Comparing Remote Desktop Requirements to Azure Virtual Desktop

Justin TranthamCloud Computing

5 Top Things To Consider When Comparing RDS to AVD For Your Organization

Many companies are still navigating or attempting to upgrade their capabilities for a hybrid work environment. There are two common options for technology that facilitates employees accessing systems and working remotely successfully and efficiently. They are Remote Desktop Services (RDS) and Azure Virtual Desktop (AVD). Each achieve the goal of productivity outside of the office but look quite different from a setup and management perspective.

As an Azure Virtual Desktop certified engineer, I’ve been able to assist many companies during the transition to a full or hybrid cloud solution. In this article I hope to briefly explain some main differences between RDS and AVD from setup to the user experience

1. Main Remote Desktop Services Requirements

Configuring any environment to be accessed remotely requires components that are installed and managed on both servers and user devices.

To access an environment using RDS securely, the main components are:

  • Firewall or router: This secures the connection to your network over the public Internet and forwards traffic to the Remote Desktop Gateway Server. Firewalls and routers are setup with rules that are continuously updated to maintain a good security posture. Some companies have two Internet service providers (ISPs) to ensure high availability.
  • Remote Desktop Gateway Server: Uses port 443 to connect to the session broker eliminating the threat of leaving RDP port 3389 open publicly. This enables a layer of security necessary to block unauthorized access to your environment.
  • Connection Broker: Load balances connections to your Session Hosts. This is necessary to distribute tasks evenly over the resources to optimize response times.
  • Session Hosts: These are the server operating systems that produce what your users see and log into. Depending on the deployment, in addition to the operating system these may also include applications.  Session hosts require a client access license (CAL) for each user who accesses them.

2. Main Azure Virtual Desktop Requirements

While the RDS configuration requires your MSP or internal IT resources to maintain the connection methods, AVD only requires focus on the Session Hosts.

To securely access an environment using AVD, the main components are:

  • Microsoft License with Azure Subscription: Microsoft License with AVD SKU included with the license or purchased standalone per user.
  • Azure Active Directory: Setup with Azure Active Directory sync or domain services.
  • Session Hosts: These are typically Windows 10 multiuser virtual machines that produce what your users see and log into. Single-user virtual machines are an option, as well.

3. Managing RDS and AVD

AVD requires your Managed Services Provider (MSP) or internal IT resources to manage less components than RDS to enable remote access. RDS includes the additional management of firewalls and routers, the RD Gateway Server, and the Connection Broker. For AVD, components that achieve the same result of a secure and balanced connection are managed and maintained directly by Microsoft. These additional components of RDS require time and resources to manage and maintain and can cause outages when issues arise for your IT team to diagnose and resolve.

4. Focusing on User Experience

Reducing the number of components for your IT resources to patch and protect for your environment connection allows your IT team to spend more time focusing on improved user experience and proactive improvements within the environment.

In addition to the benefit of freeing up IT resources to focus on other things, there are some differences between AVD and RDS that affect user experience for your employees accessing the environment remotely.

The application AVD currently uses to connect the user to the environment can be downloaded on Windows, Android, iOS, macOS, and using a web browser. This process is relatively frictionless and only requires your users to log in with their Microsoft account. This means they can work from anywhere with an Internet connection quickly and without IT intervention. RDS user experience requires a custom RDP file that the user needs to be given either by group policy or email, and if any of those custom settings should change, the IT team needs to update the icon for everyone.

5. Costs and Adoption

Although AVD reduces the IT resources needed to maintain a highly available and secure connection to your environment and creates a more seamless user experience, it can present a few drawbacks for companies looking to enable remote work. The costs for AVD are typically slightly higher on an annual basis than custom hardware with RDS because the backbone equipment for AVD is managed by Microsoft. AVD is also a newer technology than RDS and requires changing user behavior through the training of the new tools.

At Netgain, we have many clients successfully using AVD and many clients successfully using RDS. While the above is a high-level overview of the differences, each technology has nuances that may or may not make it the right decision for your company. Reach out to us today to learn more about how your organization can better enable remote work and productivity from anywhere – with safe and secure technology.