extending virtualization to the end-user environment in ... · ibm global technology services...

IBM Global Technology Services January 2009

Extending virtualization to the end-user environment in the financial services industry Benefits of a well-planned virtualized desktop solution

Introduction

Few industries put a higher premium on the speed, security and reliability of IT infrastructures than financial services. With zero tolerance for missed transactions, lost records or system downtime, whether you are a banker, trader or insurer, you demand high availability for your mission-critical applications. In an era of heightened government regulation, global economic challenges and massive data security breaches, it’s imperative that your IT infrastructure meets stringent business requirements.

For most financial services executives, the focus has been on the data center, where server and storage virtualization technologies have been delivering measurable performance improvements and cost savings. Financial institutions are now looking for ways to realize this same value in the end-user environment. This paper examines the benefits of extending virtualization throughout your financial services enterprise, from the desktop to the device level, and shows you how to identify and work through the challenges to achieve your objectives.

Building on success

When a technology survives the hype as well as virtualization has, it is reasonable to assume that it will spread beyond its early adopters. By decoupling the IT infrastructure from applications, virtualization allows resources—that is, abstract representations of resources—to be shared and used when and where they are needed, regardless of their point of origin. CIOs and industry analysts seem to agree that virtualization of server and storage infrastructures largely works, delivering on the promise of lower management costs, improved disaster recovery and more rapid provisioning.

2 IBM Global Technology Services

Financial services companies are challenged to deliver high performance and cost savings in their end-user environment.

Users come to the workplace with a strong sense of entitlement to technology that allows them to communicate and collaborate.

So, if virtualization is good for the data center, is it also good for the end- user environment? Can lessons learned there be directly applied to the desktop-laptop-mobile device on the office floor? If we’re getting so practiced at it, won’t it be easy to take it down to the PC level? The answer is: yes, maybe and not really—and here are a few reasons why.

Considering the end-user environment

With desktop virtualization, the scale is different. The technology approach is similar, but applied differently at the end-user level, which leads to the all-important difference between what happens in the data center and out on the floor: End users—whether a data analyst, teller, agent, broker or trader—have the potential to wreak havoc on the best- laid IT plans that involve personal computing.

In addition, the workplace itself has evolved—it’s more distributed and geographically dispersed. Users come with a stronger sense of entitlement to the technology resources that allow them to communicate and collaborate more easily. In this Web 2.0, hyper-personalized age of computing, your approach to desktop virtualization should be based on both the common and unique characteristics of each end-user audience.

The reason? Virtualize a server—even an entire server farm—and no one will notice. But as soon as you start deploying your first desktop virtualization project, you will have to look beyond optimal hardware and software configurations and consider issues more closely tied to a positive user experience.

IBM Global Technology Services 3

Consider the following:• Willthelookandfeelonthedesktopscreenbesubstantiallydifferent?• Whataretheoff-linecapabilitiesforremoteusers?Howwillyouintegrate

wirelessdevices?• Whatgovernanceisinplaceforuserordepartmentexceptions?• Howwillyoudeliverservicelevelsequaltoorbetterthanbefore?• Howcanyoupromotetheuseradvantages:flexibility,fasterprovisioning,

consistencyofdataandanytime/anywhereaccesstoinformation?

Your first step should be to thoroughly evaluate your user community, based on how the individuals do their jobs, including the access level and periods required, then assess the tolerance level for change. While you can do this informally by looking at your organizational chart, you probably won’t obtain the most accurate picture of true usage. You may want to engage an expert who can leverage end-user data gathering and analytical tools for a more solid and accurate assessment, because that information will drive the resulting configuration of your environment. By developing an appropriate strategy and communicating frequently with users about what’s changing, you’ll likely have a higher rate of success with your implementation.

If this seems like a lot of trouble, keep in mind the advantages of desktop virtualization. When expertly carried out, virtualization can transform your financial services organization in significant, positive ways that impact the bottom line. It can offer even greater opportunities for reducing total cost of ownership than server or storage virtualization because the “touch” factor is higher, the physical equipment count is greater, and other indirect costs, like energy usage, are also higher with desktops. While your PC hardware costs may remain constant with virtualization, you can see significant savings in management and support costs. You can benefit from reduced energy costs both at the desktop and data center level, and desktop and network engineering savings.

