Our Client Infrastructure Manager and Azure specialist reviews Microsoft’s Windows Virtual Desktop.
Windows Virtual Desktop (WVD) is Microsoft’s newest Platform as a Service offering. It supports multi-session Windows 10 virtual machines and boasts significant improvements to the user experience and capabilities of certain Office 365 apps in a virtual desktop environment.
WVD became globally available as of September 30th, 2019 and is exclusively delivered on Azure. There’s a lot of good press around WVD, but it’s questionable how much of that is just buzz and how much is solid analysis. This article provides a more nuanced breakdown of how applicable WVD is in a business IT environment, what benefits it brings over other virtual desktop solutions, and whether Azure exclusivity is an issue?
How does Windows Virtual Desktop meet key business requirements?
Cost per user
Unlike VMWare and Citrix virtual desktop solutions, WVD does not require additional per-user licensing (such as RDS CALS or Windows Server) to run, making it very appealing to the price-conscious. This is also particularly beneficial for very large organisations as it limits ballooning costs for big user-bases.
WVD is not completely free though. Each user requires a Microsoft 365 or Windows 10 E3 license and you need to pay for the compute to run the virtual machines within Azure, but’s that’s to be expected.
What is the cost of Windows Virtual Desktop?
The precise cost will vary based on your number of users, the quality of the virtual machines and whether you’re using multi or single sessions, but you’ll be looking at around £8.25 per user per month in compute costs in an optimised environment.
WVD being restricted to Azure makes latency a hot issue since hosting the virtual machines on in-house infrastructure simply isn’t an option.
The (un)fortunate truth here though is that any latency problems are likely to come from your end, rather than from Microsoft’s. Azure is a global platform and Microsoft has enough money to pour into infrastructure that any latency issues are likely to come from your end rather than theirs.
Whilst this doesn’t solve the problem of latency, it does mean that if you already have the Internet connectivity to support cloud-based virtual desktops on a public cloud platform, Azure will not be a bottleneck.
What will my latency be with Windows Virtual Desktop?
There are a few tools to estimate your latency with Azure. This tool calculates the round-trip time with all eligible WVD regions and this tool lets you compare regions more easily.
In WVD’s documentation, Microsoft recommends a latency of below 150ms for a smooth experience, but VMWare documentation suggests below 250ms is still acceptable for running virtual desktops. Depending on your users and the work being done, you’ll likely have an acceptable experience if you can hit below either of those values.
Since WVD runs on Azure, scalability is almost limitless – regardless of the size of the business. The only restriction you may face is how much compute you can afford.
However, since a per-user license isn’t required, the price curve of WVD is much shallower compared to Citrix or VMWare. This frees up budget which can then be funnelled into even more Azure capacity or used to create value elsewhere in your business. So, chances are, WVD will meet your scalability requirements easily.
WVD holds native support for Windows, MacOS, iOS, Android and HTML5 environments – the latter allowing for access through a browser window. This lets a WVD virtual machine run on any mainstream device and opens a host of remote working opportunities.
Being a Microsoft product, WVD also integrates tightly with the other Microsoft products which make up the backbone of your operations such as Office 365, Outlook or Windows Server. This shouldn’t come as a surprise, but the tidiness gives WVD a notable sense of refinement compared to the layers of integration and configuration needed for VMWare or Citrix.
A final point regarding application performance and interoperability is that Microsoft acquired FSLogix during WVD’s development which enables seamless use of stateful applications such as Outlook, Teams and OneNote in a virtual environment.
A practical example of this new functionality is that it now only takes a second or two for a user’s Outlook inbox to populate instead of the minute it would usually take on a virtualised system.
This is achieved by containerising users’ profile data (e.g. emails, notebooks or chat messages) into a separate virtual disk which attaches to the session when needed. When you consider the number of times employees check their emails, this already presents considerable time savings.
Benefits of Windows Virtual Desktop
Free extended security updates for Windows 7 virtual environments
In a move that recognises some companies need to stick with Windows 7 to support specialist software (and perhaps as an enticement to coax Windows 7 users to Windows 10 in the long run), Microsoft will provide free extended security updates through to January 2023 if those Windows 7 desktops are virtualised in WVD.
For companies who haven’t yet migrated from Windows 7, or can’t, this is a lucrative offer since it eliminates the costly security updates (£25 per machine in the first year, £50 per machine in the second and £100 per machine in the third) whilst offering a potentially improved desktop environment with the same updates for free.
Offered as a fully managed Azure service
Managing a virtualised environment has traditionally been an enormous headache for IT teams. Not to mention the upfront slog there is to even get the environment set up correctly in the first place. Microsoft has eliminated much of this pain in WVD by making it a fully managed Azure service.
