Understanding Azure Virtual Desktop: Essential Building Blocks
Azure Virtual Desktop Architecture Components
Description: Microsoft Entra ID is the rebranded version of Azure Active Directory, offering identity and access management services.
Role: Manages user identities, authentication, and authorization for accessing AVD resources. Provides enhanced security and governance features to support and secure user access to AVD environments.
Description: Provides managed domain services like domain join, Group Policy, LDAP, and Kerberos/NTLM authentication.
Role: Enables the use of domain services in the cloud without deploying or managing domain controllers. It supports legacy applications that require traditional authentication, allowing for a seamless lift-and-shift from on-premises environments without managing AD DS in the cloud.
Description: Traditional Active Directory deployed on-premises to manage user identities, authentication, and authorization.
Role: Provides domain join capabilities and Group Policy management for virtual machines in the AVD environment. Users can authenticate against the on-premises AD, and VMs can be domain-joined to leverage existing AD policies and credentials.
o Select which directory you would like to join:
Description: The virtual desktops or application servers within a host pool.
Role: Provide the computing environment where users interact with their applications or desktops.
Description: A logically isolated network within Azure for hosting VMs and other resources.
Role: Ensures secure and private network connectivity between VMs and other resources.
Description: Collections of VMs that users connect to, configured as pooled or personal.
Type:
Pooled Host Pools: Multiple users share the same set of VMs.
Personal Host Pools: Each user gets their own dedicated VM.
Role: Group VMs to deliver desktops or applications to users.
Description: Logical groupings that define which applications or desktops are available to users.
Types:
RemoteApp: Individual applications available to users.
Desktop: Full desktop environments available to users.
Role: Determine the applications or desktops users can access within their assigned host pools.
Description: Containers that group one or more application groups together.
Role: Users connect to a workspace to access the associated applications and desktops
Recommended by LinkedIn
Description: Technology for managing and storing user profiles and settings.
Role: Ensures a consistent user experience by maintaining user profiles in virtual hard disks.
Description: It filters network traffic between Azure resources, allowing or denying incoming and outgoing traffic.
Role: Enhances security by filtering network traffic based on rules.
Description: Groups of VMs with shared security requirements.
Role: Simplifies management of security policies by applying rules to VM groups.
Description: Distributes network traffic across multiple VMs.
Role: Ensures high availability and reliability by balancing traffic load.
Description: Provides monitoring, analytics, and diagnostic capabilities.
Role: Tracks performance, health, and usage metrics of AVD components.
Description: Managed service for secure RDP and SSH access to VMs without exposing them to the internet.
Role: Facilitates secure administrative access to VMs.
Description: Storage services for storing user profiles, application data, and other files.
Role: Provides persistent storage for user profiles and other data.
Description: Backup and recovery service for Azure resources.
Role: Protects data by creating backups and facilitating recovery processes.
Description: Service for automating routine tasks and processes.
Role: Automates management tasks such as scaling, updates, and maintenance.
Description: Devices such as PCs, laptops, tablets, or smartphones used by end-users to access their virtual desktops or applications.
Role: Serve as endpoints for connecting to virtual desktops or application sessions.
These components work together to create a comprehensive and efficient Azure Virtual Desktop environment, with Azure Subscription serving as the foundational element for managing and billing all Azure resources.