Citrix aims to overhaul laptop management with XenClient

Ian Pratt claimed that XenClient can lock down the corporate desktop while keeping users happy

Citrix unveiled more details about its client-side virtualisation platform for laptops at its recent iForum event in Edinburgh, and disclosed that a technical preview of the software will be available in the second half of 2009.

Now known officially as XenClient, the platform uses a bare metal hypervisor to partition a laptop into two or more virtual machines, enabling a mobile worker to have a personal environment alongside a corporate environment controlled by the IT department.

If Citrix can deliver on its claims, XenClient should prove very attractive to large organisations, as it promises to solve administrator headaches concerning laptop manageability and security, and potentially eliminate the need to maintain separate system images for desktops and laptops.

Ian Pratt, vice president of advanced virtualisation products at Citrix, and founder of XenSource, said that over two years of work had gone into preparing the Xen hypervisor to run on client systems.

"Client virtualisation is very different from that on a server, and the benefits are different. On a server, it's all about consolidation and making the most efficient use of resources. With clients, the main benefits are security and management," he said.

All current client virtualisation products on the market operate with a Type II hypervisor, according to Pratt. This means that they run on top of a host operating system, as compared to a Type I hypervisor that runs on the bare metal below the level of any operating system.

XenClient is a bare metal hypervisor, meaning that it has control of the hardware, which is a key consideration for secure operation, he said.

"If your virtual client is running inside another operating system, and that operating system gets infected with malware, it can simply read any information from your virtual client right out of the host's memory without you even knowing anything about it," Pratt said.

As well as making use of the Trusted Execution Technology in newer Intel processors to ensure that Xen has not been compromised, XenClient makes use of hardware support for virtualisation to keep performance as close as possible to the user's expectations if their virtual environments were running natively. This means that 3D graphics and multimedia should work just like on a standard laptop.

The hypervisor is a thin layer, just a few megabytes in size, and can be built into the firmware or installed to the hard drive in existing laptops, according to Pratt.