Server and Desktop Virtualisation Solutions for Independent Schools -White Paper

Thin computing, cloud computing, virtualisation. The IT industry is – as always – awash with buzzwords. But what does it all mean and is any of it really relevant to independent schools?

Virtualisation is a technology which, in simple terms, allows you to run many computers on one piece of hardware. So instead of 20 servers perhaps you end up with 3 or 4 servers. Admittedly these new servers need to be bigger, more powerful units than a conventional server, but a machine that is running saying 8 virtual servers, certainly doesn’t need to be 8 times more powerful than a normal server. In fact, it is shocking how little of the processing power in our current servers is actually being utilised. The traditional “one application per server” model came about more due to differing applications needing their own separate copy of Microsoft Windows than due to processing power requirements. With virtualisation technologies such as VMWare, this restriction has been taken away, since each virtual machine can run in its own separate ring-fenced operating system, within the shared host server. The benefits of this approach are a reduction in server hardware costs, a simplification of the network, power savings, reduced maintenance and support costs and much improved disaster recovery facilities.

However, I can already hear you muttering about eggs and baskets, and this is certainly something that needs consideration in a server virtualisation project. In the traditional physical server setup, if one piece of server hardware failed, then you lost the particular service that that machine was running. In the virtual world, if one server fails then you potentially lose many services across your network. To mitigate this risk it’s important that the server hardware has plenty of built-in fault tolerance – redundant hard drive arrays and redundant power supplies for example. One of the good things about the virtualisation technology is that it is hardware agnostic. Previously the Windows operating system could see the particular make and model of the server it was running on and had to include specific settings and drivers to support that make and model. That made it difficult and time consuming to be able to recover a failed server onto a different piece of hardware. In the virtual world, the virtualisation hypervisor sits between the hardware and the Windows operating system and presents a uniform platform to the operating system. That means that any virtual machine can be quickly and easily moved from one physical host to another. Indeed, some of the more sophisticated editions of the hypervisor software allow you to automatically move servers from one host to another during live operations and without downtime. So if you need to take server A down for maintenance, or indeed if server A fails, then the virtual machines it was running move seamlessly to server B. As always with these things, greater fault tolerance comes at a price, so it’s a question of striking a balance between commercial risk and cost when the system is being designed.

Desktop Virtualisation

Take the technology a step further and you come onto desktop virtualisation. So instead of say 200 PCs around the place, perhaps you end up with another 4 or 5 servers, which the staff and scholars access via a thin client. What is a thin client? Well it can be a basic network attached terminal (they used to be called dumb terminals, back in my day!) or it can be a PC. The key is that nearly all the processing is done on the back-end server, so the user device doesn’t need to have much local processing power at all. The cheapest, most basic PC you could buy on the market today is more than adequate to act as a thin client, and indeed we see many organisations re-using very old PCs, which would otherwise only be fit for disposal, as thin clients. If you are using a PC for the front end, then typically you would install a lock-down piece of client software on it, which makes it into a terminal, so that the local hard drive is inaccessible. If you choose to use a thin client device, then they really are thin these days - many are just a little box which clips to the back of your monitor.

On the backend server, you setup one or more “gold” images. These are your standard PC setup with all your required software. You may choose to have one gold image for scholars, a different one for teaching staff and perhaps another one for administrative staff. In general terms, the fewer gold images you have, the more benefit you will get. When a student or staff member logs on to their PC or thin client, the system checks which gold image they are assigned and builds a virtual PC on-the-fly from that image. It only takes a few seconds. When they are finished and log-off that virtual machine ceases to exist.
But why should you bother to take the plunge? Your IT system works reasonably well as it stands and the mantra “if it ain’t broke” springs to mind. Well it’s all about financial savings. This type of technology potentially offers a huge saving in the support and maintenance costs for the network. When a new piece of software, or an update to an existing application is required, then it simply gets installed onto the gold image(s), rather than having to put together complicated and time consuming scripts to deploy it to all machines. Equally, should a software update cause a problem, it can simply and easily be rolled back, just by changing the gold image and asking users to log off and on. It also has the benefit of greatly reducing the organisation’s ongoing hardware costs, partly because the PC replacement cycle is greatly lengthened, and partly because when a device does need replacement then an inexpensive basic replacement will more than suffice.

In terms of control, since the virtual PC only exists for the duration of the user’s logon, there is no problem with the installation of unauthorised software or malicious code being introduced (whether accidentally or otherwise!) Even if someone does manage to break the system security to install something they shouldn’t, then it will disappear appear again when the virtual desktop is logged off. So no more hours spent cleaning spyware and other nasties off machines.
The technology is mature now and has been deployed in many corporate environments as well as a handful of schools. The fact that it is industry standard has multiple benefits:

Other people have identified and the manufacturers have ironed out all the early issues with the technology.
There is a wide user-base and good industry knowledge and support for the system if any problems are encountered
It is supportable by any good IT company, so the school is not tied into working with a handful of niche vendors
It is the system that many of the pupils will be using in industry one day
It will be a technology which is familiar to many of the parents from their workplace

Sounds expensive, is there really a cost saving to be made?

Offset against all the benefits is the investment needed to setup the back-end server equipment and deploy the virtualised desktop solution. So do the economics work out?

Well our experience, is yes, they do. In fact the cost savings are substantial and ongoing – of course it depends on your own individual circumstances, but some organisations have seen cost savings of around 65% in the ongoing support and maintenance of the network. The good thing is that you don’t have to virtualise everything in one go, you can run a mixed environment. So if you’ve got ICT budget set aside already for some replacement PCs or replacement servers then you can use that budget to setup the first phase of the virtualisation (and then keep the old PCs you were going to replace as thin clients). The savings made from the first part of the project can then be re-invested to fund the second stage and so on. Typically organisations taking this approach find they can keep their existing IT budget at the current level during the implementation of the project, then start to reap the ongoing cost saving from around year 3 onwards.

Like any IT project (and we all know the reputation of IT projects!), a desktop virtualisation project is not something that is to be undertaken lightly. To be successful it needs a good degree of planning and testing, and should always be preceded by a proof-of-concept to make sure all those little idiosyncrasies of your particular IT system have been factored into the design. But if it is well designed and executed then there is no doubt that the ongoing cost savings are substantial.