James O'Neill's Blog

May 4, 2009

Windows 7 XP mode: helpful ? Sure. Panacea ? No.

Filed under: Beta Products,Virtualization,Windows 7,Windows XP — jamesone111 @ 3:31 pm

ComputerWorld have an interesting piece up about XP Mode for Windows 7. Saying that it “could create support nightmares, analysts said today”

They quote Michael Cherry, an analyst at Directions on Microsoft as saying “I think that this will help the uptake for Windows 7, because it removes one more ‘gotcha,’ and that’s never a bad thing to do”.Well indeed, as computerworld goes on to say: The idea of using virtualization to provide backward compatibility for older applications is neither novel nor surprising, Cherry continued. He called it a nice "safety net" for users concerned about abandoning XP who don’t have access to centrally managed MED-V”

If you have more than 5 machines you can get Software Assurance and add the Microsoft desktop optimization pack (MDOP): so you get Microsoft Enterprise Desktop Virtualization (MED-V).  I’m surprised that no one has yet portrayed XP Mode as a way of raising the profile of MED-V to sell more MDOP packages. XP mode is managed locally with users “owning” the VM; anything deployed to hundreds or thousands of desktops without central management can earn the label of “support nightmare”. MED-V provides that central management. Computerworld have a quote from a Gartner analyst, Michael Silver: “You’ll have to support two versions of Windows, each needs to be secured, antivirused, firewalled and patched. Businesses don’t want to support two instances of Windows on each machine. If a company has 10,000 PCs, that’s 20,000 instances of Windows”

I think he’s wrong on that point. You don’t have to support the whole of the legacy OS in this situation – for example you don’t need to provide all the drivers for it. You just have to support configuring the legacy app on it – which is what you have been doing for the life of that OS anyway. For many of these applications you can use the simplest firewall ever – disconnect the network. We won’t surf the internet from the VM, read mail on it or do most things that risk introducing malware: this smaller attack surface means a “compatibility VM” can get away with a lower level of security. When he says “If a company has 10,000 PCs” the rest of the sentence should be “they should be using MED-V”. In an organization of that size 10,000 user controlled / unaudited machines (physical or virtual) is not an option.

I agree with him on a different point in the Computerworld article: “Companies need to heal their applications," Silver said. "They’ll be doing themselves a disservice if, because of XPM, they’re not making sure that all their apps support Windows 7." If these apps need to be “healed”  does that make them “sick” ?  Whatever label we use, there are organizations that depend on outdated applications which they didn’t write. For some reason a new version which supports Vista/Windows 7  can’t be deployed – not least because Software vendors go bust. Silver makes the point “What happens in 2014, when XP isn’t supported anymore ?”. XP is out of mainstream support now: customers can buy into extended support, but those running XP mode won’t. The applications are probably out of support too. But we have people running NT4 virtualized (but unsupported) in their data centres for some ancient-but-critical apps: the same will happen on the desktop. 

As well as the known “sick” apps, there are organizations who don’t have a complete list of applications deployed at user or departmental level: they can’t say “everything we have works on Vista/Windows 7” because they  can’t define “everything”: so XP mode is a useful safety net Michael Cherry put it ‘It removes one more “Gotcha”’.

I wouldn’t dream of arguing with the notion that “companies will be much better off if they make all their applications run on Windows 7.” as Silver put it. An application which was written properly in the 1990’s will run on 7 (I still like paintshop pro 5 and it has a copyright date of 1999): there isn’t a kind way to say it, but excluding drivers and utilities which need to get into the guts of the OS (anti-virus being the classic case) if an Application doesn’t work on an updated OS, it wasn’t written properly in the first place, so you have to ask what else is wrong with it. Sooner or later the cost of  keeping it going (whether that is lost productivity from staying on an old OS , or the cost of supporting it under virtualization) outweighs the cost of getting rid of it. Since developers have had access to Vista since early 2006 if there isn’t a fixed version now there probably never will be. It’s very easy to say that such applications should be thrown out and replaced, it’s just turns out to be hard to do in practice.

So the message should be clear

  1. Desktop virtualization is not a free excuse to avoid updating applications. It is a work around if you can’t update.
  2. Desktop virtualization needs work, both in deployment and maintenance – to restate point 1 – it you have the option to update, expect that to be less work to update the applications.
  3. As Scott Woodgate said in the first sentence we published anywhere about XP mode “Windows XP Mode is specifically designed to help small businesses move to Windows 7.” Home users and large organizations might benefit but they are not the target
    As I pointed out in my first post on the subject. MED-V is designed for larger organizations with a proper management infrastructure, and a need to deploy a centrally-managed virtual Windows XP environment  on either Windows Vista or Windows 7 desktops.

One final thought not all current Intel Processors have the VT technology that Windows Virtual PC needs. If you are thinking about buying a new PC or if advise small business buyers, make sure VT Support is checked for. Ed Bott has a good post with the details of the chips.

This post originally appeared on my technet blog.

Advertisements

Blog at WordPress.com.

%d bloggers like this: