| 1. Introduction | | | | constraints (e.g. Microsoft Silverlight or Active Server |
| With the growing popularity of the hosted service | | | | Pages) or the need to install additional frameworks or |
| models, more and more application providers and | | | | plugins in order to be able to use the application. |
| data center executives start considering entering the | | | | 3.2. Virtual desktops |
| SaaS market. However, many different aspects need | | | | A very convenient way to provide access to |
| to be analyzed before such a key decision can be | | | | serviced applications is use of Virtual Desktop |
| made. The business aspects for application providers | | | | Infrastructure (VDI). A virtual desktop is a remote |
| and application service providers (ASPs) have been | | | | graphical access to a user session on another |
| described in the whitepaper "Business asa Service | | | | machine. In other words, the users are able to see |
| – SaaS Billing and Business Models" ( However, in | | | | and use a remote computer's desktop as a window |
| order to set up a successful ASP or SaaS business, | | | | on their desktop. |
| the top-level commercial decisions and growth | | | | It can be configured to allow access to an entire |
| strategy must be coupled with architecture | | | | desktop or just particular applications. |
| considerations. | | | | A major problem with graphic terminal access for |
| 1.1. Aim and scope | | | | ASPs is a requirement of setting up a server |
| The aim of this document is to outline the most | | | | dedicated for hosting user sessions (terminal server). |
| common technical approaches to SaaS applications | | | | Such server applications require allocation of additional |
| and their provisioning platforms. By presenting the | | | | resources and they are usually not free. Moreover, in |
| various solutions with their major advantages and | | | | some cases they require purchase of Terminal Client |
| drawbacks, the products offered by the market and | | | | Access Licenses (e.g. TCALs for Microsoft Terminal |
| side-by-side comparisons for some sample real-life | | | | Services®) which can constitute an essential |
| applications and scenarios, its intent is to trigger | | | | proportion of the general expenditure. |
| analysis of the possible way to be taken in order to | | | | On the client side, the use of virtual desktops usually |
| build a suitable on-demand application provisioning | | | | requires higher network capacities, as the load |
| platform and enter the ASP / SaaS market. | | | | generated by terminal access connections is usually |
| 1.2. Intended audience | | | | higher than for web based clients. On the other hand, |
| CIOs, CTOs and high level technical engineers willing | | | | the virtualization of the client side may be beneficial |
| to launch basic ASP / SaaS and grow it over time or | | | | for the customers by reducing the hardware |
| become customers for these services. | | | | requirements of the desktop machines. This is |
| 1.3. Definitions | | | | especially vital for businesses with a large number of |
| Cloud computing – A sales model based on SaaS | | | | terminals, e.g. call centers. |
| (and other similar models) where users pay only for | | | | When using the virtual desktop approach, no client |
| usage of requested functionality. This model bases on | | | | programs are installed on the user machines. The only |
| the Internet and users are isolated from any technical | | | | requirement is installation of client software providing |
| details or licensing trouble. | | | | the terminal access. An additional benefit is that the |
| Clustering/Failover Clustering – A hypervisor's | | | | virtualization can be made seamless, as the terminal |
| ability to treat many physical machines as one logical | | | | sessions can be configured in such way, that the |
| virtualization server. A critical aspect of High | | | | users use the applications in dedicated windows, so |
| Availability. | | | | they may even not be aware of working remotely. |
| Dynamic Resource Management – Hypervisor's | | | | Examples of virtual desktops include: |
| ability to automatically adjust the amount of allocated | | | | • Citrix Xen Desktop. |
| CPU/memory resources in response to dynamically | | | | • Microsoft Terminal Services. |
| changing workload of virtual machines. | | | | • VNC. |
| Guest OS –An operating system running within a | | | | 3.3. Text terminals |
| virtual machine. | | | | Some hosted applications offer access to their |
| High Availability –A solution ensuring certain level | | | | features through text terminals. Text terminal access |
| of operation continuity. For hypervisors, a functional | | | | usually requires minimal installation effort on the client |
| ability essential to provide high level of operation | | | | side and causes minimum network load. This solution |
