Skip to main content

Client Hypervisor Technology

Published: May 10, 2010

Virtualization through the use of hypervisors on the server has clear benefits, including consolidation, power savings, and better utilization of the information technology (IT) infrastructure. As a result of these well-documented benefits, IT professionals naturally want to investigate the potential of using hypervisors on the client.

This article examines client hypervisor technology with regard to scenarios in which hypervisor technology might be relevant (for example, isolation) and recommends virtualization alternatives for other scenarios. In this article:

What is a Client Hypervisor?

A client hypervisor, also known as Type I or bare-metal virtualization on the client, creates a virtualization layer that runs directly on the hardware. This layer runs one or more operating system instances, which it virtualizes to some extent. A client hypervisor differs from the more common Type II client virtualization, in which the virtualization layer runs as an application on the Windows operating system and enables additional instances of a virtual operating system. Windows Virtual PC is an example of Type II virtualization.

Back to top

Environment Isolation

Environment isolation is a common situation for which customers consider client hypervisors. In this scenario, customers run multiple, isolated computing environments on a single device and partition those environments based on security levels. Client hypervisors address this scenario well by running—and isolating—multiple instances of Windows on the same device. However, virtual desktop infrastructure (VDI) can also address this scenario and offers a higher level of separation and data security. VDI keeps the data and the applications in the datacenter and provides the user a view of the desktop only.

Back to top

Hardware Independence

Although hypervisors can make sense when users need more than one operating system instance on their desktop computers, some vendors also claim that client hypervisors can enable hardware independence and eliminate device-driver complexity. Hardware independence appeals to IT pros, who want to simplify deployment, maintenance, and support by deploying a single image for all desktop computers.

Thinking through this solution, a client hypervisor implementation that abstracts Windows from the hardware must provide drivers and support for all types of devices. Developing drivers for the variety of devices that Windows supports is a complex endeavor. To avoid this complexity, vendors need to do one of the following:

  • Build a hypervisor for a specific computer model—limiting hardware choices to just a few supported devices.
  • Use generic device drivers with basic functionality for common devices—limiting device experience. For example, a generic driver might not support all the features of a graphics card or the scan, print, and fax capabilities of a multifunction device.
  • Pass the device interfaces through to the operating system—sacrificing hardware independence, which is the goal of using a client hypervisor in this scenario.

In contrast, Windows provides a high level of hardware compatibility. The Windows driver ecosystem has matured and stabilized over the years. Windows has a huge install-base and development community. Most devices work out of the box, and driver installation occurs within minutes during deployment. In larger deployments, additional device drivers can be installed from the network or Windows Update.

To summarize: By simply taking control of the hardware layer, a client hypervisor does not add value to the Windows desktop experience, management, or support. Windows 7 can provide more hardware choice without increasing management costs.

Back to top

Simplifying Windows Deployment

An extension of the hardware-independence claims for client hypervisors is that IT pros can simplify Windows deployment by using client hypervisors to reduce image count.

Windows 7 provides significantly improved deployment tools that change image deployment practices from previous versions. These tools enable deployment of a single image to any computer model, and that image automatically adapts to the computer hardware.

Additionally, IT pros can use the Microsoft Deployment Toolkit (MDT) or Microsoft System Center Configuration Manager to automate deployment. Multicasting enables efficient network delivery of images, and both solutions can automate the migration of user state (such as, data files and settings).

The deployment benefits of Windows 7, MDT, and Configuration Manager are available with or without a client hypervisor. Using a client hypervisor does nothing to make deployment or management any easier.

What is the overhead of a client hypervisor?

Most client hypervisor products are still in the demo or proof of concept stage—too early to determine the overhead for their deployment. However, depending on the specific implementation, consider the following added complexity:

  • Client hypervisors will require premium hardware with virtualization capabilities in the CPU and BIOS. These hypervisors will usually require additional memory and will run slower than Windows running natively on the device.
  • Client hypervisors might need additional management and patching infrastructure to keep them up to date. Neither task can be addressed through existing desktop-management tools.
  • Help desk and support processes will be more challenging and time-consuming. Any Windows application issues will need to be reproduced on a separate system without a hypervisor, to isolate the root cause.
  • Some user training will be required because hypervisors on the desktop are not made to be invisible to end users.

Back to top

Synchronizing Multiple Desktops

Vendors often mention client hypervisors in the context of offline VDI. By definition, VDI is a remote desktop: an online, well-connected experience. Trying to achieve offline VDI is about enabling the same rich user experience on a desktop, whether the user is online or offline and inside or outside the corporate network. The most cost-effective way to achieve that goal is simply to use a laptop—a one-stop solution for all those needs with the best user experience, anywhere.

