The iPad on your Network


So as we enter 2011 and our colleagues commute to work with their new leather bound iPads, the question in every licensing aware IT and Business Decision Maker might be…“how do we manage and license the damn thing?”


Citrix is a Microsoft Partner who works with Microsoft strategically in the corporate space around Desktop and Server virtualization However, if you happen to be looking at their website this holiday season you will see their social media campaign to integrate the iPad as a productivity tool for the workplace.

  • This article will examine how you address mobile slate devices in your organisation and bring Microsoft productivity tools and experience to your users on any device depending on your business goals.
  • This will look at what you need from the Microsoft end – not just the Citrix end.
  • This will look at the Microsoft licensing requirements to get this done.
  • This article will give you a brief overview of the different Virtualization types so you can work out your product and licensing requirements.

Virtualization Goals

In addition, check out these goal specific approaches to cloud and virtualization  at the Virtualization Scenario Hub

  1. How to Save on Power Consumption by Consolidating Servers Using Virtualization
  2. Use Virtual Clustering to Deliver High-Availability Applications
  3. Increase Server Availability and Support Burst Demand with Virtualization
  4. How to Improve Server Utilization and Reduce Infrastructure Costs
  5. How to Support a New Location with SharePoint Virtualization
  6. Manage Storage Migration with Virtualization
  7. How to Grow Your Business In a New Region with Exchange
  8. Planning for Disaster Recovery Using Virtualization

Types of Virtualization

This article will first look at the different approaches to virtualization so you can start planning what your users have access to. Whether personal virtual desktops, a virtual desktop pool or session-based desktops make the most sense for your iPad users.

User State Virtualization

Increases business flexibility by having a user’s personal profile and data available dynamically on any PC. In terms of data security this is an essential part of an IT managers toolkit  to reduce the impact of failure and PC theft by backing up personal profiles and information to the datacentre.

User State Virtualization (USV) is a collection of technologies that enables synchronization of user data and settings from a single PC to a central location. Once you enable USV, your users will be able to access data that is important to them on devices throughout your network combined with central back-up for critical business data that was once saved to vulnerable local storage. [Ref:]

Roaming User Profiles

Enable user profiles to be stored centrally and downloaded to users’ computers at logon. Your users will continue to enjoy their normal network drive mappings, printer connections and custom wall paper during their session. When the user logs off, any updated information is returned to the central location. [Ref: TechNet]

Application Virtualization

Isolation in this scenario occurs one level up in the stack from the OS and hardware. App virtualization isolates an application and all of that application’s files and resources from the operating system (OS) , and any other application on the system.

Application virtualization isolates the application from the OS. While to the user, this doesn’t really differ from the traditional concept of directly installing applications directly on the OS, to IT organizations the difference can be massive.

App Virtualization (Microsoft App-V) allows multiple versions of the same application can run on one computer system at the same time. Also, apps can be automatically streamed to a desktop, on demand and as needed, without having to be installed by a local IT tech. App-V can provide centralized application management and security and easy, fast patching and upgrades. This is all available as part of Microsoft Desktop Optimization Pack (MDOP).

This technology can address a number of headaches. First, because the application is isolated from the OS, there’s no need for the application to be installed in any traditional sense of the word. (This means multiple versions of the same application can run on a single desktop) This also means that applications can be streamed out to a desktop when the user needs them, which doesn’t require a helpdesk call or a IT visit to the desk.

For the average desktop admin, this drastically reduces the time and cost implications of desktop management because it brings patch and upgrade management to one central location and will accelerate the deployment of any new applications. It also ensures the entire desktop environment is configured to be secure and consistent.

This enables the mobile end user, as the work critical apps they need to do their jobs actually follow them around the organization (Roaming Users). Interestingly, Microsoft’s application virtualization solution, App-V, can also stream only the parts of the application needed by the user and have instant click start-ups

Once the user logs off, the application can be removed, and is no longer there risking access by a non-authorised or unlicensed user.

When combined with User State Virtualization (USV), App-V allows you to have an environment that allows your users to be productive, with access to their own apps and data, anywhere they sign-on in your network.

