AWS Summit 2014 Perth - Breakout 6
Amazon Workspaces is a new service from AWS that delivery fully managed desktops in the Cloud. In this session you be able to learn more about the benefits and capabilities of Workspaces and see a demo of the user's experience when using Workspaces and the administrators experience in managing it.
Presenter: Dean Samuels, Solutions Architect, Amazon Web Services
4. Virtual Desktop Infrastructure (VDI)
VDI
Full Client Desktops Running as Virtual Machines (VMs)
Individual Client VMs
Better application compatibility, 1:1 User to VM mapping,
VM level isolation, personalization and more control, persistent or
non-persistent experience
5. Virtual Desktop Infrastructure (VDI)
Better application compatibility, 1:1 User to VM mapping,
VM level isolation, personalization and more control, persistent or
non-persistent experience
High scalability, many:1 User to desktop image, streamlined desktop
management, persistent or non-persistent experience
VDI
Full Client Desktops Running as Virtual Machines (VMs)
Individual Client VMs
Session Virtualization
Single Server Desktop Being Shared via Sessions
Single Server Desktop
6. Session Virtualization
Session Virtualization
Single Server Desktop Being Shared via Sessions
Single Server Desktop
High scalability, many:1 User to desktop image, streamlined desktop
management, persistent or non-persistent experience
8. Self-Managed - XenApp/XenDesktop
AWS Region
Customer VPC
AZ1 AZ2
NetScaler CloudBridge
Source: http://support.citrix.com/servlet/KbServlet/download/37135-102-709877/Deploy XenApp and XenDesktop 7 5 with Amazon VPC.pdf
End-users
Corp Office & Remote
AD StoreFron t
XA
NetScaler CloudBridge
AD StoreFron t
Internet
Gateway
XD XA XD
9. Self-Managed – Hybrid XenApp/XenDesktop
Amazon Web Services
Licensing Connector Connector
Amazon VPC
Enterprise Datacenter
Enterprise Network
CloudBridge
XA XD
XA XD
AG
End-user
DMZ
StoreFront
AD
NetScaler
Source: http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/hyprid-cloud-provisioning-with-citrix-xendesktop-and-xenapp.pdf
10. Self-Managed – Remote Desktop Services
AWS Region
Customer VPC
AZ1 AZ2
RD Gateway RD Web Access
End-users
RDP Client
RD Connection
AD Broker
RD Gateway RD Web Access
AD Licensing Server
Internet
Gateway
RD Session
Hosts
RD Session
Hosts
12. Push Button Deployment
WorkSpaces
• Launch the number of WorkSpaces needed
• All heavy lifting taken care of by AWS
• Users receive email to install clients and connect
13. Support Multiple Devices
• iPad
• Kindle Fire HDX (Keyboard & Mouse)
• Android Tablet
• Microsoft Windows
• Mac
14. Choose Software and Hardware
WorkSpaces Bundle Hardware Resources Applications
Standard 1 vCPU, 3.75 GiB Memory,
50 GB User Storage
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)
Standard Plus 1 vCPU, 3.75 GiB Memory,
50 GB User Storage
Microsoft Office Professional
2010, Trend Micro Worry-
Free Business Security,
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)
Performance 2 vCPU, 7.5 GiB Memory,
100 GB User Storage
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)
Performance Plus 2 vCPU, 7.5 GiB Memory,
100 GB User Storage
Microsoft Office Professional
2010, Trend Micro Worry-
Free Business Security,
Utilities (Adobe Reader,
Internet Explorer 9, Firefox,
7-Zip, Adobe Flash, JRE)
All WorkSpaces Bundles provide the Windows 7 Experience to users (provided by Windows Server 2008 R2 with RDS).
