The Hanford Federal Community Cloud is the foundation for virtual desktop/zero-client environment that boosts security and cuts power use on the 586-square-mile complex.
The Energy Department’s Hanford site occupies 586 square miles in Benton County, Wash., roughly equivalent to half of the total area of Rhode Island. Established in 1943 as part of the Manhattan Project and expanded during the Cold War to develop nuclear weapons, the site is now mostly a decommissioned complex undergoing a massive toxic cleanup.
Home to nine former nuclear reactors, Hanford still hosts various centers for scientific research and development, such as the Pacific Northwest National Laboratory and the LIGO Hanford Observatory.
Buildings on the site are quite a distance apart, and, until recently, when staff moved from one facility to another their computer hardware and software had to move as well.
But a transition to a virtual desktop, zero-client environment is eliminating the need to move IT equipment every time a person switches facilities – the integrated data, video and voice is available in every building and from every platform. Moreover, a virtual desktop infrastructure improves security — sensitive information is no longer stored on desktops — and reduces maintenance time and costs since IT administrators do not send out software and security updates to thousands of workstations. Instead, the desktop operating systems and applications are updated on blade servers hosted in a secure data center.
And there are the power savings.
“The thing that makes me happy about the [zero client] technology is that it is much less power hungry than all the big workstations are,” said Benjamin Ellison, CIO of Energy’s Richland Operations Office and Office of River Protection, which oversees the cleanup projects. “Plus, if I have a user on the hosted desktop who gets caught in a drive-by or phishing attacks, it doesn’t really matter because that desktop can be flushed and restarted, and there is no compromise,” Ellison said.
In zero-client infrastructures, computing processing occurs on virtual or physical servers in a data center and is shared by multiple desktops, which no longer have to take on these tasks. Zero-client technology also has a longer life cycle than traditional desktop computers. “We are predicting [zero] client to last seven to 10 years off the present hardware versus a full-client desktop that has to be replaced every three to four years,” said Todd Eckman, vice president of Mission Support Alliance, a company set up to assist the Energy Department with the Hanford cleanup.
“So you have real hard cost avoidance [with zero clients], and the users continue to have a positive experience even if the hardware ages,” Eckman said.
DOE Hanford is on track to convert 1,600 workstations to zero-client desktops by the end of 2013 and an estimated 5,500 by 2015, officials said. Apple iPads and Macintosh computers are being deployed for some home users, but there is not a large percentage of remote users that will need that type of access, Eckman said.
Hanford’s zero-client infrastructure is based on VMware View, which provides remote desktop capabilities using VMware’s virtualization technology. A client desktop operating system — Microsoft Windows 7 — runs within a virtual environment on a server.
VMware View uses Teradici’s PC-over-IP technology, which compresses, encrypts and encodes the entire computing experience at the data center and transmits it “pixels only” across any standard IP network to zero-client desktops. The data never leaves the data center. PCoIP supports high-resolution, full-frame-rate, three-dimensional graphics and high-definition media, multiple large displays, full USB peripheral connectivity and high definition audio -- all connected over Hanford’s community cloud infrastructure.
In fact, the Hanford Federal Community Cloud is the foundation that integrates and allows all technology to work together, Ellison said. The cloud infrastructure offers integrated video, voice and data services. Voice over IP capabilities reside currently on physical servers on the Hanford cloud, but soon will be on virtualized servers, Ellison said. The Hanford Federal Community Cloud is a private cloud catering to the needs of the DOE federal workforce, but at the same time it is a community cloud allowing contractors to securely communicate with the federal workers. However, the two communities’ data is segmented from each other.
Launched last year, the Hanford Federal Community Cloud continues to be modified and updated. The latest configuration is based on NetApp’s FlexPod reference architecture, an integrated data center infrastructure that includes Cisco Unified Computing System blade servers and Cisco Nexus switches, NetApp’s unified storage system and VMware virtualization technology.
VMware and NetApp were deployed for server virtualization and storage management, respectively, prior to the implementation of FlexPod. FlexPod helps boost cloud performance and reduce the IT footprint now that the site has deployed Cisco’s blade servers.
“FlexPod has given us the ability, in a small space, to manage the majority of our customers’ applications and services," Eckman said.
Hanford’s mobile strategy also intersects with the cloud and zero-client approach, the officials said. “We are about half the size of Rhode Island. We have a lot of ground to cover, a lot of work to get done, so mobile technology definitely comes into play,” Ellison said.
The hosted zero-client desktop makes the bring-your-own-device question moot from a certain perspective, he noted. “It doesn’t matter what you've got. As long as you've got a device that can run VMware View Client, you have access and [multiple] factors of authentication. You've got everything you need,” Ellison said. It is not that Hanford is not pushing BYOD in other areas, he noted, but it doesn’t matter what device a user has as long as he has VMware View Client.
Senior executives, office workers and technicians in the field such as electricians, IT technicians and safety representatives are all leveraging mobile devices, Eckman said.
Hanford officials like to demonstrate to users how a hosted, zero-client desktop can help them securely access their information from wherever they are located, Ellison explained. They will pull up a hosted desktop on an iPad and start a YouTube video. Then they will go to the zero-client desktop, log in and pick up the video where it was playing without missing a beat. It’s just to get them used to the idea that their work follows them around wherever they go — at home, in a plane, at their cubicle onsite, or in another federal building, Ellison said.