PC over IP
Light Meals
Powerful workstations for demanding graphics tasks are usually expensive and produce a lot of heat and fan noise. These devices also often process sensitive data that must not be lost or allowed to fall into the hands of competitors. Moreover, the same data might need to be accessed by multiple users at different locations, such as for a joint venture in which several companies are developing a product.
Thus, maximum data security, (through centralized data storage and the ability to assign restrictive permissions) as well as spatial and geographic independence (through the distributed use of central resources and workplace ergonomics) favor the use of remote, instead of static, workstations.
For these reasons, it makes sense to set up workstations at the data center, where they are under the control of the IT department and can be more easily integrated with the existing data center infrastructure (e.g., access control, centralized backup processes, UPS, air conditioning). Furthermore, this arrangement prevents physical access to the hardware, removing the ability of data thieves simply to clone or remove the hard disk with the project data.
The PCoIP (PC over IP) technology was developed by the Canadian company Teradici [1] specifically to display graphical output over IP networks (see the "Advantages of PCoIP" box). PCoIP transmits audio and USB signals, as well. Most administrators are probably already familiar with PCoIP from VMware's VDI solution, VMware Horizon View [2]; VMware licensed PCoIP from Teradici and integrated it into their own product.
Advantages of PCoIP
In contrast to the widespread terminal server protocols, PCoIP is much faster and achieves virtually lossless representation of graphically demanding applications. These advantages are achieved in the following way:
- The fast UDP protocol is used to transport display information over the network (but see the "Remote Workstations and Firewalls" box).
- Graphics are not rendered on the client side but on the host (host rendering). Only encrypted and compressed pixel information is transmitted between the remote client and the host.
- A codec that exactly matches the graphics type is used for compression on the desktop (e.g., icons, videos, text, graphics, etc.).
- The PCoIP Protocol automatically adjusts the image quality of the graphics output to match the prevailing network bandwidth. If little bandwidth is available, the system gradually reduces image quality so the user can continue to work smoothly. Similarly, image quality is increased again when more bandwidth becomes available.
Remote Workstations and Firewalls
PCoIP uses the UDP protocol to transport display output across the network, which unfortunately does not work well with firewalls. Because remote access to a workstation at the data center is either over the LAN or via a VPN connection, this is not typically a problem. However, when internal firewalls enter the game (e.g., between the client LAN and server backbone) or VPN packets are filtered, you need to enable various ports (5001, 5002, 4172 TCP/UDP), in addition to management ports through which, for example, the firmware on the host card can be updated. The ports that need to be allowed depend on the firmware or software release used on the host and client side.
PCoIP uses the client-server model and requires additional hardware, on which data is processed (the host).This hardware is responsible for rendering the display information, compression, and encryption.
At a remote workstation (client), you can then use a thin client (in Teradici-speak, "zero client") to access the workstation at the data center [3]. To allow authorized users to work with the required programs and data, PCoIP can allow or prohibit looped USB devices explicitly.
Workstation with Host Card
With a host card, you can turn a powerful Windows or Linux PC (and probably Macintosh computers from 2013Q3) into a remote workstation in an instant. Teradici offers this adapter as a pure host card for the PCIe bus; alternative models have integrated graphics processors. Teradici sources the hardware from various manufacturers, such as EVGA [4] or Leadtek [5] [6]. The classical host cards, TERA2220 [5] and TERA2240 [6], differ in terms of imaging performance and the possible number of connected displays. The simplest model (TERA2220, Figure 1) provides support for two Mini DisplayPorts and imaging performance of up to 130 megapixels per second (Mpps). The TERA2240 can accommodate a total of four displays (also Mini DisplayPorts) and achieve an imaging performance of up to 250Mpps. For a good overview of the functionality and performance of currently available host cards, visit the Teradici website. The TERA1202, which is still listed with two DVI ports, has now been discontinued. Nearly every major hardware vendor (IBM/Lenovo, HP, Dell, Fujitsu, etc.) offers PCoIP host workstations with integrated cards and zero clients as OEM products.
The plugin cards with the standard PCI Express form factor need only a free full-height, half-length (FHHL) PCIe slot for the TERA2240 or a low-profile slot for the TERA2220 and one or two video cards to match. For high resolutions, such as 2560x1600, the Teradici requires a DisplayPort – dual-link DVI is not supported. The supported workstation operating systems are Windows and Linux. In principle, no driver installation is required because the card is recognized by the operating system as a USB controller and audio codec. Although Teradici offers a host software install, this is not mandatory.
Installing the card is a breeze because you only need to remove the computer housing and slip the card into a slot. Optionally, the card comes with a power cable. If you connect this cable to the cable connector on the card and the power button in the computer, the workstation can later also be powered on and off via the remote terminal. After installing the card, you then connect the DisplayPort output(s) on the graphics card(s) using the Y-connector provided to the DMS-59 port on the host card to pass on the graphic signals. Finally, the Ethernet port on the host card is connected to the LAN. In the default configuration, the host card automatically obtains an IP address via DHCP; afterward, both the configuration interface of the host card and the workstation are then accessible via PCoIP.
Starting up a Zero Client
Teradici zero clients – which the documentation somewhat confusingly also calls Desktop Portals – are based on commercial thin client hardware and come from vendors like HP, Wyse, Fujitsu, and Dell (Figure 2). Zero clients [7]-[9] provide the perfect counterpart to host cards. Because a zero client does not have its own operating system, just firmware, no software can be installed on the device, so you don't need to install a virus scanner or update the operating system, ensuring more security on its own.
Zero clients are therefore just as easy to maintain as thin client systems in terminal server environments. Like thin clients, zero clients are fanless and therefore completely silent. Depending on the model, the units are equipped with two to four DVI-D or DVI-I or DisplayPorts for connecting monitors. A keyboard and mouse and other USB devices that operate as external hard drives or flash memory can be connected to the USB ports. Also available are audio jacks for speakers and a microphone or a headset and a Gigabit Ethernet port.
Simply Connect
Under the hood, the zero client has the Teradici firmware containing the PCoIP client, which decompresses the display, USB, and audio signals from the workstation with the plugin card. To start, you just connect the zero client to a monitor, mouse, keyboard, and network. After you turn it on, the client first displays a simple welcome screen. Clicking Connect tells the zero client to search the network via broadcast for systems with a host card. Recognized machines are then displayed in a list with their respective IP and MAC address for the connection. To connect, simply click on the desired system in the list; the login screen of the workstation operating system displays immediately, and you can log in with the credentials of the workstation.