Once upon a time, enterprises had a straightforward way to give each employee access to a desktop computer. New employees would join the organization and receive a standard-issue desktop, preconfigured with a common set of tools and applications. This one-size-fits all model was acceptable in the early days of personal computing, but not anymore. Enterprise IT has been engaged in a balancing act in order to meet the needs of a diverse and enlightened user base. They must protect proprietary corporate data while giving employees the ability to work whenever and wherever they want, while using the desktop or mobile device of their choice.

1. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Delivering Desktop Applications with AWS
Dean Samuels
Solutions Architect
Amazon Web Services
dsamuel@amazon.com
Desktop
OS, Apps & Data
Lunch and Learn Series
Mitch Beaumont
Cloud Solutions Architect
Reckon Limited
mitch.beaumont@reckon.com

2. What’s new at AWS?
• T2 instance types
• Management portal for vCenter
• EBS General Purpose volumes
• New Australian locations for
CloudFront, Route53, and Direct
Connect
http://aws.amazon.com/new/
• Multi-AZ for SQL Server RDS
• Redshift free trial and price
reductions in APAC
• Amazon Kinesis now available in
Asia Pacific (Tokyo), Asia Pacific
(Singapore), and Asia Pacific
(Sydney) regions
• CloudFront header forwarding
and device detection
• Amazon Cognito
• Amazon Mobile Analytics
• CloudWatch Logs
• Amazon Zocalo

3. AWS Update
• AWS Training - Sydney - August & September
– AWS Essentials, 4th August
– AWS Essentials, 5th August
– Architecting on AWS, 6-8th August
– AWS Essentials, 19th August
– Big Data on AWS, 20-22nd August - First Time in Australia !!!!
– AWS Essentials, 2nd September
– Systems Operations on AWS, 3-5th September
– AWS Essentials, 9th September
– Architecting on AWS 10-12th September
– AWS Essentials, 30th September

4. AWS Update
• AWS Melbourne Summit
– 12th August
• AWS Training - Melbourne - August & September
– AWS Essentials, 4th August
– AWS Essentials, 5th August
– Architecting on AWS, 6-8th August
– AWS Essentials, 19th August
– AWS Essentials, 2nd September
– Architecting on AWS, 3-5th September
– AWS Essentials, 30th September

5. AWS Update
• AWS Brisbane Summit
– 5th August
• AWS SA Blitz Day – See Craig Dickson (craigd@amazon.com)
– 6th August
• AWS Training - Brisbane August & September
– AWS Essentials, 7th August
– AWS Essentials, 8th August
– AWS Essentials, 26th August
– Architecting on AWS, 27-29th August
– AWS Essentials, 9th September
– Architecting on AWS, 10-12th September
– AWS Essentials, 23rd September

6. Today we’ll cover
Session
Virtualization
Desktop
Virtualization
Cloud Hosted
Desktop Options
Challenges Solutions Demos
Desktop Application
Delivery Concepts
Customer
Use Cases
Q&A
Managed
DIFY
Self-Managed
DIY

7. Desktop Application Delivery Concepts

8. What Is Virtual Desktop Infrastructure (VDI)?
Better application compatibility, 1:1 User to VM mapping,
VM level isolation, personalization and more control, persistent or
non-persistent experience
VDI
Full Client Desktops Running as Virtual Machines (VMs)
Individual Client VMs

9. What Is Virtual Desktop Infrastructure (VDI)?
Better application compatibility, 1:1 User to VM mapping,
VM level isolation, personalization and more control, persistent or
non-persistent experience
High scalability, many:1 User to desktop image, streamlined desktop
management, persistent or non-persistent experience
VDI
Full Client Desktops Running as Virtual Machines (VMs)
Individual Client VMs
Session Virtualization
Single Server Desktop Being Shared via Sessions
Single Server Desktop

10. What Is Virtual Desktop Infrastructure (VDI)?
High scalability, many:1 User to desktop image, streamlined desktop
management, persistent or non-persistent experience
Session Virtualization
Single Server Desktop Being Shared via Sessions
Single Server Desktop

11. Customer Considerations
Workforce roles, BYOD, Applications
Current
State
At what cost did you
enable Agility ?
Need access to apps & data
Hardware & Software Refresh Traditional VDI requires a significant
investment in infrastructure and licensing
Speed of connection, application latency, data location
Authentication, isolation, data security
Existing application ecosystem

12. Cloud Hosted Desktop Options

13. Self-Managed/DIY - XenApp/XenDesktop
Source: http://support.citrix.com/servlet/KbServlet/download/37135-102-709877/Deploy XenApp and XenDesktop 7 5 with Amazon VPC.pdf
AWS Region
Customer VPC
NetScaler CloudBridge
End-users
Corp Office &
Remote
StoreFrontAD
AZ1 AZ2
XA
NetScaler CloudBridge
StoreFrontAD
Internet
Gateway
XD XA XD

