Introduction
This blog post provides an introduction to End User Computing (EUC), comparing cloud and on-premises solutions, exploring various market options, and detailing offerings from major cloud providers with a focus on AWS capabilities. It is aimed at customers who are currently using EUC options, new to EUC, or planning to migrate to cloud-based EUC solutions. Let’s dive in.
Introduction to End User Computing
Historically, employees connected their desktops and laptops to the customer’s network either through a direct LAN connection available in the office premises or via encrypted channels over the internet (VPN) to access restricted environments. Each employee had varying levels of access to sensitive data depending on their role. Although this method functioned adequately and restricted sensitive data access to a certain extent, it had several significant drawbacks:
- Employees could download and store sensitive data on their devices.
- There was a potential for data breaches if a device was lost or stolen.
- Employees needed to be co-located where a LAN was available.
- It limited the ability to work remotely.
On-premises Virtual Desktop Infrastructure (VDI) was introduced to address these issues, but it brought new limitations such as scaling, reliability, business continuity, licensing, and infrastructure costs. The advent of cloud-based Desktop as a Service (DaaS) or End User Computing (EUC) resolved these limitations. With infrastructure as code, a remote workspace or streaming application can be provisioned for a user in near real-time without manual intervention, right-sized based on usage patterns, automatically powered off for cost optimisation, and decommissioned automatically when the user account is added or removed from the directory service system.
End User Computing Options
Below is a list of some major providers of End User Computing. VMware and Citrix currently hold the largest market share. However, the recent acquisition of VMware by Broadcom, changes in Citrix’s licensing model, and the general trend toward cloud adoption provide compelling reasons for customers to shift from on-premises VDI solutions to cloud offerings.
- VMware
- VDI: VMware Horizon
- App Streaming: VMware App Volumes
- Citrix
- VDI: Citrix Virtual Apps and Desktops
- App Streaming: Citrix Virtual Apps
- Microsoft
- VDI: Azure Virtual Desktop (formerly Windows Virtual Desktop)
- App Streaming: Microsoft RemoteApp (part of Azure Virtual Desktop), App-V
- AWS
- VDI: Amazon WorkSpaces (also has ability to bring third-party solutions like Citrix or VMware on AWS Cloud)
- App Streaming: Amazon AppStream 2.0
- Huawei
- VDI: Huawei FusionAccess
- App Streaming: Huawei WorkSpace Cloud Desktop
- GCP
- VDI: Google Cloud Virtual Desktop (using third-party solutions like Citrix or VMware on Google Cloud)
- App Streaming: Google Cloud App Streaming (often implemented with third-party solutions)
- Cisco
- VDI: Cisco Virtualization Experience Infrastructure (VXI) (often leveraging Citrix or VMware)
- App Streaming: No specific Cisco-branded app streaming; usually integrates with Citrix or VMware solutions
- HPE
- VDI: HPE Desktop and App Virtualization Solutions (typically leveraging Citrix or VMware)
- App Streaming: HPE Application Virtualization (again, typically using Citrix or VMware technologies)
- IBM
- VDI: IBM Cloud for VMware Solutions
- App Streaming: IBM Cloud Application Hosting (using third-party solutions)
- Nutanix
- VDI: Nutanix Frame
- App Streaming: Nutanix Frame (includes app streaming capabilities)
AWS's End User Computing
AWS’s End User Computing (EUC) services give you the flexibility to choose the optimal virtual desktop, secure browser, or application streaming service for your specific needs—enabling workers to be productive from any supported device, while maintaining a strong security posture, improving agility and reducing costs. EUC products can seamlessly integrate with AWS Managed Active Directory or external identity providers for user and access management. The key benefits of AWS EUC are, but not limited to:
- Increased security
- Enhanced agility and flexibility
- Improved reliability
- Reduced cost
Below is the list of services in AWS EUC offering
WorkSpaces Core
Amazon WorkSpaces Core enables customers to deploy their existing third-party VDI solutions, like Citrix, VMware, Leostream, Workspot, or Omnissa, on AWS infrastructure. This allows customers to leverage the security and scalability of AWS Cloud while still using their familiar VDI management console and tools.
This option is particularly suitable for customers who have recently purchased third-party VDI licenses and wish to continue using their existing console and tools but need to transition to AWS Cloud to host their VDI’s close to their applications, data, or for data centre exit reasons.
WorkSpaces Personal
Amazon WorkSpaces Personal is a fully managed, persistent virtual desktop service that provides a 1-to-1 mapping between end users and their AWS VDI hardware system, ensuring seamless access to necessary applications and resources. Users can install applications, save files and data, and adjust settings just like on a local desktop.
This option is ideal for customers who need to offer a persistent desktop experience. For example, developers can benefit from a cost-effective VDI solution to build, test, and deploy applications across various environments. Similarly, data scientists can run compute-intensive workloads on high-end GPUs and CPUs without the need for upfront hardware investments or complex setup processes.
