Enabling secure remote work using Windows Virtual Desktop | Azure Friday
Hey friends did you know that windows, virtual desktop, enables you to access your workspace, securely from any place in the world. Using azure as your global footprint you can get a great user experience from, anywhere. And with the high demand lately for remote working windows virtual desktop has been pivotal. For many businesses, this year, christian, brinkoff is here to show me how today, on azure friday. Hey friends i'm scott hanselman, and it's azure, friday i'm here with christiane, um how are you. This is exciting i love that you brought an architecture. Diagram, to show me right off the bat so i'm doing fine cops, uh thanks for having me on the show uh really pleased to to talk about an exciting technology, with you when it's virtual desktop, so. Um i understand that this is huge right now like windows virtual desktop is like literally saving, companies. What why were the companies needing to be saved right now. Yeah because it enables the company, very efficient, and fast to uh yeah work from home so. Think about covert 19. Increasement, and working remotely. Yeah this has to be a key element, in, enabling, customers, to work from home, this might be an ignorant, question but what is the difference, between, windows virtual desktop, and, just, someone a regular person. Making a virtual machine on their own and then remote desktoping, into it. Yeah that's a very good question, so as you can see on this, architecture. Picture. You will see three, buckets, over here so the first bucket is basically, what we call the windows 30 desktop workspace, or also known as the control, plane. And in that control, plane you have different roles, like wrap access, diagnostic. Gateway, management, brokering, load balancing. That is basically. The engine, of windows virtual desktop. And everything, behind that makes it enterprise, ready, so think about brokering, load balancing, globally. Worldwide. That makes it here possible to do like. Remoting, or dessert virtualization. For an enterprise. Very easily. So that's different from how you do it from a physical device, remote, externally, in because there's no load balancing, you don't have the capabilities. Of multi-session. So you cannot share resources. As an example. With an exclusive, operating, system that's part of the windows virtual desktop, uh offering, a windows, windows 10 military session. Wow so it sounds like if i were a company that suddenly, had a bunch of workers that needed to be, at home and their desktops, are left at work and i never assigned them corporate laptops. I can have them now securely. Log into. Virtual machines, by the thousands. That i've i provision, i control, i manage. Just as if they were the desktops, that they're used to be using. Yeah that's correct, and you can do that on different operating, systems, as well you can do it from different endpoint. Operating, systems so for mac from android, from windows, obviously. So all kinds of, cross platforms. Are supported, for windows virtual desktop so you can connect to your windows device. Most likely a windows, 10, single session for single session, virtual desktops, or multi-section. To share, your resources, with the same experience, of windows 10 but as well for windows 7 as an example, so if you have windows 7 in your environment, you still need it for. Application, compatibility. Reasons, we can publish that from. Yeah from azure centralized. Globally, and you can, yeah use like a. Macbook, or a, chromebook, or just a different device on windows to connect to a windows device. So we have great, great things that are part of your m365. License you, most likely already have in in your licensing. Yeah store of your company. So it's a really efficient way of doing desktop virtualization. Okay, so what does this look like in the azure portal is this going to feel comfortable, to people who already know how to use azure. Yeah that's a very, very good, yeah bridge to to switch to the first, first demo that i would like to show, so the windows virtual desktop services, recently, updated, so, since. April 30th. We, we made a big announcement, to enable. Customers, better, to, use windows virtual desktop, so we call that the, windows virtual desktop arm based version the azure resource manager, version. And that means is that windows virtual, is now completely, integrated. Inside, the azure portal, which you can see over here so if you search for windows virtual desktop, here. You can just, search for the service, which was impossible. Before, uh redid, is changed. So you had to do it like.