Some users might need to synchronize their work environment across multiple desktops or on a virtual desktop on a VDI server. This concept is also useful for backup and recovery so that users can reconstitute their desktops on another device or virtual desktop if their laptops are lost or broken.

For those scenarios, Microsoft recommends synchronizing user state by using Windows Optimized Desktop. Doing so makes user files, applications, and settings available anywhere and offers robust, easy-to-implement technologies that require no additional infrastructure:

  • Folder Redirection. Folder redirection synchronizes user data to a centralized location and makes data seamlessly available online and offline. Windows 7 improves folder redirection from earlier versions of Windows.
  • Roaming User Profiles. Roaming user profiles synchronizes users’ settings to give them the same experience on every desktop they use.
  • Application Virtualization. Application virtualization makes applications immediately available, anywhere, without installation or a footprint on the desktop. Application virtualization helps with easy reconstitution of user applications on any desktop.

To summarize: Some vendors recommend a client hypervisor on laptops, to facilitate synchronization with a VDI desktop so that you can rapidly copy a desktop from the server to a client and vice versa. IT pros should evaluate whether they need to support such a scenario. They should also evaluate whether deploying a new, early-stage virtualization solution for all their laptops and synchronizing the operating system image between a local device and VDI storage makes more sense than simply synchronizing user files, settings, and applications.

Back to top

One Device for Work and Personal Life

Users tend to use corporate laptops for personal purposes as well as for business, or they use their own laptops or home computers for work. Using a client hypervisor to enable this scenario is attractive to some organizations: Users can maintain work and personal environments on one device but can keep them separated, from a management and support perspective. Users can install any application they want in their personal environment, while the corporate IT department manages and controls the work environment.

Although separation of personal and work environments on one system is valuable for certain audiences, IT pros should consider these significant questions, especially for user-owned devices (such as, "bring your own PC"):

  • Support. Can the help desk readily separate work-related requests from personal requests? Support costs for unmanaged environments are higher than for well-managed environments.
  • Liability. What liability does the company have for data on a computer that it does not own or control? Can it legally remove corporate data when users complete their work?
  • Compliance. Can the IT department change the configuration of a personal device to comply with its policies?
  • Productivity. Does the organization want users to have personal applications and data readily available while at work?

Additionally, a client hypervisor complicates installation and usage. Installing a hypervisor on user computers limits their hardware choices because a hypervisor requires more memory and specific CPU virtualization capabilities. Moreover, installation is intrusive and changes the boot process, so an IT pro must manually configure devices.

Instead of implementing this scenario by using a client hypervisor, IT pros can consider VDI—especially for occasional use by contractors, home users, and students. The personal environment is left untouched, and installation and maintenance of a hypervisor is not required. Instead, the work environment is virtualized and consumes server resources only as required. Perhaps more importantly, the organization does not take on the additional support, liability, and compliance challenges that combining personal and work environments on one device can raise.

To conclude, creating a personal, virtual environment on a corporate-managed endpoint, possibly by using a client hypervisor, can provide additional value for specific users. However, for non-corporate devices, consider VDI.

Back to top

Development, Test, and Demo

For a long time, customers have used Type II virtualization technologies such as Windows Virtual PC to run multiple environments for development, test, evaluation, and demo purposes. As Type I virtualization becomes available on the client, it will become a relevant solution for developers, test engineers, and sales people who need to use multiple operating system environments. Type I virtualization could have the benefits of running the same type of virtualization on the server and the desktop, being able to easily debug or demonstrate server environments on desktops, or loading test environments from the desktop to servers.

Back to top

Application Compatibility

Desktop virtualization is a proven mitigation strategy for application-compatibility issues. With this strategy, IT pros provision their users with a previous version of Windows in a virtual machine, to support incompatible applications.

Type II virtualization provides a more suitable solution than a client hypervisor for mitigating application-compatibility issues. Users run the virtual environment only when they need to use applications on another Windows version. For example, Windows Virtual PC provides a seamless experience as it publishes applications from the virtual environment side-by-side with native applications, and users can easily share files and data among native applications and applications in the virtual environment.

Back to top

Conclusion

IT pros who need more than one operating system environment on a desktop computer should consider virtualization. When isolation is also required (for example, in high-security environments or when separating work and personal activities on a corporate laptop), IT pros might consider either a client hypervisor or VDI. If a user requires remote access but is not provisioned with a corporate laptop, VDI might be the better option.

While the "bring your own PC" concept is appealing, many challenges exist, from an IT perspective. If the need for this type of scenario is not immediate, other solutions might enable a more flexible, personalized desktop.

For most desktop users, a well-managed desktop or a laptop running Windows 7 provides what they need, without the additional investment and overhead of a client hypervisor.

Back to top