Azure Virtual Desktop
Azure Virtual Desktop (AVD) is a cloud-based desktop and application virtualisation service that runs on Microsoft Azure. It provides a multi-session Windows 10 experience, optimises Office 365 performance, and enables businesses to transition their existing Remote Desktop Services (RDS) desktops and applications to the cloud.
AVD works by creating virtual machines in the Azure cloud and streaming them to users’ devices. This allows users to access their desktops and applications from anywhere, on any device. AVD also provides centralised management and monitoring, making it easy for IT administrators to deploy and manage virtual desktops and applications.
Simplify Deployment and Management of Infrastructure
- Deploy and scale virtual desktops and applications quickly and easily.
- Reduce complexity by eliminating the need to manage physical hardware and software licenses.
- Increase agility by responding quickly to changing business needs.
- Save money on IT costs with autoscaling and pay-as-you-go pricing.
- Centralise management and monitoring of your virtual desktop and application environment for real-time visibility on user performance and system issues.
Pay Only For What You Use
- No additional license costs: Use Azure Virtual Desktop with your existing eligible Microsoft 365 or Windows per-user license.
- Reduce infrastructure costs: Right-size your virtual machines (VMs) or shut them down when not in use.
- Save on management overhead: Let a dedicated managed service provider take care of your virtual desktop infrastructure (VDI).
Protect Data Privacy and Security
- Secure User Access: AVD ensures secure user access through Microsoft Entra Conditional Access Policy and multifactor authentication.
- Identity-Based Authentication: Identity-based authentication is provided for Azure Files used in FSLogix User Profiles.
- Least Privilege Assignments: Azure RBAC roles are used to assign least privilege to both users and services.
- Data Encryption at Rest: Data at rest is encrypted with the choice of customer-managed keys or platform-managed keys.
- Data Encryption in Transit: AVD encrypts data in transit between the VM host and the Storage service.
- Automated Services: Azure Managed Identity and service principals with certificate credentials are employed for automation and service access within AVD.
- Activity Logging and Monitoring: User and administrator activity logging is collected for Microsoft Entra ID and AVD landing zones, with monitoring conducted through SIEM tools.
- Access Management: Access to AVD application groups is assigned using Microsoft Entra groups instead of individual user settings.
- Security Policy Recommendations: AVD recommends security policies for Office deployments using the Security Policy Advisor for Microsoft 365 Apps for enterprise.
- Integration with Information Protection Solutions: AVD supports integration with information protection solutions like Microsoft Purview Information Protection or third-party alternatives.
Azure Virtual Desktop consists of the following components:
Host pools: Host pools are groups of virtual machines that are used to provide desktops and applications to users.
Session hosts: Session hosts are the virtual machines that users connect to when they access their desktops and applications.
Connection Broker: The Connection Broker is a service that manages user connections to host pools.
Web client: The web client is a portal that users can access to launch their desktops and applications.
Remote Desktop clients: Remote Desktop clients are applications that users can install on their devices to connect to their desktops and applications.
AVD Supported Operating Systems
Azure Virtual Desktop supports a wide range of operating systems, providing organisations with the flexibility to choose the operating system that best meets their needs:
- Windows 11
- Windows 10 multi-session
- Windows 10
- Windows 7
- Windows Server 2022 R2
- Windows Server 2019
- Windows Server 2016
Work from any client device, anytime and anywhere, including:
- Microsoft Store Client
AVD Client Support
Traditional Virtual Desktop Infrastructure (VDI) vs. Azure Virtual Desktop (AVD)
Traditional VDI is a solution that is deployed and managed on-premises. This means that organisations need to purchase and maintain their own hardware and software, and they are responsible for all aspects of managing their VDI environment.
AVD is a cloud-based desktop virtualisation solution that is hosted and managed by Microsoft. This means that organisations do not need to purchase or maintain their own hardware and software, and Microsoft is responsible for all aspects of managing the AVD environment.
|Feature||Traditional VDI||Azure Virtual Desktop|
|Deployment and management||On-premises||Cloud-based|
|Hardware and software requirements||Organisations need to purchase and maintain their own hardware and software.||Microsoft provides and maintains the hardware and software.|
|Cost||Can be expensive to deploy and maintain.||More cost-effective, especially for small and medium-sized businesses.|
|Security||Can be secure, but organisations need to implement their own security measures.||Secure by design, with built-in security features such as multi-factor authentication and encryption.|
AVD for Enterprises
AVD can be implemented for a wide variety of work scenarios to provide the following enterprise capabilities:
- Standardisation and Productivity: AVD provides a consistent virtual desktop environment for employees, regardless of their location or device.
- Specialised Workload Support: Provides a flexible and tailored solution for deploying unique workloads with specialised requirements, such as engineering and design software or legacy applications.
- Workforce Flexibility and BYOD: Accommodates workforce flexibility and enables BYOD initiatives by allowing employees to access organisational resources from any device, anywhere.
- Security and Compliance: Protects data privacy and helps businesses in the Financial Services and Insurances industry, healthcare sector, and government agencies meet regulatory requirements.
- Integration with Azure services: AVD can be integrated with other Azure services, such as Azure Active Directory and Azure Storage, to create and manage customised shared virtual desktops and applications for your team.