Virtualization Made Easy with Containers

By TechZone360 Special Guest
David Appelbaum, SVP of Marketing
November 06, 2014

Wouldn’t it be great if you could take your Windows Golden Image – stick it in a digital container and then let all your end-users automatically have it available on their laptops, notebooks, Macs, and PCs – no matter who owns the device and no matter where the device is located?

And, wouldn’t be even better if that container was hermetically sealed so that the Windows Workspace never interacted with the host – only accessing memory and processing – thereby keeping it free from malware, intrusions, and data loss?

And, wouldn’t it be even better that for the vast majority of end users could simply rejuvenate their containers back to its last known safe-state in the event of some infection or mishap – without having to call IT desktop support?

And, what if best of all patches, updates, and revisions could be added to the Windows golden image and automatically propagated out to all your users without you ever having to look at a physical machine?

The concept of a container is not new. They have been used as a way to enable BYO tablets and phones in the enterprise for years. What is new is their use on computers – PCs & Macs.  While it’s true that the key driver has been BYOD in the past there are three other, even more compelling reasons why you should consider a containerization strategy for your endpoint management and security requirements:

Management: A container is more straightforward than a physical endpoint to provision, to update, and perhaps most importantly, to remotely kill a workspace.

Security: Applications and data stored on the endpoint are fully encrypted and secured.  The endpoint’s security posture can be dynamically managed at the container level.

Enablement: Containers abstract the traditional relationship between data and device. As a result using containers makes it possible to enable new ways of working while simplifying management and security for remote, mobile, and private/corporate device ownership.

When it comes to management, as anyone who has ever managed Windows in a large company knows, on its own it is not simple, straightforward, or user friendly. However, using a container as the foundation for managing Windows image creation, distribution, and deployment (for all your current versions of Windows) makes it a much more efficient and simpler proposition.

Here’s a sampling of some of the desktop management challenges containers could solve:

  • How do I make a single image that I can both anonymize, but make unique for each user?
  • How can I setup so that my users can get the container on their machine without having to bring their machines into the office?
  • How can I setup so that my users can get the container on their machine without having to have their host machines on the corporate network?
  • How do I make sure updates get out to my estate?
  • How do I fix it when it goes wrong?

Security is obviously critical and the container security model supports compliance initiatives as well as full-on data security. When used in conjunction with host-based anti-malware and other security measures, containers add an extra level of data security that traditional security tools simply can’t match. Containerized workspaces are hermetically sealed from the host, eliminating such issues as data loss, data theft, malware infections, key-logging, intrusions, as well as so many other issues. Here’s a sampling of some of the desktop security challenges containers can solve:

  • Is the workspace protected at the end point?
  • Can I continue to control access to the corporate workspace?
  • What about other aspects of securing host and guest interaction?
  • How do I make sure that the host machine is in a “good enough” security state to run the container and yet not rely on the host to be secure?

Part of the challenge of running Windows in the enterprise is that it is not the most flexible and forgiving infrastructure to manage when dealing with many remote, roving, and intermittently connected clients. Moreover in the case of personally-owned devices, Windows does not provide a reasonable toolset for managing non-Windows clients, separating personal from corporate information on corporate devices, or even simplified system level patching and updating. The standard method for updating PCs is still done manually in many large enterprises – and this doesn’t even begin to deal with Macs and other platforms that may be in use. With new client computing initiatives such as BYOD/PC, remote workforce, contractor employee augmentation, and so many others, forcing Windows to accommodate new deployment models is vastly easier when done in a container. To the workspace itself, it appears to be functioning as a local install and not any kind of exotic configuration.

The bottom line is that today, containers have moved far beyond their mobile device roots and BYOD. They’re solving real, complex, enterprise endpoint management and security challenges today.

However, to fully grasp their benefits requires a change in thinking on the part of IT:  don’t try to manage or secure a device – secure and manage the data they own.  Containerizing a workspace not only simplifies management and security of your critical data – the stuff that’s truly irreplaceable - but can also deliver a vastly superior end-user experience to other workspace delivery methods such as VDI.  If you’ve not investigated the benefits of a containerized endpoint management and security solution you’ll be amazed at how far they’ve come!

Edited by Peter Bernstein
Related Articles

Why People Don't Update Their Computers

By: Special Guest    7/13/2018

When the WannaCry ransomware attacked companies all over the world in 2017, experts soon realized it was meant to be stopped by regular updating. Even…

Read More

More Intelligence About The New Intelligence

By: Rich Tehrani    7/9/2018

TMC recently announced the launch of three new artificial intelligence events under the banner of The New Intelligence. I recently spoke with TMC's Ex…

Read More

Technology, Innovation, and Compliance: How Businesses Approach the Digital Age

By: Special Guest    6/29/2018

Organizations must align internally to achieve effective innovation. Companies should consider creating cross-functional teams or, at a minimum, incre…

Read More

Contribute Your Brain Power to The New Intelligence

By: Paula Bernier    6/28/2018

The three events that are part of The New Intelligence are all about how businesses and service providers, and their customers, can benefit from artif…

Read More

TMC Launches The New Intelligence - an Unparalleled AI and Machine Learning Conference & Expo in Florida

By: TMCnet News    6/28/2018

TMC announced the launch of The New Intelligence conference and expo - The Event Powering the AI Revolution. This exciting new event will take place o…

Read More