Interview with Brad Rowland on Symantec's Endpoint Virtualization

Symantec sees the opportunities available within the virtualization market. The company acquired Altiris SVS and AppStream to create its Endpoint Virtualization Group, and they've recently acquired nSuite to help round out their offering. I spoke with their marketing director Brad Rowland to find out the latest.

I recently caught up with Brad Rowland, director of enterprise marketing within Symantec's Endpoint Virtualization group. With all of the changes that are taking place within Symantec -- the creation of the Endpoint Virtualization Group, the acquisition of AppStream, and then the recent acquisition of nSuite -- I thought it was a good time to try and catch up with Rowland to find out more information about the goings on before he gets too busy with the new ManageFusion show taking place in the next two months.

Q: It's been a while since we've last spoken -– can you tell me more about all of the changes taking place over there at Symantec?

A: Last April, Symantec announced the creation of a new product team called Endpoint Virtualization. We actually announced the acquisition during Symantec's ManageFusion event in Las Vegas, which was a great venue and really the event that had showcased the technology since mid 2006. The new team that was created is a combination of the Symantec Endpoint Management (formerly Altiris) SVS product team, and the team from the AppStream acquisition. I transitioned in with my full team from AppStream, and we've been focused on the future of the combined SVS / AppStream offering, which had been previously sold by Symantec as SVS Pro. Then most recently we announced the acquisition of nSuite, which adds some great components to our endpoint virtualization solution set like a connection broker, single sign-on, and an alternate desktop shell. It's been a great several months coming up to speed within a global giant like Symantec and understanding how products from our other product teams support virtual environments.

Q: I bet it's been interesting. Can you give us a few examples?

A: Sure. For instance, products like Symantec's NetBackup 6.5 that won Best of Show at VMWorld in 2007 for data protection and security. Symantec is recognized primarily for security but really does a great deal in support of virtualized infrastructure and virtualization innovation across all the product sets. Symantec is also recognized for storage management and, in fact, Veritas pioneered storage virtualization. Many of these best-of-class products are being integrated through a companywide initiative called Open Collaborative Architecture to pull more of these solutions into a common infrastructure management framework that spans the datacenter to the endpoint. The obvious excitement from our team is around the implications of how streaming and virtualization can enhance these solutions as well as benefit strongly from them.

Q: How does Symantec view virtualization technology and the trends in this area?

A: Virtualization is an old technology idea (creating abstraction layers between services and/or resources) that has many applications, currently covering very newsy technologies like server virtualization, OS streaming, presentation virtualization, piracy prevention, etc. This latest round of virtualization has gone through "wave 1," which is primarily focused around IT projects like server consolidation.

The next wave is about using virtualization to separate the information that matters from the underlying infrastructure. The approach is different across different technologies, but it's easy to see the application of that concept in solutions like storage and security where you are primarily interested in securing and protecting the IP or critical information, rather than the multitude of copies of applications, patches, and OS instances. This is commodity data, not information that matters. We don't need every copy of an identical jpeg file sitting in e-mail; we just need a single copy and a reference pointer. If we think about this in the context of server consolidation, the barriers to 100% implementation of this solution in the enterprise are not really due to lack of server virtualization features; they're primarily due to basic things like security, backup and DR strategy, configuration, and management. But the multitude of virtual server OSes are not the important information that needs to be secured and managed. The more we can identify important information from commodity data, the easier it will be to make use of these computing environments. To help fully leverage hypervisor innovations they also need to be seen and managed in a standard way –- they need to more completely standardize and even commoditize -- then they can be plugged into an overarching strategic framework by CIOs and IT managers. Between vendor and user community initiatives, the market is clearly moving in this direction already. Hypervisors and other computing environments should absolutely be plug-and-play components like blade servers that help build IT infrastructure and map it to business strategy, real time, and on-demand.

Just like grid computing, commoditizing the underlying components is not a bad thing. Quite the contrary it's what allowed this next level of solution to be built, and this solution is used to create and manipulate gigantic amounts of information. Symantec is historically known for securing and managing the information-driven world of businesses, protecting information completely, managing it easily, and controlling it automatically -- not just in a platform-independent way, but even as a layer over the top of multi-vendor solutions. This allows IT decisionmakers to leverage best-of-breed components or manage diverse environments created by changing vendor strategies or acquisitions.

Q: What's the goal of the Endpoint Virtualization? And how does nSuite fit in?

A: The Endpoint Virtualization team is bringing to market a set of technologies and solutions that will leverage virtualization to bring this same value to the endpoint. That endpoint can be a traditional PC or mobile laptop, or a new emerging desktop.

