Diving into the Detail with Azure Virtual Desktop
Matt Chandler
Principal Modern Workplace Consultant
Azure Virtual Desktop (AVD) (formerly known as Windows Virtual Desktop) has been the go-to solution for businesses seeking to secure remote workers over the past year. Users have flocked to the platform, embracing it as a simple and seamless way to make the transition to a virtual desktop.
Before the cloud, running a virtual desktop required organisations to manage a number of servers, spending time and resources ensuring they were always patched. With AVD, Microsoft takes a lot of the strain in handling these concerns, and leaves organisations free to benefit from all that AVD has to offer.
Our previous blogs in this series have examined why AVD has proven to be such a popular platform, breaking down the benefits it brings in terms of security and licencing. To round things off, let’s dive into the detail and explore how AVD works, looking into the technical elements of its infrastructure and how it is able to deliver the service it does.
Infrastructure
Traditional Remote Desktop Services (RDS) infrastructures are usually complex, not all desktop applications are compatible and it can take a while to get users up and running. Similarly, organisations have to concern themselves with the purchase and management of hardware, spending a great deal of time on the maintenance of hundreds of servers. AVD simplifies this, placing all the remote desktop infrastructure as a fully managed service on Azure. Microsoft takes care of the infrastructure and brokering components, leaving organisations to focus on their own virtual machines (VMs) and data – taking a lot of the burden away from IT teams.
Management
Resource allocation is a key consideration when implementing this kind of system. Often organisations can find themselves having to allocate considerably more resources to users than is always necessary, given the natural changes in demand that occur. AVD can help address this disparity in allocation with the use of Windows 10 Multi-session.
Previously each user’s VM was sized based on anticipated peak usage. By contrast, the multiuser model allows several users to make use of a single VM. As a result, the number of session hosts needed is greatly reduced, providing organisations with a much more cost-effective approach without sacrificing performance.
It’s worth reflecting on the significance of this change. In the one user per VM model, the size of VM for each user is based on anticipated peak usage, leading to wasted resources during drops in demand throughout the working day. With a multi-user model, you are able to deploy a single VM with sufficient CPU and RAM to have many users on a single machine, significantly reducing resource requirement.
From here, you can assign collections of VMs, called host pools, to specific users, giving you the option to organise by department. This allows departments that require a certain amount of GPU, such as a design team, to access the required resources without having to provide the same amount of resources to other departments.
Indeed, for the best level of performance, organisations can make use of Breadth mode, which evenly allocates users across the host pool dependant on the workload. Alternatively, you can use Depth mode. Here, the load balancer fully allocates users on a single VM before moving on to the next one, if you wish to optimise for cost-savings. You can also deploy scaling tools, automating provisioning of additional VMs as needed once a specified threshold has been met.
User experience
One of the main aims of AVD is to provide a simplified end user experience. Users should be able to access all their files and desktop features as they would on a regular local desktop. Microsoft acquired the app-provisioning platform FSLogix to help achieve this streamlined user experience.
The main function of FSLogix is to help manage user profiles, meaning whenever a user moves between session hosts, their user profile is saved on a storage network location. This centralised network location can be accessed whenever it is required, allowing users to always have access to their personal files and desktop when they log in. This is especially helpful when making use of Windows 10 Multi-session, as users will often connect to a number of different session hosts as and when they need to.
The technology has been optimised for use within AVD. Take something like Outlook for example. AVD containerises user profile data in separate virtual disks, attaching in real-time to any session on any VM as you login. There is then a separate container for Office 365 data, meaning an organisation doesn’t need to spend extra money on backing up this data, as this is handled by Microsoft. This also applies to accessing OneDrive files. The OneDrive sync client and Windows 10 Enterprise Multi-session work together to provide OneDrive files on demand, making use of the default 1TB storage.
Application masking is another useful component of FSLogix. It can be used to install all of an organisation’s application onto a single image, alleviating management of the need to keep on updating different master images. It also allows specific applications to be blocked to certain users, despite every application being on the master image. Thus access to sensitive documents around areas such as HR or finance can be managed without the need to use a separate image or additional session hosts. Best of all, this feature comes free as part of the AVD environment.
AVD is constantly being fine-tuned. The use of applications such as Teams on AVD has vastly improved over the past year, with Microsoft providing weekly updates to evolve the platform based on the needs of their users. As it continues to improve over time, the popularity of the platform is likely to continue to grow.
Follow this series to understand more about how AVD can benefit your business and unlock the potential of your users. For more insights on AVD click here.
Social Share
Don't miss the latest from Ensono
Keep up with Ensono
Innovation never stops, and we support you at every stage. From infrastructure-as-a-service advances to upcoming webinars, explore our news here.
Blog Post | September 27, 2024 | Best practices
Ensuring Secure Identity Architecture with Trusted Directories
Blog Post | September 9, 2024 | Best practices
Why QA Matters in Light of the CrowdStrike Incident
Blog Post | September 5, 2024 | Technology trends