There’s no question that the global pandemic has changed many aspects of our lives in ways that will never be the same. When it comes to business – many organizations have had to creatively adapt, embracing technology to empower productivity in the COVID-world. It has prompted an evolution, not only in how businesses run, but also in the technology stack required to enable widespread remote & hybrid work.
Obviously, there are many technologies on the market. But to make things even more challenging, It can be difficult to differentiate between the various terms and technologies used to describe these various technologies. For instance, what’s the difference between Virtual Desktop Infrastructure (VDI), Desktop-as-a-Service (DaaS), and Virtual App Delivery? And what role does each of these technologies play in the overall “Digital Workspaces” category? Also – whatever happened to “Application Virtualization”, and is that the same as “Virtual App Delivery”?
Let’s take a closer look at these different technologies to compare and contrast their capabilities, and to shed some light on how we got to the current Digital Workspace stack.
Virtual Desktop Infrastructure (VDI), Desktop-as-a-Service (DaaS), and Virtual App Delivery
Many organizations today are using Virtual Desktop Infrastructure (VDI) to deliver business-critical resources to remote workers. It is a popular option. However, it can be both challenging and costly to implement. First of all, what is VDI? In general, it refers to solutions that pool together desktop resources on a centralized server and deliver these to end-users. The end-user is then able to access the full desktop and run applications, and access data. VDI is a pre-cloud technology that businesses generally deploy in on-premises environments.
Citrix Workspaces and VMware Horizon are two of the major players in this space, and many organizations choose solutions from these solutions to deliver VDI in their environment. What are the challenges with VDI? VDI is notoriously expensive and resource-hungry. It usually requires a dedicated set of servers, storage, and network infrastructure to deliver virtual desktops to end-users in a performant way.
To go along with the dedicated servers, storage, and network infrastructure, organizations generally have to hire at least one or two engineers who specialize in VDI to manage, configure, and troubleshoot the environment daily. The ongoing costs of both dedicated hardware and a team of professionals to manage and maintain the VDI environment can add up.
There have been efforts to overcome challenges and costs with managing an on-premises VDI environment, such as Desktop-as-a-Service (DaaS). With DaaS, the hope is to abstract some of the complexity by shifting the underlying infrastructure to cloud environments so organizations can operate the VDI offering as a service and not deal with the infrastructure side of things. However, DaaS still requires the cloud expertise to deliver the solution, and the underlying complexity is still there. It can also lead to costly spending on cloud services.
Which leads to another key technology in the Digital Workspace stack – Virtual App Delivery. When businesses start to look at what is most important to enable anytime, anywhere productivity for remote end-users, it is generally the applications. When connecting to VDI or DaaS environments, many remote workers are simply accessing business-critical applications and not interacting with the desktop environment for other reasons. In those cases, VDI/DaaS are overkill, and both the IT environment and the user experience can be simplified with Virtual App Delivery. But it’s important to note that it’s usually not an either/or proposition – in many organizations IT can utilize VDI/DaaS for the users who truly need a full virtual desktop, and then utilize Virtual App Delivery for everyone else.
But Wait – What About Application Virtualization?
The concept that not every user needs a desktop is not new. Application virtualization first emerged many years ago to address this issue, and to provide a simpler way to just provide apps instead of full virtual desktops. App virtualization has been around for a while on many different platforms, such as Microsoft Remote Desktop Services, with the aim of providing a more efficient approach to delivering applications to the end-user without the full desktop. App virtualization provides a more efficient footprint and is capable of greater user density per server resource. However, the App Virtualization approach generally requires the same infrastructure configuration whether full desktops are delivered or not. Below is Microsoft’s architecture overview of Remote Desktop Services, housed in Azure. There are many moving parts and components, including Remote Desktop Gateway, Remote Desktop Web Services, Remote Desktop Session Host, Active Directory, File services, etc.
Virtual App Delivery vs. App Virtualization
So, what’s the difference between Application Virtualization and Virtual App Delivery? Think of Virtual App Delivery as the next-generation of App Virtualization. Virtual App Delivery is the cloud-native approach designed to address the challenges and hurdles of legacy App Virtualization by automating away all of the complexity seen in the diagram above. A modern Virtual App Delivery platform should display the following three key characteristics:
- Seamless Connectivity
- Intrinsic Security
App virtualization products require the same infrastructure needed for full virtual desktops. It results in unnecessary complexity from an architectural perspective and requires numerous components to ensure the solution is reachable, highly-available, and secure. The term Virtual App Delivery emphasizes the importance of the delivery of the application to the end-user. The delivery must be seamless and straightforward, as we will see.
With the tremendous transition to remote work in 2020 and continuing this year, employees continue to work from many different locations. They use many types of devices to access business-critical applications and data. However, there is generally one type of access that all devices, both traditional and mobile, have in common – a browser. Modern Virtual App Delivery solutions must provide seamless connectivity to all of the applications people need to be productive from anywhere and on any device through an HTML5 browser. This eliminates the requirement for a “fat” client and allows fully encrypted sessions through SSL encryption.
