Snapshot Mobile Warrior

App virtualization takes on virtual mobility

The challenge for defense and civilian federal agencies is how to deliver a much richer application experience to their workforce across a wider range of devices. The emergence of mobility and bring-your-own-devices means organizations require a larger set of tools to provide a truly digital workspace for workers.

In fact, digital workspace delivery systems are the workhorses of the new mobile enterprise, bridging the gaps across devices to provide anytime, anywhere access to information, said David Johnson, principal analyst with Forrester Research.

In a research paper on how to build a digital workspace, Johnson lists 10 distinct technologies that comprise the digital workspace delivery system portfolio, including server-hosted virtual desktop infrastructures, desktops-as-a-service, local virtual desktops, and application virtualization, among other technologies. Understanding and choosing the right mix of tools for a job is essential. The good news is that technology is getting better at providing information to mobile workers, Johnson said.

Application virtualization, more specifically, virtualizes an application along with the file systems and registry necessary for the app to run properly. Essentially, it puts the app into a single bubble for execution purposes. “It enables applications to be streamed from a centralized location into an isolated environment on the target device where they execute locally, even while offline,” Johnson writes.

Application virtualization is “sometimes used in conjunction with a VDI or session-based desktop environment to improve the user experience, resolve application incompatibility issues, and provide a level of persistence,” Johnson notes.

To build a successful digital workspace delivery system using application virtualization, IT managers must assess whether or not the solution they use can virtualize applications while preserving interoperability between them. Plus, the app virtualization software must integrate well with an organization’s existing and future PC management tools, and work with the leading server-hosted virtual desktop platforms, Johnson said. What’s more, it has to be compatible with an organization’s security and software license compliance tools.

However, “some applications work well in a virtual desktop environment and some don’t. Some employees are always working on reliable high-speed networks, and some aren’t. The key is to have multiple ways to offer employees the right application,” according to Johnson.

Perhaps that is why there is a focus to move beyond application virtualization to the concept of application delivery, in which users via a unified workspace can gain access to applications regardless of the device they are on, said Bryan Salek, staff systems engineer for end-user computing with VMware Public Sector. The unified workspace is now a part of VMware Horizon, which provides virtualized or remote desktops and applications through a single platform to end users.

Using the workspace concept, end-users can securely connect to a portal and see a full list of all applications that are available to them. Some applications would only be available to certain devices, or to certain authorized users or availability would be determined by user location such as whether he is inside or outside of the corporate network.

“Those apps will be presented, all shown; some grayed-out because they are not accessible, depending on the user’s specific circumstances. But that is their access point to launch apps,” Salek explained. If the user is on an iPad, applications will launch almost natively. From the user’s perspective the application is still a Windows application, the same one that in most cases would be accessible on the physical or virtual desktop, or it could be a managed mobile application.

The bigger picture of app delivery is essentially taking the entire superset of the applications users need, and making them available from a single place so users can choose which device they want to use to access applications. As long as they authenticate properly to the environment, their access to those applications are controlled only by the established policy. There is no administrative intervention and the user is free to access the applications in whatever way they want, Salek said.