An important aspect of any Azure Virtual Desktop (AVD) environment is ensuring it is designed to not only meet best practices standards but also meet your organization’s requirements. To get the most out of this cloud-hosted service, it is important to use the correct features and components that make up the AVD environment which will, in turn, give a much better experience for your users.
This course will help you design and plan your Azure Virtual Desktop environment and allow you to understand how it integrates with other Azure services. It covers understanding network and sizing requirements, recommending the correct identity and access management (IAM) solution to integrate with AVD, the operating system (OS) options that support AVD, and a closer look at the different host pool types with use cases they fit into.
Learning Objectives
- Assessing existing physical and virtual desktop environments
- Assessing network capacity and speed requirements for Azure Virtual Desktop
- Recommending an operating system for an Azure Virtual Desktop implementation
- Planning and configuring name resolution for Active Directory (AD) and Azure Active Directory Domain Services (Azure AD DS)
- Planning host pools architecture
- Recommending resource groups, subscriptions, and management groups
- Configuring a location for the Azure Virtual Desktop metadata
- Calculating and recommending a configuration for performance requirements
Intended Audience
This course is intended for people who want to become an Azure Virtual Desktop Specialist and/or are preparing to take the AZ-140 exam.
Prerequisites
If you wish to get the most out of this course, it is recommended that you should have a good understanding of Azure Administration, however, this is not essential.
Welcome to this module on Azure Virtual Desktop overview. In this module, we will cover the following topics. What is the Azure Virtual Desktop? Where we'll discuss some of the high-level features of this service. How does it work? Well, we'll look at how organizations can utilize this service and Azure Virtual Desktop use cases. This is where we'll talk about some of the different workloads and use cases that can take advantage of this cloud service.
We are first going to look at what Azure Virtual Desktop is. It is Microsoft's cloud hosted virtual desktop infrastructure, better known as BDI solution, which allows you to move your end-user compute workloads into the cloud. It is only VDI solution that supports a Windows 10 Enterprise multi-session operating system, which means this particular OS can only be provisioned within Azure. Azure Virtual Desktop is secure by design as the backbone of this infrastructure is hosted within the Microsoft cloud ecosystem. However, we'll talk about that in more detail later in this module.
It simplifies everyday management tasks by allowing you to utilize Azure's automation services and tasks like Azure automate and auto-scale. These two integrations are outside of the scope of this course. However, they are discussed in later courses for this certification. Azure Virtual Desktop allows organizations to lower compute costs by allowing them to utilize auto shut down features and auto scaling to scale virtual machines in and out, depending on peak usage times or core business hours.
We are now going to discuss how it works. Azure Virtual Desktop allows users to remotely connect from anywhere and from multiple device types to a host cloud environment. This environment consists of host pools with virtual machine session hosts and application groups that consist of full Windows 10 desktop or remote published applications. You can integrate Azure Virtual Desktop with other services, as well as your on premises infrastructure if you have resources hosted within your physical offices, that need to be accessed.
I mentioned earlier in this module that Azure Virtual Desktop is secure by design. And this is because the backbone infrastructure is hosted by Microsoft. The Microsoft-managed components include web access. This component enables the end user to gain access to Azure Virtual Desktop and the virtual applications via HTML5-compatible internet browser. Connection broker, user connections to the remote desktop and remote applications are managed by this component of Azure Virtual Desktop.
Gateway access, this component allows remote users to connect to Azure Virtual Desktop resources from any device that is connected to the internet. Extensibility components, Azure Virtual Desktop can be managed by utilizing Windows PowerShell or the rest APIs that are provided. It also allows for support of third-party tools. Diagnostics, this event-based aggregator marks each action which is made by either a user or an administrator on the Azure Virtual Desktop deployment as a failure or a success. There are also specific components that are managed by the consumer, i.e. the organization.
The consumer-managed components include Azure Active Directory, Azure Virtual Desktop uses Azure Active Directory better known as Azure AD to manage identity and access better known as IAM. Azure Virtual Network, Azure Virtual Desktop compute resources use the Azure Virtual Network, better known as a vNet to communicate privately with over compute resources and between virtual machines. We will discuss network topology in more detail later in this course.
Session hosts, session hosts are virtual machines, better known as VMs that roam within your host pool. We will look at host pools and session hosts in more detail later in this course. Azure Virtual Desktop Workspace, this component manages session hosts and publishes the host pool resources. There are two types of Azure Virtual Desktop deployments which have very similar requirements. However, they both offer different benefits. We first have hybrid deployments, which is integration services that requires some type of additional infrastructure, whether hosted on premises or in the cloud.
In a hybrid Azure Virtual Desktop environment an Azure AD tenant is a requirement, which is the base of the identity and access management solutions. You also need to have a domain controller, which can be a physical or virtual service hosted on premises or a virtual machine hosted with Azure. An Azure subscription is required, which enables you to provision all the Azure Virtual Desktop services within your own tenant.
The second type of the deployment is a cloud-only deployment. The main difference with this type of deployment is instead of a domain controller, you utilize an Azure Active Directory Domain Services tenant, which is Microsoft domain controller as a service. You still need an Azure AD tenant and a subscription. Azure Virtual Desktop is accessed via an application called the Remote Desktop Client, which is supported on the following operating systems, Windows client, which can be downloaded via a web browser, Apple iOS client, which can be downloaded via the Apple store, Android client, which can be downloaded via the Play Store and macOS client, which can be downloaded via web browser.
In the final part of this module, we're going to take a look at the different use cases of what Azure Virtual Desktop can be used for. The first use case is probably the one that has been utilized for the most and that is to facilitate remote working. You can have users working from locations outside your corporate offices network and access all the company resources they need via Azure Virtual Desktop. We then have organizations who are using Azure Virtual Desktop to replace their physical end user devices and move those workloads into Azure Virtual Desktop by utilizing the Windows 10 multi-session OS and published applications.
Another common use case has been development teams implementing development environments to test systems and applications outside their production environments in a sandbox Azure Virtual Desktop tenant. Organizations have also started to use Azure Virtual Desktop in their disaster recovery and business continuity plans. So in the event of a disaster, they can implement remote working quickly and effectively if required.
Shabaz Darr is a Senior Infrastructure Specialist at Netcompany based in the UK. He has 15 years plus experience working in the IT industry, 7 of those he has spent working with Microsoft Cloud Technologies in general, with a focus on MEM and IaaS. Shabaz is a Microsoft MVP in Enterprise Mobility with certifications in Azure Administration and Azure Virtual Desktop. During his time working with Microsoft Cloud, Shabaz has helped multiple public and private sector clients in the UK with designing and implementing secure Azure Virtual Desktop environments.