Topic Last Updated—August 2008
Use the following best practices for configuring and running virtual application packages in Configuration Manager 2007.
|The information in this topic applies only to Configuration Manager 2007 R2 and Configuration Manager 2007 R3.|
Best Practices - General
- Streaming virtual application packages
requires a fast network connection.
If you plan to stream virtual application packages to target computers, all target computers must be within a boundary of a Configuration Manager 2007 distribution point using a Fast (LAN) network connection. For more information about Configuration Manager 2007 boundaries see Choose Configuration Manager Boundaries.
Best Practices for Configuration Manager 2007 Clients
- Increase the default Configuration Manager
2007 client cache size.
The default Configuration Manager 2007 client cache size is 5 GB. Depending on how many virtual application packages you deploy in your environment you should increase the default size. For more information about the Configuration Manager 2007 client cache, see How to Configure the Temporary Program Download Folder (Cache) for Configuration Manager Clients. You should plan on having twice the amount of client cache space available that is required for the virtual application packages in your environment. For example, if you require 1 GB of disk space for virtual application packages you should configure 2 GB of disk space in the client cache. The additional disk space will be used for virtual application package audit and version control.
Best Practices for Windows Server 2008
- Running virtual application packages on
If you plan to deploy virtual application packages to computers running Windows Server 2008 with the Download content from distribution point and run locally option you must install remote differential compression (RDC) on the target computer before you deploy the virtual application package. Configuration Manager 2007 clients use RDC to download available virtual application package updates. RDC is not installed by default.
- Virtual Application Package Advertisements
on computers running Terminal Services.
If you plan to have target computers access virtual application packages using terminal services you should use a mandatory advertisement and target the advertisement to the computer running terminal services. If you target the advertisement to a specific user or user group collection, only the users logged on to the terminal services console session will receive and be able to run the advertisement.
Best Practices for Securing Virtual Application Packages
- Configuring access to streamed virtual
You can control which users will have access to streamed virtual application packages by using Configuration Manager 2007 package security. Configuration Manager 2007 package security allows administrators to block access to virtual application packages to users who are currently logged in on a target computer with the virtual application package installed.
For example; to provide access to a virtual application package for User A the administrator should configure the package access so that only User A has access by granting permissions to a group that only User A is a member of and User B is not. You must also grant permissions to the target computer that User A will be running the virtual application package on so that the virtual application package can be registered.
For more information about package security scenarios, see Example Package Access Scenarios.