Evaluate how users do their jobs,howmuchaccesstheyrequireandwhen,andassesstheir tolerance for change.


Desktopvirtualization,whenexpertlycarriedout,cantransform your financial services organization in ways that impact the bottom line.

Comparing differing virtualization approaches

You’ll also need to determine which solution best fits your newly assessed user requirements. Unlike the server model, which tends to be more clearly defined in terms of architecture, virtualization in the desktop arena can take many forms. The good news is that, since most large financial services companies include a range of user requirements, it’s not necessary to select a single architecture. You can use all or parts of each of these leading approaches, depending on your unique requirements:

The virtual client environment is based on the same basic technologies and principles used in server virtualization. This model gives each user his own virtualized copy of the operating system and applications required for his role, so compatibility issues are minimized. Virtualized servers running multiple virtual machines provide maximum user isolation, security, performance and availability. Although a bit more expensive than a shared services model, this approach still provides a lower per-user cost when compared to a traditional client-server model. Other advantages involve load balancing and dynamic session management, which save on energy costs, and provide fairly rapid deployment. This model works best for knowledge workers who require the power and functionality of a traditional PC or who have a large number of desktop applications. Once a virtual client is no longer needed or in use, its resources are released and dynamically returned to the general pool to ensure efficient utilization across the environment.


Financial services companies,witharange ofuserrequirements,are not limited to a single desktop virtualization architecture.


In a shared services model, the traditional approach to end-user virtualization, users share a single operating system, with applications housed on the server in the data center. When users want to access them, they request a connection and begin a session, interacting with the server but experiencing the application as if it were running locally. Regardless of which platform the application was written for, it can now be accessed from any device over any connection—and in any location. This model can support as many as five times the number of users on a single server compared to the virtual client model, dramatically reducing your hardware requirements. It maximizes security and cost and is the most mature of the three alternatives, but it is also limited when it comes to application compatibility and desktop flexibility because some applications need to be modified to run in the shared services environment. This approach is best when users require a limited set of standard applications—office or administrative workers with repetitive work and high task volumes, such as contact and call center agents or even human resource staffers.

The dedicated approach works best for users such as traders who need superior performance and graphics capabilities, as well as high security, reliability and redundancy. This model maintains a traditional end-user experience, but the blade server in the data center hosts a connection to a specialized thin-client device, typically in a one-to-one relationship, which offers the best isolation and power. Users get dedicated computer resources for their applications and access the same way others in the organization do—they’ll just have a different “tool” to use. This approach provides for easier administration and centralization of PCs and enables smoother emergency-recovery processes. These benefits come at higher capital costs compared with traditional PCs, but they do allow this user group to be tied into the overall client virtualization project.

Shared services can support as many as five times the number of users

Operating system (OS) streaming offers another route to virtualization without a significant investment in infrastructure upgrades or network overhauls. Sometimes called “stateless” computing, OS streaming delivers the benefits of a full PC, along with centralized management and flexibility, when, for example, multiple operating systems are required. With OS streaming, computers boot from an image stored on a network server—but only those portions of the OS and applications needed at that time are enabled. This is an excellent option for branch users, where the requirement for availability is high. Local devices for tellers can be more easily integrated using streaming, with no need to modify existing software or device drivers.

Beyond the four models, another option is emerging. Just as virtualized servers are being gathered into computing clouds—linked pools of systems that can provide IT services on demand—virtualized desktops will eventually be connected to this shared infrastructure “cloud.” IBM considers cloud computing to be a potentially cost-effective model for provisioning processes, applications and services that can make IT management simpler and increase business responsiveness.

Desktop virtualization enables a move to the cloud computing paradigm. Unlike the traditional desktop environment, the separation of hardware, operating system, application, personalization and data tiers in a virtualized environment allows organizations to provision and deliver each tier independently. In this model, operating system or application layers can be delivered through cloud computing solutions (including desktop and software as a service), and these components can be provisioned through either private or public clouds as the situation warrants. A cloud model can add agility, such as turning many capital expenditure (CapEx) decisions into operating expenses (OpEx), letting a company rapidly respond to changes such as acquisitions, sudden workforce increases or business crises, like disasters. Financial services companies retain control and security of their data and authentication, while delivering more economical applications and desktops.