Partly Via powershell. Partly via the azure portal. And you had to do some consents, and that's not all consolidated. In one so you can do from a to z to complete deployment, and as well with maintenance, directly, from the azure portal as you can see over here. So. Most likely if you started a clean environment, clean deployment, from a clean environment, you uh yeah you create a host pool now host pool is a set of hosts. So, uh. Let's say, multiple windows 10 multi-session. Virtual machines, in one host pool, for like a couple of thousand, users, to uh yeah to load balance your sessions, and to. Publish an application, or a full desktop. That's that's what we call host pool and here you can start a deployment. Just click a resource group and host pool name as an example. Very, easily. You can change the metadata, location, right now as well so, in a couple of. Weeks we will add as well, rests europe to the offering, here. You can, click for validation, environment which means that you get like sort of like. New features. Earlier, than uh yeah before it goes into the production, ring, so you can decide, to do that as well, and personal, pool means, a single session windows, 10. Or windows 7, and pulled means yeah pull off a virtual desktop, so, most likely windows 10 multi-session. So, very easily, you can limit, everything here as well. And the other great thing here is that you can directly, add your virtual machines, so, um yeah, how large your environment, is, yeah it reflects, the amount of virtual machines, so let's say 10. You can, select the azure data center region here so every data center. That supports, compute can be selected, here so i'm from uh from the netherlands, so let's uh let's pick here. Uh west, west europe as an example. Or north europe as an example. And, yeah prefixes. Can be set here everything, is all yeah very simplified, and automated. And and that's yeah that's, as well what you called out a reason, why, windows 30 desktop is so yeah pivotal, and popular, during this, pandemic, because as you can see it's very easily, to. Get to spin up your environment, and as well to create a workspace, over here and when you're done with that you start on, review, and create. And then you. Have within 30 minutes you have an up and running, virtual desktop, environment, so. Wow so like not to, not to put too fine a point on it but are you saying that, someone could say wow we can't come into the office, anymore. Starting monday. Over the weekend the i.t department could put together, 50 virtual machines. The applications. And the resources, that people need, and monday morning they get an email that says, you can connect to windows virtual desktop, just like this and get back to work. From from your home on whatever machine you have. Exactly and that's what a lot of customers, did. Since uh, yeah the beginning of march till till now and they still do it today because the world is changing, right.
You Probably saw it on like social media as well a lot of companies, are thinking about making. Remark from home mandatory, for a couple of days in a week so uh. But yeah. This is really exciting and a lot of power okay. Looks like we have a list of host pools here. Yeah, so, after you did the deployment, you, you can see all your components, inside the azure portal so your workspace, which basically, is that, control, plane that i just explained. That holds all those different roles. And as well the hospital, obviously, and as part of the host pool. You will see your session, host. Listed here so you see the status. You can see if a user is is logged on to this virtual, machine, so all kinds of insights, here. That. Yeah previously, was not, available, in inside windows search desktop now with the armbase, version, we make it, very easily, to, yeah to manage, and maintain, the environment, as well. So greater, initiatives. You can you can send the user a message, if you do some maintenance, to ask okay log off because we need to provide a change to the image. All kinds of. Easy, ways of doing the management. As well directly, from the portal. Same things over here as an example. You can just search for users, that are logged on. And you can check okay my user. Has. These like host pool application. Groups assigned, and, has a, couple of active sessions, to my, uh hpc. Demo environment, as you can see over here the status. So all kinds of great things, that uh yeah that you can use as part of, yeah this this great solution, as part of microsoft, azure so. And are we able to, see what's going on in those machines, are there like, logs, and analytics, so that if you're doing 10 000 of these i'd really like to make sure people are doing. What they need to be doing and that the system is healthy. Yeah so technology, is obviously, one thing right but, user. Performance. And experience. Is, is what is most important. So if you cannot guarantee, the performance, of your environment, you uh yeah. You sort of. Lose it, in terms of, yeah the, you know the good experience, of your environment, right so, uh we, created, as part of the microsoft, field initiative, together with, uh uh, the gbb, team where i'm active, in as well as the fast track team and a windows virtual desktop. Team we created, an, azure, log analytics. Workbook, in azure monitor, as you can see over here, we created some great dashboards, and this collects, information. From. The workspace, directly, and as well from perfmon, and as well from azure ide, and here you can proactively. Monitor, your windows virtual desktop, arm environment, so here you can see, okay my, my windows for jessa, resources. My daily connections. Where are my users, locked down from so it seems to be that i'm logging on from rotterdam. Uh so, uh, current session. Status. All kinds of metrics, here but the other great thing is that you can do. And collect metrics from the controls, plane itself. So if you have a problem in your environment. Let's say a user. Clicks on your on the virtual desktop icon, but gets an error, you will see all those errors, here and you can do some troubleshooting. Because of that and you can proactively, create as well. Custom workbooks, and actions, behind that if you get for example an error, that you run like something, like an azure runbook, or something like that and you point an action to it as well to solve it, and other great things are, disk performance, as an example.
