Azure Virtual Desktop (AVD) is a virtualised desktop solution.
A Virtual Desktop allows you to separate the underlying hardware from the operating system, applications, and data, meaning that you don’t necessarily have to be concerned about the end user device. If your users access sensitive data then it remains on the remote server, reducing the chance of it being exposed on a portable device.
Why should I use it?
Common reasons for moving to Azure Virtual Desktop include replacing an existing, on-premises solution maybe due to its age or complexity; the ability to scale up or down to meet demand just in time; the move to an operational expenditure rather than an upfront cost. You don’t have to purchase or lease sufficient capacity up front to support maximum load.
If you need to run Windows 7 to support that one last legacy application then, good news, Windows 7 on AVD will continue to receive security updates until early 2023.
What do I need to set it up?
The appropriate licenses. In this case a Microsoft or Windows E3, F3, A3 or higher.
An Azure Active Directory synchronised from Active Directory Domain Services (AD DS) using AD Connect or Azure Active Directory Domain Services (Azure AD DS) in sync with Azure AD.
An Azure virtual network, allowing connectivity to AD DS or Azure AD DS. This may require a site-to-site VPN or ExpressRoute.
How do I set it up?
Bring your existing desktop image if you already have one. If not, then you’ll need to make one. There are plenty of images in the Azure Marketplace to choose from.
If you are building your image from scratch, then use a vanilla Virtual Machine image rather than an Azure Virtual Desktop. Remember to create snapshots regularly as you configure settings and install applications and, most usefully, just before your run sysprep.
Define your users. Who will administer the Virtual Machines? Who will use them? Does every user require the same configuration, applications, and performance characteristics? Do some users require machines in different regions?
Azure Virtual Desktop includes the option for a multi-user session machine. No longer confined to server class operating systems you can run multiple, concurrent user sessions on the same machine. This is likely to mean fewer Virtual Machines are required with the associated lower cost.
You’ll create a Host Pool which defines each group of virtual machines. You can configure the type, number, and size of VM, the network configuration and whether it is going to join Active Directory or Azure Active Directory.
You’ll create an Application Group which may be the full desktop experience or may be individual applications published to users.
You’ll create a Workspace, which is a collection of Application Groups. Associate an application group with a workspace to enable users to access their published app or desktop.
How do I access the Desktop or Application?
Use one of the Virtual desktop clients depending on your needs. There are clients for Windows, MacOS and IOS, and Android. The most straightforward may well be the web Browser client which also enables Linux as a client option.
Is there anything new?
Currently in preview is the ability to automatically scale the number of multi-user virtual machine hosts based on factors like the time of day, day of the week or resource usage. This gives further opportunities to improve the end user experience while also optimising costs.
In summary, Azure Active Directory is a secure, scalable, flexible solution for central management of user compute requirements. Try it out with a proof of concept before fully deploying into your Landing Zone.