| continuity for virtual machines by using hardware | | | | is usually client-platform independent and guarantees |
| redundancy and clustering. In virtualization practice, | | | | maximized productivity, but only for experienced |
| this term is equivalent to Failover Clustering. All legal | | | | users performing certain types of transactional |
| aspects are regulated by SLA agreements between | | | | activities |
| parties. | | | | 3.4. Desktop clients |
| Hypervisor – A Virtual Machine Monitor, hardware | | | | Some applications can be accessed by locally installed |
| or software solution enabling platform virtualization | | | | desktop client programs. They offer unique |
| – it allows many operating systems (virtual | | | | possibilities for the user interface, but the cost is a |
| machines) to run on the same physical server at the | | | | relatively high installation and configuration effort. |
| same time and concurrently use the same hardware. | | | | The main drawback is the need to repeat the |
| Live Memory Management – An ability of a | | | | installation procedure for every end-user when a |
| hypervisor to dynamically adjust the amount of | | | | client software update is required. This can be |
| memory allocated to a particular virtual machine | | | | reduced with automated updates (although these |
| without stopping it. | | | | may require additional development effort) or |
| Live Migration – A hypervisor's ability to move a | | | | virtualization of the desktop OS (updates are installed |
| running virtual machine from one physical host | | | | on virtual machine images, which are then distributed |
| machine to another without stopping it nor breaking | | | | to users). |
| any network connections between this virtual | | | | 3.5. Client interfaces comparison for typical |
| machine and remote clients. | | | | applications |
| Memory Over-Commit – A hypervisor's ability to | | | | The table below presents a side-by-side comparison |
| allocate more total memory to all virtual machines | | | | of the client application concepts with regard to |
| than is available on a physical server. | | | | aspects such as infrastructure and administration |
| Multi-tenancy – An architectural concept of | | | | requirements, as well as resource usage and support |
| hosted applications, where the customers share a | | | | for local devices. Some of the results have been |
| single instance of the application with built-in data and | | | | obtained by running tests using a sample business |
| configuration partitioning. | | | | application use case scenario. The main advantages |
| SaaS – Software as a Service, an on-demand | | | | and drawbacks are provided as well. |
| software application sales and provisioning model. The | | | | Note: The test data presented below is approximate |
| applications are hosted by the provider (Application | | | | and used for comparison purposes assuming an |
| Service Provider) and users pay for remote usage. | | | | average activity of one user displaying a typical grid |
| Server consolidation – A business tendency to | | | | report. Exact data will always depend on the type of |
| reduce the number of physical servers and use the | | | | the application, user activity and many other details. |
| platform virtualization and virtual servers instead. | | | | 4. Products Overview |
| SLA – Service Level Agreement – A contract | | | | 4.1. Server-side. Hypervisors. |
| detailing the service availability and reaction times in | | | | There are many different technologies which might |
| case of a failure. | | | | be used to build foundation for service providers. This |
| Virtual machine – A virtual, simulated computer | | | | results in a wide selection of choices of how such |
| (platform virtualization) appearing to its users as a | | | | infrastructure can be built for either small or |
| fully equipped machine with its own operating system | | | | enterprise IT businesses. |
| (guest OS). | | | | The virtualization infrastructure is a working horse for |
| Virtualization – A set of technology solutions | | | | most of the companies. Below, a few enterprise level |
| allowing simulation of computers and other physical | | | | environments are described. It is by no means a full |
| devices. | | | | list of the available options, but a sample presenting |
| 2. Provider-side architecture | | | | the most popular solutions for business purposes. For |
| The choice of the architecture to be used for | | | | a more comprehensive comparison of virtualization |
| providing application services is critical for the | | | | software see Wikipedia article: |
| business model and as such, it must be made in-line | | | | VMware |
| with the commercial decisions. The tight coupling | | | | VMware is one of the leading companies in |
