Will virtual PCs cause real headaches?

Quoting from ITWeek:

Intel has been working hard to overcome the perception that it has fallen behind AMD, its chief processor rival, over the last few years. Not only has Intel brought forward its plans for dual-core chips on the desktop so they will be released this year, but it has also promised to deliver its Vanderpool virtualisation technology within the same timeframe.

Of the two, Vanderpool promises the biggest shift in the way desktop computers are operated, but it could turn out to be a nightmare for IT managers.

On the plus side, Vanderpool could enable more secure home working, allowing staff to access corporate applications through a locked-down virtual machine that connects to the office via a virtual private network (VPN). On the other hand, administrators will need some way of managing all those virtual machines.

Current virtualisation technologies such as VMware run on top of a host operating system. With Windows XP, for example, VMware can be used to create one or more virtual PCs running Linux or an older version of Windows, but the host Windows XP still has ultimate control over the physical system resources.

Intel’s Vanderpool technology introduces a software layer, the virtual machine monitor (VMM), and this has control over the system hardware, according to the firm. While details of the architecture are still vague, it looks from Intel’s preliminary documentation that the VMM takes the place of the host operating system, relegating Windows, Linux, and every other operating system on the PC to the position of “guests” running inside virtual machines.

However, Intel may find that Vanderpool creates as many problems as it solves for IT departments. For one thing, it has the potential to render many of the most widely used management tools almost useless. Imagine trying to do a network audit of the systems in your company with the management agent on each system running inside a virtual Windows PC. The agent will only report the virtual hardware that Windows thinks it is running on, which might not be the same as the real hardware.

Perhaps it is no coincidence that Intel is working on another technology to let administrators remotely manage PC systems, even if the operating system on the box in question isn’t working. Intel’s Active Management Technology (IAMT) promises out-of-band (read “outside of Windows”) diagnostic and recovery capabilities to remotely patch and restore systems. Whether this will also enable the deployment and control of virtual machines is not clear at the moment.

If the deployment issue can be addressed, virtualisation has the potential to revolutionise desktop support. It could enable administrators to apply the latest Windows service pack update just once to one virtual machine, for example, and then deploy copies of that across the LAN, rather than patch every system individually.

Intel will reveal more details of Vanderpool and IAMT at its developer conference next month in San Francisco. Let’s hope that everything will become clear then.