Monday, October 22, 2007

Application Virtualization In The Cloud

Right now there are a couple of big industry trends I'd like to talk about: virtualization, and services "in the Cloud".

Virtualization is basically a shell in which to run applications: the software thinks it's on physical hardware, but it's all a sham. The first wave of virtualization was for servers and has allowed a great deal of consolidation in data centres, but it offers exactly the same benefits to client desktops and even to individual applications.

A variety of desktop and application virtualization solutions have arisen recently. VMware offers its Virtual Desktop Infrastructure (VDI). Microsoft has VirtualPC for the server and desktop, is adding a hypervisor to its next OS (via Windows Server Virtualization), and has purchased Softricity in order to get a share of the application virtualization market. Altiris is up to version 2.1 of its popular solution. Citrix (the new owner of XenSource) and ClearCube are other big players in an increasingly lucrative and competitive market.

Broadly speaking, these offerings all operate in the same way - the virtualization software is installed on some collection of servers that are centrally managed and hosted by any organization that wants to push the bits to its workers' desktops. In this model, the current virtualization scenario is essentially an internal deployment.

Now for another recent trend: Software as a Service (SaaS) or "in the Cloud". Web Services began the trend as globally distributed methods. Service Oriented Architecture is a little harder to define (due to vocal online debate), but Wikipedia makes the interesting point that in SOA, "independent services can be accessed without knowledge of their underlying platform implementation".

Many of the applications using these cloud services are thin client systems - browser-based web applications - although there is nothing stopping rich clients from using such services. 

Mix 'Em Up

Many software vendors are interested in making web versions of their software: witness the efforts by Google and Microsoft to host office productivity software on the internet. 

Another example is Adobe: At the Web 2.0 summit recently their CEO suggested that within a decade all of Adobe's applications will be offered online.

Like many traditional software makers including Microsoft Corp., Adobe must fend off rivals delivering competing applications over the Web and it also needs to adopt a new business model after years of selling software in boxes.

Chizen expects professional customers of products like Acrobat document-sharing or Photoshop for editing images would opt to pay for subscriptions versus facing a steady stream of advertising to use tools critical to their jobs.

This could involve re-architecting their applications to be browser-based. But what if they decided to wrap Illustrator or Photoshop in a virtual application shell and push it down to an internet user's desktop?

What do you get if you combine Virtualization with Software as a Service?

What Would The Advantages Be?

There are a huge number of advantages to desktop and application virtualization:

  • No more DLL Hell: A core benefit of virtualization is its ability to shield your computer from registry edits, DLL conflicts, orphaned files, unstable services...You can even run multiple versions of the same system if required. This can be key if you have to use legacy software while upgrading - often impossible on the same computer if, for example, the versions of your software require conflicting Java runtimes.
  • Pay Per Use: Need to use a piece of software temporarily? Download it at will and only pay for the time you use it.
  • Application suite bundling: Doing some development work? Need an Integrated Development Environment, source control system, graphical editing tools, and testing software? Download a package of those applications for a flat fee. When you no longer need them, they will automatically be retracted from your desktop.
  • Roaming software profiles: wherever you go, you can download and run the software you want, without worrying about installations and headaches like hardware-based license keys.
  • The Latest and Greatest Version of Everything: When you download it, it's the latest version - guaranteed. No need to check for updates. The company providing the solution saves a bundle on maintenance and support costs by being able to centrally update their software - so they can pad their profit or passes on the savings to you.
  • Platform neutral and optimized environments: the virtualized software doesn't care what it's running on because the company providing it will ensure that it is installed with everything it needs - and perfectly optimized in its packaged environment.
  • Leverage the power of the desktop: hosting all these applications in a virtualized package on the desktop takes advantage of the client desktop's CPU, RAM, and other resources rather than pushing the burden back onto a server, scaling the solution out much more effectively.

So that's the dream. What kind of elements need to be in place to do this?

Pervasive Internet Access

If you don't have the bandwidth to download the virtualized software, then this will be a non-starter.

Luckily, most of the virtualization solutions just download the deltas to a user's machine, rather than all the code. Softricity for example streams the 15-20% of an application that a user needs to start up, and sends the rest as required.

As the percentage of the world that has access to the internet increases, and as high-speed connectivity improves, the market for virtualized fat client applications will gain as well.

Internet-facing Virtualization Systems

Right now most virtualization solutions are geared for internal deployments. A core assumption is that the recipient of a virtualized application or desktop is one of the organization's employees or at least a contractor. Softricity for example uses Active Directory accounts to determine authentication and authorization.

In a model where virtual applications are pushed out to internet users, security would obviously be a big concern. The company providing the package couldn't make many guarantees about the user's intentions. The pioneers in this field will have to take some calculated risks.

