Microsoft Windows Virtual Desktop (WVD) – An Overview
Microsoft released its desktop-as-a-service (DaaS) offering, WVD (Windows Virtual Desktop), to the general public in September 2019. Th e service runs on Azure and provides a multi-user version of Windows 10, a feature unavailable for on-premises deployments of Hyper-V.
WVD is a free service for Microsoft customers with most types of Windows 10 Enterprise license, however, the subscription or PAYG Azure costs are additional, as are many components you may wish to add. Theoretically, WVD certainly has the potential to replace traditional VDI deployments, however, it is still a very new product with a limited feature set relative to that offered by traditional VDI vendors, such as Citrix or VMware.
- A new version of multi-user Windows 10 that reduces infrastructure costs, as a natural successor to RDS “desktop” delivery via a Server OS
- Integrated FSLogix profile containers to enable personalized user experiences
- WVD licensing at no additional charge with products that most enterprises already use
- Platform-as-a-Service (PaaS) for WVD Management Service, which reduces the complexity of managing the associated infrastructure of virtual desktop environments, such as networking and storage
Figure 1 shows the architecture of Microsoft WVD as it applies to an enterprise organization:
- The endpoints are in the customer’s on-premises network. ExpressRoute extends the on-premises network into the Azure cloud, and Azure AD Connect integrates the customer’s Active Directory Domain Services (AD DS) with Azure Active Directory (Azure AD).
- The WVD control plane handles Web Access, Gateway, Broker, Diagnostics, and extensibility components, such as REST APIs.
- The customer manages AD DS and Azure AD, Azure subscriptions, virtual networks, Azure Files or Azure NetApp Files, and the WVD host pools and workspaces.
WVD Components: Microsoft-Managed vs. Enterprise-Managed
In the above architecture, Microsoft manages the following components:
- The Web Access service allows users to access virtual desktops and remote apps through an HTML5-compatible web browser. You can secure Web Access using multifactor authentication in Azure Active Directory.
- The Remote Connection Gateway service connects remote users to WVD apps and desktops from any Internet-connected device that can run a WVD client. The client connects to a gateway, which then orchestrates a connection from a VM back to the same gateway.
- The Connection Broker service manages user connections to virtual desktops and remote apps. The Connection Broker provides load balancing and reconnection to existing sessions.
- Remote Desktop Diagnostics tracks user or administrator action and administrators can query it to identify failing components.
In the above architecture, customers manage:
- The Azure Virtual Network, which enables Azure resources like VMs to communicate privately with one another and with the Internet.
- Azure AD, which supports security features like conditional access, multi-factor authentication, etc.
- Windows Host pools, which are collections of virtual desktop session hosts running Windows desktops supporting multi-session capabilities.
Uses of Microsoft WVD
In many ways, WVD is the perfect product for the pandemic and post-pandemic world, offering organizations the ability to scale their remote work-from-home infrastructure rapidly and temporarily without the need to invest in server or networking hardware all from a trusted and proven supplier in Microsoft with clear Service Level Agreements (SLAs) for high-availability and failover, alongside a proven and certified security model.
However, as a very young product there is a degree of complexity and feature or tooling gaps in Microsoft stacks. This means that many are retaining or introducing Citrix, VMware, or other third-party vendor offerings to deploy and manage WVD.
Reasons to use a third-party product include:
- Achieving bandwidth savings – Customers who want improved user-experience or user-density gains via a proprietary protocol e.g. HDX/EDT from Citrix or Blast Extreme/PCoIP from VMware.
- Lacking VDI infrastructure experience – This is especially true for customers, who’re new to DaaS and for smaller organizations. Turnkey DaaS solutions for WVD, such as Workspot or CloudJumper (now NetApp) often suit such organizations.
- Looking to expand existing Citrix/VMware on-premises deployments – Organizations have existing staff trained in those technologies and want to retain a single overall management stack. In our recent survey we found only 92% of those using WVD were using it alongside another digital workspace solution such as Citrix, VMware, or RDSH.
- Lack of maturity/features in native Microsoft WVD tools – Specialist WVD management products, such as Nerdio are proving to be popular, especially for organizations new to VDI and with no pre-disposition towards a specific traditional VDI vendor.
