peshkova - Fotolia


VMI brings virtual mobile apps to any device

Virtual mobile apps can provide extra security for devices and data, and VMI -- much like its predecessor, VDI -- makes them a reality.

Virtual mobile infrastructure is still a young technology, but it's already proving promising enough to garner increasing industry attention.

Virtual mobile infrastructure (VMI) virtualizes mobile applications and delivers them to an assortment of devices, including those running Google Android, Apple iOS, Microsoft Windows and BlackBerry. The virtual mobile apps and their data reside in a secure data center, and users see only redisplayed images of them -- similar to how virtual desktop infrastructure delivers Windows applications.

VMI requires a client that runs on each device and renders the apps and data. Not all vendors implement their products in the same way, but most follow a similar approach.

How VMI uses virtualization

At the heart of any VMI product is the virtualization platform that hosts the virtual mobile apps and their data. These platforms might reside in the cloud, rely on other virtualization technologies, or be installed on bare metal, depending on the vendor. For example, the Hypori Android Cloud Environment can run on bare metal or within a VMware virtual machine. Nubo Software's product can run on VMware ESXi, Citrix XenServer, KVM or Amazon Web Services' Elastic Compute Cloud or bare metal. Raytheon's offering, Trusted Access Mobile, can deploy to any commodity server platform.

The use of a virtualization platform lets organizations deploy apps from within a secure and controlled environment. Virtual mobile infrastructure vendors take different approaches to hosting the VMs and data, but in all cases everything remains safely behind the firewall.

Vendors take other steps as well to ensure that the apps and data remain secure, such as providing authentication, securing network connections, managing identity tokens and enforcing security policies. Virtualization platforms also provide mechanisms for offloading GPU processing to optimize performance.

Many VMI products also provide some type of gateway to route communications and enforce access policies. The gateway runs on one or more controller nodes that act as connection brokers between the mobile devices and virtualization platform.

For VMI to be effective, it must deliver virtual mobile apps as efficiently as possible. To this end, vendors employ technologies such as compression and video coding. VMI also delivers apps to mobile devices via remote protocol and employs various encryption technologies to protect data in motion.

Virtual mobile infrastructure apps and clients

Regardless of the underlying infrastructure, all the major VMI players use the Android operating system to run their virtual mobile apps. That doesn't mean another mobile OS can't move into this space, but right now, Android is the only realistic contender. Apple's licensing restrictions prevent VMI vendors from virtualizing iOS apps, and other OSes don't have critical mass. Android's open source nature, along with its large user base, make the OS the best fit, at least for now.

The mobile devices that access VMI can run any OS, as long as there's a client app available. That means, with VMI, an iPhone could run an Android app.

The devices do not need to be modified or configured in any way. The client app negotiates the connections with the VMI platform, facilitating such processes as two-factor authentication, client certificate management and data stream decryption. Some vendors' clients can also utilize local device features such as GPS or cameras. Sierraware, for instance, enables access to connected USB devices and printing services.

All of today's major VMI players support iOS and Android devices. Hypori and Sierraware also support Windows mobile devices. Sierraware additionally provides HTML5 access, which makes virtual mobile apps available to any device with an HTML5 browser.

VMI administration

Although virtual mobile infrastructure can integrate with mobile device management and mobile application management, those products are not meant to replace the administrative capabilities built into VMI offerings, most of which provide their own centralized management tools. Remotium's product, for example, lets administrators enforce password policies, lock lost or stolen devices and control an app's access to device features. It also offers geofencing capabilities for controlling where a user can and can't access an app.

Most VMI products provide a Web-based management console as well as a set of APIs for controlling the VMs, apps and users. Built-in logging and auditing capabilities for monitoring user and administrator activity are also important. Some products can even export their detailed audit logs to third-party tools for further analysis.

As interest in VMI continues to grow, the technology will mature and expand. The market and its products will perhaps look very different than what we have now.

Next Steps

Find out how VMI can bring remote mobile apps to any platform.

Here's why the U.S. Department of Defense uses VMI to deliver mobile apps.

There's actually a way to virtualize Android apps without using VMI.

Why you need to consider your "m-commerce" strategy.

Dig Deeper on Application modernization and mobile app delivery