As advised by the great content on the Windows Steam Blog: App-V, you’ll need to take three basic steps: [Ref:]

Legacy Applications

If you are in the process of looking at Windows 7 you will likely be examining Application compatibility: Microsoft Enterprise Desktop Virtualization (MED-V) allows you to run your legacy applications, including Internet Explorer 6 based applications, inside a Windows XP compatibility workspace. This IT-managed Windows XP virtual environment remains hidden from your users. Applications running inside appear on the Windows 7 Start menu and appear to users indistinguishable from native applications.

Quick note – The Windows Steam Blog recommend checking out the new 2.0 release in the first quarter of 2011. Check out and evaluate the download at Microsoft Connect.

  • Buy Microsoft Desktop Optimization Pack (MDOP)
  • Create your Windows XP base image in Windows Virtual PC and install your legacy applications
  • Create a MED-V workspace package from your Windows XP base image
  • Deploy your MED-V workspace


Technical resources

Virtual Desktop Infrastructure (VDI)

Virtual Desktop Infrastructure (VDI) is an alternative to the traditional desktop deployment model for Windows desktops. Each user can get access to a personal desktop in the datacentre from any connected device. The access device could include a normal desktop environment with Windows or a Thin Client (TC).

As recommended by the Windows Steam Blog here is the approach to get started:

  • The first step is to review the use cases and requirements for their target users and determine whether personal virtual desktops, a virtual desktop pool or session-based desktops make the most sense.
  • If a virtual desktop infrastructure is the right choice, the Hyper-V role should be installed on the VDI hosts and XenDesktop should be installed and configured for integration with System Center Virtual Machine Manager (SCVMM)
  • Then, a reference image should be captured using the Citrix Provisioning Server for Desktops so as to have an easy way to create multiple virtual machines using the reference computer as a template.
  • Next, the Citrix Desktop Delivery Controller and System Center Virtual Machine Manager should be used to create a group of virtual desktops and to deploy them to end devices.
  • Finally, it makes good sense to leverage Microsoft App-V and Citrix XenApp to provision applications to virtual desktops, and to use Citrix Profile Manager in XenDesktop to simplify user profiles in a VDI environment
  • Want to try it for yourself? Here’s a virtual lab on Deploying Citrix XenDesktop 4 on Hyper-V R2 and check out the Citrix guide on XenApp 6 for Windows Server 2008 R2

Session Virtualization

This was originally Terminal Services and is used by several million users. Microsoft combined with Citrix have a pre-dominant share of the market. Microsoft have now named this Remote Desktop Services (RDS). This comes as part of Windows Server 2008 R2 (Check out the new Windows Server 2008 R2 Service Pack 1 RC)

Session virtualization isolates the processing of the operating system and applications from the graphics and the Input and Output devices (keyboard and mouse). Once isolated, session virtualization sends the graphics from a central server and application out to an accessing device where the end user sees the display in real time. It is just as if the user were watching a live feed. However, session virtualization also captures the keyboard and mouse events of the remote user and replays them on the central datacenter.

Server Virtualization Graphic 3

This allows a user to instantly interact with the remote system. This design makes the user feel like the OS and application are actually running on the device in front of them, even though the application is sourced from a central datacenter.

This has real benefits in security with better security having all data stored and managed centrally. In this scenario, there is one shared copy of the software on the server, and this also has cost savings for patching and updates. Also, with data security and privacy concerns, having a central database provides a layer of security, by ensuring copies of the main database never leave the data center.

In Session Virtualization (Remote Desktop Services) users access a Windows Server OS hosting their application – In VDI, a Windows desktop hosts the application.

  • In Session Virtualization, only one copy of the OS is run on the hardware, and multiple users share that OS to run the application.
  • In VDI, each user is assigned their own complete OS, which is then used to host whatever apps the user needs

The VM is then copied to a server farm in a data centre, with each server in the farm running dozens of desktop VMs. Of course, a desktop OS is intended to be used with end users, so these virtual desktops are then accessed remotely by the end users using the same remote access technology we just talked about on the session virtualization (Remote Desktop Services)

This means that on average, VDI is more flexible and customizable than session virtualization. It is also less effective and more expensive to implement. In fact, due to licensing restrictions, VDI can be a lot more expensive than session virtualization for most customers.

