The right tools make it easy for your teams to adapt seamlessly to new ways of working. Insight Canada’s John Dathan and Darren Lloyd discuss how VDI solutions, such as Windows Virtual Desktop, can help organizations meet emerging workforce needs.
To experience this week’s episode, listen on the player above, watch the conversation below or scroll down to read a complete transcript. You can also subscribe to Insight TechTalk on iTunes, Spotify, Stitcher and Google Play.
Published September 1, 2020
Good afternoon, and welcome to Insight TechTalk.
My name is John Dathan,
and I have the privilege to lead insight Canada.
And joining me today is Darren Lloyd.
Darren came to us through the acquisition of PCM,
as vice president of our professional services organization.
Thanks John, glad to be here.
Yeah, I'm going to take a little bit of time today.
We've had so much energy in the marketplace
around Windows Virtual Desktop,
and Microsoft is asking us to help out clients.
We've done more of their work,
than any other partner in Canada,
but I actually believe
that people aren't as familiar with it.
They sort of nod and say,
"Oh yeah, WVD, Windows Virtual Desktop."
I want us to take some time today and really explore that.
So maybe just at a high level, what is WVB?
Yeah, so Windows Virtual Desktop,
is really Microsoft's fully managed,
desktop virtualization solution in the cloud.
So it runs in Azure and really you can think of it
like the cloud evolution of remote desktop services
and without all of the
infrastructure management requirements.
And so it offers full featured native client support
for Windows, Mac, iOS, and Android.
And you can also access it pretty much from any browser
because it's got a HTML5 support built in.
And so it's sort of like the cloud evolution
of Microsoft's remote desktop services platform.
So why do people want to deploy VDI?
Is that more important now than ever, or?
I mean, it's been around for a while
and there's always been a use case for VDI.
Primarily, organizations are attracted to VDI
because it enables them
to sort of centrally manage all of their desktops
in the data center.
So they're running a bunch of VMs on a server
or a server farm rather than managing a whole bunch
of disparate spread out in individual endpoints.
So that's one, benefit.
The other one is to keep the operating system,
the data and the apps separate from the end device.
So to create a bit of a security barrier,
to protect the data leakage and maybe corporate information
going on to a personal device.
And then the other big one honestly,
is when you have applications
that need to be close to the server backend
or the database or whatever,
and you wanna enable remote work for your users,
but they need to kind of be running those apps
right next to the server itself.
And so by running the desktops in the data center,
right in proximity to those services,
you can give a better end user experience.
Okay, so you mentioned being in the cloud
a couple of times and more traditional VDI,
we think of as being in your own data center.
So what are the challenges we're having
in that traditional way that this solves?
Yeah, I mean, there's actually a number of challenges
with that architecture, because first of all,
you have to stand up a fairly complex infrastructure
of load balancers and gateway servers and brokers,
and then the whole VDI, VM farm,
you've got to have a way
for users to securely log into that infrastructure.
And so you have to have web services and portals,
and really those projects.
I've been a part of some of those projects in the past.
And they end up becoming very time consuming,
very costly, very complex.
And then the ongoing management
of maintaining and upgrading those environments
can be a huge burden for organizations.
So you’re really leveraging the full IIS
from the public cloud and not having to build it
specifically around one application, such as VDI.
Well, actually even better than that.
So what Windows Virtual Desktop does,
is it takes all of that infrastructure that I mentioned
the brokers and the gateways and the load balancers
and the management portal.
And it packages it up into a platform as a service.
So PaaS, offering the (indistinct) fully manages for you.
So it's essentially giving you all of that scalability
and all of that management plane as a service.
And then you plug the VMs
and the applications on the desktops into that.
And so it's a huge benefit
in terms of lowering that upfront cost
and complexity of spinning up the environment
and the ongoing management overhead.
So are there other reasons why WVB specifically?
Well, the big one, so there's a couple, first of all,
because it's running in the public cloud,
you have that hyper scale sort of unlimited capacity model.
You can scale up or scale down
and you're paying for only what you use.