Operating system streaming offers another route to virtualization without a significant investment in infrastructure.


Benefiting from a virtual desktop environment

If some of this sounds a lot like the old “thin-client computing” concept, you’ve got a good memory. In many ways, this is an evolutionary, not a revolutionary, approach to dealing with the desktop environment. And while this is still a new concept in financial services, the benefits are already beginning to surface. IBM has gathered data from several clients with virtual desktop installations that demonstrate real-world, quantifiable savings are being realized, even at this early stage:

• Increased user productivity

Ifyouhavepreparedyourinfrastructureandmanagedexpectationswell,yourusers—whethertheyareloanortrustofficers,bankteller,securities,commodities and financial services sales agents; personal financial advisors; insurance producers or underwriters—are bound to see advantages to virtualized desktops. Our clients report that in addition to having a similar lookandfeel,usersfindthedesktopisamoreavailabletool.Sincemostoftheactivityistakingplaceinthedatacenter,notatthePC,individualsarefreedfromthemaintenancetasksthey’veoftenbeenaskedtotakeon,suchassecuritypatches,updatesandothertime-consumingchores.Thisalsomakesdisasterrecoverymucheasier,allowinguserstogetupandrunningmorequickly.Bestofall,userswhoweretetheredtoaparticularPCcannowaccesstheir work from any Internet-capable desktop with a secure password.

If this sounds like “thin clientcomputing,”you’ve got a good memory; this is anevolutionary,notarevolutionary,approach.



• Reduced IT administrative, maintenance and support costs

Inbanks,savingsandloansandcreditunions,twooutofeverythreejobscanbe considered administrative. The cost to manage IT for these workers often far exceedstheequipmenttheyworkon.Inavirtualizeddesktopenvironment,youmight,basedontheexperienceofourearlyvirtualizationadopters,seesimilarchanges,including:

– Desk-sidesupport,otherthanforhardwarefailures,iseliminated.Savings: up to 90 percent

– Security and user administration is policy-based and authorized users can beallowedtoadministertheirownentitlements(rule-based,delegatedadministration). Savings: up to 75 percent

– Helpdeskenhancementsresultinasimplifiedenvironmentthatreducescomplexityandsupportcalls,andmoves/adds/changesrequirevirtuallynoIT intervention. Savings: up to 50 percent

– Networkengineeringandsupport,withalltrafficoverasingleprotocol,becomessimpler.Noneedforcomplexfirewallconfigurationandadministration. Savings: up to 50 percent

– Quickerprovisioningtoendusers—withoptimization,can dramatically reduce the time it takes to provision virtual machines. Savings: up to 75 percent

Fromahumancapitalstandpoint,virtualizationallowsfordynamicallocationofresources.Whenoneworkgroup’sworkdayends,resourcesofotherwiseidlePCscanbemadeavailabletothenextshift,halfwayaroundtheworld.

The need for desk-side support nearly vanishes with virtualization.

• Reduced software costs Yoursavingscanvarydependingonyourcurrentsoftwareenvironment,butyou will undoubtedly improve your leverage with application software vendors as you move the model from per-user to concurrent usage. Our clients have foundtheycan:

– Bettermeasure,monitorandmeterapplicationusage;substantiallyrationalize their software portfolio; reduce costs by optimizing application usage and establish solid audit (and version) controls.

– Gradually replace software distribution with centralized software publishing. Savings: up to 50 percent

– Take advantage of the lowest total cost when application and platform migration is more gradual and consistent. It’s also easier to decommission desktopswhenappropriate,withoutimpactingendusers.

• Reduced hardware and network costs Virtualizationhelpsyouleverageyourexistinghardwareinvestmentwhileallowingyoutocontinuetohostaheterogeneousenvironment.Today,avirtualizeddesktopcanbedeliveredthroughaUSBdrive,athinclient,andonhypervisor-equippedlaptops,anyofwhichamobileusercanusetorecreatethe corporate compute environment in a secure and controlled setting—eliminatingmuchoftheexpensefromrefreshingandmanaginghundredsorthousands of desktops. And linking a virtual desktop to a computing cloud hasbecomeeasiertoimplementandmanage,makingdesktopvirtualizationbeneficialformanyenterprises.Ourclientsdiscoveredtheycould:

Virtualization helps you leverageyourexisting hardware investment and allows you to continue to build heterogeneous environments.



