Despite rumors to the contrary, virtualization is not just for the datacenter. From the most complex workstation applications to the simplest DLLs, virtualization is leaving an indelible mark on client computing.
A good example of this is application virtualization, a label applied to products that insulate running programs from the underlying desktop. The idea behind application virtualization is to eliminate many of the support-draining configuration problems that plague conventional desktop implementations. These products virtualize the interaction between a given program and supporting OS resources, like the file system and, in the case of Windows, the system registry database. All these products isolate applications from the OS image, but the approaches are quite varied.
[ For a primer on desktop virtualization, see "What desktop virtualization really means" ]
At one end of the spectrum are products like Altiris Software Virtualization Solution (SVS). Tools like SVS employ what might be called the “brute force” method: A simple filter driver is installed in the Windows file system code stack to intercept and redirect I/O calls from SVS-managed applications. When enabled in their respective “layers,” an SVS-managed application appears to integrate seamlessly with the OS. In reality, every aspect of the application’s OS interaction, from loading a DLL to accessing a registry key, is being redirected on the fly to a local cache file managed by SVS.
The advantage to this approach is that it fully isolates the OS from the application: Any changes made by the application – to the Registry, to its own files, to Windows – are in fact occurring solely within the SVS-managed cache file. Since no real changes are occurring, the underlying OS image remains pristine and the application can be “disabled” by simply clicking a button or by remotely disabling it from a supported management console. The downside to this approach is that it has trouble managing multiple versions of the same application; for example, Microsoft Office can sometimes trip up SVS by invoking the wrong version of a component when multiple versions are installed in parallel layers.
At the other extreme you have solutions like Softricity’s SoftGrid (recently acquired by Microsoft and soon to be integrated with the base Windows Server platform). SoftGrid provides a complete virtualization environment: Applications are streamed to the client from a server share and then executed within a customized “sandbox” that completely isolates the code from the OS. The advantage to this approach is that it avoids many of the multiversion issues that plague SVS. However, the trade-off is a more complicated deployment process that requires administrators to create a custom installation image to optimize the code base for streaming.
Of course, no market segment is complete without an interloper to shake things up. Thinstall combines the simplicity of SVS with the fully padded box approach of SoftGrid. By embedding both the virtualized environment and the application image into a single executable file, Thinstall eliminates the need for supporting infrastructure: Just copy or stream the file to the client and execute. No agent is required and the image can be deployed using virtually any traditional management suite, including Active Directory and Microsoft Systems Management Server. The downside is the need to customize the application using Thinstall’s Virtualization Suite toolset.