And so, as you can imagine,
in a dynamic kind of macroeconomic environment
that we're in, where we're organizations
have had to scale down rapidly and enable remote work,
but at some point they're gonna probably
need to scale back up
and potentially still have all of their workforce remote.
How do you, if you're going all on premiere,
over provisioning for kind of the peak load,
rather than being able
to sort of elastically expand and contract.
So there's that.
And you can really choose any size of VM.
So you may have some users that just need
to kind of bare-bones, the Office suite,
which incidentally is part of like Office 365
is just part of one of those built in images
that you can provision out of Azure,
but you may have some really high end
GPU intensive workloads that you need to run with.
You can just choose that as an option for them.
And actually one of the big ones is in the past,
it was never possible to have a multi-session.
And when I say multi-session, I mean,
multiple users logging into the same Windows 10,
or Windows 7 or whatever windows desktop operating system,
at the same time, it's simply wasn't possible.
And so we sort of hacked our way around that
by provisioning a server and then kind of dressing it up
to look like a desktop with a few general view visual hacks,
and then giving that to the end user
as their virtual desktop.
Now only Windows virtual desktop offers the capability
to have a multisession Windows 10 VM.
So now you can spin up a huge VM, give it a ton of RAM,
a ton of compute and then have 10 or even 20 users
logging into that same VM at the same time.
And that will actually optimize,
because we're getting higher density
and maximizing the utilization of that resource.
So now you can actually lower your costs
and get more bang for your buck, so to speak,
while keeping the user experience totally seamless too.
'Cause they're actually on a Windows 10.
So I'm better understanding this from IT.
I'm better understanding this
from the business financial model, but as the end user,
now that if I'm doing everything across my home internet,
because I'm there, what's the end user experience?
So I mean,
the first thing that's super interesting about this is,
as I mentioned earlier, you can run it on anything.
And so if you can imagine,
okay, your workforce is largely having to be remote
and now they're working from home.
Maybe they have Macs,
maybe they don't even have a PC at home.
Maybe they have just tablets and mobile devices.
Well, this gives you the ability
to actually give them
their full corporate desktop from any device.
So that's the first benefit
and that's actually a pretty strong use case.
But secondly, it really is a seamless experience.
And so if they are actually accessing
their corporate virtual desktop in WVD
off of a windows 10 device, it integrates seamlessly.
So the Start menu,
you can just publish apps directly.
With Start menu you can pin them to the task bar,
you can copy and paste between local and virtual apps.
It really just feels like you're working on your local PC.
And so I see a couple of advantages.
So AI can actually work on a more powerful device
than the one I have.
And because it's happening in the cloud,
the compute and all those sorts of things,
the bandwidth is less of an issue.
We're just actually sharing the screen across.
Yeah, you're just sending most clicks and screen scrapes.
And then, I mean, for anyone that's listening,
that's actually ever been a part of kind of virtualization
and VDI environments, the big challenge,
or even just anyone that's ever tried
to use a roaming profile, it's a huge challenge.
And one of the things Microsoft has done,
is they've got technology
that virtualizes that entire user profile
onto its own VHD, virtual hard disk,
which seamlessly attaches at log-on.
So whether it's a shared pool of VMs
that you're logging into,
whether it's a single, multi-session,
a windows 10 VM or even one that maybe is dedicated to you.
Every user is gonna have
that persistent user profile experience.
So you make changes in your applications.
You might move your Start menu around and your icons.
Now you're not gonna lose that
every time you log into, a different session,
which sometimes has been challenged with VI.
So that's another huge advantage of WVD.
So to kind of round out this discussion,
we've got to think a little bit about the security, right?
I mean, if somebody can access as myself,
they've got access to everything I do.
So, talk a little bit about identity.
Yeah, and it's all driven through Azure active directory.
And so identity is a cornerstone of the solution.
It's the way that we provision the VMs,
is the way we provision the apps.
It's the way we provision administrative backend access
to the IT administrators and analyst and technicians.
So it uses Azure active directory.
It's a consistent, single sign on experience for users
and it roams from device to device.
So really all the user needs to know
is their corporate credentials, they log in.
But from a security and hardening standpoint,
we can enable a multifactor authentication.
We can enable conditions.