So We use an average logix. Container, technology, for storing the profiles, and as well, and applications. In the future with, virtual, disks. And it is very important, to capture the iops, and as well the latency, and throughput, of those disks, to. Azure files, and you can, proactively. Monitor, that, performance, over here and see if your azure files your storage account, fulfills. The uh yeah the amount of iops, for example, for the yeah for the user sections in the environment, so. Wow, this is a lot different from when, uh when i was just physically, buying computers for people and racking them and thinking about virtual machines like that this is this is an example of the true. Elasticity. And the power of. Of azure, now back in the day when i was dealing with these kinds of things i would use that, mstsc. The microsoft, terminal, server connection, what does it look like from the point of view of a client now if i connect to one of these resources. Yeah that's a good question so before i show that, i would like to call it as well that there is a blog article. On exactly, the configuration. Of what i just showed that custom workbook, so if you go to the windows it pro blog on the tech community, website. You will find this this blog article with all the steps that you can, follow to, to implement, it it's uh, it's free to use you only have to uh. Yeah pay for the log analytics, database, consumption, but the rest is all uh yeah free as a community, initiative, so. Let's, um. Yeah let's uh switch, over to the um. To the client so this is the new. Uh between finger cross mstc. Client, this is way more comprehensive. As you can see, and this lists, all your virtual desktops, that are assigned to your user, to your user account as you can see i have, a demo environment called azure friday. And as well two virtual desktops, over here one hpc, desktop, and one virtual desktop. And as well a bunch of, remote, applications. So that's another. Thing that you can do you can publish an application. So not the full desktop, where the start menu and everything. But as well, yeah only like the frame of the application, itself, so if you have for example, a legacy. Application, that you want to centralize. From azure. Whether it's like in europe or in the usa, or in asia you can do that as well very efficiently, and behind that you can, leverage, like an image management, structure, to easily, update those applications. And images. And we have a new application. Solution, in in store as well which i'm, probably. Gonna talk about in the end, so in a like a teaser, here, so uh so if you for example click on on this icon. Yeah your virtual desktop will start, and, let me let me show how it looks and feels, so this is a virtual desktop session, it's a frame session as you can see you can obviously, start it in full desktop, or in full screen, as well, with like. Four monitors. Spread, over, uh so so that's all possible. But the interesting, thing that you can see here is that, everything, works and looks and feels the same way. As your local, windows, 10. Laptop, or surface, or whatsoever. And the great thing about this experience, this is just windows 10 but the good thing about this experience. Is that and i can show it to you. Is that this is running, on a windows 10 enterprise for virtual desktops, or also known as windows 10, enterprise. Format, or for multi-section, multi-session. So you can run, multiple, sessions, on this virtual machine. So if you for example have a d8. Or d16. Machine. You can run, like 16, or 32, sessions. All simultaneously. On one virtual machine, so it's very efficient. To do that to just yeah publish a full desktop. Uh, sharing resources. Wow and yeah, that's totally different. Back in the day we would go and create a virtual, machine and it was only being used for email and typing in microsoft, word, this is a much more efficient way to uh to do things for those, uh workloads, that are not as heavy. Yeah exactly. And the other great thing is that, as you can see here i pointed out, disk management, and here you can see, profile, dash and then my username. Which is christine, obviously, so this is the profile container, of average logics that we use as a fundament. For. Profile, delivery, and windows virtual desktop, and that means is that if you have a pool of windows 10 virtual, machines. And you log off and back on and you come on a different, machine, that your profile, data will be, shared, with you so you have the same experience. The same icon the same profile, settings, the same. Outlook settings, cache mode ost. Search, everything, in place and. That creates. Yeah the same experience, whether you're logged onto machine number one or number ten, and the other great thing is that this profile.