5 WVD Deployment and Management Options
- Native Azure and Microsoft tools
There is a learning curve associated with doing this, however WVD is evolving fast and for those who understand the nature of the task there is plenty of advice.
The upcoming digital event: Microsoft meets Community: Windows Virtual Desktop | 4th edition on 9 April 2021 is a full-day event overviewing the technologies needed to manage your own WVD deployment.
- Citrix Managed Virtual Apps and Desktops
This option offers customers the option to deploy Citrix on Azure via their traditional VDI offering or via the Citrix Cloud control plane. They have some nice case studies available and a very useful resource libraries full of detailed reference architectures and whitepapers, including some focused around scalability, user-density, and cost expectations on specific Azure instances (should you choose a D-series vs an F-series).
- VMware Horizon Managed Virtual Apps and Desktops
Similar to Citrix, VMware offers options to deploy via the traditional Horizon product or via the Horizon Cloud hosted on various Azure regions to aid data geographic regulation. TechTarget has provided some great reviews of VMware WVD technologies.
This is for those, who are new to VDI or Azure, with no predilections towards a specific VDI supplier. Some vendors are offering tooling and functionality around WVD. Nerdio is probably the leader and the most well-known provider established in 2005 as a supplier for MSPs (Managed Service Providers). Prominent in the EUC Community with field CTOs, including veterans, such as Bas van Kaam and Neil McLoughlin.
There are numerous MSPs, who will provide PaaS, IaaS, or DaaS for Azure for you, even extending into managed help desk support. At eG Innovations, we offer monitoring, management, and auto-ticketing to many large multi-tenant MSPs.
As such it might be useful for someone looking for an MSP to read about what we offer to gain an idea of the level of functionalities we offer our MSP partners.
Cost Considerations for Microsoft WVD
You need an Azure account and subscription to get started with Microsoft WVD. These are the Azure components that you have to factor into the price of a WVD deployment.
- Virtual machines and operating system (OS) storage
- Data disk (personal desktop only)
- User profile storage
One-year or three-year Azure Reserved Virtual Machine Instances can offer significant cost savings as compared to pay-as-you-go pricing.
Access to Windows 10 Enterprise and Windows 7 Enterprise desktops and apps is available at no additional cost if you have an eligible Windows or Microsoft 365 license.
Windows Server Remote Desktop Services desktops and apps can be accessed at no additional cost if you are an eligible Microsoft Remote Desktop Services (RDS) Client Access License (CAL) customer.
What does eG Innovations offer for WVD on Azure?
With so many choosing to have heterogenous vendor management stacks and mixing on-premises, DaaS and Cloud – there is a natural need for dedicated cross-vendor management and monitoring products that cover the end-to-end infrastructure and the key applications it supports. Unlike many EUC/Digital Workspace-only vendors, eG Innovations is a whole-of-Enterprise provider of monitoring solutions, covering:
- EUC and Digital workspaces, e.g., Citrix Virtual Apps and Desktops (CVAD), Citrix Cloud service, Microsoft Remote Desktop (RDS), VMware Horizon, VMware Horizon Cloud Service, Microsoft Windows Virtual Desktops (WVD), AWS WorkSpaces, etc.
- Enterprise Application monitoring, e.g., SAP, PeopleSoft, and SharePoint
- Cloud Monitoring, including specific Azure Monitoring options
- Enhanced Office 365/Microsoft 365 monitoring (there’s a nice video of our O365 functionality available here)
- Container alongside VM monitoring (e.g., Kubernetes and Docker)
- Specialist MSP multi-tenant monitoring
- Automated Help Desk and Service Ticketing integrations with all main suppliers including mobile apps, ZenDesk, Ivanti, Microsoft Teams, ServiceNow, JIRA, Slack, Autotask, Manage Engine’s ServiceDesk, PagerDuty, and Remedy Force amongst many others
So, if you are looking to deploy WVD, regardless of the overall stack you are looking at, do take a look as to whether your monitoring and management needs extend beyond VDI and EUC alone.