Welcome to the first of a three-part series on Windows Virtual Desktop (WVD), its latest news, features, and benefits for businesses.
Microsoft announced Windows Virtual Desktop (WVD) in Sept 2018, and March 2019 saw a technical preview of the solution being made available to the general public. The service is ready and as of today, companies can use its client application for Windows, Android, iOS, HTML5, and Mac.
IT experts often refer to Windows Virtual Desktop as Remote Desktop modern infrastructure or RDmi. The Azure-based service is an extensive desktop and application suite that runs in the cloud. It differentiates itself from other managed desktop platforms by virtualizing the entire Windows and Office UX with end-to-end security and compliance features. As a result, other than multi-session Windows 10 experiences, users receive dynamic access to remote desktops and virtualized applications.
The ‘multi-session’ is key, considering that the goal is to deliver Windows Client desktops to users, not Windows Server desktops. This covers just about everything as far as Windows Virtual Desktop access is concerned.
Historically, Windows Client allowed a single Remote Desktop Protocol (RDP) session at a time. Windows Virtual Desktop runs as a fully hosted Remote Desktop Services (RDS) session host farm, delivering both RemoteApps and desktop sessions. What is the selling point? Businesses only pay for the underlying compute and IT departments need not manage the VDI infrastructure.
Microsoft pools the underlying VMs which comprises of a WVD deployment in a unique way. Instead of a specific VM assigning a fixed amount of virtual CPU and RAM to each user, a single VM can host numerous Windows 10 or Windows 7 desktop sessions. In terms of compute power, companies invest in the underlying VMs as part of their Azure budget. As per Microsoft, organizations will have flexibility in the VM sizes they select for their WVD farms, and the user density maximums per VM.
The cost of WVD covers two important components: Microsoft License and Azure Infrastructure.
Primarily, WVD is the entitlement of a Windows 10 subscription license. One can choose to purchase this license as a standalone subscription or as part of plans such as Microsoft 365 E3/E5/A3/A5. From a software viewpoint, businesses do not incur additional costs to use WYD in case they already own one of these licenses.
If an enterprise does not already have a Windows 10 subscription license, the most affordable WVD option to consider is Windows 10 Enterprise E3 for $7 per user, per month. The WVD license includes the cost of the OS (Windows 10 single user and multi-session) and the use of its management service which Microsoft hosts in Azure.
With this license, organizations do not have to pay for Windows OS Server license in Azure and the RDS license. The reason is neither of these technologies facilitate WVD. The WVD only provides coverage for Azure VMs and businesses may not use it to license on-premises deployments or other clouds.
Once a business finalizes the license portion of WVD, it must look into the cost of Azure infrastructure to run the VMs which employees will connect to and use as their desktop. Apart from the desktop VMs, administrators will need a location where they can store users’ profile containers and Active Directory. Note that all this is in addition to Azure AD. One can store profile containers in Azure files or on a Windows File Server VM in Azure. In this case, Active Directory can be traditional AD running a Windows Server VM in Azure or Azure AD DS.
The expenses of all these elements will include the VMs (compute), networking (egress bandwidth), and storage (files and disks). Calculating the total number of users, amount of storage per user, the quantity and types of apps they use, and similar factors will allow businesses to arrive at a precise cost.
Additionally, ‘will I receive free Windows Virtual Desktop’ is a question you have probably come across in the IT community. Microsoft clients with a Windows 10 Enterprise license can leverage WVD free of charge, and they only need to manage Azure subscription costs. Notably, Microsoft will also provide the opportunity to virtualize Windows 7 desktops with Extended Security Updates (ESUs) through Jan 2023.
So, what does this mean for those licensing and buying WVD? Firstly, they can expect to receive Windows 7 security updates after Microsoft formally withdraws support for it at no extra cost after Jan 14th, 2020. Secondly, they can support legacy apps as part of a Windows 10 migration.