Endpoint Virtualization is a set of technologies that virtualize within the workspace, like SVS and AppStream, and also technologies that virtualize the workspace itself and allow it to be made portable from device to device or even in the cloud. Ultimately we'd like to see a world where the focus of IT is on giving users maximum productivity -- the richest, most secure, and best ROI based on their role and context. Today we have this with systems like e-mail. From your richest experience on a laptop, to slightly less rich on a Web kiosk at the mall, to the "thinnest" or most focused experience on your cell phone or handheld device. The user doesn't care or need to know what the underlying technologies are -– they are seamless and portable. It's their access to information and their experience when doing so that really matters -- the consumption and creation of information communicated through the e-mail system. If you look at what it takes to get that kind of portability in e-mail and how many years it's taken the industry to achieve this, that is a giant opportunity for reducing cost and complexity, which could in turn drive an increase in security, flexibility, and productivity across a new range of applications. We want to enable the next wave of workspace portability using virtualization as the enabling technology, setting the information free from some of its current confines.

Each of the components in our portfolio leverage virtualization for a different piece of the solution. AppStream brings on-demand delivery of any application or file -- this is the "real-time" piece. Today this focuses on delivery within the workspace but can also be used for the actual workspace delivery itself, like streaming virtual images to players in a host OS, either to a traditional or cloud-based endpoint. Instead of waiting for a multiple gigabyte download you can begin working when a small fraction of the image has been streamed. SVS uses virtualization to separate the information that matters most from the underlying computing environment, whether applications from the OS, or data and configuration from the OS and applications. nSuite adds connection brokerage, single sign-on, and technologies that leverage and enhance presentation virtualization. Connection brokerage connects available resources (applications, computing environments, data sets) to users as needed. These pieces allow everything to be centralized, or run locally in a virtual layer, or on any hybrid model. The experience should be seamlessly delivered to the user based on roles and rules, giving them the richest computing experience as appropriate to their context. Things like their level of security, device type, and network connection speed. Users should just connect and get the richest experience possible, period, while IT guarantees information security and protection at the best cost.

Q: What are some of the challenges you see in the market?

A: Virtualization is bringing a whole new set of challenges that can easily eat up any ROI from a project-leveraging virtualization innovations. Starting with some basics around standards. Take something simple like application packaging. On one hand you have the market really pulling it together to standardize on packaging formats like MSI, and on the other hand most application virtualization technology requires repackaging into another format or first using the MSI to make a snapshot, and then sometimes you can wrap those in a new MSI for deployment. Imagine a typical large enterprise that has a thousand or more supported applications. Even if you get those all as MSI, you may have to have two other versions of each package just to virtualize and then deploy as MSI. That's a 3x increase in packaging requirements at the same time we as vendors are saying that the right model is a single package standard around MSI. It's hard to push a message of ROI on package reduction, and then another ROI message on application virtualization that requires multiple packages for a single application. In the big picture the return is questionable.

So how do you get the best ROI from both innovations? How do you leverage strong ROI from a common packaging model, and strong ROI from application virtualization?

That's the question we want to answer and the approach we want to drive around technologies in this space. As you've written about previously, AppStream had gone to great lengths to stream the actual MSI and maintain install time logic, but this work was done around non-virtualized applications. Last June at Symantec's ManageFusion show we had a chance to show you a demo of streaming an MSI on the fly into a fresh SVS layer, all without any repackaging. We believe the right model is to have a single instance of the application, probably packaged as an MSI, but then deployable through a common infrastructure that allows streaming or standard package push, fully interoperable or virtualized, into a traditional desktop or virtualized (it shouldn't really matter), and this all based on automated rules governed by usage context and user role. Our Wise Packaging Studio can even identify and remediate situations where a patch wouldn't upgrade all instances of a file due to application virtualization. We need to manage innovation in ways that don't require architecting your environment around a point solution. Instead you should be able to architect around valuable information and the flow and consumption of that information throughout your enterprise. Maintaining a real standards-based approach is a time-tested way of maximizing ROI across all functional areas of IT and areas they interoperate and needs to be maintained in this new virtual world.


Once again, I'd like to thank Brad Rowland from Symantec for taking the time to meet with me and talk to us about the nSuite acquisition and the Endpoint Virtualization Group. And I'm also looking forward to finding out more information about what Symantec is up to in the virtualization space while at their upcoming ManageFusion show.


Copyright © 2008 IDG Communications, Inc.

How to choose a low-code development platform