The Information Technology and Applied Communications Area (ATICA) had to expand the usual architecture of their desktop virtualization infrastructure with UDS Enterprise to shape this project. They should incorporate a Free and Open Source virtualization platform “to avoid the high costs derived from the acquisition of licenses”, says Jesús Valverde, Head of Computer Classrooms of the UMU. Instead of VMware vSphere they implemented oVirt, a technology change that they could make without any inconvenience thanks to the flexibility provided by UDS Enterprise, which is compatible with virtually all virtualization platforms, authentication systems and connection protocols in the market.
This freedom to choose the components that best suit their needs has also allowed them to meet one of the requirements of the EVITA project: that users can access their computer tools in the simplest way possible, without the need to install additional software in the devices. “UDS Enterprise provides access to desktops through a web browser, thus guaranteeing accessibility from any type of endpoint and especially from mobile devices,” explains Valverde. This adapted desktop is configured in tablet mode and “to make it easily accessible to these types of devices, access to them is done exclusively through HTML5,” remarks Valverde.
To guarantee the availability and scalability of the service, HTML5 access “has been configured through the Radware/Alteon corporate balancer, placing behind it a farm of physical tunneling servers (Guacamole Server) to distribute the load, guarantee the availability and ensure that there is no downtime in the service ”, indicates the Computing Classroom Manager. This infrastructure also guarantees the optimal scalability of the platform, which is prepared to meet demand peaks without inconvenience.
Security is another aspect that ATICA takes special care of. Therefore, all client connections are made through HTTPS, with the Guacamole Server tunnelers being responsible for converting HTML5 to RDP, without exposing this RDP traffic outside the corporate intranet. As security must be guaranteed for access from any location and device, they use two different authenticators, depending on where the student connects from: CAS for connections from outside the university and authentication by device (IP) to connections from the computer rooms. With UDS Enterprise it is possible to simultaneously enable all necessary authentication systems, connection protocols and hypervisors.
Persistent customization and accessibility with no limitations
Users of this service usually require specific and customized configurations based on their disability. “It is very important that the student does not lose his personalization so that every time he connects he doesn’t have to waste time making the necessary adjustments to be able to use the desktop efficiently,” says Valverde. For example, a student with a certain degree of visual impairment needs to change the background color and brightness of the desktop and have available, among others, text reading software. To do this, in the current state of the project, persistent virtual desktops are assigned to users who demand this service although, in the next version, mobile profiles of users will be available, which will allow to maintain said customization of environments avoiding the need for desktop persistence.
From the UDS Enterprise administration dashboard the IT team defines in a base template the features that this type of desktops should have, including persistence, and the special programs and applications that students will be able to access. They also configure the interoperability of the different components of the architecture mentioned above: virtualization platform, connection protocols, tunnelers, authentication systems… The connection broker is also responsible for deploying desktops and providing access to them when students request it.
One of the requirements of the project is to facilitate accessibility with no limitations, students must be able to connect to their EVITA desktops with any device and from any location. As a value-added service, in the devices available in the computer rooms of the University of Murcia, a reservation management web service can be used. “Students select the classroom location, the time slot for their reservation and the virtual desktop they’d like to use automatically for that reservation (in this case EVITA). When the user arrives in that classroom and logs in at the time he has reserved, he automatically accesses his personalized virtual machine,” says Juan Antonio Guirao, specialist of the Computer Classrooms team.
For the rest of the accesses, from any device and location, students first enter the UMU corporate virtual desktops service (EVA) and from there they access EVITA. “When starting the service, their virtual machine optimized for mobile devices is displayed with all the virtual applications and configurations selected by each user, which are shown through oversize icons,” says Guirao.
Thanks to this project, from ATICA they have been able to solve many of the challenges they faced when serving students with disabilities or learning difficulties. “Until now we had dedicated equipment for these students, but the hardware and software they require have a very high acquisition cost, which adds to the cost of maintenance and renewal. In addition, users could not access online and lost their custom settings after each session,” explains Jesús Valverde. In the University there are only eleven computer rooms (with thirteen computers in total) equipped with this specific devices. This service is used by 1,500 people, so it was impossible to handle all of them. “By facilitating access from any device through a virtual desktop adapted to their needs, we have minimized this problem”, concludes Valverde.
EVITA is constantly evolving. New tools and applications are added periodically following the recommendations of the Diversity and Volunteer Service (ADYV) of the UMU and the users themselves. In addition, the IT experts of this university center are developing an even more flexible model with desktops based on mobile profiles, so that users can more easily save their preferences and settings. The objective is to offer an increasingly improved service to these students, completely overcoming accessibility barriers.