– Eliminatecomplexdesktopengineeringthroughthesimplification of desktop images and by moving to a centralized model. Savings: up to 75 percent

– ExtendtheusefullifeofyourPCs,sinceallapplicationscanbedeliveredthroughthebrowser,avoidingtheneedtoupgrademachinesfornewapplications or operating systems.

– Experiencefewerbusinessdisruptionsandavoidhugecostsassociated with client upgrades and technology refresh programs.

– Replace point-to-point network connections and hardware virtual privatenetworkswithinexpensive,flexibleInternetconnections, reducing the cost of—if not the need for—network engineering and maintenance for special networks.

• Reduced overprovisioning

Staggering increases in the volume of data are rattling even the most prepared organizations.Forexample,theNewYorkStockExchange’soveralltradingratein2006wasabout100millionmessagespersecond;lessthantwoyearslater,that figure rose to an astonishing 475 million messages per second. And as algorithmsboostthespeedoftradingincapitalmarkets,sodoesthedemandforhigh-performingITsystems.Althoughprocessingpowerisinexpensive(andgettinglessso),space,power,installation,integrationandadministrationarenot,andtheycostthesamewhetheraresourceis10or90percentused.Additionally,Webaccesshasresultedinworkloadlevelsfromrelativelypredictabletospiky,forcingenterprisestooverprovision.Virtualizationtakestheneedtoconsiderthisvariabilityoutoftheequation.Andforbranchoperations,havingremotecommunicationswithouttheneedtostaffITskillslocallyisahugebenefit,andenablesresourcestobeappliedtootherareasofthe business.

Withstaggeringworkloads,financial companies often find they need to over-provision newsystems,butvirtualizationallows for better utilization of existingresources.

• Improved data and network security

Acriticalissueforfinancialmarketsalesagentsandbrokers,investmentbankers,insuranceagentsandanyonewithacustomerbasethatneedsprotectingissecurity,achallengethatcanbeaddressedwithvirtualization.Reportsofmissingorstolenlaptopshaverekindledinterestinthinclients,which maintain applications and data on a central server. Our clients havelearned:

– “Locked-down”PCscontainnolocaldata,makingthisaninherentlymoresecure architecture.

– Security is simplified through the introduction of a standard solution for encryption and authentication. Savings: up to 50 percent

• Anywhere, anytime access to applications, information

and resources

Allowing employees to gain access to systems and information when they are traveling or otherwise completely disconnected offers a definite advantage in thecaseofanemergencyordisaster,improvingyourorganization’sresiliency.

Whilethisgrouptypicallyrepresentsthesmallestaudience, these employees can also be among some of the most critical in your organization.

Theneed:asolutionthatstreamsthedesktoptothedevicewhileconnected,andthenallowsittobeaccessedoffline.Thebiggesttechnicalobstacle:synchronization when the worker connects and disconnects—what developers call“check-in/check-out.”

Technologiescurrentlyexistforclient-sidevirtualizationandforserver-sidevirtualization,butthechallengehasbeentogetthemtoworktogetherto deliveranofflineusecase.Althoughstillintheformativestages,vendorroadmaps and blogs suggest the industry is focused on developing the right offlinesolutionwiththelowestcostofownership,maximumflexibilityand datasecurity.Expectthiscriticalelementtocontinuetoevolveinthe coming months.


Security is one of the top- rated concerns of financial services organizations.

The“green”benefitsof thinclientsarecompelling:energy savings and a reduced environmental burden.

• Reduced power and cooling spend The“green”benefitsofthinclientscomparedtotraditionalPCsareparticularlycompelling:youcanseeenergysavingsfromreducedCO2emissionsandless energy consumption. Although much of the current focus is on data centerenergyefficiency,desktopscanproduceanywheretwotothreetimesthe overall power consumption in an enterprise. There’s also a reduced environmentalburden:

– A longer machine life produces less waste.– TypicalPCsconsume225to250watts,andolderPCscan

exceed300watts;statelessthinclientsrangefrom10to30watts of energy consumption.

