So, I may be a little late to the game (I know Brian Madden has already blogged about this a couple times), but let me just write it for the record – I love Vmware’s new direction with Project Horizon!!
If you missed the keynote for Vmworld 2010 in San Francisco, then you missed the demonstration Steve Herrod gave for their bold new endeavor on the desktop front… Project Horizon represents something of a shift in how Vmware is approaching desktop application management. Imagine, if you will, that you could use any device you wanted to access some or all of your company’s corporate applications. Imagine also that your company not only allowed this, but encouraged it! Project Horizon represents a recognition that trying to keep up with the proliferation of client devices, phones, thin clients and so on is fruitless. The market has proven it moves faster and provides more choices than corporations are equipped to handle, and many organizations are struggling with trying to figure out how to account for the myriad devices that are just showing up in the office.
Imagine, then, something like the following…
Rather than the company providing you with a device, you might simply register the device(s) you want to use through a simple web interface. Project Horizon installs an agent on your device (Windows, Mac, iPhone, iPad, and Droid), and you are off and running.
The desktop team entitles your account with the applications that you require for your job, and optionally might even put together a catalog of other applications that users may need. You can then self-entitle these optional applications, and they will be delivered to you on whatever device you happen to be using. What could this lead to?
Horizon might then not only entitle applications for you, but it might also:
* Connect you to Vmware View desktops
* install applications locally
* Install ThinApp applications
* Connect you to Microsoft Remote Desktop Services applications
* Connect you to Citrix Published applications
* Connect you to Saas applications (like Google Apps, Salesforce.com, et cetera)
* Actually provision your credentials for all these applications (yes, even the web applications)
* Enable enterprise single-sign on for all the above applications!
How might it do this? Well, much of this work is a result of the work previously accomplished by Tricipher (one of Vmware’s latest acquisitions – http://www.vmware.com/company/news/releases/vmworld-integrien-tricipher.html). Tricipher leverages Secure Assertion Markup Language (SAML) for secure enterprise single sign on and identity federation for both internal and external applications. The SAML standard was first established in 2001 by the Organization for the Advancement of Structured Information Standards (http://www.oasis-open.org/home/index.php), and version 2 of the standard was ratified in 2005 (http://www.oasis-open.org/specs/#samlv2.0). There’s more to it than just SAML and SOAP, of course, but that’s for another day.
It looks like Horizon could some day include some form of application license tracking, as well as policies to dictate which applications can be available from which of your registered devices, and from where, and whether or not the device must be a member of the domain… One can imagine many additional policies of this sort, which your company could leverage to further control access to critical corporate data. It is not clear yet if (or when) any of these features may make an appearance, or whether this will be a for-purchase product or a leased service hosted by VMW or some other entity, so stay tuned for more from Vmware.
If you can’t beat’em…
So why is all this important? I personally believe we are at an inflection point, and technologies like Project Horizon show clear recognition that the times, well they are a-changin! Clearly, SAML has been around for a while. Enterprise single-sign-on and identity federation is not new, either. More and more frequently, however, companies are embracing off-premise SaaS applications… Both of my most recent companies, for example, use Salesforce.com as their CRM tool. Simultaneously, many companies are struggling to incorporate the rise of virtual desktops, or server-based computing for centralized application deployment and management to gain higher security and easier application management.
Other companies are investigating application virtualization to solve similar issues. In other words, between the proliferation of devices, the multitude of new management techniques to ease operational efficiency, and the rise of new application delivery techniques, desktop administration teams are under pressure from multiple fronts. It is something of a Herculean effort to try and undertake, so why try? Why not embrace the diversity, and use it to strengthen your offering and service to your users? Your users will be happier, and application provisioning will be streamlined (and therefore easier as well). In other words, if you can’t beat them, join them!
– Posted using BlogPress…