| between the two aspects is not just related to the | | | | virtualization business. It offers a wide range of |
| obvious capital expenditure (CAPEX) required to get | | | | products from home users to enterprise level |
| going. | | | | companies. VMware's key product for middle and |
| The initial choice of the application and platform | | | | enterprise level service providers is the VMware |
| architectures must reflect the strategic future plans | | | | vSphere. It is a set of solutions covering all the needs |
| of the ASP, as switching from one model to another | | | | the IT provider may have. Starting from VMware |
| can be very expensive and technically challenging. | | | | ESX, a hypervisor software which runs directly on |
| The main question to be answered by each and | | | | the hardware without an OS in the middle (a |
| every ASP is how to draw the separation line | | | | "bare-metal" solution), through Load Balancing and |
| between the customers, their service and data in | | | | High Availability solutions (VMware Dynamic Resource |
| particular. The application users must be ensured | | | | Scheduler, VMware High Availability), to management |
| security, availability and performance. They may be | | | | consoles. |
| using various services and many kinds of licenses. | | | | An interesting offer from VMware for IT providers |
| Some of them may negotiate strict SLAs, while | | | | entering the ASP world is a free version of VMware's |
| others will be satisfied by the basic levels. Efficient | | | | ESX hypervisor engine called VMware ESXi. |
| handling of update subscriptions, resource demands, | | | | VMware vSphere: |
| backup policies and other unique customer | | | | VMware ESXi: |
| requirements depends on the application and platform | | | | Citrix XENServer |
| architecture used, so the link between the | | | | XEN is a hypervisor software originally developed at |
| commercial offering and the solution deployed is self | | | | the University of Cambridge as an open source |
| explanatory. | | | | project, maintained by XenSource, Inc. Since 2007 |
| The separation line can be drawn on multiple levels | | | | XenSource has been owned by Citrix Systems and |
| – from hardware, operating system or | | | | the Citrix brand of Xen is called Citrix XenServer. |
| connectivity through the application business logic to | | | | Recently, Citrix has announced that all versions of |
| the database or file system storage level. The | | | | XenServer will be available to public as free and open |
| provider-side architectures presented below are the | | | | source applications. Besides the free XenServer, Citrix |
| two most common, but contrary models. Both have | | | | offers a package of high level management tools |
| their significant advantages, but also major | | | | named "Citrix Essentials". |
| drawbacks, which can make them unacceptable in | | | | XenServer runs directly on the hardware layer |
| certain circumstances or solutions. It must be | | | | without need of a host OS, but it requires a |
| therefore mentioned, that they can be used in mixed | | | | supporting OS partition (so called "Xen dom0" |
| deployments, with the separation applied in a way | | | | domain). XenServer supports mainly open guest |
| that makes the overall application service providing | | | | operating systems such as Linux, NetBSD or Solaris, |
| the most effective technically and beneficial | | | | mostly because the virtual systems need to be |
| business-wise. The combinations will vary with each | | | | modified (ported) to cooperate with Xen hypervisor. |
| ASP, the multitude services they offer and their | | | | Some newer versions of XenServer running on |
| customer profiles. | | | | dedicated hardware (Hardware Assisted Virtualization |
| 2.1. Multi-tenancy architecture | | | | CPUs from Intel and AMD) can support also unported |
| The simplest way to provide basic application | | | | open OS and closed proprietary systems such MS |
| services seems to be implementation of the | | | | Windows. |
| separation logic within the application itself. In this | | | | Citrix XenServer does not yet offer the High |
| approach, called multi-tenancy, a single application and | | | | Availability and Dynamic Resource Management. |
| database instance is shared by many customers, and | | | | However, these extensions are not initially a "must |
| their data and configuration are carefully partitioned | | | | have" for most of the medium level companies. |
| by the application logic. | | | | Citrix Essentials management package also supports |
| The most important feature of a multi-tenant | | | | the Microsoft Hyper-V hypervisor. |
| application is the security and robustness of the data | | | | Citrix XenServer: |
| isolation mechanism. Another important requirement is | | | | Citrix Essentials: |
