This guide takes you through the Microsoft licensing options available and the required licensing components for providing Desktop as a Service (DaaS)
- This article will give you a brief overview of the different desktop delivery models and the corresponding licensing model(s) supported by Microsoft.
A Comprehensive, Structured Approach
The licensing requirements for delivering DaaS are dependent on the total software solution stack, and the software delivery model selected, and enabling technologies.
There should be clarity from the Service Provider as to how their service is being delivered, ensure definitions are made at the Service Level, and should be made at each Service Level to comply with all applicable Vendor licensing model(s)
It is recommended to work with a Licensing Expert to understand the optimum, and correct, product licensing configurations and procurement model(s) to support your business goals.
Your Service Provider or SI may not incorporate all applicable licensing metrics, and vendor software terms in response to your RFP. This analysis should be comprehensive to understand complete TCO.
Looking at VDI
VDI is a popular topic when I’m conducting customer Licensing Workshops . From experience, this is a top area to identify unanticipated vendor spend implications and product licensing dependencies, often across multiple vendor solutions. In most proposed implementations it will include a combination of Vendor technologies to implement the service and this can incur unanticipated (or unnecessary) cost.
As an overview, in VDI, each user is assigned their own complete OS, which is then used to host whatever apps the user needs within a VM (Virtual Machine) running on a server in a datacenter. This will require an underlying Virtualization Platform, whether VMware ESX or vSphere, Citrix XenServer or Microsoft Hyper-V.
Virtual desktops are accessed remotely by the end users across various devices, using a Remote Desktop Technology including but not limited to, Microsoft’s RDP (Remote Desktop Protocol) or Citrix’s Independent Computing Architecture (ICA) to effectively optimise delivery of a GUI to individual computer’s over a network.
- Microsoft RDP 8.0 server is incorporated within Remote Desktop Services (RDS) and sold within Windows Server 2012.
- Citrix products adopting ICA include XenDesktop and XenApp.
Implementation of VDI will require a Management Platform to orchestrate User access to individual VMs and console to provision, amend, and decommission VMs. Microsoft provide this within a recently consolidated offering: System Center and VMware with vCloud Suite
It is often acknowledged that while VDI is more flexible and customizable than session virtualization it can be expensive to implement without support from a competent technical advisory and software licensing partner.
For quick reference on the specifics of Desktop OS Product Licensing read the following articles
Session (or Presentation) Virtualization, is a well established and scalable delivery model. This may be referred to as delivering a ‘desktop’ but commonly adopts a limited user shell GUI to run applications.
The most common solutions are Microsoft Remote Desktop Services (RDS) commonly still referred to as Terminal Services (TS) and Citrix’s XenApp (Presentation Server).
In Session Virtualization (Remote Desktop Services) users access a Windows Server OS hosting their application with often a limited number of OS run on the hardware, with multiple users able to share that OS to run the application(s)
Session virtualization isolates the processing of the operating system and applications from the graphics and the Input and Output devices (keyboard and mouse). Once isolated, session virtualization sends the graphics from a central server and application out to an accessing device where the end user sees the display in real time. It is just as if the user were watching a ‘live feed’. However, session virtualization also captures the keyboard and mouse events of the remote user and replays them on the central datacenter.
This allows a user to instantly interact with the remote system. This design makes the user feel like the OS and application are actually running on the device in front of them, even though the application is sourced from a central datacenter.
This has real benefit in deploying one shared copy of the software to the server, allowing greater user density and centralised patching and updates. This can extend security by having all data stored and managed centrally.
Organisations need to meet both the current and evolving needs of their employees and the provision and use of client computing services can be an emotive subject.
Within the organisation the objective of client computing is primarily to provide employees with the right level of access to corporate applications and data from a variety of access devices for a increasingly distributed and mobile workforce.
