Does the epidemic affect the ability of enterprises to develop? Maybe it will help you out

IT dilemma under the epidemic

For modern enterprises, IT facilities are like human limbs; a strong and flexible IT structure is like a nimble martial arts master. The restrictions on the movement of people brought about by the epidemic are like the limbs of the company being tied, making its business development difficult. One of the key reasons why the information system, which is the limbs of the enterprise, can be tied is because most enterprises use the following two schemes when providing desktop office environments for users (enterprise employees):

1. Local provision: directly provide users with computer equipment with certain local computing and storage capabilities, on which users can configure office rings and complete daily work.
2. Data center provision: Deploy VDI (Virtual Desktop Infrastructure) solutions in enterprise data centers and provide users with virtual desktops. Users use client devices to log in to virtual desktops through secure network connections to complete their daily work.
   

The above two solutions have a common limitation: equipment. If the flow of people or the office environment is suddenly limited, the users who use solution 1 cannot work because they cannot access the equipment, and the business is also affected; if all users choose to use solution 2 at this time, it will lead to insufficient data center resources. However, if the resources of the data center are expanded, there will be problems such as large investment, long construction period, high maintenance difficulty and inability to guarantee SLA.
However, if users are allowed to carry the desktop devices allocated by the enterprise, they will face information security problems. Therefore, the above two options are not the most suitable choice nowadays.

A ray of light in the storm

Is there a solution to solve their shortcomings and help enterprises tide over the difficulties? Let us first analyze the above two solutions:

Although scheme 1 has the advantages of good user experience, high acceptance, easy promotion, and not completely relying on the network, it also has shortcomings such as tight coupling of software and hardware and security problems.

Due to the centralized hosting and the use of remote connections, the shortcomings of scheme 1 are solved in scheme 2. The shortcomings of solution 2 are mainly concentrated in: long construction period, large investment, poor expansion and contraction ability, difficult operation and maintenance, and inability to guarantee SLA. Solving these problems will also solve the current predicament.

In recent years, public cloud has won the favor of a large number of enterprises with stable SLA, high-quality services, rich product lines, flexible scalability, and cost control capabilities that can be highly tailored to the business. If option 2 is deployed in the public cloud, all the problems of this option will disappear.

AVD: Cloud Native Virtual Desktop Solution

AVD (Azure Virtual Desktop) is a cloud-native virtual desktop solution provided by Microsoft and running on the Azure public cloud. This solution fully retains all the advantages of traditional VDI, while giving full play to the advantages of public cloud, breaking the limitation of insufficient capacity of self-built data centers, and using terminal equipment that can be seen everywhere in the mobile Internet era to bring the powerful productivity brought by mobile office. Empower every business that needs it:

▌Comprehensive and powerful compatibility

Generally, when evaluating the deployment of new solutions, enterprises will consider how to minimize changes in user habits and how to use existing assets. The former can reduce the promotion and operation and maintenance costs of new solutions, and the latter can reduce repeated expenses. In addition, in order to ensure the actual availability, it is also necessary to consider the software and hardware compatibility of the new solution. In an AVD solution:

• For enterprises that are using Citrix and VMware VDI solutions, the backend resource pool can be directly extended to Azure. This means that the AVD will operate as part of the enterprise's existing VDI infrastructure. Enterprises do not need to reconfigure existing VDI clients for this, and users do not need to change their usage habits. (Citrix and VMware licensing related issues should be consulted with the corresponding vendors.)

• For enterprises that already have Microsoft 365, Windows 10 or RDS licenses, if the license type meets the requirements, they can directly use it on the AVD without repurchasing the license.
  
• To ensure broad device compatibility, Microsoft provides dedicated clients for mainstream platforms (Windows, IOS, Android, MacOS). For devices that cannot install a dedicated client, it can be accessed through Microsoft Edge, Google Chrome, Apple Safari, or Mozilla Firefox browsers.

▌Friendly novice mode For enterprises without VDI infrastructure or unfamiliar with VDI architecture, the deployment wizard can complete the entire AVD deployment by providing some necessary basic information, without the need for complex architecture design and component initialization Process concerns.

▌Flexible delivery method

AVD supports a variety of virtual desktop provisioning methods to meet different scenarios and needs:

• Personal desktop: A dedicated virtual desktop assigned to a specific user, which exclusively owns the hardware resources (memory, CPU, storage, etc.) during use, and only designated users can log in to use the entire virtual desktop. Desktop configuration changes and user data generated during use will be persisted in the virtual desktop. Suitable for single-session users with high performance requirements or applications that require certain robustness. This method is basically the same as the traditional desktop provision method, and has a complete desktop experience.

• Pooled desktops: User configuration and data are separated from virtual desktops, and the virtual desktops themselves are shared among multiple users. When a user connects to an AVD, the server will create a temporary session for it in the existing desktop environment, or temporarily assign a complete desktop to it, and the data generated during the user's use will be automatically saved in the location specified by the administrator. When logging in and out, the session or desktop assigned to the user is immediately logged out or released for use by other users. This method can maximize resource utilization and optimize cost.

