Running Windows and Linux apps on the same desktop with OVD
Two in One
Serve up a fully functional virtual desktop through a web browser – with Windows and Linux apps running side by side.
Interoperability is a favorite technology buzzword, but if you have ever managed a heterogeneous network of Linux and Windows, you know the goal of a truly interoperable desktop has been something of a myth. If you administer a mixed environment, though, you can breathe easier with the recent arrival of Ulteo Open Virtual Desktop (OVD). OVD lets you serve both Linux and Windows apps as part of the same desktop!
Ulteo OVD comes from the labs of Gaël Duval, creator of the first user-friendly Linux desktop distro, Mandrake, which evolved into Mandriva. Ulteo OVD, which just had its first stable release, doesn't do what hasn't been done before – similar products come from big companies like Citrix, VMware, and Sun. But unlike the competition, Ulteo OVD is released under the GNU GPL, and it is available as a free download.
The innovative OVD merges input from Windows and Linux application servers into a single desktop interface (Figure 1). The client system can be a full Windows computer, a Linux computer, or even a thin client system. A user working with the virtual desktop on the client can even cut text from a Linux application and paste it in a Windows app.
The unified desktop is served on a Java-enabled web browser – on Linux, Windows, or Mac. And you don't need to spend time, effort, and money configuring client systems. Because Ulteo OVD uses secure SSH tunnels, you can even deliver the virtual desktops outside the confines of your network. The best bit about Ulteo OVD is that it can use existing network services, such as a directory server (both Active Directory and LDAP) to authenticate users, which further simplifies the setup process and integrates the desktop with the existing network infrastructure.
Assembling the Ingredients
Ulteo OVD consists of two main components: a Session Manager (SM) and an Application Server (AS). For creating and validating an OVD desktop session, as well as for managing the whole OVD network, you need the SM.
The job of the AS is to serve Linux applications. Depending on the resources available on an AS and the number of users you'll be servicing, you'll probably need more than one installation of the AS. To help serve the Windows applications, you'll need the Ulteo OVD Windows agent, which turns the Windows computer into an AS for serving Windows apps.
Because all the processing takes place on the application servers, make sure you are using multi-core machines with lots of RAM. As per the Ulteo website, you need about 1GB RAM on an AS to handle 20 concurrent users. If you run multiple application servers, you can balance load between them with the easily configurable built-in load balancer.
The SM has more modest hardware requirements and will do nicely on a single-core machine with 512MB of RAM. In fact, you can install both the SM and the AS on a single machine.
For the Windows AS, you need a machine running a Windows Server 2003 installation. Also, you will need to enable and configure terminal services on this Windows installation for it to pipe Windows apps to another computer.
Ulteo makes OVD binary packages available for both DEB and RPM-based distros, along with source tarballs. In addition, you will need the following tools on both the SM and AS computers: autoconf, intltool, make, MySQL database, and php5 with MySQL; curl, ldap, and gettext modules; and Apache 2 web server with the PHP module enabled.
Setting Up the Session Manager
The first order of business, is to set up a MySQL database for the OVD SM:
# mysql -u root -p Enter password: mysql> create database ulteo_sm; Query OK, 1 row affected (0.02 sec) mysql> exit
Next, grab the Ulteo OVD SM packages. On DEB-based distros, just add the Ulteo repository  to the sources.list file, and install with:
# apt-get install ulteo-ovd-session-manager
On RPM-based distros, download the SM RPM , and install it with:
# yum install --nogpgcheck ovd-session-manager-latest.rpm
If you install the packages through apt-get on DEB-based machines, you'll be prompted for a username and password for the administrator. On RPM-based installations, you have to manually invoke the configuration wizard with:
Next you'll be prompted with a URL from the site where Ulteo will fetch a tarball of pre-packaged Linux apps. These apps include the complete OpenOffice.org office suite, Firefox web browser, Adobe PDF reader, GIMP image editor, Pidgin Instant Messenger, and lots of others. If you don't want to interrupt the setup process, you can manually fetch the tarball  and copy it to the session manager under the /usr/share/ulteo/sessionmanager/base.tar.gz directory.
To point the SM to the MySQL database, you'll need to access the web-based administration console. To do this, either use the Fully Qualified Domain Name (FQDN) of this box, such as sm.example.com, or use its IP address. Assuming the IP address is 192.168.2.40, you can access the admin console at http://192.168.2.40/sessionmanager/admin. If you can't bring up the console, make sure the Apache server is up and running.
First you'll need to enter your admin credentials, after which you'll be asked to point the SM to the MySQL server and database. If the settings are correct, you'll arrive at the main administration console (Figure 2).
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.