On November 4th we heard Seattle Children’s Hospital talk about the challenges they faced and why they chose Citrix and Wyse to help overcome them. Following is the Q&A from the event. The on-demand version can be found here: https://www1.gotomeeting.com/register/959833433
Q: Is it possible to deliver a Windows 7 virtual desktop (hosted in the datacenter) with XenApp alone?
A: No, XenDesktop is needed to deliver a Windows 7 desktop.
Q: The presentation made it sound like XenApp alone was being used to present Windows 7 virtual desktops…
A: My apologies for the confusion. What I was explaining was that although we are using VDI via Xen Desktop, we are still delivering applications via XenApp.
Q: How do you deliver a Windows 7 virtual desktop with XenApp alone? I thought only published (windows server) desktops were possible?
A: No, it is not possible to deliver VDI with XenApp.
Q: With the usb smc / reader, do you have security concerns with loss of device?
A: We don’t because in addition to possession of the Smart Card the user must also know a PIN to use it. Additionally if the Smart Card is lost, we can easily revoke the certificate centrally, effectively neutralizing the Smart Card.
Q: 7W vs 70W power for the workstation. How much power consumption is added per user for the servers for the VDI?
A: Our current average per VDI on a fully loaded Cisco UCS Blade is between 2 to 3 watts.
Q: Anyone in your organization have need of video conferencing apps like Skype and how have you tested that app?
A: Yes, our research department uses Skype heavily and our testing has found that it does work, but synchronization between audio and video can sometimes get out of synch. We also use Office Communicator for voice calling (internal and external voice calls) and have found it to work quite well.
Q: Are the users then locking their session, and reconnecting to other devices?
A: Yes, we are training our users to disconnect instead of logout allowing them to move to another machine and reconnect in 5-7 seconds. We have placed a disconnect button in the “Quick Launch” area near the Start button to make it quick and easy to disconnect.
Q: Are there any special ports and protocols a home user would need to setup or configure locally?
A: If they can access their Citrix environment from a browser on a PC, they can access it with Xenith.
Q: How well does it perform with high-latency wan environments – example East coast users with datacenter Citrix serves on West coast?
A: Citrix XenDesktop uses the ICA protocol that works very well for remote access through the Internet or high latency connections. We connect to our virtual desktops from as far away as Japan and Europe without issue.
Q: Are you using any other third party software to streamline user login time?
A: We are not using any third party software aside from Citrix Profile Manager to ensure that Roaming Profiles do not slow down our logons.
Q: What are your plans as far as migrating to XenDesktop 5?
A: We will begin testing and create a migration plan to XenDesktop 5 immediately upon its release. We are excited about the enhancements and are confident the new features will enhance our current deployment.
Q: Can this device be used externally i.e. from a users home?
A: Yes, Wyse Xenith can be used from any location that a Citrix server is reachable
Q: Can we hear more about how mobile users might use streamed desktops to allow for working offline?
A: Streamed desktops are ideal for connected users on a LAN. The entire desktop image is streamed down to the PC for local execution. This is not a recommended solution for mobile workers. More information about all of the Citrix FlexCast (desktop delivery) models can be found at http://www.flexcast.citrix.com\\
Q: Can Wyse terminals use sVNC for secured management?
A: Wyse Xenith supports VNC but not sVNC. Remote shadowing a device for management is not necessary due to the simple yet robust central INI management feature that allows modifying default behavior with an easy text file.
Q: Can you also control the clients independent of each other?
A: Yes, in addition to central management you can individually configure each Xenith. Additionally you can use different configuration files for groups of Xeniths, each getting unique configuration settings based on subnets as an example.
Q: Did you consider biometrics as your strong authentication method? (Understanding this would currently eliminate the Xenith as an option)
A: We did consider fingerprint based biometrics, however many of our clinical workflows make use of rubber gloves which made them unusable.
Q: Also, who is your EMR provider, and did you happen to tackle location awareness functionality as a user roams between units?
A: We use Cerner and Epic in our facilities, both using location for printing. For front end printing we are preparing to use a “follow-me” print function that allows users to print to a single print queue, the same for all machines and users and use their HID badge to release the print job to any printer they walk up to and badge at. Because our applications still launch and run in XenApp, we trigger a disconnect/reconnect of the application when necessary to pass new printers and location to the Cerner and Epic applications.
Q: Do you have any requirements to deliver multimedia content with XenDesktop and the Xeniths, and have you have any challenges in doing so?