This takes all the infrastructure management, optimisation and fine-tuning off your plate and tasks like load balancing, diagnostics, gateways and connection brokering are fully managed whilst still being configurable to your requirements.
Configurability also extends to other areas of the virtual environment such as the size of the virtual machines, specific resource allocation to specific user groups, whether users are assigned using a breadth or depth technique and more. These options are managed through the Azure interface rather than requiring configuration on the back-end which keeps things simple for you as well.
In-built security and compliance
Whilst users may think access to files from anywhere on any device is a flexible working dream, for IT teams it sounds a lot more like a security nightmare. Fortunately, Microsoft has provided several security options which can let you sleep easier at night.
Probably the biggest security concern is that data stored on too many devices means an instant GDPR breach if any of those devices are lost or compromised. To alleviate this concern, configurable information protection controls are easily accessible and allow IT Managers to ensure data stays on the virtual machine and never resides on the connecting device.
WVD running on Azure also means you get to have your data and systems hosted in some of the most secure data centres in the world. Security is provided at all layers from software and hardware through to physical defences – which can take another weight off your mind.
Windows Virtual Desktop is Azure exclusive – is this a problem?
Microsoft obviously hopes to increase their cloud market share by making WVD exclusive to Azure, but this decision risks deterring some businesses.
Chances are, if you’re already dedicated to a non-Microsoft cloud (Amazon, Google, IBM) for compliance reasons or because you have a strategy built around it, you won’t be willing to pick up Azure just for the sake of virtual desktops.
Since those are solid justifications, we’re not going to try to convince you to change your path. However, if you’re on the fence regarding Azure or cloud in general, here are some reasons WVD being exclusive isn’t as much of a problem as it seems.
A specific objection to Azure compared to other big cloud providers is that Azure’s pricing has traditionally been prohibitive to smaller businesses without cash reserves. Azure’s pricing previously required upfront payment for the one-year or three-year reserved plans – forcing smaller businesses into the overall more expensive pay-as-you-go plan.
But Microsoft changed this in September 2019 to allow for reservations to be paid with monthly instalments rather than a single fee. For businesses without big cash reserves, this lets them set out a budget whilst also getting access to the savings a reservation provides (which can be as much as 46% for one-year reservations or 72% for three-year reservations).
Data out of your hands
The idea of your most valuable assets and corporate secrets being held in a third party’s hands is honestly frightening for a business. However, in the case of Azure, it’s mostly an unfounded fear.
Your data is likely to be safer in Azure’s data centres than your own due to how Microsoft rigorously adheres to global security standards including ISO 27001 and constantly pours an enormous amount of money into data security.
Whilst you do still need to deploy the solution in Azure correctly for true security (e.g. multi-factor authentication and proper user permissions configuration), these are the sort of things a competent Azure specialist will have in place from day one anyway.
The truth is that this problem comes down to psychology and fear of loss of control. If you’re adhering to best practices during deployment, Azure’s security is more than enough to protect your critical assets.
Azure datacentre downtime
Another common concern with running virtual desktops in the cloud is that if the platform goes down, employees won’t be able to do any work. Azure’s downtime tracker showing a list of several recent downtime events doesn’t help alleviate fears either.
However, you should bear in mind that Azure has at least three million servers. And when operating at that scale, even with 99.99% uptime, there would be 300 servers constantly in a down state. Since there aren’t 300 servers constantly in a down state, Microsoft is doing a pretty good job of service availability.
The concern of downtime is certainly genuine, but to address it you should acknowledge that Microsoft and their army of engineers are probably more capable of managing the hardware side of a data centre with less downtime and shorter downtime windows than you can.
Having the hardware managed by Azure also takes a load off your shoulders and allows you to focus efforts towards activities which are of actual benefit rather than day-to-day maintenance.
Should you get Windows Virtual Desktop for your business?
As of now, the short answer is no. You might be surprised by that answer, but things are much more nuanced if you dig deeper.
If you’re already operating a virtual desktop environment or are an expert in Azure and VDI then yes, WVD is certainly worth reviewing. However, if you plan on using WVD as your first foray into using virtual desktops, it would be best to let it undergo a few months of fixes first.
WVD is on the bleeding edge of virtual desktop solutions right now. Whilst it shows a lot of promise and represents a lot of improvements, it needs refining before it can be considered a best-in-class solution.
Microsoft’s development cycle means it shouldn’t take too long to work out the bugs. And during that time WVD will likely gain some new and improved features – so you’ll even get some additional value for waiting.
In the meantime, upskilling your existing IT team in Azure will provide you with some decent in-house expertise. Additionally, moving to Office 365 now, if you haven’t already, gives your users plenty of time to grow accustomed to the extra features and productivity tools which are included.