- Azure AD without on-prem Windows Active Directory? - Mon, Oct 25 2021
- An overview of Azure security - Mon, Mar 29 2021
- An introduction to Azure AD administrative units - Wed, Jan 6 2021
While this may seem like a direct competitor to other virtual and remote desktop services, Microsoft partners with Citrix and VMware to leverage Azure for on-demand virtual and remote desktop infrastructure. This post outlines remote desktop options available in Azure and options for third-party services to integrate with Azure.
Remote Desktop Services ^
Microsoft's server-based remote desktop solution is Remote Desktop Services (RDS). RDS hosts multiple user sessions on one or more servers, referred to as Session Hosts. Users connect to and interact with a Session Host. The Session Host server provides the remote desktop or remote application service to users.
Another component of RDS is the Connection Broker. The Connection Broker distributes incoming requests to available Session Hosts. It also maintains session states and reconnects disconnected users to existing sessions, avoiding orphaned sessions and data loss.
Users access the RDS environment with a client application or an optional web-based client. The RDWeb service provides a web-based interface for users to access applications and full desktops. A gateway service, RDGateway, is also available. RDGateway provides a reverse proxy service so the desktop client can connect securely to RDS from external networks.
It is not uncommon to deploy RDS environments in Azure. Although the solution works, the infrastructure required for RDS is relatively costly, depending on the number of servers needed.
Virtual Desktop Services ^
There are some limitations to RDS. Windows RDS leverages a server operating system (OS) to provide multiple desktops on a single server instance. A server OS requires different sets of Group Policies and may require cosmetic changes to the desktop, such as the start menu layout and background images. Some third-party applications will not work on a server OS or in a multi-user environment. Until recently, the Windows client OS did not support multiple user sessions.
These shortcomings have led to the popularity of Virtual Desktop Infrastructure (VDI). VDI creates a pool of OS instances in a virtualized hypervisor environment using virtualization software such as VMware, Citrix, or Hyper-V. Users log in to one of these virtualized desktops to use services just as they would a local desktop. Unlike RDS, which supports multiple users on a Session Host, VDI supports one virtual desktop per user.
Hosting a VDI environment on-premises requires an investment in technology. VDI environments need server hardware with RAM and CPU capacity to handle the peak user load, as well as data storage with sufficient input/output operations per second (IOPS) to handle users logging in and working throughout the day. There is also administrative overhead related to systems that support VDI as well as licensing costs.
WVD is a PaaS offering from Azure that provides a compelling alternative to VDI and RDS. Microsoft WVD provides the functionality of a Connection Broker, acting as a load balancer and session manager. It provides the functionality of an RDWeb server, providing a web interface for published resources. It also provides RDGateway services, allowing RDP access from external networks. WVD facilitates connecting users to Session Hosts, allowing users to interact with desktops or published applications.
WVD delivers significant cost savings and simplicity compared to provisioning RDS services on-premises or in Azure. It also enhances security. It is not necessary to open ports on the firewall to enable remote desktop access to external users.
PaaS offerings have the advantage of simplifying management. With PaaS services, there is no need to manage or patch the servers hosting the service; Microsoft handles that. Staff can focus on service administration without having to manage the servers and OS. The illustration below shows a comparison between WVD and an RDS deployment. Notice that while parts of the deployment are a PaaS offering, the Session Host, the service the users interact with, is still hosted on one or more traditional servers.
The user logs into WVD and is directed to a Session Host server. These servers can host standard Microsoft or custom applications. Session Hosts are unique to the user's environment and, as such, need to be part of an Active Directory domain and managed by the organization. Session Hosts are within a company's scope of management, requiring updating and patching like any other server.
WVD supports multiple server and client OSs for the Session Host. Server OSs include Server 2012 R2, 2016, and 2019. Client OSs supported for host sessions include Windows 7 Enterprise, Windows 10 Enterprise, and a new version of Windows 10 Enterprise that supports multiple user sessions.
Windows 10 Enterprise multi-session ^
As the name implies, Windows 10 multi-session is a version of Windows 10 that supports multiple user sessions on the same instance of an OS. Until Windows 10 multi-session, multiple sessions were only available with a server OS.
Windows 10 multi-session is a significant change to RDS. Until Win 10 multi-session, there were only two choices for delivering remote desktops, a client OS such as Windows 7 or 10 in a VDI environment, or a multi-session Server OS. With Windows 10 multi-session, you can implement a remote desktop environment using the familiar OS interface of Windows 10 in a multi-session environment.
Windows 10 multi-session provides greater compatibility with applications that require a client OS. It also minimizes the need for a separate set of Group Policies for Windows clients and the servers used for remote desktop. It provides a familiar desktop to users, limiting the need for the special customizations required for a server OS desktop. The same customizations for the existing desktop environment are available for the remote desktop session host.
There is one limitation with Win 10 multi-session. It is not supported outside of Azure. The OS is not available for download, and it will not activate against a Key Management Service outside of Azure.
Windows 10 multi-session is not limited to WVD. It can deploy an Infrastructure as a Service (IaaS) VM with Win 10 multi-session and direct users to log in to it. The ability to deploy Windows 10 multi-session without WVD makes it a viable option for other remote desktop solutions, such as Citrix or VMware Horizon environments.
Microsoft recognized that some organizations have an investment in other products and partnered with Citrix and VMWare to extend support into Azure. It enables leveraging the Azure cloud for pay-as-you-grow scalability while maintaining a familiar management model.
Citrix and Azure ^
Citrix is a well-established company for server, desktop, and application delivery. Citrix offers an alternative to the Microsoft RDP protocol called Independent Computing Architecture (ICA). Citrix Virtual Apps and Desktops provide a remote desktop and remote application experience for users working remotely. Citrix is a multi-platform offering with a variety of services, in addition to remote applications and remote desktop solutions.
On the surface, it may seem that WVD and Citrix are competing technologies. Over the years, Citrix's and Microsoft's respective technologies have complemented each other much more than they have competed. This continues with WVD. Citrix has supported WVD since it became generally available. Citrix provides a hybrid cloud solution supporting Windows 10 multi-session in Azure.
VMware Horizon and Azure ^
Horizon is VMware's virtual desktop solution. It offers a flexible, secure virtual desktop service integrated into VMware's management platform. Horizon leverages VMware's advanced snapshot and cloning technology to quickly provision and deploy virtualized desktops and applications.
Horizon supports a hybrid cloud model with Microsoft Azure. It enables extending on-premises into Azure. With a hybrid approach, an organization can leverage existing investments to take advantage of the scalability of the Azure cloud for disaster recovery or to rapidly scale to accommodate unexpected demand.
WVD, along with Win 10 multi-session, is a disruptive technology in the remote desktop market space. It provides a complete cloud-based solution for delivering a remote desktop environment. WVD minimizes server requirements by combining the RDWeb, RDGateway, and Connection Broker services into a PaaS offering.
Subscribe to 4sysops newsletter!
For those who have an investment in VDI with Citrix or VMware Horizon, there is a strong partnership with Azure to support a hybrid cloud approach to virtualized and remote desktop services. It provides the scale-on-demand benefit of the Azure cloud with the familiar management of existing infrastructure.