Cybersecurity has never been more critical than it is today. With record numbers of cyberattacks and new threat vectors popping up each day, today’s digital workspaces using Virtual App Delivery must deliver security intrinsically as part of the solution. With traditional remote access and app virtualization solutions, security is an afterthought or a “bolt-on” component. This approach is no longer sufficient, so it’s important to ensure that any Virtual App Delivery solution you’re evaluating has security built in at the very foundation.
Cameyo Modern Virtual App Delivery
There’s no question that today’s employees need to access business applications from anywhere and on any device. Cameyo’s Virtual App Delivery platform provides a robust Digital Workspace that delivers virtual apps to remote workers with simplicity, seamless connectivity, and security.
Unlike legacy application virtualization solutions, Cameyo is purpose-built and engineered for modern Virtual App Delivery. It means there are no unnecessary architectural components in the way of servers, storage, or networking required. It eliminates the cost and management complexity involved in managing VDI and DaaS and other legacy application virtualization solutions.
Customers who choose the on-premises solution can use a single Cameyo execution server on-premises (two recommended). For those who want to use Cameyo as a Cloud SaaS offering, Cameyo offers a fully-managed customer cloud environment for hosting applications.
The Cameyo Virtual App Delivery solution architecture is straightforward:
- The end-user requests to initiate an application by invoking a “play” action URL from the Portal in the form of: https://online.cameyo.com/apps/1234…./play. This can also be invoked through a Cameyo API.
- Portal checks the user’s authentication for this application. If authentication is required but missing, the portal authenticates the user either through login credentials or the configured SSO provider. SSO can be any OIDC-compliant provider, including Azure AD, Google, Okta, Ping, etc.
- The Cameyo cloud portal communicates with Cameyo “execution” Servers, which deliver applications to end-users
- The Cameyo execution server responds to the portal with the connection details. The portal translates them to the client:
- HTML5 client: user’s browser is forwarded directly to the server’s HTTP/S address with a given token. The execution server then verifies that token against the portal.
- Native Windows / Android RDP clients: connection is made directly through RDP, using one-time credentials generated on-the-fly and transmitted to the client.
- The session runs according to Cameyo’s policy settings such as maximum time / idle time, cloud storage virtualization/synchronization, shell lockdown, toolbar options, file transfer permissions, etc.
- Upon the session’s end, the user profile is cleaned up. If Cameyo is configured to “Temporary User Profiles,” the entire user profile data is wiped out of the server. If SessionSync is enabled, this is done after synchronizing the user’s data back to the central / cloud storage.
Cameyo Virtual App Delivery Architecture Overview
Cameyo provides seamless connectivity to all Windows and internal web applications from any device. Customers’ end-users only have to have access to a browser to run the full desktop of any application from their browser with Cameyo. This means end users have nothing new to learn – they simply access the applications they’e always utilized, just via a browser tab instead of an installed app.
Cameyo is built with a zero-trust security model from the ground up. Cameyo never exposes the execution server to the public-facing Internet. Using its unique RDP and HTTP/S Port Shield technology, only authenticated sessions can communicate with RDP and HTTP/S ports on Cameyo servers. Once authenticated, end-users only have access to the sanctioned applications and never to the core system components. Additionally, when a user logs off, Cameyo Port Shield removes the end-users’ IP address from accessing the Cameyo server at a network layer.
The intrinsic security provided by Cameyo allows organizations to provide access to business-critical applications on any device, even non-IT managed personal devices, without the danger of data leakage, malware, or other compromising behaviors.
The way we live, socialize, and work are continuing to change. Businesses are rethinking their remote employees’ workflows and figuring out how to ensure all of their people can access the business-critical apps they need to do their jobs from anywhere and on any device. There are many different solutions for providing remote access to employees, including Virtual Desktop Infrastructure (VDI) and Desktop-as-a-Service (DaaS) – but for the majority of the workforce who simply need access to their business applications, Virtual App Delivery is simpler, more cost effective, and more secure. Rather than providing a full desktop, only the necessary applications are presented to the end-user.
Whereas Application Virtualization first emerged to highlight the need for delivering apps instead of full virtual desktops, Virtual App Delivery is the modern, cloud-native approach that enables the delivery of apps without the complex infrastructure requirements of VDI/DaaS & App Virtualization. It helps to overcome traditional application virtualization challenges by providing simple, seamless, and secure access. Cameyo delivers modern Virtual App Delivery without unneeded infrastructure, using a simple SSL browser connection and zero trust security mechanisms to ensure your data and applications remain safe no matter what devices your people are utilizing.
Want to try it for yourself? You can be up and running with Cameyo in minutes – just start your free trial below.