So we can say, you can't even log in
unless certain conditions are met,
whether that's location or whatever.
And so for clients that are looking at this,
if you have already have an Azure workload or two,
or you've got Office 365,
you already have Azure active directory up and running,
and this will plug seamlessly into that.
Well, and just like we use it, right?
you not only have to know everything about me,
you also have to have my phone and my face,
'cause it's face ID to activate itself.
Exactly, very safe.
All right, so got a couple of questions.
So I also hear a lot about Intune and Autopilot,
just so that we all understand,
what's the difference between,
WVD, Windows Virtual Desktop, Intune and Autopilot?
So windows virtual desktop is the VDI solution,
the cloud-hosted VDI platform.
So it's essentially a service that enables you
to either bring your own windows 10 corporate image
or use one from the gallery
and provide that either published app
or full desktop experience to your users
from any device, anywhere hosted in the cloud
and manage all that infrastructure managed by Microsoft.
Intune is actually the cloud-hosted
modern management platform,
for managing all of your desktops,
whether they're physical, virtual, on-prem in the cloud,
tablets or mobile devices.
And so, if you've ever heard of SCCM,
or System Center Configuration Manager,
Intune is really the cloud version
and the evolution of SCCM.
It integrates with SCCM,
but it's the device management platform.
So if you want to run reports on what apps are installed
or how many devices you have
and what version of the OS they're on.
You wanna patch them and all that other stuff,
that's what Intune is all about.
In addition to that, it provides really powerful
mobile device application management capabilities.
So that's Intune.
Now you mentioned Autopilot,
that's a feature of Intune and it's a really cool technology
because I mean, as a former SCCM guy, myself,
I spent a lot of time playing around with,
and actually architecting and implementing solutions
for customers, to help them manage their imaging
and OS deployment processes.
And I got to tell you that gets really complex,
especially when you start to introduce more and more devices
because you've got drivers, you've got firmware,
you've got all kinds of different applications
and you have to have these really complex task sequences
that are able to detect, "Okay, what hardware am I on now?
"I got to inject all the drivers."
Well, what if you could just take the device
as it ships from the manufacturer
with, their gold image on it,
that's perfectly tuned for that hardware.
It has all the right drivers and everything,
and then layer in your corporate policies,
your corporate applications, your certificates,
everything you need to turn that
from a off the shelf consumer device
into a fully managed, secure corporate device.
That's what Autopilot does.
And all you need is an internet connection
and your username and password for that to work.
Well, I think most clients
they're gonna want the result of this.
They don't actually want to do this,
so maybe we can close out.
Just talk a little bit about how Insight is helping clients.
I know we've actually done quite a large number
of these clients within Canada,
well, since COVID started in particular.
But how is it that we're helping clients?
So we can essentially implement this from end to end.
We can do the architecture, we do the deployments.
We work with your team
to understand your application requirements and everything,
but what we've done and what I'm really proud of
is we've kind of positioned ourselves in Canada
as the go-to WVU partner for Microsoft.
one of the things you mentioned early on
in this conversation is, they came to the table saying,
"Hey, how can we help our clients."
In this global pandemic situation
where remote work is such a huge requirement
and companies are kind of scrambling
to figure out what to do.
And they came to the table with a bucket of funding
and they said to partners,
"Hey, if you guys have solutions that can help our customers
"with this use case, bring them forward
"and we'll go kind of call sell and position those."
And so we came forward with our WVB fast start
and we ended up doing over half of those deployments
that Microsoft funded in Canada.
And as part of doing that,
what we did was we really built up our best practices
on our own internal IP to automate this,
to make it really, seamless and have a really good handover
and transition operations for our clients.
So we can absolutely get that up and running.
We can manage it if that's of interest.
And then obviously with the Intune and Autopilot
and SCCM and windows 10, we've done dozens of those.
And we can easily, do the planning, architecture,
and deployment and management for those as well.
Oh, that's terrific.
Well, Darren, thanks for spending time with us today.
I think these technologies,
so many of our clients are looking for help in this area.
Particularly at the time were in,
clearly we're gonna be in this time
for a little bit while.
so thanks for your time today, Darren.
Thanks for joining us folks.