The benefits of desktop virtualisation are clear – flexible working, centralised control over desktops and apps and smoother upgrades.

However setting up an IT infrastructure to stream desktops to staff wherever they are can be a challenge for any organisation.

TechRepublic spoke to Gavin Walker, head of information solutions at NATS, the UK air traffic control service, which is rolling out a virtualised Windows 7 desktop and apps to a selection of its 6,000 staff – a project it expects to reduce costs by £9m by 2015. Here are Walkers’ tips on what to be prepared for when virtualising a desktop infrastructure and how to minimise the pain.

Know your IT estate inside out

Make sure you know what software your staff use on the desktop and understand in detail how they use it, Walker says: knowing how staff use their desktops allows you to architect a system that can cope with spikes in demand, and will prevent you paying over the odds to support software they never use.

“You have got to understand the applications that people use,” Walker said.

“What [NATS’ partner and virtualisation company] Point to Point did was sit down with different customers to see how they worked.”

By compiling an inventory of software used at NATS, Walker also knew that the number of software packages that would be used on the virtual desktop come to about 350; hundreds less than was estimated by some vendors.

Having a clear oversight of what software staff use is important, said Walker, as “that drives a real price in the contract as I’ve got to package and stream all those things”.

Before starting the move to a virtualised desktop Walker had overhauled NATS systems to put in place a resilient network infrastructure and a locked-down desktop, which he said provided a solid base to build the virtualised desktop infrastructure upon.

Prepare for staff connecting from anywhere

Staff can potentially connect to a virtual desktop from anywhere, using almost any device – whether it is from a tablet in a café or their laptop from their home.

To cope with the mix of different devices and secured and unsecured connections, implement an identity access management system that controls who can access what apps and data.

NATS uses a mixture of Netscaler products and Novell Identity Manager 4 to detect where a person is connecting from and who they are.

“For instance, when you are a known individual connecting from a device on the NATS estate then there are going to be different permissions than if you connecting from an internet cafe in Mumbai. In that instance everything will likely be locked down and you’re only going to get access to read stuff,” Walker said.

Role-based access allows the virtual desktop to be customised so staff only see apps relevant to their role. Role definitions can be refined over time to apply more granular control over what staff have access to.

Roll out an early version

Deploying virtual desktops to a select group of staff means they can act both as a testbed and as evangelists for the change.

NATS has rolled out a cut down version of the virtual desktop to about 100 senior staff ahead of the main deployment. Walker said that the early rollout had generated “massive” enthusiasm for the project among staff.

However managing staff expectations and not selling the project too far in advance of delivery is also important. Walker found that employee dissatisfaction with desktop PCs increased after staff were told about the faster log-in times that the VDI will make possible – 15 seconds compared to about three minutes it takes to log in to local desktops.

Test everything

It’s vital to to carefully check the compatibility of your existing software and equipment with a virtual desktop: NATS worked with virtualisation company Point to Point to compile a full inventory of applications and devices and tested them for compatibility.

Walker said: “Because it’s virtual technology you have these things that throw a spanner in the works that you completely don’t expect.

“We use about 60 smartboards in our meeting rooms, trying to get those working on a virtual desktop has proved quite traumatic. They [the virtual desktop] doesn’t recognise those devices, and we’ve got to work with the supplier of the smartboards and Citrix to try and solve it.”

Be ready for the offline challenge

Virtual desktops need a connection to stream the desktop from a server but there will be occasions when staff need to work offline.

Software that allows virtual desktops to work offline is still relatively new, and there are still some creases to be ironed out before it can match the connected desktop experience – so expect to try a number of different offline options before you find one that works for you.

Walker said: “A big challenge is getting efficient offline working. The solution that we’re looking at is XenClient.

“It’s a new product for Citrix, it’s only at version two at the moment, and it isn’t as user friendly as it should be. For example you have to do quite a few keystrokes to access wi-fi, and most of our customers are not that IT literate.”

Grill your providers

CIOs should set out realistic and detailed plan setting out what should be delivered covering everything from planning and testing, right through to delivery.

This means measuring provider progress against the plan on a weekly basis: if a provider is unable to answer questions about how they will deliver the plan then that should set off alarm bells.

“If they can’t answer how they’re going to deal with that plan, and if it’s a surprise to them I’m thinking ‘Why have they not thought about that question?’,” Walker said.

Put in place a governance board made up of senior reps of involved parties that can escalate issues.