To support, IT departments can reduce application management costs and improve deployment speed . Secondly, end users want to have their business critical apps available on any authorised device. To achieve this, Microsoft Application Virtualization (App-V) decouples applications from the OS and helps to eliminate app-to-app incompatibility, because applications are no longer installed on the local client device.
Remote App programs enable software to be accessed remotely through Remote Desktop Services (RDS) and appear as if running on the end user’s local PC. These are hosted apps, and can be accessed through a web browser.
A brief overview of Application delivery models are illustrated below:
As virtualization isolates an application and all of that application’s files and resources from the operating system (OS) , and any other application on the system; Applications can be streamed out to a desktop when the user needs them.
For desktop administration this can drastically reduce the time and cost implications of desktop management, bringing patch and upgrade management to one central location and accelerate the deployment of any new applications. It also ensures the entire desktop environment is configured to be secure and consistent.
Microsoft’s application virtualization solution, App-V, can also stream only the parts of the application needed by the user and have instant click start-ups. Once the user logs off, the application can be removed, and is no longer there risking access by a non-authorised or unlicensed user.
Delivering the Desktop as a Service
It has been acknowledged by Microsoft that Service Providers would like to enable hosted Desktops as a Service (DaaS) as an alternative way to consume the Windows OS. This is often presented by Service Providers as a way to reduce TCO, presented within a simpler ‘Per User’ cost model.
A critical point in evaluating Microsoft do not support Service Providers to host the Windows Desktop in a public cloud
Microsoft licensing models are restrictive, only accepting delivery of DaaS via Windows Server.
This may be in part, due to uncertainty whether VDI can deliver an excellent customer experience across Wide Area Networks (WAN) and the increased investment in Microsoft providing direct Cloud Services.
Microsoft will allow Service Providers to customise the Windows Server Remote Desktop Session Host (RDSH) experience for customers, offering a ‘similar’ experience to the Windows Desktop OS. Microsoft are careful to remind Service Providers that their service should be clear in distinguishing between Windows 7/8 OS and a solution based on Windows Server and Remote Desktop Services (RDS).
RDS (Remote Desktop Services) allows Service Providers to deliver remote apps and remote desktops at scale via the Service Provider Licensing Agreement (SPLA) model in partnership with an accredited SPLA Reseller to ensure the service is appropriately licensed for use of Microsoft software.
This approach adopts Windows Server Remote Desktop Services (RDS) as a centralised desktop and application platform solution, delivering presentation and application virtualization technologies. RDS offers Service Providers a mechanism to deliver and manage hosted desktops for customers via an established, proven technology.
Applications deployed using this delivery method (Presentation Virtualization) are available under the Microsoft Service Provider License Agreement (SPLA) model. The Service Provider will be responsible for working with an accredited SPLA Reseller adopting a SAL (Subscriber Access License) for each authorised User accessing the service.
App-V (SPLA) allows hosted service providers to use App-V to deliver virtual applications all the way to a desktop and run them locally.
As with Windows Desktop OS, Microsoft are restrictive in the supported delivery models for Office, hosters are not allowed to deliver Office via App-V and are careful to state this extends to competitive application virtualization technologies.
License Mobility for Software Assurance (SA) : Adopting a Hybrid Licensing Model
In July 2011 Microsoft bolstered the value of their maintenance model with License Mobility for Software Assurance. This extended software use rights for organisations that committed to Software Assurance (SA) for specific products, providing the right to deploy specific application server workloads with a Service Provider, provided that the end-customer continued to maintain active Software Assurance (SA) coverage on those licenses.
The Microsoft Product Use Rights state that “All Products that are currently eligible for “License Mobility within Server Farms” and covered by Software Assurance are eligible for License Mobility through Software Assurance.”
Microsoft also extended some product specific exceptions within Appendix 2 Software Assurance Benefits section of the Product use Rights to extend this right via Software Assurance (SA)
[Ref: Product Use Rights, January 2013, Page 101of 116]
While SPLA is commonly advocated as the primary vehicle to license the shared infrastructure,; License Mobility can provide an additional licensing model leveraging the on-going investment in Volume Licensing (VL).