| to provide a high degree of customization to support | | | | Cambridge Xen: |
| the customers' needs – be it workflow | | | | Free Xen Software: |
| configuration, user roles or "look & feel" flexibility | | | | |
| to support branding. | | | | Microsoft Hyper-V |
| The main benefit of a multi-tenancy architecture is | | | | Microsoft's Hyper-V version 2.0 starts to become a |
| that there is no need of setting up an expensive | | | | serious competitor for Citrix and VMware |
| multi server environment platform on the ASP side | | | | hypervisors. The main virtualization server is, like Citrix |
| and easier configuration management. However, as | | | | XenServer, offered for free in one of the |
| the customers share the hardware, storage | | | | distributions. |
| mechanisms and the application instance, all of them | | | | It is shipped in two ways: as a part (role) of non-free |
| may equally suffer from failures or increased load | | | | Microsoft Windows Server 2008, or as a free |
| caused by a single organization. | | | | distribution named Microsoft Hyper-V Server 2008, |
| Because of the difficulty in providing the necessary | | | | which is a limited distribution of Windows Server |
| performance and organizational issues, this approach | | | | 2008 with all other roles disabled. |
| alone is usually limited only to ASPs with a low | | | | Hyper-V mostly supports Microsoft Windows as |
| amount of non time-critical services. | | | | guest OS, but paravirtualized Red Hat Enterprise and |
| 2.2. Multi-instance architecture | | | | Suse Linux Enterprise Server are also supported. |
| A multi-instance architecture represents a philosophy | | | | Since version 2.0, it supports Live Migration and |
| opposite to multi-tenancy. In this approach, also | | | | provides High Availability solution. |
| referred to as single-tenancy, every customer is | | | | |
| assigned a dedicated instance of the application with | | | | Hyper-V™ Server 2008 R2: |
| the underlying hardware, connectivity and storage | | | | Summary. |
| resources. In other words, every customer uses their | | | | Currently there are three key players offering |
| own application instance and resources fully isolated | | | | mature hypervisors: VMware, Citrix and Microsoft. |
| from other customers. | | | | The VMware solution offers most features, but its |
| As a natural consequence, this model makes it easier | | | | edge over the competition will most likely decrease in |
| to ensure the required security and performance | | | | the coming years. An interesting aspect is that all |
| parameters. Scalability can be easily achieved and | | | | these hypervisors are available for free in their basic |
| targeted by changing the amount of resources | | | | versions. The competition zone is the administration |
| available to a particular customer instance. | | | | consoles and value-added features (live migration, |
| On the other hand, providing applications in this model | | | | visual drag & drop candies, etc.). |
| is only possible with a server farm and a suitable | | | | |
| platform for the provisioning of new customer | | | | It is quite hard to obtain an independent performance |
| accounts, both of which are a significant cost to | | | | data comparing these products, although some lab |
| ASPs. | | | | comparison attempts has been made: |
| The key word which appears in this approach is | | | | • Lanamark: |
| virtualization - the only way to keep the multi server | | | | • Performance comparison: |
| environment scalability costs at a reasonable level. It | | | | |
| is described in the following section. | | | | 4.2. Client-side |
| Virtualization | | | | |
| Virtualization has been one of IT's hot topics over | | | | The following section shows popular solutions for |
| the recent years. Large enterprises and | | | | modern SaaS application clients and client access |
| technology-oriented companies consolidate their | | | | technologies. The advantages and drawbacks |
| servers and re-design their approach to infrastructure | | | | mentioned below are described from the end user or |
| management. It is a concept of dividing the | | | | end admin perspective. The service provider aspects |
| resources of a computer into a number of isolated | | | | were not taken into account. |
| environments by applying various forms of | | | | |
| separation, e.g. memory or storage partitioning, time | | | | Adobe Flex |
| sharing, emulation, etc | | | | Abode Flex is a software development kit designed |
| The early-age issues faced by virtualization, such as | | | | to create cross-platform applications. With Flex, the |
| low hardware performance, lack of OS support or | | | | developer can easily produce rich web application |
| unreliable management software lacking important | | | | interfaces based on Adobe Flash, which can be |