15. Keep Data Secure and Available
• No data stored on end-user device
• Only Pixels delivered to users (PCoIP)
• User volume backed up to Amazon S3 as snapshots
16. Pay as You Go
WorkSpaces Bundle Monthly Price
Standard $45
Standard Plus $60
Performance $75
Performance Plus $90
• No up-front commitment
• Delete WorkSpaces at any time
• Price includes infrastructure (compute, storage, bandwidth) and bundle’s software
17. Identity and Directory options
WorkSpaces Connect Directory:
Use existing AD credentials
Simplify management
Cloud Directory:
Remove requirement to provision and
manage a directory service
Directory
Controller
Directory
Controller
Availability Zone Availability Zone
Virtual Private Cloud
Availability
Zone
Availability
Zone
WorkSpaces
Connect
WorkSpaces
Connect
VPN
Gateway
Or
Direct
Connect
Customer
Gateway Domain
Controller
Corporate Data center
18. WorkSpaces Connect
Corporate Directory Integration
• Users: Get to use existing Enterprise Credentials
• IT: WorkSpaces control like regular desktops
– Group Policy
– Software Distributions Tool
– Install agents
• Store in the OU that makes sense to you
• Don’t change the way you manage
– Just less heavy lifting
19. Corporate Directory Integration
Subnet 1
AZ ‘A’
Subnet 2
AZ ‘B’
WorkSpaces API
End-point
Customer
Network
VPN
Connection
Public IP
WorkSpaces
Connect
WS User1
Oauth
Gateway
Public IP
WS User2
On-premises
Domain Controllers
Directory
Join
Directory
Join
WorkSpaces
Connect
On-premises
Resources
Direct
WorkSpaces Connect
Gateway
Users
Secure Auth (443)
Secure Auth (443)
20. Accessing Resources
Subnet 1
Subnet 2
Amazon
EC2
AZ ‘A’
AZ ‘B’
WorkSpaces API
End-point
Customer
Network
VPN
Connection
Public IP
WS User1
Oauth
Gateway
Public IP
WS User2
On-premises
Domain Controllers
On-premises
Resources
Direct
Subnet 3
WorkSpaces Connect
Gateway
Users
Subnet 4
Internet
RO
DC
RO
DC
Amazon
Redshift
Amazon
RDS
Legacy
Apps
Amazon
EC2
Amazon
RDS
Legacy
Elastic Apps
Beanstalk
21. Takes the I out of VDI
• Server Hardware Costs
• Storage Hardware Costs
• Network Hardware Costs
• Hardware Maintenance Costs
• Power and Cooling Costs
• Data Center Space Costs
• Software Costs
• Administration Costs
Source: http://aws.amazon.com/blogs/aws/tco-comparison-amazon-workspaces-and-traditional-virtual-desktop-infrastructure-vdi
22. Easy Sharing Simple document feedback
Access from any device
Integrate your corporate
directory
Secure
Low cost
23. Amazon Zocalo
Regional
Control
Encryption
At Rest and
On Wire
System and
Document
Redundancy
Document &
Folder Access
Controls
External
Sharing
Control
Auditable
Owner
Contributors
Viewers
Admins
Document
Access
Logins / AD
24. Managed - AppStream
• Stream resource-intensive applications
• Render content in the cloud
• Scale on demand
• Enjoy responsive, fluid, HD-experience on device
• Stream entire application or only part
25. Managed by AWS
Amazon WorkSpaces Amazon AppStream
Features • Access to OS
• AWS PCoIP protocol
• User controls the service
• Flat monthly price
• No integration required
• Access to application
• STX protocol
• User consumes the service
• Priced per hour
• Requires software integration
Benefits • Fully Managed
• Support Multiple Devices
• Keep Data Secure and Available
• Choose Software & Hardware
• Pay as You Go
• Corporate Directory Integration
• Removes compute and storage constraints
• Saves development time
• Instant-on delivery
• Simplifies updates
• Improves security
Use Cases • Mobile workers
• Secure workspaces
• Remote employees
• Seasonal workers
• Student workspaces
• Developer workspaces
• Rapid response scenarios
• Test drive applications and games
• Computer-assisted design (CAD)
• Games direct to television & mobile
• 3D design and simulation software
• Access heavy content from tablets
• Medical scans, GIS data, etc
• Hybrid applications
31. Expand your skills with AWS
Certification
Exams
Validate your proven
technical expertise with
the AWS platform
aws.amazon.com/certification
On-Demand
Resources
Videos & Labs
Get hands-on practice
working with AWS
technologies in a live
environment
aws.amazon.com/training/
self-paced-labs
Instructor-Led
Courses
Training Classes
Expand your technical
expertise to design, deploy,
and operate scalable,
efficient applications on AWS
aws.amazon.com/training