▌Unrestricted expansion capabilities Public cloud has resource expansion capabilities far beyond traditional data centers. For enterprises, this means that virtual desktops will no longer suffer from insufficient resources, which are reflected in:

• Multi-region deployment: So far, Azure China Cloud has a total of -6 officially released regions (including one BCDR region) for users to use. Enterprises can choose to deploy AVDs in the regions that best suit their business conditions.
• Increasing number of regions: Azure China Cloud initially has only 2 regions; in 2018, Microsoft officially released two new regions, bringing the total number of regions to 4; in March 2022, Microsoft released three regions in China. So far, the number of regions where Azure China Cloud is officially available has reached -6.
• Ultra-large single-region capacity: Each Azure region has ultra-high capacity design and reserves. Relevant data shows that the newly released CN3 has an overall capacity of more than -2 times that of the earlier four regions.

Multi-region deployment and large single-region capacity mean that enterprises can provide desktop environments closest to users to ensure a good network experience; from a management perspective, multi-region deployment means better disaster recovery and load balancing capabilities. Globally, Azure has data centers in more than 140 countries and regions in more than 60 regions, which means that enterprises can expand existing solutions overseas to provide support for overseas institutions at any time.

▌ Costs close to business development

During the construction of traditional VDI solutions, enterprises usually need to periodically purchase a large number of hardware and software assets. In addition to carrying existing needs, these assets must also reserve resources for future growth that may occur but has not yet occurred. This creates two cost-related issues:

• The cost of assets that have been purchased, whether used or not, has already been incurred, and the cost of use increases with the increase in usage, thus making the overall cost of ownership of the enterprise continue to rise. For this problem, the optimization space provided by technical means is very limited.
• Enterprise business usually develops linearly, while the cyclical asset procurement in the traditional model leads to a step-by-step cost generation, which leads to: in a certain cycle, the IT resources owned by the enterprise are actually in a state of excess, and It cannot be immediately converted into productivity; and in another cycle, enterprise IT resources are in a state of deficit, limiting business development.

AVD inherits the public cloud's business model of on-demand use and pay-for-use, enabling enterprises to build virtual desktops in line with business development: that is, for each additional user, the enterprise increases investment and output, and vice versa. The same is true; businesses only pay for data storage when users are not using it.

▌Nearly zero management cost

AVD entrusts the entire back-end resources to Azure for management. After using AVD, enterprises only have the following issues to pay attention to:

• What applications do users need to use, and what is the most appropriate way to provide them?
• How to adjust the automation program to achieve the best cost and user experience?

• How to adjust and maximize desktop and data security?

After enabling automatic management for AVD configuration, most of the operation and maintenance work will be completed automatically, and the cost of traditional management tasks is close to zero.

Strong body, no fear of disease

Data security is the lifeline of an enterprise. AVD ensures information security through the following solutions:

• Authentication: Based on the integration with the existing authentication system of the enterprise, AVD adds two functions of MFA and conditional access. MFA adds a verification code function on the basis of traditional username and password verification, while conditional access allows enterprises to specify additional verification conditions for specific user behaviors through custom policies.
• Endpoint Protection: Microsoft Defender for Cloud and Defender ATP provide antivirus and advanced security detection and response capabilities for AVDs, respectively.
• Network Connectivity: Azure Firewall is an Azure cloud-native intelligent network firewall security service. It is a fully stateful firewall that provides the most stringent traffic inspection and access protection for AVDs.
• Infrastructure: Azure data centers are built in accordance with international security standards, and applications deployed on Azure are naturally compliant in terms of infrastructure.
• Data: The data generated during the AVD work process will be encrypted by Azure before being stored on the underlying hardware. Enterprises can, according to their own circumstances, require Azure to encrypt data by specifying the public key, and keep the private key in the hands of the enterprise; at the same time, they can also strictly control the way users access data through access policies, such as prohibiting screenshots.

With the AVD that is fully protected by Azure, like a soldier in white wearing a protective suit, he can act boldly and fearlessly in the epidemic.

Walk on the song, ride the wind and waves

To sum up, AVD can help enterprises take advantage of the public cloud, break through the epidemic blockade, and make great achievements in the business field. In order to improve the deployment and use experience, AVD also provides the following support:

• FSLogix Tool: Helps enterprises convert user profiles from various types to FSLogix-based profile containers on a large scale, so as to quickly complete the migration of existing user profiles.
• Fully optimized integration with Microsfot 365: including security and management integration, multi-session user experience optimization, Microsoft Teams audiovisual redirection support, and more.
• Provides Windows 7 virtual desktops with free extended security updates (single-session mode only).

Whether it's a financial services or a health care institution; whether it's a permanent employee or a contractor partner; whether it's a design and engineering application, or a software development test; With the help of AVD, they will all have the ability to overcome the epidemic blockade; they will all be able to ride the wind and waves and walk on the road.

For more details, pay attention to the Microsoft China MSDN public account