License Mobility for Software Assurance is a clearly defined licensing mechanism for specific licensed software and management of end-customer OSEs on third party shared servers. Microsoft are careful to define that Service Level, and ask that the software and managed VMs are used solely for the use and benefit of the end-customer.
This precise approach extends to the a specific list of accredited partners that Microsoft trust. A list of qualified License Mobility through Software Assurance Partners is available at http://www.microsoft.com/licensing/software-assurance/license-mobility.aspx and could be valuable to check prior to working with a Service Provider. Further, adopting this model will require reporting the specific licenses being leveraged under this extended rights model via an accredited SPLA Reseller
[Ref: Product Use Rights, January 2013, Page 101of 116]
The importance of identifying Service Layers
It is recommended that there is clarity from the Service Provider as to how their service is being delivered, ensure definitions are made at the Service Level, and should be made at each Service Level to comply with Vendor licensing model(s)
Microsoft do support use of end-customer Volume Licensing (VL) for “dedicated outsourcing” for a hosted Windows virtual desktop on fully dedicated servers, within a fully isolated hardware environment.
Under this specific use scenario, the end-customer remains the licensee, abiding by the Product Use Rights (PUR) document and the program specific terms in which the end-customer licensed the product.
SoftwareONE: A Systematic, Comprehensive Approach
Many world leading organisations work pro-actively with a global licensing expert to get a holistic view, and many of the Top-Tier Solution Integrators work with us on Customer Projects leveraging our core-competency and focus on Software.
We can support on Technical Advisory and Licensing Expertise, including but not limited to:
- Impact of respective Ownership and Service Levels of the Service Infrastructure.
- Balance of extended benefits and total cost of ownership against Vendor “lock-in”.
- Awareness of “lock-in” when reviewing procurement models.
- Awareness of associated rights and benefits aligned to vendor licensing and maintenance programmes.
- Awareness of associated Extended Software Use Rights
- Awareness of associated Product Licensing Dependencies
- Awareness of requirements for accessing Extended Functionality
- Awareness of requirements for special Rights of Purchase
- Comparative analysis of available Software Procurement“Packages”, often across multiple Vendors.
- Availability and Analysis of Price Protection for committed spend versus transactional procurement model(s)
- Vendor Procurement Contract Management and consolidation
- Global collaboration, procurement, and license agreement management with a comprehensive secure portal
- Full Software Asset Management (SAM) capabilities.
- Advising on optimum datacenter strategy aligned to Vendor licensing metrics. Able to use in-house expertise and resources to support multiple vendor environments.
- Vendor Negotiation Support leveraging a global company with access to truly global software sourcing with tax optimisation.
This website is a way to give back to the licensing community and as an information resource for all customers that work with Microsoft software and licensing. I hope you find it of value.
Tony Mackelworth lives with his wife in Oxford, England.
This document is provided “as-is”. Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. This document does not provide you with any legal rights to any intellectual property in any Microsoft or other Vendor product.
Please be aware that nothing on this website constitutes specific technical advice. Some of the material on this website may have been prepared some time ago and therefore may have been superseded. Specialist advice should be taken in relation to specific circumstances.
The contents of this website are for general information purposes only. Whilst the author(s) endeavour to ensure that the information on this website is correct, no warranty, express or implied, is given as to its accuracy and the primary author and website owner or it’s contributing Authors do not accept any liability for error or omission.
The contributing authors and owner of the website shall not be liable for any damage (including, without limitation, damage for loss of business or loss of profits) arising in contract, tort or otherwise from the use of, or inability to use, this website or any material contained in it, or from any action or decision taken as a result of using this website or any such material.
This Disclaimer is not intended to and does not create any contractual or other legal rights. This website is not run by Microsoft or my current employer.