| functionality are history now. With the mature | | | | executed inside almost every web browser. |
| existing technology, the benefits of virtualization are | | | | |
| clear to the market and include: | | | | In order to run a client application created with Flex, |
| • Server consolidation and | | | | the Adobe Flash plug-in for web browser must be |
| maximized utilization – several underutilized | | | | installed on the user's machine. |
| servers can be migrated into one machine | | | | |
| • Better reliability and business | | | | Adobe AIR |
| continuity – easy migrations, failovers, disaster | | | | Adobe AIR is a cross platform development |
| recovery, reduced maintenance downtimes | | | | environment designed to create client applications |
| • Flexibility – decoupling business | | | | which do not use web clients, but behave more like |
| from hardware allows better reactions to on-demand | | | | standard desktop applications. In general, Adobe AIR |
| resource needs. | | | | wraps around the rich web contents application (e.g. |
| • Portability – environments can | | | | Flash) and runs it as a local application. |
| be easily relocated or moved to other hardware | | | | |
| • Reduced administration and | | | | An AIR application doesn't need a web browser to |
| hardware costs – replicating environments, lower | | | | run, but a runtime framework must be installed locally. |
| desktop hardware needs | | | | Such common frameworks are dedicated to specific |
| • Security – sandboxes for | | | | platforms, while the business application is cross |
| untrusted applications, easy recovery, centralized | | | | platform and covers all platforms for which the |
| access control, etc. | | | | framework is available. |
| A wide range of needs, increasing numbers of | | | | |
| platforms and applications, as well as various | | | | RDP – Remote Desktop Protocol |
| implementation approaches result in existence of | | | | This protocol offers the possibility to run the |
| many types of virtualization, which can be used by | | | | application client on a remote computer and interact |
| ASPs depending on their business model. The | | | | with it in the same manner as with locally installed |
| following are the most popular types of virtualization: | | | | applications. Example products build on this protocol |
| • Platform virtualization – | | | | are: Citrix XenApp, Microsoft Terminal Services. |
| Virtualization of computers. In this model one big | | | | |
| machine is used asa host for many virtual computers | | | | In this case, no business application is installed on the |
| used as servers for the applications. Every simulated | | | | user side. The user runs the client application a on |
| computer is appears to users as fully equipped | | | | remote computer inside its own private session. The |
| machine. Examples: VMware ESX Server, Citrix | | | | access is provided by locally executed terminal client |
| XenServer. | | | | software which shows the remote computer graphic |
| • Operating system virtualization | | | | desktop inside its window. Terminal access provided |
| – In this model the virtualized part is the | | | | by RDP uses this specially crafted protocol to control |
| operating system. One OS kernel is cloned and used | | | | graphical remote session which is much more |
| by many OS instances. From the user perspective | | | | network effective than those protocols based on |
| such structure looks like separated yet identical | | | | screen capture (e.g. VNC/RFB). |
| machines. Examples: Linux jails, Sun Solaris containers, | | | | There are many similar products offering remote |
| Microsoft Virtualization Server, FreeVPS. | | | | desktop access based on RDP. A quick summary is |
| • Desktop virtualization (Virtual | | | | available on Wikipedia: |
| Desktop Infrastructure, VDI) – A virtualization of | | | | |
| a desktop session on a remote computer. It offers | | | | RFB – Remote Framebuffer protocol |
| users a possibility to run the applications on a remote | | | | RFB is a protocol used in all VNC-type applications. |
| computer and interact with them in the same manner | | | | Like RDP, this protocol also offers a possibility to run |
| as with locally installed versions. Multiple and | | | | the application client on a remote computer and |
| independent users are supported. Examples: Microsoft | | | | interact with it locally, but this protocol uses different |
| Terminal Services, VMware Virtual Desktop, Citrix | | | | approach, screen capture, which usually requires |
| XenDesktop. | | | | higher network and CPU capabilities than RDP. |
| 3. Client architecture | | | | |
| While it is obvious that the provider-side architecture | | | | Like in RDP, in this case also no business application is |
