First Comparison of MS Terminal Services 2008 and Citrix XenApps
This is the first published comparison of Microsoft Terminal Services 2008 with Citrix Xen Apps. Have also added to the bottom of the post, the conclusion of a white paper about the Microsoft in house implementation of Terminal Services 2008. The white paper in its entirety may be viewed by clicking the linked white paper title.
Rolling Review: Citrix XenApp Vs. Windows 2008 Terminal Services
The first pit stop in our Windows 2008 Server Rolling Review finds Microsoft walking a fine line on presentation virtualization.
By Randy George
InformationWeek
March 22, 2008 12:01 AM (From the March 24, 2008 issue)
Windows Server 2008's eagerly awaited Terminal Services is a respectable presentation virtualization alternative for smaller shops, but for large enterprises,Citrix Systems (NSDQ: CTXS) still reigns supreme. That's the--not unexpected--finding of the first installment in our ongoing Windows Server 2008 Rolling Review.From a product-positioning perspective,Microsoft (NSDQ: MSFT) is walking a fine line, responding to calls for more core Terminal Services functionality in Windows Server, yet keeping its hands mostly off the large enterprises that comprise Citrix's core audience.
While we found many enhancements in Windows 2008 Terminal Services, including better session and print driver management, load balancing, and single sign-on, there are three major functionality additions that companies weighing the choice of Microsoft's versus Citrix's presentation virtualization must consider: Terminal Services RemoteApp, Gateway, and Web Access.
In the past, Microsoft has gotten beat up pretty regularly for the dearth of enterprise-level thin-client functionality in Terminal Services 2003, especially when compared with Citrix's offerings. From a strict functionality standpoint, the criticism was warranted. But functionality doesn't tell the whole story. For every Citrix XenApp (formerly Presentation Server) license sold, Microsoft requires purchase of not only a desktop client access license (CAL), but also a Terminal Services CAL.
In addition, Citrix is one of just a handful of companies with access to the Windows Server OS source code. Microsoft is making millions on CAL licensing no matter which direction Windows shops choose to go, and given that, there's little motivation to go after Citrix in head-to-head competition.
The company's official stance: "Microsoft and Citrix continue to be strong partners; this perception [of competition] arises with each new release of Windows Server/Terminal Services," says Alex Balcanquall, Terminal Services product manager. "Together, over the years, we have continued to deliver great joint solutions to our mutual customers. Windows Server 2008 Terminal Services is about reaching out to net new customers, those that aren't using presentation virtualization today.
PUT TO THE TEST
We built a test bed that would reflect a small organization within our Boston Real-World Partner Labs, deploying a single dual-processor Hewlett-Packard DL 360 server with 4 GB of RAM to act as our core presentation server. Installation of Terminal Services was a snap; it can be added as simply another server role in a full OS installation or Server Core build. We tested Terminal Services RemoteApp by deploying a virtualized version of Microsoft Outlook to a user with a huge Exchange mailbox. Our client was a Windows XP SP2 box.
One thing we love about Terminal Services compared with Citrix XenApp is Microsoft's method for placing an application desktop shortcut. In XenApp, IT must first deploy the full desktop client, run Citrix Neighborhood, and create a connection to the application; only then can the desktop shortcut be created. In Terminal Services 2008, a RemoteApp wizard guided us through the process of publishing our application.
After selecting the app, we were instructed to create an MSI or EXE file, which can be deployed to many clients simultaneously. RemoteApp silently installed all the supporting files and shortcuts needed. However, when we tried to run our application for the first time on our Windows XP SP2 box, we ran into our first caveat emptor moment: You need to install RDP 6.1 before having employees attempt to connect to a Terminal Services 2008 server. If you're a Vista shop, of course, you're all set.
After getting the RDP issue resolved, we ran into an annoying caveat emptor No. 2 in the area of pass-through authentication. In Citrix XenApp, single sign-on just works. It works in Terminal Services 2008, too ... if you have Vista deployed. See a pattern here?
Still, despite the need to manually log on to our terminal session, performance compared quite well with a similar Citrix session, all system and network latency conditions being equal.
We then shifted gears to WebAccess, which was again very easy to configure. One feature of WebAccess we liked is its ability to provide a means to remotely link to any server in the network that can accept a remote desktop session. While this feature may be of limited value for end users, it's certainly helpful for admins who want to perform server maintenance from a variety of PCs. However, there are a couple of gotchas.
First, you will, again, need to have RDP 6.1 installed before transporting yourself to a remote system, so don't count on troubleshooting end users from PCs that aren't running Vista or XP SP3. The other, more significant, drawback is the inability to customize applications by user or group security--you either present an application through WebAccess, or you don't. This is a major distinguishing factor between Terminal Services and Citrix's Web services, and we can only surmise that leaving out customization was a strategically placed point of demarcation by Microsoft. Out of the box, Citrix XenApp provides a very simple methodology for customizing applications presented to users.
Finally, we set our sights on Terminal Services Gateway, which is essentially an SSL VPN that enables organizations to securely serve corporate applications over the public Internet. Configuration was somewhat cumbersome, and again you'll need RDP 6.1 to make Gateway work. But once the service was fully configured, we were impressed with how well it performed. There's no doubt that Citrix provides a more scalable and mature SSL service for presentation virtualization, but you'll need to shell out some extra bucks for a Citrix Access Gateway license to get that functionality. In contrast, Gateway is packaged into the core Terminal Services offering.
For small to midsize enterprises with simple presentation virtualization needs, Terminal Services will definitely fill the bill. But organizations that must scale to thousands of users will need the compression, acceleration, load balancing, and management options that only XenApp provides. According to Citrix, a new version of XenApp that will build on improvements within Terminal Services 2008 will be released later this year.
How MSIT Uses Terminal Services as a Scalable Remote Access Solution
Deploying Windows Server 2008 Terminal Services at Microsoft
Technical White Paper
Published: February 27, 2008
ConclusionUntil the next post,
The Terminal Services deployment team intended the Terminal Services deployment to act as a test environment to determine the overall scalability and stability of Windows Server 2008 Terminal Services in a large enterprise. Additionally, the team intended this worldwide deployment to generate feedback with regard to features and functionality to include in the Terminal Services program.
The TS Gateway concept proved to be a popular and scalable remote access solution, enabling users to access the corporate network at Microsoft from virtually any location worldwide. Personnel could use this feature to access important files and resources at Microsoft from locations from which they were unable to do so previously. Additionally, the speed of connecting to resources on the internal network improved to such an extent that users preferred the TS Gateway farm over that of the typical remote access VPN connection.
By using fast and easy-to-access terminal server farms, the team was able to achieve a goal of increasing the security of sensitive internal resources such as internal documents and worksheets.
Although this pilot project was deployed as a test environment, the deployment was so successful, and the user response was so positive, that the Terminal Services pilot did not end. Instead, the whole environment was integrated into the production environment at Microsoft IT. This change means that the worldwide Windows Server 2008 Terminal Services deployment is now handled in the same manner as a typical production environment at Microsoft.
Steve
