Introduction to Windows Virtual Desktop
On September 30th, Microsoft officially released the general availability of Windows Virtual Desktop. This new DaaS/PaaS service of Microsoft could be a game changer for existing RDS environments but what is it exactly?
Windows Virtual Desktop is an extensive cloud service for virtualizing desktops and applications. It offers a full desktop virtualization experience in the Cloud. The service focuses on simplified management and a new OS called Windows 10 Enterprise multi-session. Windows Virtual Desktop also supports optimizations for Office365 and support for RDS environments.
The service, that is ran in the Azure Cloud, offers a complete desktop virtualization that can be reached on any device. This includes Windows, MacOS, Android, IOS and HTML5 browsers.
Most importantly, Microsoft released 2 interesting cases with Windows Virtual Desktop. First of all, the new Windows Enterprise 10 multi-session and the infrastructure service.
The new W10 Enterprise multi-session OS
One of the key points of Windows Virtual Desktop is the new operating system. This OS combines 2 ways of virtualization from Microsoft in a new jacket called Windows 10 Enterprise multi-session.
On one side, they take the scalability of Windows Server and combine this with the native Windows 10 modern desktop experience.
Windows 10 Enterprise multi-session offers the multi-session functionality that is exclusive to Windows Virtual Desktop. And with the Windows 10 multi-session you can have multiple users on 1 single virtual machine that each have their own full desktop or applications than different VMs per user. This makes it very interesting to lower the prices for the resources.
The second most interesting about Windows Virtual Desktop is the new PaaS. This service contains a full service of managing an RDS environment and connection broker functionality. It determines which users are connected to the virtual machines. All of this was previously handled by RDS server roles such as the RD gateway, web access, connection broker and license server.
When a user wants to log in to his environment, this is done by using your Azure AD. When logging in, communication takes place between the client and Web Access. The Web Access then communicates with the Broker who determines which applications are available to the user. When choosing the application, the user connects to the Gateway, which then establishes an outbound connection via the Broker with the chosen desktop or application.
There is no inbound connection here since the virtual machines connect via an outbound connection (SSL) with the Service. This keeps the environment always closed.
Because of this new service, you only must configure your virtual machines and user groups. You don’t have to worry anymore about setting up a complete RDS environment because Microsoft takes care of that. This means that your installation is done quickly and only takes a few hours to setup.
To make this multi-session possible, Windows Virtual Desktop uses host pools for different groups of users. Host pools are collections of virtual machines with the same configuration meant for multiple users in that pool. You can determine which desktops or applications will be made available and which users will have access to these applications or desktops.
To scale these host pools, you can use 2 modes to determine how the virtual machines should react when a user logs in.
The first one is Breadth mode. This scales the users proportional throughout the virtual machines. This is meant for better performance per user and making use of your resources.
The second one is Depth mode. This method works cost saving because it logs the users in one virtual machine. When this virtual machine can’t handle most users, it turns the users to the other machine and it continues like that.
To log in a user to their environment, they must use their Azure AD. This means that it brings a few benefits from Azure AD as well like MFA and conditional access.
With conditional access, you can control who can or cannot access an environment depending on certain parameters such as location, device, … It is possible that only users in certain locations can only gain access and in other places cannot. This is also a plus for Windows Virtual Desktop when it comes to security.
Since the environment is completely virtual, there is no longer any need for specific devices to reach this environment. The environment can be reached on all your devices with the appropriate Remote Desktop client applications per device.
Apple, Android and Windows devices only need to install the Microsoft Remote Desktop application and there is also a possibility to reach the environment through the browser. This is possible on any browser if it supports HTML5.
Because profile management of users is important in these kinds of environments, Microsoft used a new acquired technology called FSLogix.
FSLogix is designed to use roaming profiles in external computer environments, such as Windows Virtual Desktop. It stores a complete user profile in one container. When the user logs in to his remote environment, this container is dynamically linked to the computer environment using natively supported Virtual Hard Disk (VHD) and Hyper-V Virtual Hard Disk (VHDX). The user profile is immediately available and appears in the system like a native user profile.
An external user profile provides a partition between user data and the operating system. This is useful because the operating system has the option to be replaced or changed without affecting the data of the users.
App Attach (not yet available)
Just like the user profiles, Microsoft wants to save their applications in a separate storage. App attach is a new term in Windows Virtual Desktop that stores the applications outside of the storage disk. These are then “attached” when the user logs in. Since these applications are connected to the user groups and then directly connected to the VM when logging in, it looks and feels locally for the user and for Windows.
The applications are converted to a MSIX package that is then linked to the virtual machine instead of installed. The benefits of this is that it reduces the OS disk space and makes it easier for the admins to manage and update their applications.
This feature is publicly available since November 27th but is not recommended to use in working environments at the moment.
Extra interesting features
If you, as a company, are thinking of going with your existing infrastructure to the Cloud, this could be the step you need to do it. Especially when you are still using Windows 7. With Windows Virtual Desktop, Microsoft extended the security updates for Windows 7 until January 2023.
And if you’re still doubting to change because of applications that might not be compatible, Microsoft also introduced Desktop App Assure. This service helps you to assure that all your applications will work on the newest versions of Windows.
As previously said, this could be a potential game changer. The new service is a big benefit and takes a lot of work away unlike traditional RDS environments and it is completely free.
Because of this, it does not take a long time to deploy an environment like this and can be easily managed for users and applications.
The cost price is also very interesting because you only pay for what you need.
Windows Virtual Desktop is a very interesting new service and will continue to bring out more features to enhance the virtual desktop experience in the future.
I have been actively working as an intern in Orbid. They gave me the opportunity to test out a new technology from Microsoft called Windows Virtual Desktop. Since then, I have acquired a lot of interest in cloud solutions.