Is Being stored on a centralized. Storage, environment, which is and i can show that here to you. Which is stored. In a virtual hard drive so in a container, basically. On azure files, so since a couple of weeks, we have in ga, the support of azure files with active directory. Legacy active directory. Supports for kerberos, for the acls. So we can store that profile directly. On azure files very efficiently, so basically, use more. Uh yeah platform, as a service many service, solutions. In conjunction, with windows virtual desktop. So, uh let's let's. Show you how that looks, from an azure portal perspective, so if you go to the storage account. Menu, from the azure portal and you click on your storage account that you created for this specific. And you go to, to file shares. You will see, that i created a folder in there, profiles, and in that folder. You see. My, uh yeah username, and my s id of my user account, and in there you see my profile container, so this is where my, yeah profile data is sitting in my ost, from outlook, my team's data my one drive data, everything, is sitting in here, so yeah as i said a very efficient, way to do it and with azure, files, with standard, premium skews, the performance, is pretty good as well, and the replication. Mechanisms. To other regions. Etc. Are all possible, as well so for the. Disaster, recovery, redundant, reasons. This is a very good yes storage solution, as well to store your profiles. Wow okay so you've got, centralized, storage it's a very efficient way of doing things you've got a very efficient way to allow multiple people. To use one virtual machine and share it while still having a responsive, experience, what if i want to do something hard what if i'm a developer what if i need a high performance, machine. I don't want to share it, with with my coworkers. Yeah that's a very good question, so. I obviously prepared some cool demos for, for this. For the session, for azure friday so as you can see. These are my host pools and i created a special hospital, over here where i'm. Using, an. Nvidia. Enhanced. N-series. Virtual machine. So as you can see here i have my hpc, desktop, here, and i already have it here started.
And, This is running with an, nvidia, gpu. So it has a gpu, inside, so extra, resources. To do video rendering, etc. And, the great thing and that simulates. What the performance, could be of an n series and it could be an nv, series the new amd, driven. Gpu, cpus, as well. You can obviously. Do everything. Around video editing, running photoshop. Autocad, revit, all kinds of very. Intense. Uh applications. That, yeah need a graphical, card, but another great thing that you can do is run like come on and conquer. So i don't know if you are from uh, um are you you're, you're not from the 90s but you probably, i am of a certain age i am of a certain age, and series, are supported. As, for. Running games as well so as you can see here the performance, is pretty slick, and that's actually coming over the remote desktop. So, uh so yeah, let's just start, quickly, in uh a demo, here, and then stop with this because here we are so as playing games during azure friday. As a developer, i could certainly, go and run visual studio, or anything that is that is demanding. And and abuse, these machines. Uh and actually speaking of demanding, apps and apps that we spend a lot of time on, uh what about uh something like teams the with teams there's a webcam, but there's no webcam. In the in the cloud so i don't even know how you would do something like that. Yeah that's another great question, so let's switch. From my hpc. Desktop, here to my virtual desktop again, and close some of my. My screens, over here and open, teams because, teams is one of the updates that is part of the. Same. Initiative. When we release the arm-based, version of windows virtual desktop, and we release, uh yeah the audio and video redirection. Of teams so that means that you can redirect. Your audio. And video. To your, uh to your end point to your uh to your client itself so you render your audio and video traffic. Uh to your client, so you're not doing it inside your session host which can cause. Like due to latency, and long distance, connection. A very bad performance, for audio and video. So because of that audio and video offloading. You use a webrtc. Client a plug-in, which uses the apis, for, teams for that, and as you, can see here, you see that this uh status, is w3d, media optimized. Wow