WorkSpaces Pools
Amazon WorkSpaces Pools is a fully managed, non-persistent virtual desktop service that offers shared-user environments. It provides new, cost-effective virtual desktops each time users log in. With auto-scaling policies, costs are optimised by ensuring the organisation only pays for the resources used. The entire pool of virtual desktops is managed through the AWS Management Console.
This option is ideal for customers seeking a cost-effective solution where users do not require a persistent desktop experience. For instance, it is well-suited for users in contact centres, training labs, or task workers who do not need a persistent desktop environment.
WorkSpaces Secure Browser
WorkSpaces Secure Browser offers a secure environment for users to access private websites, SaaS web applications, and other online resources, or browse the internet from a temporary container. It integrates with the browser on the end-user’s device. This solution is cost-effective to operate and simplifies IT management by eliminating the need for specialised client software, infrastructure and VPN connections.
This option is ideal for cost-conscious customers who need to provide access to web applications. It can be used in an “inside-out” scenario, where users from a restricted network, access the internet through the secure browser, or in an “outside-in” scenario, where users from the internet securely access private internal web applications.
AppStream 2.0
Amazon AppStream 2.0 is a fully managed service designed to stream SaaS applications and convert desktop applications to SaaS without the need to rewrite or refactor code (except for Office365 applications). It enables customers to scale their applications globally without managing infrastructure. Like Amazon WorkSpaces Pools, AppStream 2.0 supports multi-session capability, allowing multiple user sessions on a single instance. This feature helps optimize resource utilisation, reduce costs, and support various user types without over-provisioning. The applications streamed via AppStream 2.0 can be made visible on customer’s existing web applications or at the identity provider landing page.
This option is suitable for customers who need to provide access to specific applications without provisioning an entire desktop. For instance, it is ideal for users who needs to demo or only require access to applications like Notepad and certain internal applications or stream graphic intensive applications.
Amazon WorkSpaces Access Options
Amazon WorkSpaces services can be accessed using either a thick client on an end-user device or a thin client that does not require a laptop or desktop.
- Thick Client: A thick client is a software application that can be downloaded based on the operating system of the end-user device.
- Thin Client: The newly introduced thin client is an affordable, purpose-built hardware device that enables users to access WorkSpaces without needing a laptop or desktop. This thin client device is designed specifically for accessing the WorkSpace ecosystem. It can be shipped directly from Amazon fulfilment centres to end-user locations and allows for centralised monitoring, management, and maintenance of devices and their connectivity to AWS virtual desktop services.
Deployment Options
Similar to other AWS services, AWS End User Computing products can be provisioned using either click-ops or infrastructure as code (providing secure and repeatable deployment options). Customers can choose to deploy these products on their own or work with the AWS EUC team and AWS partners to set up a highly secure, well-architected VDI & Apps solution with automation that minimises manual intervention during provisioning, decommissioning, and right-sizing. Additionally, when engaged via AWS partners, customers can take advantage of AWS migration and modernisation funding and discounts. AWS also offers a no-cost Experience Based Acceleration (EBA) deployment option via AWS partners, allowing customers to test EUC products within their own environment.
AWS Experience Based Acceleration (EBA)
AWS Experience-Based Acceleration (EBA) is a program that provides customers with an opportunity to test AWS solutions at no cost. Through EBA, customers can get hands-on experience with AWS services and solutions in their own environment to evaluate their fit and performance. This program helps customers understand the benefits and capabilities of AWS products before making a financial commitment, allowing them to make more informed decisions about their cloud adoption and deployment strategies.
Cevo's Turn-Key Offerings
At Cevo, as an AWS Advanced Consulting Partner, we have successfully deployed highly secure End User Computing solutions across a diverse range of customer environments, including startups, large enterprises, and government organisations. In the process, we’ve developed numerous solution patterns that enable us to deliver production-grade EUC solutions both quickly and cost-effectively to new clients. Some of the key patterns we’ve established at Cevo include:
- WorkSpaces (with internet access)
- WorkSpaces (without internet access)
- WorkSpaces (Simple AD integration)
- WorkSpaces (Managed AD integration)
- WorkSpaces (On-Prem AD integration with two-way trust with AWS Managed AD)
- Automated image build pipelines for WorkSpaces
- Automated image build pipelines for AppStream
- Automated provisioning of WorkSpaces/AppStream based on user additions in AD
- Automated decommissioning of WorkSpaces/AppStream based on user removals from AD
- WorkSpaces cost optimizer (AWS-owned pattern)
- WorkSpaces right-sizing based on cost optimizer reports
Conclusion
In conclusion, for customers seeking an alternative or new end user computing solution, AWS’s EUC offers a comprehensive range of products that can fulfil both customer and end user requirements. These managed solutions also eliminate operational overhead for the customer team, allowing them to focus on critical tasks that add business value. By leveraging Cevo’s patterns and industry expertise, customers can achieve rapid deployment of their EUC products.
Reach out to us to learn how we can accelerate your End User Computing journey.