VDI or VPN for Remote Work? Neither.

There has been no shortage of blog posts and articles recently with opinions on the best and most efficient technologies for enabling your remote workforce. Unfortunately, especially when those articles/posts are written by technology vendors, you can be presented with a false choice that makes it more difficult to assess all of your options. 

VDI or VPN_Neither

For example, a VMware blog post two days ago titled “What’s Better in a Pandemic: VDI or VPN?” makes an interesting assumption that, when trying to enable your people to work from home during this pandemic, your only options are VDI or VPN. To their credit, the author (Brian Madden) does a masterful job of clearly highlighting the pros and cons of each, and he provides an incredibly honest breakdown of those two options. And there is an incredible section where he provides 11 questions that you should ask yourself to establish the best context for which solution might be right for you. It’s very much worth a read.

Unfortunately, the concept that you need to decide between VDI and VPNs is fundamentally flawed. And to be fair, in addition to covering the drawbacks and downsides of VDI and VPN in great depth, the VMware article itself actually concludes that neither VDI or VPNs are a perfect solution:

Both a VDI desktop and a physical laptop require lots of engineering to get them to work. With VDI, you have to think about the servers, IOPS, disk images, application layering, printing, user profiles, login times, number of monitors, GPUs, pixels and bandwidth, client updates, etc. Whole books are written on this and people (like me!) dedicate decades of their lives to understanding it all.

But the same is true for Windows laptops which would connect via the VPN option. Desktop architects spend months or years designing the image, thinking about how applications are installed and configured, setting up all the security tools, disk encryption, monitoring, software patches and updated, VPN tunnels, and many other things.

So, my short answer would be, “You should go with whatever you’re the most comfortable with.” If you’ve never done VDI before, unless you can find a great consulting partner, it wouldn’t be easy to recommend jumping into VDI in a sort of emergency way during a pandemic.

The same is true for VPNs and laptops. If your only experience managing Windows devices is based on ones that are in your office, then managing remote laptops out in the world during the pandemic is going to be pretty stressful.”

If you’re looking at that somber conclusion and thinking to yourself, “I don’t like the sound of either of those options” – you’re not alone. And luckily, you do have another option. 

Virtual Application Delivery > VDI or VPN

If what you’re trying to accomplish is to make sure that all of your employees have access to all of the applications they need to be productive from home – regardless of what type of device they have to work on – then Virtual Application Delivery is likely a better option for you. Virtual Application Delivery platforms like Cameyo provide you with the ability to give all of your people access to any Windows or web application on ANY device – whether IT-managed or personal – securely, without the cost and complexity of VDI or VPNs. 

And this is true regardless of which camp you fall into:

  • All of your employees have corporate-issued and managed laptops already
  • Your employees primarily work on desktop computers that live physically at the office, so they are currently being asked to work on their own personal devices at home
  • You have a BYOD environment
  • Your environment is a combination of any/all of the above, and some people have IT-managed devices and some do not

Let’s take a look at some of the downsides of both VDI and VPN, and weigh whether or not Virtual Application Delivery would address those issues. 

VDI vs. Virtual Application Delivery

Complexity – The VMware post highlights the overwhelming complexity of engineering and building out a VDI environment, and notes that it would likely “take too long in a pandemic” unless you already have a team of VDI experts in place. 

Many of our customers have come to us after trying VDI first and getting fed up. While a lot of what you read suggest that VDI can be deployed “in weeks”, a vast majority of the customers we’ve spoken with have told us nightmares about months of wasted time, only to never get it working correctly. Cameyo, on the other hand, can be fully deployed in hours. Check out this example of a large energy company that called us on a Friday desperate for a solution to give their employees access to critical billing and customer management applications, which they needed in place by Monday. We were able to get them up and running and get all of their employees access to those business-critical in 3 hours.