Federated Identity

One of the bigger (and longest-standing) web issues is how to reliably identify a user online. Any internet-facing virtualization provider first has to authenticate a user requesting software, and next has to authorize them based on any number of arbitrary business rules including licensing and financial standing.

These steps are non-trivial when requests are being served from around the globe. Many organizations are trying to create a web federated identity platform. Microsoft is experimenting with CardSpace to "provide [a user's] digital identity to online services in a simple, secure and trusted way". The Liberty Alliance Project is a group trying to build open standards for the same purpose.

Net Metering and Micropayments

If pay-per-use or monthly billing becomes the norm, we can expect a detailed breakdown of exactly how much we use any particular application: details such as the amount of data storage we require, how much upload and download occurs, whether an app is used in peak times or off-peak - essentially any of the details you would expect to see from your ISP today.

This sort of metering will be especially important because a user will rightly expect to be able to download and run software from any number of computerized devices.

Micropayments aren't strictly necessary but they help support net metering by allowing "pay per use" in cases where the cost is too small to make credit payments or the usual fees would make the transaction too expensive.

Dark Horses is already operating in this arena. I often mention Google and Microsoft in the same breath because they compete so directly, but I think Amazon is the dark horse of the next generation web-as-a-platform race: when it comes to SaaS, they really get it.

They offer file storage in the cloud using their Simple Storage Service (S3). Costs range from $0.15 / gig for a month's storage, to $0.10 per GB transfer in to S3. EC2, their Elastic Compute Cloud (a massive virtualized grid computing offering) provides the same kind of pricing. Currently they are beta-testing Amazon Flexible Payments Service - which in addition to being a brilliant distillation of the online payment process, supports micropayments. What a great set of offerings!

It's only a very small step to imagine Amazon hosting virtualized desktops or applications in the Cloud.

So much for all my conjecture. Are we going to see this Virtualized Cloud Software model in the near future? I'd welcome your feedback!


  1. hi there!

    nice article - but i think you have forgotten one future big player: take a look at their solutions...


  2. Thank you for that tip, I will definitely investigate them. It's going to be huge business so there are more and more competitors. Good for us all, I guess!

  3. Dreams can sometimes be reality, as in this case. Believe it or not, all of the ingredients for the complete implementation of everything you detailed are not only available today, but numerous companies have been quietly doing this successfully for some time.

    AppStream makes the key technology here. And although there are similarities to other products you mentioned, there are elements to the AppStream technology which uniquely and immediately provide for the "in the cloud" nirvana you describe. As you mention, this is not a simple task and there are a lot of required elements to do it right. Here are a few of them:

    Streaming – Bandwidth will always be an issue, and streaming allows you to bring the absolute minimum amount of the application (or desktop) necessary to be productive almost instantly.
    HTTP Protocol – Outside the managed corporate network, people use Internet browsers for everything, so regardless of how tight their security settings are, no changes are required.
    Virtualization – Although virtualization is not required for the instant access or business model aspects of this vision, it can help with conflicts and reliability, as you mention. AppStream allows you to stream the most popular virtualization technologies as you desire, including Altiris SVS and Thinstall, that do not have their own delivery technology.
    Delta Updates – Aside from the obvious bandwidth benefit here, a user can click on their current icon, yet have a newer version run, seamlessly and transparently.
    Offline Use – Unlike virtual desktops, server-based applications, and web-native apps, everything runs on the local hardware, just like it was meant to be, for full performance and a rich intuitive experience.
    Flexible Authentication – Active Directory, LDAP, or any available database can be used to allow users to authenticate through the cloud, and new users can be automatically added as part of an e-commerce process upon payment.
    Subscription Model – The only way to make money here is to make sure that users get what they pay for and no more. A robust enterprise-hardened licensing engine handles instant provisioning and expirations to handle any business model, from perpetual licenses to subscriptions, and usage monitoring for pay-per-use scenarios.
    Forced Removal – Software vendors appreciate that at the end of the paid period, the application is physically and completely removed from the user’s machine, not simply disabled. So full versions can be used securely, even for trials.
    Internet Scalability – Built from the ground up to scale across the globe, you could potentially be anywhere in the world and still have a local streaming experience.
    Central Management – As large and geographically dispersed as the customer base might be, applications, desktops, version control, licensing, everything is managed from a single, web-based console.
    Zero Recode – All of this can be implemented immediately, with existing applications designed for full installations. Software vendors need not spend any money on re-architecting for the web. Service providers are not limited to special web-enabled apps. All Windows applications work.

    In addition to many enterprise and SMB customers in every vertical, this technology is already serving numerous SaaS ("in the cloud") customers, including software vendors and service providers in consumer software, loan origination, financial services, etc.

    - Brian Duckering, AppStream

  4. Hi Brian, your product looks extremely interesting - I'll definitely be checking it out! Thanks for the post.


Note: only a member of this blog may post a comment.