Leave the laptop behind
Application virtualization can make your mobile workforce truly machine independent. Here's how.
The ultimate argument, however, in favor of sandboxing over VM hosting has to be the raw simplicity of deployment. With a sandboxed application, in most cases you simply launch an executable file and start working. With a VM, you need to install, at minimum, some kind of playback application and then hope that its various pass-through mechanisms support the local hardware environment. If the PC is memory constrained or if you don't have permission to install software (the kiosk/locked-down desktop scenario I noted earlier), you may be out of luck. Sandboxing overcomes this hurdle. Few Windows PCs will have trouble loading a simple executable file – assuming, of course, you can attach your portable media to the system.
Time to hit the beach
One area where VM-based solutions hold an edge over application virtualization is in the initial setup process. Whereas installing an application into a VM is typically the same process as installing it on a physical machine, effective sandboxing takes some trial and error, especially when you're attempting to capture and virtualize multiple applications.
In my case, it took a little over a week of testing, tuning, and tweaking to get my fully functional mobile workspace purring just right. This included multiple aborted attempts at capturing applications where something – a missing library, a hidden encryption layer – tripped me up. The .Net Framework 3.5, in particular, was a tricky one because the virtualization software I was using – VMware's ThinApp – kept creating too many entry points into the package. I fixed this by combining everything in a single executable: DW20.exe.
Speaking of virtualization software, I evaluated the current state of the art from all three of the leading app-v providers – Microsoft, Symantec, and VMware – and ended up settling on ThinApp for three main reasons.
First, ThinApp doesn't require an agent. While not so much an issue for corporate deployments, the agent requirement for Microsoft Application Virtualization and Symantec SVS made them no-goes for my extreme hardware-independent mobile computing scenario. As in the hotel kiosk scenario, there are just too many situations in which you will not be allowed to install a custom agent on the borrowed PC. This is especially true in locked-down computing environments where the idea of installing a bunch of foreign kernel mode components onto a sensitive system is about as acceptable as surfing porn at your desktop during lunch.
Second, ThinApp is platform/version/architecture independent. The entire ThinApp virtualization layer is contained within the sequenced executable. It runs entirely in user mode like a normal application, and this, in turn, allows a ThinApp-hosted application to execute unmodified across multiple Windows versions. It's also the only current solution that supports x64 versions of Windows, a fact that once again rules out its 32-bit-only competitors.
The third reason is sheer simplicity. The ThinApp capture process is by far the most intuitive of the bunch (though SVS is a close second). I was able to successfully capture most applications on the first try, and working with the capture data is easy because it is all stored in folders on the capture machine's local disk.