Azure Solutions – Azure Developer Services, VSO, Release Management with vNext Highlights

Desktop Virtualization Overview

Rick Skalitzky | Practice Lead – Advanced Infrastructure

Today’s workforce is mobile and tech savvy. Workers access applications and information across a number of devices including person devices from virtually anywhere. Providing this kind of mobility while meeting compliance and security requirements is a huge challenge to the business. Microsoft Azure Remote App was designed to specifically with this challenge in mind. It combines Windows application experiences with the power of remote desktop services in Microsoft Azure Cloud for modern businesses. The result is a flexible and simple to use service that brings scale, agility and mobile access to corporate applications. With Azure Remote App, your application run on Windows Server in the Azure Cloud so you can quickly give users access to the corporate applications they need from anywhere and any device. Applications appear to run locally to provide a seamless experience. Plus Azure Remote Apps scales up or down responding to changes in business needs without expensive on-premises infrastructure or management complexity. Finally, because all of the application run solely on the Azure platform it’s easy to centralize and protect corporate resources. Realizing the importance of flexibility, Azure Remote App can also integrate with existing on-premises applications and infrastructure to support a hybrid deployment or use prebuilt application collections for a standalone cloud deployment.

Azure RemoteApp

Azure RemoteApp brings the functionality of the on-premises Microsoft RemoteApp program, backed by Remote Desktop Services, to Azure. Azure RemoteApp helps you provide secure, remote access to applications from many different user devices.

When you move RemoteApp to Azure, you get to take advantage of the storage, scalability, and global reach of Azure without having to worry about a complex on-premises configuration. Microsoft provides maintenance of Azure, ensuring its reliability, freeing you up to focus on more important issues, like creating the best apps for your business to use. Another advantage of Azure RemoteApp is the accessibility – your users can access RemoteApp programs from Windows, iOS, Mac OS X, and Android devices. They can use your apps in the environment they prefer, while you use the Azure management portal to manage those apps.

Benefits
  • Scale – Scale up or down to meet dynamic business needs without captial expense
  • Enable – Provide access to corporate applications from anywhere, on any device
  • Protect – Centralize and protect corporate resources
Azure Remote App Scenarios
Scenario
Azure RemoteApp Cloud Hosted in and stores all data for programs in the Azure cloud.
Users can access apps by logging in with their Microsoft account or corporate credentials synchronized or federated with Azure Active Directory
Azure RemoteApp Hybrid Hosted in and stores data in the Azure cloud but also lets users access data and resources stored on your local network.
Users can access apps by logging in with their corporate credentials synchronized or federated with Azure Active Directory.
Azure RemoteApp Cloud

The Cloud RemoteApp collection offers a standalone way to host applications in the cloud. A cloud collection exists only in the Azure cloud, as opposed to connecting to your local network. As part of the RemoteApp trial, we provide you with the Office 365 ProPlus or Office 2013 apps preinstalled and ready to share with your users. If you choose to leverage the available software, you can provision your service quickly. An additional advantage of using the cloud collection with the Office apps is that the apps and operating system (upon which your service is built) are always kept up to date through regular updates, and Microsoft Anti-Malware endpoint protection provides continuous defense. Your end users use their Microsoft accounts or corporate credentials to access the apps. All that you, the administrator, need to worry about is figuring out who should have access to which apps.
DesktopVirtualization01

Company Profile
  • When the applications you want to publish within Azure RemoteApp do not require a connection to any resource your company’s private network. If the application uses resources on the Internet, OneDrive, or Azure, a cloud collection will work for you. It’s also the quickest to create.
  • Any company size
Benefits
  • Quick and easy setup
  • No additional components or network connections required.
  • Optional to synchronize on-premises Active Directory to Azure Active Directory; integrating Active Directory with Azure Active Directory (using DirSync), your users can use their corporate credentials to access apps and data
  • Office apps and operating system (upon which your service is built) are always kept up to date through regular updates, and Microsoft Anti-Malware endpoint protection provides continuous defense
Components
Component Description
Azure RemoteApp RemoteApp provide secure, remote access to applications from many different user devices
Windows Azure AD Connect (Optional) Azure AD Connect is a compilation of tools (DirSync, AAD Connect, AADSync ADFS, etc.) In this scenario Azure AD Connect is responsible for deploying and configuring the Synchronization of on-premises directories to Azure Active Directory (AAD).
User attributes are synchronized using Identity Synchronization services including a password hash, Authentication is completed against Azure Active Directory

Remote App Hybrid

The hybrid RemoteApp collection scenario lets you provide both a custom set of applications to your users and access to the data and resources in your local network. Unlike a custom image used with the cloud collection, the image you create for a hybrid collection runs apps in a domain-joined environment, granting full access to your local network and data.

By integrating Active Directory with Azure Active Directory (using DirSync), your users can use their corporate credentials to access apps and data. When you use a work account in Active Directory, you can take your corporate policies into the cloud to control the apps you offer through RemoteApp.
DesktopVirtualization02

Company Profile
  • Customers that require a connection to resources on your company’s private network (File Servers, Databases behind a firewall, etc.)
  • Medium to Large companies with lots of resources on their private networks that can’t be moved to the cloud
Benefits
  • RemoteApp hybrid resources are domain-joined and conform to on-premises policies
  • Users have access to on-premises network resources
  • Users logon with corporate credentials federated with Azure Active Directory
Components
Component Description
Azure Remote App RemoteApp provide secure, remote access to applications from many different user devices
Windows Azure AD Connect Azure AD Connect is a compilation of tools (DirSync, AAD Connect, AADSync ADFS, etc.) In this scenario Azure AD Connect is responsible for deploying and configuring the Synchronization of on-premises directories to Azure Active Directory (AAD).
User attributes are synchronized using Identity Synchronization services including a password hash, Authentication is completed against Azure Active Directory
Hybrid Networking Site-to-Site VPN required and Extended Active Directory so RemoteApp Hybrid resources can be domain-joined, access on-premises resources and conform to on-premises policies.