- “Zero Touch” Windows PC provisioning is a myth!
- Windows belongs in the data center, not on the edge (particularly Windows 10)
- Windows provisioning is about the “latest” updates and patches; anything that requires a “master” image is inevitably going to slow down endpoint updates (you just can’t be sure it’ll work for every endpoint).
- Workspace ONE is an application provisioning tool
- If you really must have Windows on the endpoint, then optimizing initial Windows set up is not even 50% of the battle – it’s more like 10%
People have been asking lately how the Dell Provisioning for VMware Workspace ONE offering impacts IGEL Technology. Does the Dell service result in faster, more cost-effective deployment of workstations? Does it provide a better experience for the end-user? How does this compare with Citrix’s provisioning capabilities?
If the future of end user computing (EUC) is where digital workspaces and applications are cloud-delivered, what market exists for a Dell Client Configuration Service that supports deploying Windows on endpoints when Windows is running in the Cloud?
To answer these questions, we first need to review the role of VMware Workspace ONE. Workspace ONE is a platform built to deliver and manage applications on PCs, laptops, tablets and mobile devices using principles of access control and identity management. It is a management system where end-users authenticate to production networks and have their individually assigned applications automatically deployed along with Windows updates. Workspace ONE empowers end-users with a self-service method to add applications and gain access to cloud services without IT intervention.
In a Workspace ONE managed environment, after an end-user receives a new Windows PC or laptop and first connects to company resources, Workspace ONE takes over setup, configuration, and updating of the workstation. Depending on the speed and quality of the user’s network connection, it can take hours to prepare a workstation while Workspace ONE transfers and processes large amounts of application code, Windows updates, and in some cases user data.
It is easy to dismiss the time an end-user waits for initial provisioning as a one-time occurrence, but it doesn’t stop. Every time Workspace ONE deploys an application or updates Windows, an end-user will likely be unproductive once again, which may be part of the reason behind Avast PC Trends Report 2019 research that found 55% of installed PC applications are out-of-date.
Dell Provisioning for VMware Workspace ONE
Dell Provisioning for VMware Workspace ONE is a service that promises to eliminate the end-user pain of initial workstation setup. With Workspace ONE technology, an end-user organization contracts with the Dell Client Configuration Service team to have the initial Workspace ONE processing occur “at the factory.” Dell calls this approach “Zero-IT Touch” deployment because it does not involve an organization’s IT group.
While Dell Provisioning eases the pain of waiting for systems to be initially configured, it comes at a cost. Organizations need to 1) install the Dell Provisioning for VMware Workspace ONE application on in-house servers; 2) prepare and maintain the application deployment packages required by the Dell Client Configuration Services team; 3) purchase Dell PCs and/or laptops; 4) run Microsoft Windows on each endpoint; and 5) pay Dell for the provision-before-ship service.
In many respects, Dell Provisioning for VMware Workspace ONE is about selling Dell PCs and laptops. The service does almost nothing to address the pain of running Windows on the endpoint.
Windows Belongs in the Data Center
The personal computer has given us amazing advances in productivity by enabling smart, creative people to develop applications that have changed how we work and play. Unfortunately, the proliferation of the platform and the associated workload have proven difficult to control.
Thirty years ago, Citrix Systems was founded on a belief that Windows belongs in the data center. The benefits of this server-based data center approach have proven true time and again. In the data center, IT professionals can best manage operating systems, applications, and users. Perhaps most importantly, the data center is where an organization can ensure the security of its data.
In recent years, Amazon, VMware, Parallels, NoMachine, and others have introduced cloud-delivered experiences. Last year, Microsoft announced Windows Virtual Desktop which is their new subscription approach to delivering the cloud-based Windows experience.
With everything EUC being virtualized, there is no reason to run Windows on the endpoint and no need for a Windows-deployment provision service. Run Windows in the data center and eliminate the pain, cost and frustration of Windows on the edge, while taking advantage of the fact that the data center is typically configured with a high degree of fault tolerance and automatic backups built-in.
IGEL Technology “Zero Touch” Deployment
Fifteen years ago, in the Summer of 2003, IGEL Technology became the first company to introduce “Zero Touch” deployment. The idea was that a workstation could be setup by most anyone withoutinvolving IT. The user would simply unbox a device, connect it to the network, press the power button, and go to work. No delays, no problems! No drama, no distractions!
On the surface, “zero touch” deployment seems simple, but making the process secure and reliable is complex. The technology starts with an inherently secure operating system that securely seeks out a secure management system, which in turn, provides a fully secured configuration; and because we live in a cloud-centric world, extends the process to work securely across the Internet.
IGEL Technology accomplishes the task of “zero touch” using three technologies:
- IGEL OS (Operating System)
- IGEL Universal Management Suite
- IGEL Cloud Gateway
IGEL OS is a Linux-based operating system designed to be secure, adaptable, and most importantly, managed. It is a securely-booted operating system that connects users to their applications, and it runs on nearly all 64-bit x86 based computers that have at least 2.0 GB of memory. IGEL OS can be installed on an existing disk (replacing Windows) with as little as 2.0 GB of storage, and it can run from a live USB stick. IGEL OS can even breathe life into older thin client technology. Whatever the case, as soon as IGEL OS is deployed to a device, the device becomes immediately manageable by the IGEL Universal Management Suite (or UMS).
Whereas IGEL OS might be the brains of the IGEL solution, the IGEL Universal Management Suite is definitely the heart. It is the “secret sauce” that differentiates IGEL Technology, and every IGEL OS license includes a right to use the IGEL Universal Management Suite without additional cost, which is to say that it is free to use.
The IGEL UMS empowers a single IT professional to manage tens of thousands of endpoint devices within an organization… and spend a fraction of his or her day doing so. This efficiency of management is made possible by the extreme automation built into the UMS, which uses a granular policy-based approach to device configurations. The benefit of such an approach becomes evident when a device running IGEL OS first appears on a network, and the UMS takes over to configure all aspects of the device, automatically, without any involvement by IT or the end user… except for unboxing a device and connecting keyboard, mouse, display, and network cable.
Believing that if you own it, you should be able to control it, the IGEL Cloud Gateway (or ICG) extends the benefits of enterprise-class device management and “zero touch” deployment to devices living on the Internet… outside the confines of the secure network, and without requiring a VPN connection. With the ICG, an end user places his or her IGEL OS device into the IGEL “zero-touch” deployment cycle by answering three simple questions. It is a beautiful thing!
Provisioning You Can Live With
When it comes to IGEL “Zero Touch,” the time to provision a user workstation is measured in minutes and not hours. With IGEL, no time is spent imaging a Windows PC; no time spent pre-loading software; no time spent updating Windows because the image snapshot was not current; and no risk of having to remedy a system because Windows didn’t load right. Users simply hook up their device, power on and wait a minute or two for the system to boot and the UMS to deliver its configuration; login to a remoted environment and go to work. Total time to operational: less than ten minutes.
Now, that is a simple, smart, and secure provisioning scenario anyone can live with.