– Inpilotcases,virtualizationandthin-clientpowersolutionsprovidemaximumpowerefficiencies.Savings: up to 70 percent

WiththenumberofvirtualizedPCsprojectedtogrowfromafewmilliontodaytoashighas660millionby2011,theoverallgreenbenefitswouldalsomultiplyexponentially.Clearly,thiswouldhaveasignificant,positiveeffectwellbeyondthedatacenter,inboththeenvironmentalimpactofacompany’soperationsanditsenergybudget,wherepowersavingshavebecomeanincreasinglyimportant total cost of ownership factor.



Addressing growth through virtualization

One of the largest financial services company in Austria, with 16 million customers, Erste Bank offers a broad range of products and services to customers in 3,000 branches across Europe. To continue double-digit growth and boost market share, the company embarked on a series of acquisitions—and ended up with a tangle of hardware, applications and operating systems that threatened the enterprise’s expanding banking and trading systems. More important, Erste needed a disaster recovery plan for its 250 dispersed back-office PCs that would allow it to be securely operational in four hours in the event of an outage.

IBM suggested the virtual infrastructure access services solution for a single, user-friendly logical access point to applications from almost any device. IBM helped Erste:• Createavirtualizeddesktopsolutiontoencompassthebank’sback-office

andtradingPCs,separatingfront-endbusinessapplicationsfrom dedicated hardware

• Buildopen-standards-based,security-richITinfrastructureitneededforbusiness continuity

• Achieve its goal of standardizing trading back-office environment to enable traderstoaccessheadquartersystemsquicklyandsecurely

• MaintainPCperformancelevels,consolidatebusinessprocessesandimprovetheutilizationofexistingITresources.

“We implemented a disaster recovery system based on the virtual client concept solution for our back office department after our joint development initiative with IBM,” says Ing. Karl Weißl, Erste Bank Vienna manager operations risk management and treasury.

“The demonstrated performance, flexibility, functionality are impressive, as also is the real-time behavior of the virtual client and the feasibility of flexible access in our banking environment. With this disaster recovery implementation, we have the ability to share a 12-blade server for the whole back office team of 100 employees.”

Desktop virtualization helps thebankreducecomplexity andincreaseflexibilityas it grows.

Partnering for better success

For all the benefits we’ve outlined, there are corresponding challenges. But with the right partner, they can be identified and tackled with appropriate solutions. With deep experience in the financial services sector as well as end-user services, IBM can help you assess, design, implement, manage and support a desktop virtualization initiative that addresses your unique requirements. Along with a broad set of partners, we offer one of the industry’s most comprehensive solutions.

IBM virtual infrastructure access services delivers an advanced end-user access environment using “connection brokering” to connect end-user devices with centrally managed, platform-independent applications and full client images running in virtual machines. The service:

• Employsportal,thinclient,messagingandsecuritytechnologies,deliveredthroughasingle,consistentframework

• Deliversacommon,security-richscalable,resilientITinfrastructure• Providesuserswithsingle-point,consistentaccessfromalmostanydeviceto

virtuallyallexistingapplicationenvironments• Avoids modification of most legacy systems

Whether you choose virtual infrastructure access project-based services or managed services that help you alleviate the burden of skills development and maintenance, you’ll be able to tap into IBM’s proven methodology, technical expertise and best practices to transform your financial services organization.

Desktop virtualization can help you effectively manage your end-user environment, significantly reduce costs and improve operational efficiency. With highly reliable and available desktops, you will be able to drive productivity and collaboration higher—anytime, anywhere.


© Copyright IBM Corporation 2008

IBM Global Services Route 100 Somers, NY 10589 U.S.A.

Produced in the United States of America January 2009 All Rights Reserved

IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or TM), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml.

Other company, product and service names may be trademarks or service marks of others.

References in this publication to IBM products and services do not imply that IBM intends to make them available in all countries in which IBM operates.

ENW03001-USEN-00

For more information To support your desktop virtualization projects and learn more about virtual infrastructure access delivered through IBM workplace optimization consulting services, visit:

ibm.com/services/enduser

extending virtualization to the end-user environment in ... · ibm global technology services...

Documents