CONTRIBUTED ARTICLE
Written by Vadim Vladimirskiy
CEO and Co-founder, Nerdio
A recent Gallup report found that pre-pandemic only 8 percent of remote-capable employees worked exclusively from home. Today, 42 percent have a hybrid work schedule, while 39 percent work entirely from home. This dramatic workplace shift has IT organizations – for large and small businesses – reevaluating how to deliver employees a good desktop experience. For many, the need to balance endpoint security and manageability with a good, productive end-user experience is driving them to adopt virtual desktops.
While virtual desktop infrastructure (VDI) has been around for more than a decade, new solutions are making the technology easier and more secure to use. In particular, Azure-delivered virtual desktops have become a popular choice for a cloud-enabled workspace. But the options can be confusing.
Azure-Delivered Virtual Desktop Choices
There are a few different approaches for Azure-delivered virtual desktops designed to meet different user use cases and environments: Azure Virtual Desktops (AVD), Windows 365 Enterprise Cloud PC and Windows 365 Business Cloud PC. Knowing the key differences among each can help you evaluate the option that is best for your organization and users.
Under-the-hood, AVD and Windows 365 leverage a similar set of Microsoft cloud technologies and allow organizations to deliver a desktop-as-a-service (DaaS) environment to support end-user computing needs. At the highest level, AVD is a cloud VDI platform that has been optimized for more granular flexibility and control. And while technically, Windows 365 Cloud PC is built on top of existing AVD components, it has a different transactional model (fixed price vs. consumption-based) and some unique capabilities that integrate it more tightly into the new Windows 11 operating system.
Windows 365 Cloud PC is available in two options: Business or Enterprise. Windows 365 Business Cloud PC is typically more suitable for smaller organizations and Windows 365 Enterprise Cloud PC for organizations that already have invested in Microsoft Endpoint Manager (MEM).
Enterprise Cloud PCs are designed for organizations that are using this powerful platform to manage their existing, physical desktops. The use of Windows 365 Enterprise Cloud PC requires a Microsoft Intune license for each user. Business Cloud PCs are designed for individual users and small businesses. They can subscribe to a new Cloud PC and have it ready to use in under an hour.
With all these options for delivering virtual desktops via Azure, it can be challenging to identify what is best for your users and environment. To help, consider these three core areas:
- Administration Flexibility – AVD requires more sophisticated Azure management resources but also can offer maximum flexibility while Windows 365 Enterprise and Business largely replicate PC management, leveraging the same set of Microsoft tools to manage physical and virtual PCs. If you choose to deploy Business Cloud PCs, know that they are not integrated with Microsoft Endpoint Manager (MEM) and do not have a dedicated management portal. They can only be managed by the end-user assigned to the desktop while logged into it. Enterprise Cloud PCs are managed via Microsoft Endpoint Manager (MEM) and via the Azure portal for all networking.
Applications and updates, always an IT concern, are handled by MEM, or via images, for AVD. The update and application delivery process in AVD is very flexible and can be fully automated. Enterprise Cloud PCs can be updated via MEM or manual methods. Business Cloud PCs can be updated with Windows updates, manually by the user, or by using third-party management tools. Operating system support is limited with Windows 365 Cloud PCs which only support Windows 10 or 11 Enterprise (single session) since they are dedicated, non-multi-user desktops.
- Usage Patterns – It will pay off if you spend some time analyzing how different employee users will be working and collaborating using Azure. Due to today’s increase in hybrid and remote work, usage patterns have changed from the previous on-site days. Users are more apt to work at off-peak hours or in more randomized work schedules. Windows 365 offers organizations a fixed-price, monthly subscription to a Cloud PC that is dedicated to a user and can be managed using the same tools as a traditional Windows PC. Cloud PC is available at a flat per-user price, whereas AVD is based on Azure consumption – something that can be optimized to lower costs if your usage patterns can be analyzed and tuned.
In general, Windows 365 Cloud PCs are most cost-effective when users need dedicated, persistent desktops and will be using them more than 50 hours per week. With users who can be pooled together into multi-session AVD host pools, there are significant cost savings to be realized by using auto-scaling and intelligent automation.
When it comes to the licensing for the Windows operating system, if your organization already has a subscription license for Windows 10 or 11, there will be no added software cost for Windows when using AVD. The license for Windows 10 or 11 can be purchased as part of a Microsoft 365 subscription.
- Management Control – In addition to licensing, AVD and both types of Cloud PCs have differences in management and cost. All components of AVD are managed via the Azure portal, PowerShell or third-party management tools. As such, control is more granular, but can require increased expertise to administer.
Enterprise Cloud PCs require an Intune license for each user who is assigned a Cloud PC Windows 365 SKU. They run in Microsoft’s Azure subscription which means admins don’t have direct access to the VM. However, the VM’s network interface card (NIC) is “injected” into a vNet in customer Azure subscription. All network traffic enters and leaves the VM via the customer-managed vNet. Egress transfer costs are incurred by the customer.
Business Cloud PCs route all traffic through Microsoft-controlled network infrastructure and there is no way for admins to control the inbound or outbound connectivity to/from these VMs. There is currently no way to assign static IPs to Business Cloud PCs. Since these Cloud PCs run in Microsoft’s Azure subscription and are not enrolled in Intune, there are limited admin controls to manage them. They can only be managed directly by the user, just like a standalone physical Windows device.
Weighing Your Options
Ultimately, the choice between using AVD or Windows 365 Cloud PC – Business or Enterprise – comes down to understanding how your teams like to work and how much ‘hands-on’ control your enterprise wishes to have. Other considerations including user self-service capabilities and storage costs may also need to be evaluated before making your selection. But your choice also doesn’t have to be a one-size-fits-all proposition. In fact, there may be those organizations where a mix of end user computing approaches in Azure is required to suit the needs of different users. This mixed approach is an option, particularly if you use a management tool that allows companies to manage both AVD and Windows 365 in a single platform.
Regardless of the ultimate approach you select, AVD, Windows 365 or a mix of both, you’ll benefit from a more secure and manageable solution to deliver a productive workspace for your hybrid and remote workforce.
About the Author
Vadim Vladimirskiy is a visionary expert in the creation and evolution of innovative cloud IT management platforms for the remote work era. He is CEO and co-founder of Nerdio, which empowers companies of all sizes to succeed with Microsoft’s virtual desktop offerings.
CONTRIBUTED ARTICLE
