Virtual vs Physical Workstations – Which is right?

Virtual vs Physical Workstations – Which is right?

In last weeks post on the Xenwerx blog, the differences and similarities between VDI and Daas solutions were looked at.  But what if your organization if trying to decide between staying with physical workstations (desktop or laptop computers) vs going with a virtual desktop, whether that be VDI or DaaS? In this weeks post we will look at the differences and similarities bretween physical and virtual desktops and what each means for your organization. From and IT and end user stand point.

Lets begin with looking at the similarities between a physical PC and a VDI (or DaaS) desktop.  Both solutions provide end users access to a Windows or Linux based environment with all relevant applications installed and access to their files and network resources.  Once logged in, the experience between PC and VDI are essentially identical for end users and if you were to walk up and look over the shoulder of an employee it would be difficult to tell if they were using a PC or VDI.

Sicne both PC and VDI are using the same operating system and applications they look, feel and function the same way both for IT administrators and end users.

Although the look and feel is essentially the same for both PC and VDI workstations there are multiple differences, mostly in the way that they are managed and in ways in which each can be accessed by users.

In staying with the end user experience for a minute, VDI has the benefit of allowing users to access their workstation from any device, anywhere, at any time.  As long as users have an internet connection they can securely login and get the same Windows or Linux based desktop that they use in the office whether they are on a personal computer, mobile device, or tablet.

In regards to administration of both PC and VDI there are multiple differences. The first is ease of updates and management.  When it is time to install updates or upgrades, rather than havin to go around to each PC and complete the upgrade process administrators can updated all VDIs simultaneously from a central location.  The same advantage applied to making configuration changes, or installing new software.

Another advantage of VDI over PC is the “refreshed” experience users get at each logon to the VDI workstation. VDI workstations can be configured to revert to a clean “golden” image at each log off or restart.  This gives users a clean refreshed experience each time they log on and essentially does away with issues caused by users while using the desktops such as corruption, unwanted software installations and in some cases malware and ransomware.

Buget allocations are another advantage to VDI over PCs. The typical refresh rate for physical PCs for many organizations is every 3 years.  With laptops ranging from $500 – $3000 depending on hardware specs and the time required to install and configure business applications this refresh can be an expensive proposition for organization.  Since VDI workstations run in the company data center (on-site or in the cloud) the requirements for  hardware refreshes can be extended for a longer period of time or replaced with less expensive thin-client devices.  Older hardware can be repurposed to access the VDI desktops or organizations can implement a Bring Your Own Device program effectively eliminating end user hardware costs.  Either way the amount of money required to purchase and maintain end user hardware can be greatly reduced with the use of VDI workstations compared to PCs.

Arguably more important than cost is security for many organizations.  VDI offers increase security protection that PCs can not offer and organization.  Theft is one such way that security is increased.  There are new stories every year where company data was compromised because an employee left a laptop with company data on it in their car, unattended at the airport, or unsecured in a public place and the device was stolen, thus compromising the data that it contained.  The use of VDI workstations prevents any company data from being on the laptop or device.  Therefore if the device is stolen, no company data is compromised since the VDI workstation and all data runs and is stored in the data center.  The increase in remote or hybrid work also opens organizations up to increased security risks when using PCs.  Even with the use of VPN connections an organization is opening itself up to any threats that are on users home computer, home internet, or public wifi.  Once the VPN connection is established any malware on the device can traverse that VPN connection and make its way into your organizations corporate network.  This is not the case with VDI.  Once again since the VDI is running inside the organizations data center, the user working remote does not expose any external threats to the network.  Essentially only the screen, keyboard and mouse are the only things outside the data center.  VDI sessions also rely on proprietary secure connections that are encrypted and inheritently more secure than VPN connections. If the workstaiton and data is never outside the data center it can’t be exposed to external threats from users home computers, internet, or public wifi.

As mentioned earlier, the clean reboot / refresh that can be configured for VDI desktops serves as an additional stop gap if users do become exposed to malicious software over the internet or via email while working on their VDI workstation.  All changes made to the VDI desktop are essentially erased from the machine when the user logs off or restarts the workstation, (with the exception of user customization options).  Therefore any corruption or malicious software that makes it way onto the VDI is deleted and the VDI workstation is clean again when the user logs on.  It should be noted that this clean reboot / refresh freature is in no way a replacement for up-to-date anti-virus software but does serve as another layer of security against malicious software or accidential corruption / damage caused by users.

The advantages that VDI presents in regards to remote / hybrid work, especially during the recent pandemic cannot be overlooked.  Many organization struggled with the ability for employees to gain access to company resources while locked-down at home.  For some organizaetions it was an impossible or expensive proposition that caused business to permanently close their doors.  The ability for employees to work from anywere, from any device and access the same VDI workstation that they use in the office made the transition to remote work essentially a non-event for many organizations.  Some organizations had to find ways to provide employees with devices such as thin clients or laptops when those employees did not have company provided laptops or personal devices that they could use for remote access to VDI.  However, once the employees had hardware and an internet connection they were able to connect and work with secure access to all the same resources and data that they had when they were on-site.  Since the hardwar doesn’t require a specific operating system or any applications users could obtain a inexpensive Chromebook or other device with an internet connection and gain full access to their Windows or Linux VDI workstation.

There are a multitude of other advatnages and differences between VDI and PCs, too many to cover in a single post.  Hopefully the above examples helped to answer questions that you had regarding the difference and the advantages that VDI can provide to your organization.  if for not other reason than the ability for users to have the exact same expereince, workstation and access to resources from anywhere, from any device, at any time is enough to give VDI a look.  

For more information or to see a demo of VDI reach out to Xenwerx, or your current Citrix partner,  and we will be happy to show you how VDI can make your organization more efficient, more secure, and allow you to retain employees by offering hybrid or remote work.