Azure Virtual Desktop (AVD) is Microsoft’s latest iteration of Terminal Services and with more organisations moving their environments to Cloud only or Cloud hybrid, now may be the time to try AVD.
As Azure Virtual Desktop (AVD) is built on the success of Remote Desktop Services (formerly Terminal Services), it is only fair to give it a quick overview.
Benefits:
- IT teams could maintain a handful of servers rather than hundreds of end-user devices, whilst ensuring consistency across all users.
- Onboarding a new user is as simple as granting access and showing them how to connect.
- Almost all devices could connect from almost anywhere.
- User sessions are stored remotely, allowing users to easily swap between a laptop and a desktop
- Backups could be taken much easier with increased frequency, as well as ensuring all data remains in a single location
Weaknesses:
- Lots of users accessing RDS would use up a lot of bandwidth, this may have resulted in bottlenecks and/or require a faster internet connection at the location of the servers
- Internal IT teams must maintain the physical hardware that RDS runs on
- Internal IT teams must maintain the OS and applications on each session host, which may lead to inconsistencies between hosts
- There are limited options when securing access to RDS. It is possible to secure RDS sessions with MFA though this requires additional servers to maintain. VPNs are a very common method of securing access as they provide more options
Terminal Services has been incredibly successful for many years across companies of all shapes and sizes. It makes ensuring all users have a consistent experience a breeze but brings along the challenges of maintaining physical servers.
Azure Virtual Desktop (AVD) keeps all these benefits, removes most of its challenges, and even adds a few extra features on top for good measure.
Benefits:
- AVD is built into Azure, bringing with it all the security features Azure is known for – MFA, Conditional Access, and even built-in DDOS protection
- All session hosts are running in Azure, which brings built-in resilience through Availability Zones and Availability Sets
- Running in Azure makes taking (and testing) regular backups incredibly easy
- There is no limit to the bandwidth available for connecting to the AVD session hosts. Users will likely have a much better experience connecting and using the platform
- There is less work for your internal IT staff to do, making more time for other projects – There is no hardware for you to maintain or refresh, no licensing to manage, and no SSL certificates to renew every year
Weaknesses:
- The IT team still needs to maintain the OS and the applications on each session host – depending on how this is done, there may still be inconsistencies between session hosts
- The session hosts still need to be patched regularly, both for Windows updates and for application updates
- Running resources on any cloud platform increases the monthly cost of resources. While there are no hardware refresh cycles to pay out for you do still pay a premium for having someone else maintain the physical hardware
- End-user devices need an internet connection to use the applications running on AVD, there are no “local files”
It is hard to predict what else will be coming to AVD in the future, though we know there will be ongoing updates and additional features added over time.
One feature that has just been released is device configuration through Intune (Intune device configuration for Azure Virtual Desktop multi-session VMs is now generally available – Microsoft Tech Community). This allows for enrolling pooled Session Hosts into Intune – Which was previously only available for personal Session Hosts. Whilst this appears to be basic Intune management for the moment, we can expect additional management features to become available in the future.
Another big feature that is currently in the public preview is RDP Shortpath over public networks (Azure Virtual Desktop RDP Shortpath for public networks (preview) – Azure | Microsoft Docs). This will bring an improved user experience by lowering the latency between the Session Hosts and end-users. It does this in two ways – Connecting the end-user directly to a Session Host, bypassing the AVD Gateway after initially connecting, and favouring UDP instead of TCP.
How can Camwood help?
Camwood’s application packaging background means we can simplify deployments of applications onto the Session Hosts as well as keep configurations consistent. We build on this by automating the creation of a base image every month – taking the latest version of Windows 10 (or Windows 11), installing all applications to the exact configuration required, then generalising this image and allowing it to be used to create multiple hosts. This process ensures we maintain consistency between hosts as well as ensuring updates are regularly.
Why have hosts running 24/7 when your users only work 9-5? We can automatically scale your environment to ensure you have enough hosts when you need them, and minimal hosts when you don’t. We leverage our experience with the public cloud to reduce costs and free up resources in your internal IT teams, allowing them to spend more time on other projects.
To unlock the power of Azure Virtual Desktop (AVD) for your organisation today contact a member of our team, and get started on the journey to a more unified end user environment with Camwood