Microsoft Azure is well known for offering great cloud-based services for creating a hosted IT and Network infrastructure.  Probably one of its greatest strengths is the ability to create Virtual Machines (VMs) in just a matter of a few minutes.  Essentially, these are the servers that make use of the Windows Server OS.

But there is yet another great tool which is known as the Azure Virtual Desktop (aka AVD), formerly called the Windows Virtual Desktop.  Along with this rebrand, there are some other new enhancements and upgrades which have been added.

What Are The New Features?

These can be outlined as follows:

1. It is compatible with and can be accessed through other platforms:

These include the following:

  • Windows 10 Enterprise;
  • Windows 7 Enterprise;
  • Windows Server 2012 R2;
  • Windows Server 2016;
  • Windows Server 2019;
  • macOS;
  • iOS;
  • Android;
  • The Microsoft Store Client.

2. Easy configuration:

You can create these new desktops to any requirement or configurations that your environment may require.  You can still access the public internet on an AVD VM. The AVD VM can still become infected as if it was a physical machine or typical VM. However, the risk of data leakage is mitigated by isolating the AVD session from the host machine/laptop that is being used to connect to AVD. When properly configured, end users can’t copy data from the AVD to the local machine nor vice versa. The AVD can be accessed using public internet kiosks or home PCs without the risk of contamination.

Also, the following safeguards have been put in place in order to ensure that this does not happen:

  • Azure Firewall;
  • The Azure Security Center;
  • The Microsoft Defender ATP;
  • The Azure Sentinel.

3. It makes use of Identity & Access Management (IAM):

This capability is heavily used and enforced in the AVD.  For example, Multifactor Authentication (MFA) is used, along with various types of Role Based Access Control (RBAC) tools.  For compliance purposes, the AVD also adheres to the following:

  • ISO 27001;
  • ISO 27018;
  • ISO 27701;
  • PCI-DSS;
  • FedRAMP High;
  • HIPAA.

4. It is free:

Depending upon the licensing model you have with Microsoft, the AVD is free with any subscription of M365 that you have.  In the end, just like with Azure based services, you only pay for what you make use of. More details on pricing can be seen here.

5. Increased levels of scalability:

The AVDs are managed through one central location, which is the Microsoft Azure Portal.  Because of this, you can quickly and easily increase or decrease the total number of virtual desktops that you need in a very quick manner.  Also, you can scale up/scale down the following as well, depending upon your needs:

  • The virtual CPUs;
  • The RAM;
  • The total amount of hard disk space that is required.

An example of the Azure Portal can be seen below:

(SOURCE:  1).

6. Other Microsoft tools are available:

These include:

  • The traditional Microsoft Package, such as Word, Excel, PowerPoint, Access, Publisher, etc.;
  • Outlook;
  • OneDrive;
  • Microsoft Teams.

7. It will work with Azure Active Directory:

At the core of any type of Azure based Cloud deployment is the Active Directory.  This is where all of the user groups and profiles are stored and centrally managed from.  A new component has been added to it so that there will be a direct connection from that to the AVD, and vice versa.  The primary benefit of this is that this will help to further streamline the deployment of any new AVDs that are created.

8. Extra protection for the endpoints:

The endpoint is still an often-forgotten area when it comes to Cybersecurity.  But by making use of the AVD, this is no longer an issue.  The Microsoft Endpoint Manager is automatically deployed, thus giving the endpoints across your entire Cloud based platform all of the protection that it needs in this regard.

Conclusions

Overall, this article has examined some of the new functionalities of the AVD.  There are still some other features that are only available in “Preview Mode” and will be made available for public consumption at a later point in time.  In the meantime, if you have any questions or need help in deploying AVDs in your environment, contact us today.

Sources