As recommended by the Windows Steam Blog here is the approach to get started:

  1. Install the Remote Desktop session Host (RDSH) role service and configure RD Licensing role service and configure license settings.
  2. Install programs on the RD Session Host server and configure the client experience
  3. Configure users that will remotely connect to the RD Session Host server
  4. Expand deployment by configuring RDSH server farms and consider adding partner solutions such as Citrix XenApp
Technical Resources
  1. Windows Server 2008 R2 Remote Desktop Services Infrastructure Planning and Design Guide.
  2. Remote Desktop Services Deployment Guide

The Microsoft Virtualization Stack

The table below gives a brief overview of the Microsoft products that deliver personal virtual desktops, a virtual desktop pool or session-based desktops.

  1. Microsoft Desktop Optimization Pack (MDOP) includes App-V and Med-V described above and can be acquired with Windows or as part of the VDI Suite licensing vehicle.
  2. The Hyper-Visor or Hyper-V is included free with Windows 2008 R2. There is also a new release w. Service Pack 1 with added functionality.
  3. Remote Desktop Services is within the Windows Server 2008 R2. Microsoft can deliver both VDI and Session based Virtualization to your users.


The CAL Requirements for the iPad


The CAL stack above is what you need to get your iPad on your network. This includes CALs for Windows Server and Remote Desktop Services. Secondly, If you are running Exchange, you will need the relevant Exchange CAL.

Customers can now buy different components of the server and management infrastructure required to run VDI through a single licensing vehicle.

The VDI Standard Suite and VDI Premium Suite are licensed per client device that accesses the VDI environment. This is also on a subscription model

As above, Management of your virtual infrastructure is taken care of the various System Center components, including System Center Virtual Machine Manager, System Center Operations Manager 2007 R2 and System Center Configuration Manager 2007 R2

The following CALs are included to provide access rights to the Microsoft Infrastructure and Management products.

These can be acquired through Volume Licensing with a Microsoft Reseller.

The Microsoft VDI Suite

The Microsoft VDI Standard Suite will include licenses to the following technologies:

  1. Hypervisor platform (Hyper-V Server 2008 R2)
  2. An integrated management suite for VDI (System Center Virtual Machine Manager 2008 R2, System Center Operations Manager 2007 R2, and System Center Configuration Manager 2007 R2)
  3. Microsoft Application Virtualization through the Microsoft Desktop Optimization Pack (MDOP)
  4. Connection Brokering capability through Windows Server 2008 R2 Remote Desktop Services.Microsoft does not allow access to Windows Server software to host a full GUI (using RDS or other technology):
    • directly from your VDI licensed device or
    • indirectly through a virtual OSE on your VDI host.

The Microsoft VDI Premium Suite includes all the features of the Microsoft VDI Standard Suite, and also includes:

  1. Complete Remote Desktop Services capability, including the option to deploy session based desktops in addition to VDI desktops.
  2. Access Windows Server for purposes of hosting a graphical user interface (GUI)
  3. Microsoft Application Virtualization for Remote Desktop Services

*VDI Suite is a subscription model and does not confer perpetual rights.

Citrix Solutions

Citrix have a lot of guidance on their website on how to approach including the iPad on your network to provide full desktop and Windows 7 / XP functionality to your users. The Citric Receiver is available from the Apple App Store as a download to enable touch functionality over XenDesktop and XenApp based on Windows Server 2008 R2.


You can find out more from Citrix by going to the and

How do I license Windows OS and my Office Applications?


This is covered in detail in my previous post: Applications and OS Licensing: Remote Access and Roaming Use



Please check my previous post on Windows OS virtualization for an in-depth look at this topic


Microsoft and Citrix have enabled full productivity from a range of devices and provided options in the way your users access their data and their desktop and their applications. How you approach this in your organisation will have to be considered and hopefully the range of links and content within this article will assist you.

The theme of this article has been around the popular iPad device – but your licensing requirements will be dependent on what you want your users to access on your network and the functionality and experience you want them to have and the ownership of those devices.

I have included briefly the licensing requirements for looking at the windows OS and Office. However If you want this more in-depth please review my several articles on this blog to get clarity for your particular usage scenario. Licensing can be complex, so always refer to as many dependable resources as possible, whether the Microsoft website, the Product Use Rights and Product List or your Large Account Reseller.

One take away from this article is that 3rd party vendor solutions for Virtualization  rarely provide you with the licensing implications and costs to provide Microsoft products over their technologies. So it is worth doing your research and understanding the total cost of ownership.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s