What is the relationship between these two products? One view is that Secure Global Desktop (despite its name!) provides access to remote applications and VDI does the same for remote, virtual desktops (VMs). A clean distinction, but slightly artificial: to Secure Global Desktop, a remote desktop, virtual or not, is really just a remote application. There is little to differentiate the products when it comes to connectivity to remote desktops - Secure Global Desktop has its native and HTML 5 clients, VDI has Sun Ray and OVDC, but both products connect to remote servers in the same way, typically using RDP.
Where the products differ is in their scope. Oracle VDI is a comprehensive solution that enables an administrator to create, store, manage and destroy VMs, as well as allowing users to connect to them. Secure Global Desktop is simpler and restricts itself to connectivity to the VMs.
So, do the products work together? A most definite 'yes': use Secure Global Desktop for user connectivity and VDI for management of VMs. In fact, Secure Global Desktop ships with a component specifically for communicating with VDI. You can find full details at http://docs.oracle.com/cd/E41492_01/E41495/html/dynamic-launch.html#broker-vdi-3-3 but we can do a short overview here.
Firstly, a slight digression. There are two main entry points to Secure Global Desktop. The common approach is for users to log in through their browser and go to their Workspace (formerly known as their 'Webtop'). The Workspace presents all the applications that an administrator has published to the user as links and an application can be launched by clicking its link. The second entry point is 'My Desktop'. Here, a user logs in through the browser but, rather than going to the Workspace, a desktop is launched automatically. Quite a good fit for delivering virtual desktops and the approach we will use in our example.
Let us assume it is a clean installation of Secure Global Desktop. The first task is for the Secure Global Desktop administrator to configure 'My Desktop' to talk to VDI. The steps are:
1. 'My Desktop' is a dynamic application object, meaning that it can map to one or more real application objects. Since all the VM providers accessed through VDI emit RDP, we are interested in 'Windows Desktop' and not 'Unix Desktop'. We delete the mapping to 'Unix Desktop', leaving a single mapping to 'Windows Desktop'.
Next, we configure the 'Windows Desktop' application. Traditionally, this would be done by assigning it an application server object that points to a real Windows server. Here, we are going to use a dynamic application server. It is 'dynamic' because it uses code (in this case, the VDI Broker) to define the server or servers, rather than a static setting for DNS name or IP-address. So, next:
2. We create the dynamic application server, set its 'Broker Class' to 'VDI Broker' and configure it with the particulars of our installation. Configuration involves providing the URL for the VDI web services and, if they are secured with a certificate from an untrusted certificate authority, installing the certificate (or chain) into Secure Global Desktop.
3. We assign this dynamic application server to 'Windows Desktop'
That is the administrator's job done. The user scenario is:
- User clicks the 'My Desktop' link in the browser and authenticates.
- The VDI broker code runs and gets a list of VMs available to the user. If there is only one candidate VM, Secure Global Desktop connects the user directly to the virtual desktop. If there are several, the user is given the option to select one before a connection is made.
By using the VDI broker included in Secure Global Desktop, you can deliver virtual desktops to users through Secure Global Desktop and manage the desktops with VDI. For users familiar with Secure Global Desktop, the desktop is just another application and they face no learning curve. And administrators can continue to manage desktops through VDI, or even add desktops from other providers without changing the user experience.
There are references to 'dynamic application server objects' and 'dynamic application objects' in this discussion. These types of objects, along with some open interfaces, form the 'dynamic launch' feature in Secure Global Desktop. This feature is used to extend the product and the VDI Broker is an example of this extensibility - by simply implementing a public interface (see http://docs.oracle.com/cd/E41492_01/E41499/html/com/tarantella/tta/webservices/vsbim/IVirtualServerBroker.html), the VDI Broker plugs into the Secure Global Desktop infrastructure and provides additional functionality.
Dynamic launch will be the topic of a later entry.