Cost – The VMware article highlights that the cost of VDI can be very high because you need all the server hardware to run your users’ desktops. And it’s important to remember that it’s not just the upfront cost of all that hardware – it’s the ongoing maintenance costs as well. Cameyo is a cloud-native Virtual Application Delivery platform that can run from any environment – cloud, hybrid, or on-premises. As a result, Cameyo generally saves companies 75% compared to VDI solutions. 

Connectivity & Bandwidth – VMware notes that VDI requires good internet connections to work, and that even a slowdown in their home internet performance (increasingly common as many people have kids home streaming videos, games, etc. and taxing the home bandwidth) could make VDI unusable for people. Because Cameyo delivers applications via HTML5, we’re able to ensure that your people can maintain access to even the most mission-critical applications, even on connections as slow as 2G. 

User Experience – The VMware posts highlights a couple of user experience issues caused by VDI, including the fact that many applications simply don’t work well via the remote connection of a VDI desktop, and the fact that VDI requires “more bandwidth and server horsepower for larger displays & multiple monitors.” Cameyo not only supports both CPU-based productivity applications AND graphics-heavy GPU applications, but our multi-tenant Virtual Application Delivery platform is so efficient that it is the only platform capable of supporting dozens of users per instance for CPU apps and up to 10 users per instance for GPU-based apps. Cameyo’s elasticity means it automatically spins servers up and down based on user demand, making sure the user experience is never interrupted by a spike in usage. 

VPN vs. Virtual Application Delivery  

Security – With millions of people now working from home on personal devices that are not managed by IT, this is a major concern. A VPN simply creates a secure connection between the user’s personal device and your corporate network – but what if a personal device is riddled with malware? That’s now directly connected to your network, with the ability to infect everything else connected to your network. This is where Cameyo’s NoVPN capabilities come into play. NoVPN enables organizations to give remote workers secure access to Windows desktop and Intranet web apps from behind the corporate firewall without the cost and user-experience compromise of VPNs so that people can access business-critical applications from anywhere in the world just as productively as if they were in the office.

App Compatibility – The VMware posts asks “What if the user’s laptop is too old and can’t run all your applications? What if it’s a Mac?” Cameyo enables you to separate the device/OS from the application, so you can make any Windows or internal web application available on any device, from the browser. The same goes for organizations dealing with app compatibility issues for Windows 7 to Windows 10 migrations, too. 

Maintenance – VMware points out the fact that “since all your applications will run locally on a laptop in a user’s house, you need to figure out how to get those applications installed and how you’ll keep them up to date.” Cameyo enables you to upload your applications to the platform and then publish them to all of your users. So when you need to update an application, you simply update the application once in Cameyo and all of your people immediately have access to the latest version, without any action on their end (since the application is not installed locally on their devices).   

Data Protection – VMware highlights the fact that, with VPNs, any data or files the user works with will be copied locally onto the computer they’re working on from home. Obviously, that has major data protection implications – especially for sensitive industries like Financial Services and Healthcare. Cameyo seamlessly integrates with your file share service of choice (OneDrive, G Drive, Box, Dropbox, etc.), so you can determine which service they have access to and where their work can be stored. You can prevent users from saving files locally, and even prevent them from copy/pasting information from the browser in their Cameyo sessions. 

Conclusion

Let’s be clear – Virtual Application Delivery is not going to be a perfect fit for every organization, either. If you truly need to provide your people with full virtual desktop capabilities, then Virtual Application Delivery does not provide that. But for many organizations, VDI is complete overkill. And for others, the cost and complexity simply remove it from being an option. 

But if you’re like many organizations which simply need to provide their people with access to all of the critical applications they need to be productive – on any device, whether IT-managed or not – then Virtual Application Delivery is far more cost-effective, secure, and flexible – all while being far less complex and much faster/easier to deploy. 

So don’t buy into the myth that you’re stuck with either VDI or VPN. Get started with a completely free trial of Cameyo today, and within minutes you can publish your first application and see whether or not Virtual Application Delivery is right for your organization.