so, that means that your audio and video. Is now connected, to your client, to the uh yeah. Msrdc. This client. That you install on your on your endpoint. So if i for example. Go to settings here, the other great thing is that my devices, are. Like, like mapped one to one to the session so you see, all your devices, here directly. So no conversion. Over the protocol. Or, yeah bad compatibility. Uh yeah things that are happening, it's just like everything, that you normally. See in your team's client locally as well, and as you can see here, the performance, is pretty slick right so. This is all rendered to, uh to the client itself, it's really amazing the idea that, like my wife uh, she when she came and had to work remotely. We weren't prepared, she didn't have a laptop that was appropriate, for work you know, the ability, though to be able to have those, those. Uh those accessible, resources, those. Very private internal resources. But then use the obvious things like the local webcam, the local audio, it's such a great combination. I noticed that you also made a thing you mentioned something you gave me a little teaser there i don't want you to get away without the end of that teaser you can virtualize, just an app. Yeah that's correct, so one of the next big things that are coming to windows virtual desktop, is called msx, app attach. And that's the product that is already in a public preview right now, within, some yeah and so next, months, we will release that and integrate, that into the azure portal, as well and what you can do with msx, appetite, is that with msix. You virtualize, an application, which you probably, know from from fv, with, app attach. We convert, the msix. Into a container. And virtualize, that. Sorted, on azure files separately, from. The operating, system. And the great thing about that is as well is if you have an application, update, or new application. You can just mount it on the fly, to the virtual desktop. So no like image management, you don't have to shut down the machines, it's very efficient, to do that and you can store it on azure files as well, so i would like to show you how that looks, and feels because. Let me search for notepad, plus plus over here you can see, no notepad plus plus it's only the normal notepad, from. Windows. So if i uh, run this this command. You will see, that, as part of the disk management, the virtual disks. One notepad, plus plus disk will be added here. And this is my msa example attach. Notepad plus plus virtual container, which, has no bad plus plus inside, that, container.
Apple Touch container, so if i search back here, i see, a notepad plus plus showing up and let's see if it works. And here's notepad. Plus running, on top of, azure files, which i'm using as a storage location. Virtualized. Streamed. Inside, your virtual session, so really revolutionary. Technology. So that's the next level, in yeah optimizing, your image. Management, procedure, and as well application, delivery, as part of windows virtual desktop. So. That is amazing so what do you think that uh i. I didn't realize, that we had come so far along in, in technology, like this. I'm sure that you have other big things planned for the future is there a roadmap, that you can share. Yeah so we have an uh public roadmap, for windows virtual desktop which you can find at aka, dot ms, slash, w3d. Roadmap. And that, brings you to this page and this is our public roadmap, that you can just, uh yeah. And, look up to, and, and see for, or look at things that we have in store, and yeah in in the next quarters. And and are in development, as you can see here as well, so one of the big things that are coming very soon, once we uh yeah move windows 30 desktop arm to the next stage is as well uh azure, automation, integration, auto scaling. To save costs, on uh yeah spinning down machines after business, hours. Later we will integrate that as well inside, the in the portal, and we will add as well multiple. Uh yeah control plane workspace, locations, in the near future to for example. France germany norway. So yeah, just, bookmark, this or register, for the rss, feed to keep informed. So uh see ya, very exciting, i am learning, all about windows virtual desktop. And how i can access my workspace. All over the world from anywhere. Today, on azure friday, hey thanks for watching this episode of azure friday now i need you to like it comment on it tell your friends retweet, it watch more azure. Friday. You.