14. Self-Managed/DIY – Hybrid XenApp/XenDesktop
Amazon Web Services
Amazon VPC
Enterprise Datacenter
Enterprise Network
CloudBridge
XA XD
XA XD
AG
ConnectorLicensing Connector
End-user
DMZ
StoreFront
AD
NetScaler
Source: http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/hyprid-cloud-provisioning-with-citrix-xendesktop-and-xenapp.pdf

15. Self-Managed/DIY – Remote Desktop Services
AWS Region
Customer VPC
RD Gateway RD Web Access
End-users
RDP Client
RD Connection
Broker
AD
AZ1 AZ2
RD Gateway RD Web Access
Licensing ServerAD
Internet
Gateway
RD Session
Hosts
RD Session
Hosts

16. Managed/DIFY - WorkSpaces

17. Push Button Deployment
• Launch the number of WorkSpaces needed
• All heavy lifting taken care of by AWS
• Users receive email to install clients and connect
WorkSpaces

18. Support Multiple Devices
• iPad
• Kindle Fire HDX (Keyboard & Mouse)
• Android Tablet
• Microsoft Windows
• Mac

19. Choose Software and Hardware
All WorkSpaces Bundles provide the Windows 7 Experience to users (provided by Windows Server 2008 R2 with RDS).
WorkSpaces Bundle Hardware Resources Applications
Standard 1 vCPU, 3.75 GiB Memory,
50 GB User Storage
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)
Standard Plus 1 vCPU, 3.75 GiB Memory,
50 GB User Storage
Microsoft Office Professional
2010, Trend Micro Worry-
Free Business Security,
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)
Performance 2 vCPU, 7.5 GiB Memory,
100 GB User Storage
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)
Performance Plus 2 vCPU, 7.5 GiB Memory,
100 GB User Storage
Microsoft Office Professional
2010, Trend Micro Worry-
Free Business Security,
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)

20. Keep Data Secure and Available
• No data stored on end-user device
• Only Pixels delivered to users (PCoIP)
• User volume backed up to Amazon S3 as snapshots

21. Pay as You Go
WorkSpaces Bundle Monthly Price
Standard $45
Standard Plus $60
Performance $75
Performance Plus $90
• No up-front commitment
• Delete WorkSpaces at any time
• Price includes infrastructure (compute, storage, bandwidth) and bundle’s software

22. Identity and Directory options
Workspaces Connect Directory:
Use existing AD credentials
Simpify management
Cloud Directory:
Remove requirement to provision
and manage a directory service

23. Corporate Directory Integration
• Users: Get to use existing Enterprise Credentials
• IT: WorkSpaces control like regular desktops
– Group Policy
– Software Distributions Tool
– Install agents
• Store in the OU that makes sense to you
• Don’t change the way you manage
– Just less heavy lifting

24. Corporate Directory Integration
Subnet 2
Subnet 1
AZ ‘A’
AZ ‘B’
WorkSpaces
API
End-point
Customer
Network
VPN
Connection
Public IP
WS
User1
Public IP
WS
User2
On-premises
Domain Controllers
Directory
Join
Directory
Join
WorkSpaces
Connect
WorkSpaces
Connect
On-premises
Resources
Direct
ConnectWorkspaces
Gateway
Oauth
Gateway
Users
Secure Auth
(443)

25. Accessing Resources
Subnet 2
Subnet 1
AZ ‘A’
AZ ‘B’
WorkSpaces
API
End-point
Customer
Network
VPN
Connection
Public IP
WS
User1
Public IP
WS
User2
On-premises
Domain Controllers
On-premises
Resources
Direct
ConnectWorkspaces
Gateway
Oauth
Gateway
Users
Subnet 4
Subnet 3
Internet
ERP
ERP
REPO
REPO
RO
DC
RO
DC
FS
FS
LEG
LEG

26. Files On The Go
• Securely backup and sync users data
• Install on the WorkSpace and client devices
• Data is backed by Amazon S3
• Users can access/share their data when they need it
• Useful for document collaboration

27. Amazon Zocalo
Regional
Control
Encryption
At Rest and
On Wire
System and
Document
Redundancy
Document &
Folder Access
Controls
External
Sharing
Control
Auditable
Owner
Contributors
Viewers
Admins
Document
Access
Logins / AD

28. Takes the I out of VDI
Source: http://aws.amazon.com/blogs/aws/tco-comparison-amazon-workspaces-and-traditional-virtual-desktop-infrastructure-
vdi
• Server Hardware Costs
• Storage Hardware Costs
• Network Hardware Costs
• Hardware Maintenance Costs
• Power and Cooling Costs
• Data Center Space Costs
• Software Costs
• Administration Costs

