Boston Financial Investment Management is a national leader in the low-income housing tax credit industry, with a proven track record in syndication services as well as asset and portfolio management. To keep pace with its customers' demands, the company needed a secure way to make its homegrown applications accessible to its 150 employees in the field and in the office.
Boston Financial called our team at Staples Network Services to install a virtualization solution and secure VPN to improve access to the company's internal software from virtually anywhere and on any system with an Internet connection.
The Old Way
Prior to calling Staples Network Services, Boston Financial's users would leave their workplace systems powered on and connect to them remotely over the company's VPN. This solution was unstable and would occasionally fail. The previous VPN solution was cumbersome for employees and provided no access for external vendors. Desktops would need to be set up and restricted one-by-one for any third party accessing the network. In addition, each workstation's power settings would need to be configured to keep the system powered on 24/7. Doing so used significantly more power than a typical 9-to-5 workload.
The New Way
To provide a stable configuration of a workstation to both remote internal employees as well as external vendors requiring access to Boston Financial's applications and networks, we selected VMware View 4.0. The View implementation provides a centrally managed, on-demand solution allowing users the flexibility they need while allowing IT to control costs and increase availability. VMware View's linked clone technology allows IT staff to manage a single instance of the image and push down changes and updates to the clones efficiently.
The latest release of View 4.0 is currently deployed on a three-host ESX 4.0 Update 1 cluster consisting of HP ProLiant DL380 G6 servers with 72GB of RAM, and data is served by a Dell EqualLogic SAN over iSCSI. Remote users access the system through a SonicWALL SSL VPN.
View is configured with a non-persistent pool of 30 virtual desktops, which are destroyed after first use. Approximately 120 employees and external vendors have access to the system, and personal data is copied to and from the virtual desktops during logon/logoff. This allows for a many-to-one of users to desktops. This setup was implemented to keep costs for both OS licensing--as well as storage--lower. A persistent pool would maintain user data locally but require additional licensing of Windows XP and VMware View.
Boston Financial has internal .NET applications that are currently incompatible with Internet Explorer 8.0. The stable image of the View desktop has been created to ensure compatibility of all the applications used by employees and vendors.
Remote access was also a goal of the deployment. Previously, users would leave their desktops on in the office and connect to them over VPN. With View in place, these machines can now remain powered down or in sleep mode overnight - reducing power usage and costs significantly. Additionally if users previously had left their office machine powered down, they were unable to work remotely. View provides an always-on connection point for them to remain productive at a time convenient to them.
Thin Printing was also enabled in the View configuration, allowing users to use any printer connected to their remote endpoint from the View desktop, thereby reducing the demand on IT staff for assistance with this.
Meet the Pro
Staples Network Services is a managed IT services provider targeting the SMB market. The company offers a comprehensive array of IT services--including managed services, end-user remote support, technology consulting, online backup and disaster recovery planning--that are tailored to specific industry requirements. Eric Thompson, senior network engineer, joined Staples Network Services in June of 2004. He is a VMware Certified Professional on vSphere 4 (VCP4) and has his Microsoft Certified Systems Engineer (MCSE) certification in Windows Server 2003.
If you're an IT solutions provider serving the small to midsize business market, and you'd like to learn how you can contribute to PC World Tech Audit, send mail to firstname.lastname@example.org. We're always looking for more talented pros.
Tech Audit is written and produced in cooperation with IT professionals in the field. All recommendations and opinions expressed represent the independent judgment of the authors and do not necessarily reflect those of PC World or its editorial staff.