Amazon made the public Infrastructure-as-a-Service (IaaS) cloud a major force in business IT with its Amazon Web Services (AWS). Now, the retail giant is betting that it can do the same with its new virtual desktop offering: Amazon WorkSpaces.
Amazon is far from the first to explore the idea of the Desktop-as-a-Service in the cloud. Toshiba, Dell, and VMware are all giving it a try. None, however, have Amazon's cloud chops.
Here's how Amazon WorkSpaces will work. The service will offer you a choice of desktop service bundles providing different hardware and software options to meet your business's needs. Each bundle provides a Windows 7 like desktop based on the Windows Server 2008R2 using its Destkop Experience Role. These, in turn, run off AWS.
With each bundle, Amazon provides the following programs: Adobe Reader, Internet Explorer 9, the latest version of Firefox, 7-Zip, Adobe Flash, and Java Runtime Environment (JRE). To this basic software package, you can also add your own software of choice.
Two of the bundles, Standard Plus and Performance Plus, also come with Microsoft Office Professional 2010 and Trend Micro Anti-Virus.
You'll be able to run these virtual desktops with the Amazon WorkSpaces client on both Windows and Mac computers. Amazon will also be providing clients for the iPad, Kindle Fire, and Android tablets. Amazon claims that the WorkSpaces Windows and Mac client will provide users with full access to their desktop and includes support for multiple monitors, audio, and video. With a Kindle Fire, or Android tablet, but not Apple's iPad, users can connect a keyboard or touch pad to have a laptop experience with their tablet WorkSpaces.
To secure these desktops, Amazon is using Teradici's proprietary PC over IP (PCoIP) protocol. On the cloud, PCoIP compresses, encrypts and rapidly transports image pixels to PCoIP end-user devices. The client then decompresses, decrypts and displays the image on a screen.
That sounds good, but in my experience, full graphic streaming virtual desktops tends to eat up bandwidth at an amazing rate. Amazon's data-center pipes may be able to handle the load, but you'll want to check carefully how your company's bandwidth does with the load before investing in technology.
Teradici claims that "Because the protocol transfers images only, in the form of pixel location information, no business information ever leaves the data center. In addition, because all software lies safely inside central systems, no one can tamper with service quality or introduce malware based on application infiltration. The PCoIP security module leverages the AES 256 and NSA Suite B cyphers, which meet the highest level of security required by governments."
To manage these desktops, Amazon enables you to use your existing Active Directory (AD). To make this happen, you'll need to set up an Amazon Virtual Private Cloud (VPC) with a hardware virtual private network (VPN) connection to your on-premises environment, or provision a dedicated connection with AWS Direct Connect. Once linked up, you use the AWS Management Console to select the users in your Active Directory who will receive a WorkSpace. That done, you manage your WorkSpaces users with the same tools that you use to manage any other desktop in your organization, with full administrative control. For example, you can deploy software and apply AD Group Policies to your WorkSpaces users.