A: Yes, we have multiple scenarios that require multimedia content and have found that XenDesktop and Xenith together provide an excellent user experience. We simply put time into finding and testing the perfect combination of HDX policies allowing good performance and good quality.
Q: Does EdgeSight capability extend out to the Xenith device, or only to the VDI?
A: The EdgeSight agent reports only on the virtual desktop, and does not extend directly to the Xenith.
Q: How do you monitor the actual end-user experience when using the ‘zero’ client Xenith? Device
A: All logging that details the user experience are provided by the EdgeSight agent installed on the virtual desktop. This includes network latency, logon time, client startup, application errors, and much, much more.
Q: Why do you bother to use a desktop for users when all their apps are in XenApp; why not just provide them with a XenApp session?
A: There are many reasons we have chosen to leverage both XenApp and XenDesktop. I will detail a few in the next few sentences. One of the focuses of our strategy is to remove workstations and thin clients from our environment to reduce the overall cost of ownership of workstation hardware, operating system, and troubleshooting time. By using XenApp only we would still have to maintain either full operating systems or thin clients instead of zero clients. Additionally, we find that the time savings of connecting to a virtual desktop versus multiple applications and application silos to be a huge benefit to our end users. Leveraging XenApp from our virtual desktops also allows us to have a very predictable, consistent resource usage pattern for each virtual desktop allowing us to scale and maintain a pristine user experience without the variability of user application habits multiplied by thousands of individual machines. We have also found that desktop OS problems or crashes do not result in data loss, the user simply logs on, gets a new/fresh desktop and their applications reconnect exactly where they were before the trouble began.
Q: Do you use a middle-ware for Citrix session management / floating from device to device?
A: We do not use and middleware. Our entire environment consists of Citrix products, XenApp, XenDesktop, and XenServer.
Q: What about barcode readers and dictation?
A: We are not currently using barcode readers or dictation with our virtual desktops, however we intend to use both in certain clinical environments.
Q: Does the new Xenith support USB devices like USB cameras, mobile devices? current ones do not with XenDesktop
A: Yes, Wyse Xenith supports HDX USB plug-n-play out of the box so USB peripherals (including webcams, iPods, etc) should be redirected to your VM.
Q: Does this demand a Microsoft Windows Terminal Services license ?
A: Microsoft RDS licenses (previously known as Terminal Services) are required for applications hosted on XenApp.
Q: does this support dual monitors?
A: Yes, we use dual monitors on nearly all of our workstations.
Q: Does XenDesktop 4 require a hypervisor?
A: Yes, you must use a hypervisor to host your virtual desktops. We use Citrix XenServer as our hypervisor.
Q: Is VDI license same as TS license?
A: No, the virtual desktop requires an operating system license.
Q: What happens when the device is not on your network but someone else’s?
A: This is based on policy, however, as long as a device has network connectivity, it can access a virtual desktop. Organizations can use VPNs, etc. to secure access from other networks.
Q: For all – What are the bandwidth implications when deploying virtualization?
A: This is too complex of a question for blog -- sometimes more, sometimes less depending how current your environment is configured.
Q: For Jake: How many applications are in your environment and what difficulties did you experience moving to XenApp
A: We have over 400 applications in our environment. Prior to having the ability to stream applications we found that some applications would not function properly either on a terminal server, with other applications, or in a multi-user environment. Typically we would leave these applications as an exception or find an alternative application to use. However, application streaming has allowed us to overcome most if not all limitations we had previously.
Q: How do you handle high availability? Network goes down you lose hundreds of desktops. What additional infrastructure was provisioned for this environment?
A: Children’s has worked diligently to ensure that best-practices are followed to provide a resilient network to all locations. We have long had redundancy integral to our network design, and have not changed this design to accommodate virtual desktops. This is important even without Citrix, if the network is unavailable much of what users need such as home directories, network shares, printers, databases for applications, etc. are not available either. That said, we’ve found that having the ability to reconnect to your desktop, with your applications still running in XenApp where they were prior to the network disruption provides an enhanced user experience during disruption.
Q: How are the knowledge workers responding to the thin client devices? What is their satisfaction level?
A: We have received very positive feedback from our knowledge workers, in fact many have reported that their experience is nearly indistinguishable from a traditional desktop.
Q: How do people disconnect if they aren’t using a Smartcard?
