virtualized Endpoint.

We have no doubt in our minds that we have the best virtualization technology, both from an architectural angle and the implementation itself. Our solution transparently reflects the hardware properties and functionality in full, including all devices and buses.

This is confirmed with customers, partners and even competitors.

I assume that this is the reason others are highlighting their management capabilities, and rightfully so, but sort of shying away from the virtualization stuff. We at Neocleus will certainly agree that the management is where the value is, definitely in the long run where client-hosted, bare-metal, type 1, virtualization is ubiquitous.

And, indeed, our management system delivers new functionality in the areas of provisioning, deployment, maintaining, securing and de-provisioning corporate virtual machines, all this in a scalable and secure manner.

But this is not the point I want to highlight.

The point is that you must have both. You must have the best virtualization technology and the best management offering. One of them is not enough. Why? The reason is simple, and I will prove it the same way I presented it to everyone else:

Let’s assume one envisions a new way to manage PCs (surprisingly enough, based on virtualization). Will any customer buy the best management system if the PC is crippled because the virtualization technology is based on emulation/para-virtualization without the capabilities of keeping the same user experience (or in short, a mediocre, year 2000 type of device model)?

On the other hand, will any customer invest his attention in using the best virtualization solution without the proper management system that can utilize this all?

Neocleus has both. We have the best virtualization technology and the best management since our approach is to do what we do best, create new and innovative ways to address existing and new use cases (and not just “PC management”), using existing tools and solutions to do what they do best.

Leave a Comment » | Solutions, Vision | Permalink
Posted by Etay Bogner