| is critical in terms of the business strategy and vastly | | | | installed on the user's side. The users run the client |
| affects expenditure on infrastructure, application | | | | application on a remote computer inside their own |
| development and support and maintenance services, | | | | private session. The access is provided by locally |
| there is a risk that the choice of the client-side | | | | executed VNC client software which shows the |
| approach can be easily made without much thought. | | | | remote computer graphic desktop inside its window. |
| However a poorly designed server side architecture | | | | |
| causing enormous costs to the providers may not | | | | There are many similar products offering remote |
| necessarily be a huge problem for the customers, but | | | | desktop access based on RFB. A quick summary is |
| an unsatisfactory user experience on the client side | | | | available on Wikipedia: |
| can make all the sales and customer loyalty | | | | |
| difference, so essential for the business in the | | | | 5. Performance tests |
| competitive market. The choice of the appropriate | | | | The following tables present the results of small scale |
| solution may also vastly depend on the strategy and | | | | tests performed by Verax Systems. A few |
| future plans, e.g. when multiple integrated services | | | | application access methods were compared. The aim |
| are to be offered following just a single application in | | | | of the tests was to estimate the CPU and network |
| the start-up phase. | | | | loads depending on the technology used. Some of |
| This means a right balance between a particular | | | | the tests covered both the client and server sides, |
| application's UI friendliness and the entire service | | | | while others were limited to the client side only. The |
| providing means must be found. The key factors can | | | | results only cover the load caused by the |
| be usability, responsiveness, infrastructure | | | | client-server communication. The impact of the |
| requirements (such as desktop computing power or | | | | application itself was eliminated from the final scores. |
| network connectivity), overall performance, security | | | | |
| policies or administrative effort required from the | | | | Note: All performance test results included in this |
| customer to handle the service, to name a few. | | | | document are approximate. They are more like |
| There are many ways the user interface for SaaS | | | | observations than tests. Their purpose is to illustrate |
| applications can be provided. The following | | | | the general performance of specific groups of |
| subsections present a few of the most popular | | | | software and not to promote any specific products. |
| solutions. | | | | Such results cannot be used asa base for business |
| 3.1. Web-based clients | | | | decisions. |
| One of the most obvious choices for hosted | | | | |
| applications is providing the user interface through a | | | | Test conditions used: |
| web browser. This popular solution seems to be a | | | | • Client side machine: MS Windows |
| good balance between user-friendly front-ends and | | | | XP Pro, 2GB RAM, Intel Core2 CPU 1.66 GHz, |
| using light, thin clients without much need for special | | | | Ethernet 100 Mbit/s card. |
| installations or additional requirements. | | | | • Server side machine: MS Windows |
| Due to a rapid development of web-based | | | | XP Pro, 2GB RAM, Intel Core2 CPU 1.86 GHz, |
| technologies and depending on the required level of | | | | Ethernet 100 Mbit/s card. |
| user interaction, the types of user interfaces can | | | | • Tested connection between one |
| range from the most static "good old" simple | | | | user and dedicated server. |
| synchronous request-response applications, through | | | | |
| more dynamic ones with asynchronous | | | | 6. Summary |
| communication features (e.g. AJAX-based search | | | | This document is an attempt to shed some light on |
| phrase suggestions, partial refreshes, etc.) to | | | | the subject of SaaS-related technical infrastructure. |
| extended visual interfaces based on third party | | | | The world of SaaS and virtualization is a dynamically |
| frameworks, such as Adobe Flex or Microsoft | | | | changing one and adds more complexity to |
| Silverlight, which guarantee a level of interaction | | | | management of IT infrastructure. All numbers and |
| comparable to desktop applications. | | | | product options listed in the document may not be |
| Obviously, the differences are not just limited to the | | | | accurate for the moment of reading. The SaaS, ASP, |
| user experience. The use of the various solutions | | | | virtualization and all surroundings are nowa constantly |
| may be restricted due to the available network | | | | changing environment. |
| bandwidth, browser incompatibility, platform | | | | |