29. Managed/DIFY - AppStream
• Stream resource-intensive applications
• Render content in the cloud
• Scale on demand
• Enjoy responsive, fluid, HD-experience on device
• Stream entire application or only part

30. Managed by AWS
Amazon WorkSpaces Amazon AppStream
Features • Access to OS
• AWS PCoIP protocol
• User controls the service
• Flat monthly price
• No integration required
• Access to application
• STX protocol
• User consumes the service
• Priced per hour
• Requires software integration
Benefits • Fully Managed
• Support Multiple Devices
• Keep Data Secure and Available
• Choose Software & Hardware
• Pay as You Go
• Corporate Directory Integration
• Removes compute and storage constraints
• Saves development time
• Instant-on delivery
• Simplifies updates
• Improves security
Use Cases • Mobile workers
• Secure workspaces
• Remote employees
• Seasonal workers
• Student workspaces
• Developer workspaces
• Rapid response scenarios
• Test drive applications and games
• Computer-assisted design (CAD)
• Games direct to television & mobile
• 3D design and simulation software
• Access heavy content from tablets
• Medical scans, GIS data, etc
• Hybrid applications

31. Customer Use Cases

32. Use Case: Regionally Distributed Users
Users
Users
Users
Users
Users
Amazon
WorkSpaces
AD
EC2
Apps
OP
Chatty/Heavy
Protocols - eg CIFS/TCP
PCoIP

33. Use Case: Rich Graphical App Delivery to the masses

34. Use Case: Reckon Limited
• Accounting software solutions company.
– Publically listed, global HQ in Sydney.
– Started in 1987 as sole distributor of QuickBooks (Intuit)
– Solution portfolio includes Reckon Accounts (previously QuickBooks),
Reckon Elite, ReckonOne, ReckonPOS, ReckonDocs.
– Two DaaS solutions, Reckon Accounts Hosted and APS Private Cloud.

35. Reckon Accounts Hosted
• On-demand access to the enterprise version of Reckon Accounts.
• Single application.
• Session virtualization.
• 300+ RDS hosts.
• 30,000 subscribers.
• Ability for accountants and
their clients to share files.
• Largest consumer of RDS
CALs in ANZ.
• Commodity service.
– Technology choices.

36. APS Private Cloud
• Desktop as a Service for
Accountants.
• Full desktop.
• Session virtualization.
• RDS and Citrix XenApp.
• Bundled with APS products
and a range of other tools.
• Full managed, updates and all.
• Custom, professional services.

37. Our Challenges (On-Premise)
• Periods of
significantly
underutilized
infrastructure.

38. Our challenges (On-Premise)
• Time to on-board.
• Application management.
– Addressed with MS App-V.
• Blast radius (many users 1 server).
• Server silos.
– Infrastructure sprawl!
• Compatibility with older applications.
• Scalability and Capacity.
• Flexibility – meeting the changing needs of our users.
• Access Infrastructure Requirements.
• Automation / Orchestration tools.

39. Moved to AWS
• Accounts Hosted – Lift and Shift.
• APS Private Cloud – Migration.

40. Moving to AWS
• No infrastructure constraints.
• Meeting capacity demands and allowing growth
• Taking advantage of multi-AZ deployments.
• API, Cloud Formation, Auto-scaling.
• AWS are a trusted partner.
• Focus on what’s important, improving our
application and the service.
• Backup to S3 and Glacier!

41. The Benefits

42. Lessons Learned
• Understand users.
• Desktops are but a piece of a much larger puzzle.
– File Access, Internet Access, Mobile, Backups, Updates…
• Technical and logistical challenges.
• One shoe does not fit all.
– Session virtualization and Desktop virtualization works together.
• Profiling Users and Applications – Citrix AppDNA,
Liquidware Stratusphere.
• Session time outs helped manage costs!

43. Lessons Learned
• Maximizing user density in session virtualization
deployments.
– Leverage latest generation of EC2 instances (M3.Large).
– Use gp2 EBS for root volumes.
• Faster boot times when scaling!
– Instance store (SSD back) for user profiles and application
binaries.
– Regular stop / start schedules.

44. What’s Next for Reckon Limited
• Working with Workspaces since January 2014.
• Our “User Experience” with Workspaces.
• Iteration/innovation of features based on feedback.
• Managing virtual desktops with Workspaces.
• Single application publishing.

45. Mitch Beaumont
mitch.beaumont@reckon.com
@mitchybgood
(105 followers and counting!)

46. Q&A and Feedback
http://tinyurl.com/kcd2r9n
• Session feedback forms
– Fill it in, receive $100 credit to get
started on Workspaces
– Link will also be sent in follow-up
email