Ensuring a secure, cost-effective, and efficient way to support remote workers has become increasingly important for all companies in today's circumstances. Microsoft Azure has helped ease some of the complexities with the new Windows Virtual Desktop (WVD) offering and specifically the latest Spring 2020 release - available for Public Preview in June.
Windows Virtual Desktop is a combined cloud equivalent of virtual desktop infrastructure (VDI), Remote Desktop Service (RDS) and App Virtualisation. Windows Virtual Desktop allows you to easily maintain your desktop image, applications, and users. You also don't have to worry about managing resources such as RDS gateways, licensing, and load balancing.
1. Range of Potential Uses
The amount of potential applications for WVD are endless. For example, virtual desktops can be provided to remote workers securely using your existing Active Directory for authentication, thus allowing users to access their desktop from home via the internet.
Do you have a legacy application that you want to publish to a subset of users? Applications can be installed on a WVD host and published to a group of users in order to minimise maintenance.
WVD is a global service from Azure. WVD hosts can be deployed in multiple regions around the world to support your users globally. Being able to provide virtual desktops within the same geographic regions of your remote users ensures a great user experience.
Do you have a particular department that requires higher computing power? It is possible to provide different compute and storage performance SKUs for different sets of users.
Training or testing environments can be deployed with WVD to test new applications or policy settings.
WVD is not just for enterprise users and applications - it can also be utilised by software companies to distribute a cloud version (using a SaaS model) of their application to customers.
2. Ease of Management
The WVD service manages the RDS infrastructure, so you only need to manage your users, applications, and virtual machines. RDS components such as Gateways, Brokers, and Licenses are provided by the WVD service and no longer need management. If you already have Microsoft 365 licenses, it covers WVD licensing for Windows 10.
With the latest WVD release (Spring 2020), the WVD components are now Azure Resource Manager (ARM) resources and can be managed within the Azure portal or through PowerShell. This makes managing WVD much more convenient. For example, users can be assigned to personal desktops or pools of desktops within the portal and through Azure Active Directory (Azure AD) group memberships.
Automated scaling of the WVD pools is available for powering on and off WVD hosts based on user session counts and peak hours. This saves costs by powering off virtual machines when they are not in use and powering them back on as users start logging in.
Monitoring of WVD diagnostics is also available with dashboards and alerts available for troubleshooting and Virtual Machine (VM) or User issues.
3. Windows 10 Multi-Session
WVD hosts can be Windows 10 Enterprise, Windows 7 Enterprise, Windows Server 2012R2, 2016, or 2019. However, a major benefit of WVD is the availability of the Windows 10 Enterprise Multi-Session Operating System.
This OS support allows for multiple users to log into a single Windows 10 VM. The multi-session capability promotes significant cost savings compared to other VDI solutions. In standard VDI solutions, single users are assigned a dedicated virtual machine. Whereas when using Windows 10 multi-session with WVD, multiple users are assigned to a pool of desktops, thus sharing resources (and costs).
4. Image Maintenance
WVD deployments are always based on some form of VM image, whether it is a standard Azure marketplace image or a “golden image” created by an IT Team to cater to company needs.
When it comes to “golden images” there is a lot of administrative effort and many moving parts that go into the creation, maintenance, and distribution of these images while keeping track of all changes; it can be a hectic and time-consuming task for businesses of any size.
This is where Microsoft Azure Shared Image Gallery and Azure DevOps come into play to provide an automated and uncomplicated way to build, maintain, support, and replicate these “golden images.” The shared image gallery helps overcome several obstacles, involved with management and distribution of images across the globe, while offering version management in one place. Some of the benefits include:
Ease of administration
Version and grouping of images for different environments such as (Dev, Test and Production)
Replication of golden image across different Azure regions so that the same version of global image could be deployed in all regions of Azure
High Availability of the Images
Premium storage and replicas for faster WVD and Scale set deployments
Whereas Azure Image Builder via Azure DevOps solves the problem of creating golden images in an automated and repeatable way, some of the benefits of Azure Image builder include:
Automated Installation of desired applications, such as Office 365, Microsoft Teams, Google Chrome, and line of business and custom apps.
Automated way of installing updates for software and operating system.
Automated way of configuration of software and operating system (firewall, antivirus behavior)
Repeatable process with repeatable results
Change tracking
Automatic image publishing and replication to shared image gallery
5. User Profile Storage
In order to effectively use pooled Windows 10 multi-session desktops, shared storage for user profiles is a necessity. A user could be accessing a different VM every time they log in to WVD, so their user profile needs to be available and responsive.
FSLogix in combination with Azure File Storage solves this challenge efficiently. The desired Azure Storage SKU and data redundancy options can be configured to meet any availability requirements. Each user profile is stored on the file share and is mounted at user login to the WVD host. The user is not able to tell they are using a remote profile- it simply looks as if the profile is local to the machine. The profiles are managed using FSLogix which is simple to deploy and manage. FSLogix gets installed on the VM image and configuration settings are managed using group policy.
FSLogix with Azure File Storage makes for a great solution to manage user profiles without using roaming profiles or folder redirections. Plus, there are no synchronisation conflicts because the profiles are always accessed directly from the remote location.
Additionally, the Azure File Storage share can be backed up using Azure Backup to an Azure Backup Recovery Services vault and easily replicated to other regions for added protection.
How we can help with your technology needs: https://www.clouda2k.com/consulting