What Businesses Receive
The technology primarily introduces efficiencies such as simplified management and network connectivity enhancements. Its ease of use, responsiveness, enhanced support for Microsoft Teams with a compelling video conferencing experience, and ability to deliver on-premises virtualization benefits present an appealing value proposition.
Windows Virtual Desktop infrastructure is fairly straightforward. Partnerships with Cloud Service Providers (CSPs) and brands like Citrix and Samsung make Microsoft’s WVD an attractive means of delivering virtual desktops. Both Microsoft and Samsung are focusing on optimizing Samsung DeX for WVD, allowing IT departments to facilitate a Windows experience on Android Samsung devices. Microsoft will negotiate storage solutions from partners tailored for WVD, and the solution will also be able to work alongside platforms other than VMware and Citrix. The companies will look to extend WVD via VMware Horizon and Citrix Workspace offerings respectively.
Microsoft plans to offer further next-generation features with WVD. In preview ‘shortly’ support will be made available for its Teams group-chat solution to deal with latency problems. Leveraging WebRTC, the WVD-support preview technology will be incorporated directly into Teams. Also, Microsoft will soon release further details about the ‘App Attach’ product it is creating for WVD. The offering allows MSIX-ready applications to be stored outside a VM so that each app can attach itself when required. It isolates user data, applications, and the underlying OS, and the concept is similar to Application Layering. Such developments can play a major role in allowing Windows to become more of a platform for hosting virtualized applications. We hope this sheds some light on how Windows Virtual Desktop hosting works.
Furthermore, WVD receives performance enhancements arising from modifications in Windows and Office, and by integrating support for FSLogix. Microsoft did not confine the existing FXLogic technology to WVD when it acquired the company. Businesses can leverage this to accelerate Office in any VDI deployment, and having developers in the same company enables Microsoft to perform deeper integration with Office.
Non-office applications also receive performance benefits, and this is where the App Attach feature comes into play. WVD attaches a user profile and the assigned applications to the VM an employee utilizes. Hence, there is no need to sequence apps for virtual deployment or incur the expense associated with streaming them into a VM. In turn, employees need not sit through their cloud desktop and undergo complex configuration and set up processes each time.
Businesses can also manage Windows in a smarter way with WVD. What happens in traditional on-premise VDI is you initiate a connection from an endpoint device into your environment. Needless to say, you raise security vulnerabilities by opening any kind of a port into your network to enable external connectivity. Things work differently with WVD; it establishes the connection as an outbound connection from the VMs that host your desktops and apps. Bring in the gateway that is between this connection, and your endpoint is Azure AD. You can set conditional access (CA) policies by making it mandatory for endpoints connecting to the service to meet necessary security requirements. What’s more, you can even limit access either by time of day or IP addresses.
Securing A Milestone
On October 25, 2019, the United States Department of Defense awarded a $10 billion technology contract to Microsoft for cloud computing services.The DoD chose Microsoft as their single cloud provider to standardize on. Known as the Joint Enterprise Defense Infrastructure (JEDI), the contract intends to modernize US computer systems and military technology.
According to the contract, Microsoft will be facilitating enterprise-grade, commercial infrastructure as a Service (IaaS) and Platform as a Service (PaaS) to support DoD mission and business operations. Furthermore, work performance will occur at Microsoft’s place of performance. As a result, the company will use any blend of the Microsoft Azure public cloud, government cloud, and/or secret cloud regions, and data centers. Additionally, Azure Stack implementations will be deployed where required.
By unifying data in the cloud, the Pentagon receives clear benefits as the military employs a greater use of remote sensors, semi autonomous weapons, and Artificial Intelligence (AI) technology. In a nutshell, the contract itself is a significant move by the US government to implement cloud computing as they focus on keeping pace with technological advancements. For Microsoft, winning the 10 year JEDI contract is a testament of its position as the IT industry’s pioneer.
This concludes part one of our WVD discussion. Please stay tuned for part two in which we will further explore the solution.