A: They can either press the power button for instant disconnect.. or inside of windows select “logoff/disconnect” like they would normally.
Q: If you decide to only use XenDesktop as your choice (no XenApp) can you update the desktop you created as your template easily even while users are accessing their desktops, or do you have to schedule downtime to update the desktop (such as updating an application on the desktop)?
A: Yes. Because we use Citrix Provisioning server the process of updating the central image used by thousands of users is to “check out” the production image, make and test the changes, then “check in” the image. As workstations reboot (which we have configured to happen at logoff) they will boot to the new image.
Q: Is a WiFi being considered for the Xenith?
A: Wyse Xenith has a wireless option.
Q: Is there a plan on developing tablet Wyse thin clients? I see laptop models but no tablets.
A: No plans at this time.
Q: Jake – any profile management solutions being used with VDi?
A: Yes, we are using Citrix Profile Manager in combination with Windows Roaming Profiles.
Q: Multimedia performance including both Flash and Silverlight is one of the challenges our company faces. How can the Zenith solve these challenges?
A: Wyse Xenith supports an optimized rendering of the HDX Mediastream server rendered flash to help provide smooth and synched audio when flash is played in native resolution.
Q: Zenith is considered the optimal TC unit as per the chart?
A: Paul- Xenith will definitely provide the best out of box experience since its built for XenDesktop. However, we do have more powerful hardware at Wyse so if you feel you need even more “oomph” you can look into something like the new R10L (it has the same Wyse Zero engine as Xenith but has extra flexibility-
uses ThinOS 7- and powerful CPU).
Q: Our Doc’s are asking us to make available our applications on their iPad’s. Do you have any issues running on the iPad or any other MAC iOS?
A: We currently support our virtual desktops on iPad, iPhone, Android, and any other device that uses the Citrix Receiver to connect.
Q: Would you mind addressing the limitations of the HDX implementation on the Xenith thin client?
A: HDX Flash redirection requires a full OS such that the Adobe flash player is installed on the client. Today this is only supported on Win32 clients by Citrix. Since Wyse Xenith is a zero client with no OS to patch, secure, or manage, it is not possible to have a local application like Adobe Flash running. To balance this, Wyse Xenith supports an optimized decoding of server rendered flash to provide a smooth and synched video when played in its native resolution. Additionally, there are some server-side optimizations that can be made to further improve playback, please refer to Citrix or Wyse forums for details.
Q: Can you do USB device support over the WAN?
A: Yes, XenDesktop supports USB devices over any type of network connection.
Q: What applications were installed into the single base build for the single XenDesktop image?
A: We have installed Citrix EdgeSight, Citrix Online and Offline client, Symantec Antivirus and various patches.
Q: Jake, did you take a look at the WYSE ThinOS device?
A: We did, and where it does have a place in certain workflows, our strategy centers on zero client because of its significantly lowered cost of ownership.
Q: What EHR application is being used at Seattle Children’s?
A: We are using the Cerner suite of applications for our HER, and Epic for billing and AR.
Q: How many users are supported per UCS server?
A: We support up to 120 virtual desktops per half height blade configured with dual six-core processors and 96 GB of RAM.
Q: What HIS system are you running?
A: We are using the Cerner suite of applications for our EHR, and Epic for billing and AR.
Q: What is Children’s using on the back end such as servers and SAN?
A: We are using Cisco UCS blade servers with EMC and Hitachi storage systems.
Q: What is the average size in memory per desktop have you seen?
A: We have allocated 1 GB of memory per Windows 7 virtual desktop, however we typically see between 500MB and 700MB in use on average.
Q: Have you had any issues with slower screen drawing?
A: We have not experienced any significant issues with screen delay and have not received any reports of issues impacting workflow.
Q: Which codecs are built-in?
A: Popular codecs such as WMV, H264, MS-MPEG4, divx, etc are built into the Wyse Zero engine so there is no need to manually seek out and license like other non-windows platforms
Q: Which hypervisor is in use today?
A: Our virtual desktop environment is hosted on XenServer.
Q: Which model of Zenith is being leveraged?
A: There is only 1 Xenith model available.
Q: What kind of Microsoft license is used to VDI?
A: Microsoft requires a VDA (virtual desktop access) license to run VDI desktops from any vendor. This license is $100 per device and is included with SA for customers who have purchased SA on their Windows Client licenses.
Q: Will the Xenith have more than a dual monitor configuration capability in the future?
A: It will be considered based on market trends.