6.6 Management
One of the fundamental requirements for service providers is to establish roles and responsibilities for the management of each component in the digital workspace solution. This will provide a clear boundary for tenant and service provider administration, areas of responsibility and security.
Service providers will typically be responsible for:
• Physical server hardware and rack configuration
• Core networking, load-balancers and firewall security
• VMware product licensing
• Tenant infrastructure provisioning
• Backup and recovery
• Infrastructure monitoring
• vSAN configuration
• Maintaining Service Level Agreements (for instance, availability)
• Lifecycle management of vSphere and EUC infrastructure
Tenants will typically be responsible for:
• Application and OS licensing (Windows desktop, applications)
• Desktop image and pool management
• Desktop and application provisioning, entitlement and lifecycle management
• Active Directory (tenant domains) and user administration
• User environment monitoring (desktops, applications, web services)
• File servers
• Application management (AppStack provisioning and ThinApp packing)
• Creating and managing writeable volumes
• End User Support (Tier 1)
Multi-tenant environments adopt Role Based Access Control (RBAC) for each system, and must be clearly defined as service provider or tenant managed. In some scenarios, both the Tenant Administrator and service provider need access to the same components. For example, where the service provider is fully managing the VMware infrastructure access to both management and tenant vCenter Server instances might be required. Where this is a requirement, the tenant may have to provide Active Directory credentials with specific rights in order for the service provider to support the environment.