In the modern era of digital transformation, cloud computing has become a buzzword in the IT industry. Azure Virtual Desktop (AVD) is one of the many cloud services offered by Microsoft Azure that provides Virtual Desktop Infrastructure (VDI) solutions to businesses of all sizes. This technology enables remote workers to access their desktops and applications virtually from anywhere.
In this blog, we will share with you Azure Virtual Desktop in detail, including its overview, architecture, benefits, and more.
Azure Virtual Desktop Overview
Azure Virtual Desktop is a desktop and app virtualization service that runs on the cloud then accessed by users using a device of their choice. It delivers a Windows experience that is multi-session yet personable and persistent. Not only does it provide users with a Windows 10 experience, but it also delivers all of the essential Office 365 applications.
There are two different options to assign desktop to our users:
- Personal – Where each session host is assigned to individual users.
- Pooled – Where session hosts can accept connections from any user in an authorized app group within the host pool.
Architecture
Azure Virtual Desktop is combining cloud and on-premises resources. A typical architectural setup for AVD is illustrated in the following diagram:
The diagram’s dataflow elements are described here:
- The application endpoints are in a customer’s on-premises network. Azure ExpressRoute extends the on-premises network into Azure, and Azure Active Directory (Azure AD) Connect integrates the customer’s Active Directory Domain Services (AD DS) with Azure AD.
- The Azure Virtual Desktop control plane handles web access, gateway, broker, diagnostics, and extensibility components such as REST APIs.
- The customer manages AD DS and Azure AD, Azure subscriptions, virtual networks, Azure Files or Azure NetApp Files, and the Azure Virtual Desktop host pools and workspaces.
- To increase capacity, the customer uses two Azure subscriptions in a hub-spoke architecture and connects them via virtual network peering.
Key benefits
By utilizing the Windows 10 Enterprise multi-session capability, which is only available through AVD on Azure services, agencies can significantly reduce the number of virtual machines and operating system overhead, all while providing users with the same high-quality resources.
AVD provides the following benefits over a traditional Desktop-as-a-Service platform:
- Delivers fully feature-rich and scalable AVDs with Azure Windows 10 multi-session OS.
- Delivers a virtualized and optimized Office 365 experience.
- Bring Your Own Device (BYOD) options to allow for ease of transition.
- An easy path to modernization and reduction in data center expenditure.
- Provides extended support for legacy desktop operating systems or hosting of legacy applications.
- Provides a rich work from home or alternate office solution, that is simple to use.
Components
Components that Microsoft manages:
As a part of Azure, the following AVD services are managed by Microsoft.
- Web Access: By using the Web Access service within Azure Virtual Desktop you can access virtual desktops and remote apps through an HTML5-compatible web browser just as you would with a local PC, from anywhere and on any device. You can secure web access by using multifactor authentication in Azure Active Directory.
- Gateway: The Remote Connection Gateway service connects remote users to AVD apps and desktops from any internet-connected device that can run an Azure Virtual Desktop client. The client connects to a gateway, which then orchestrates a connection from a VM back to the same gateway.
- Connection Broker: The Connection Broker service manages user connections to virtual desktops and remote apps. Connection Broker provides load balancing and reconnection to existing sessions.
- Diagnostics: Remote Desktop Diagnostics is an event-based aggregator that marks each user or administrator action on the Azure Virtual Desktop deployment as a success or failure. Administrators can query the event aggregation to identify failing components.
- Extensibility components: Azure Virtual Desktop includes several extensibility components. You can manage AVD by using Windows PowerShell or with the provided REST APIs, which also enable support from third-party tools.
Components that you manage:
You manage the following components of Azure Virtual Desktop solutions:
- Azure Virtual Network: With Azure Virtual Network, Azure resources such as VMs can communicate privately with each other and with the internet. By connecting AVD host pools to an Active Directory domain, you can define network topology to access virtual desktops and virtual apps from the intranet or internet, based on organizational policy. You can connect an Azure Virtual Desktop instance to an on-premises network by using a virtual private network (VPN), or you can use Azure ExpressRoute to extend the on-premises network into Azure over a private connection.
- Azure AD: Azure Virtual Desktop uses Azure AD for identity and access management. Azure AD integration applies Azure AD security features, such as conditional access, multifactor authentication, and Intelligent Security Graph, and it helps maintain app compatibility in domain joined VMs.
- Active Directory Domain Services: Azure Virtual Desktop VMs must domain-join an AD DS service, and AD DS must be in sync with Azure AD to associate users between the two services. You can use Azure AD Connect to associate AD DS with Azure AD.
- Azure Virtual Desktop session hosts: Session hosts are VMs that users connect to for their desktops and applications. Several versions of Windows are supported, and you can create images with your applications and customizations. You can choose VM sizes, including GPU-enabled VMs. Each session host has an AVD host agent, which registers the VM as part of the Azure Virtual Desktop workspace or tenant. Each host pool can have one or more app groups, which are collections of remote applications or desktop sessions that you can access. To see which versions of Windows are supported, see Operating systems and licenses.
- Azure Virtual Desktop workspace: The Azure Virtual Desktop workspace or tenant is a management construct for managing and publishing host pool resources.
How Azure Virtual Desktop Supports Remote Workforces
The greatest demand for enterprise virtual desktop solutions comes from:
- Security and regulation applications, such as financial services, healthcare, and government.
- Elastic workforce needs, such as remote work, mergers and acquisitions, short-term employees, contractors, and partner access.
- Specific employees, such as bring your own device (BYOD) and mobile users, call centers, and branch workers.
- Specialized workloads, such as design and engineering, legacy apps, and software development testing.
Leverage Azure Virtual Desktop to your needs
Azure Virtual Desktop is an innovative solution that provides organizations with the flexibility, scalability, security, and cost-effectiveness they need to modernize their desktop infrastructure. Whether you’re looking to enable remote work, streamline IT operations, or enhance data security, Azure Virtual Desktop has use cases that can help your business succeed.
If you’re interested in learning more about how Azure Virtual Desktop can benefit your organization, don’t hesitate to connect with our consultants. Our team of experts can help you design and implement a virtual desktop infrastructure solution that meets your specific needs and enables your workforce to be more productive and efficient.
Contact us today to get started!