Skip to main content

The benefits of employing Azure Virtual Desktop for your organisation

How can Softcat help your organisation leverage the benefits of Azure Virtual Desktop?

Data centre and private cloud

Woman working on laptop
MicrosoftTeams image (30)

Mark Williams

Solutions Architect

Microsoft Azure Virtual Desktop (AVD) is a cloud-based virtual desktop and application platform that runs in Azure. It enables you to deliver Windows 10 and desktop applications virtually, anywhere. This provides employees and colleagues with the best virtualised experience by using corporate owned devices, or even devices which they own themselves (also known as bring your own device, or BYOD). This is possible because security controls can be applied to protect organisational data.  Users can take advantage of the desktops and applications made available by the service over the internet using a range of clients such as Windows, Mac, iOS, Android, or HTML5.

AVD offers a variety of capabilities to help your organisation deploy and manage virtual desktops and applications. It allows for setting up pooled (multi-session) or personal (single user) deployments on Windows and also includes optimisation for Microsoft 365 applications, providing a productive user experience. It will enable your organisation to make existing Windows Server desktops and remote desktops available on any machine, reducing the need for on-premises hardware.

The diagram below depicts the typical architecture of an Azure Virtual Desktop:

How can Softcat support your organisation implement AVD?

By integrating AVD into an Azure Landing Zone, your organisation can leverage the power of cloud computing to deliver virtual desktops and applications efficiently and securely.

Softcat’s Azure Virtual Desktop Adoption Accelerator Service can help you make the most of your cloud environment, by providing the following services:

- We build and configure the Azure environment and take care of all the technical preparation, aligning with your business requirements.

- We carry out a pilot deployment to test the water and ensure the solution hits the right mark before launching. This allows your workforce to work smoothly from wherever they choose.

- We provide you with full documentation, a handover session, a best practice framework and FAQs.

- We’re on hand every step of the way. Our experts offer advice and guidance to prepare you to take on future deployments with ease.

What are the benefits of AVD?

AVD eliminates the need for additional corporate hardware, allowing you to provide a safe and productive experience within your organisation in an ever-changing world. AVD can provide some significant advantages:

1. On any device, enable secure and productive remote work

- AVD enables full desktop and application virtualisation for Windows 10/11 and Windows Server on any personal device, from any internet-connected location.

- End users can be more productive with the desktop experience they expect thanks to seamless integration with Microsoft 365 Apps for business and Microsoft Teams.

2. Low costs of licensing and infrastructure

- To use AVD, use valid Windows or Microsoft 365 licences and pay only for what you use.

- Make the most of your virtual machines with Windows 10 / 11 special multi-session capability, which allows several users to use them at the same time.

3. Stay productive by preventing outages

- Utilise platform native Azure Site Recovery and Azure Backup technologies to keep your team working during disruptions.

- With customised alerts and assistance from Azure Service Health, you can reduce downtime and prepare for planned maintenance.

4. Keep app and user data safe

- With Entra ID Directory Conditional Access, you can easily apply the appropriate access rules to people and devices.

- Reverse connections and security solutions like Azure Firewall, Azure Sentinel, and Azure Security Center can help reduce risks and keep your virtual desktops safe.

5. Improved security

- AVD provides advanced security features, including role-based access control, Entra ID authentication, and conditional access policies. This helps to protect your environment from unauthorised access.

6. Scalability

- AVD allows your desktop/application environment to scale up or down based on business needs.

7. Application compatibility

- AVD supports a range of options for running applications, including virtualised applications, MSIX app attach, and GPU-accelerated applications.

8. Simplified management

- AVD provides a range of management tools, including the Azure portal, PowerShell, and REST APIs, making it easy to manage host pools, session hosts, users, and applications.

9. Compliance

- Take advantage of AVD compliance certifications including ISO 27001, 27018, and 27701, plus PCI, FedRAMP High for Commercial, HIPAA, and more. 

AVD components

Microsoft manages the following AVD services, as part of Azure:

Web access: by using the web access service within AVD you can access virtual desktops and remote apps through an HTML5-compatible web browser from anywhere, on any device. You can secure web access by using multifactor authentication in Azure Active Directory.

Gateway: the Remote Connection Gateway service connects remote users to AVD apps and desktops from any internet-connected device that can run an AVD client. The client connects to a gateway, which then orchestrates a connection from a VM back to the same gateway.

Connection Broker: the Connection Broker service manages user connections to virtual desktops and remote apps. Connection Broker provides load balancing and reconnection to existing sessions.

Diagnostics: Remote Desktop Diagnostics is an event-based aggregator that marks each user or administrator action on the AVD deployment as a success or failure. Administrators can query the event aggregation to identify failing components.

Extensibility components: AVD includes several extensibility components. You can manage AVD by using Windows PowerShell or with the provided REST APIs, which also enable support from third-party tools.

Your organisation manages the following components of AVD solutions:

Azure Virtual Network: with Azure Virtual Network, Azure resources such as VMs can communicate privately with each other and with the internet. By connecting AVD host pools to an Active Directory domain, you can define network topology to access virtual desktops and virtual apps from the intranet or internet, based on organisational policy. You can connect an AVD instance to an on-premises network by using a virtual private network (VPN), or you can use Azure ExpressRoute to extend the on-premises network into Azure over a private connection.

Azure AD: AVD uses Azure AD for identity and access management. Azure AD integration applies Azure AD security features, such as conditional access, multifactor authentication, and Intelligent Security Graph, and it helps maintain app compatibility in domain-joined virtual machines.

AVD session hosts: session hosts are VMs that users connect to for their desktops and applications. Several versions of Windows are supported, and you can create images with your applications and customisations. You can choose VM sizes, including GPU-enabled VMs. Each session host has an AVD host agent, which registers the VM as part of the AVD workspace or tenant. Each host pool can have one or more app groups, which are collections of remote applications or desktop sessions that you can access.

AVD workspace: the AVD workspace or tenant is a management construct for managing and publishing host pool resources.

If you’d like to find out more about how your organisation can start its AVD journey, then please get in touch with . We can support your organisation in leveraging the power of cloud computing to deliver virtual desktops and applications efficiently and securely.