Download presentation
Presentation is loading. Please wait.
Published byVictor Lang Modified over 6 years ago
1
5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal Program Manager Pavithra Thiruvengadam - Program Manager II © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
2
Azure: The Future of Windows Virtualization
Secure Identity Azure AD conditional access (CA), multi-factor authentication (MFA) Azure Security Center and intelligent security graphs Elasticity Reduces costs by enabling scaling in/out and up/down Abstraction IaaS: eliminates management of physical computing environment PaaS: reduces management of virtual computing environment Global Footprint Service users anywhere on the planet from nearby datacenters
3
RDS 2012 R2 & Azure IaaS RD Clients RD Infrastructure RD session hosts Azure AD DESKTOPS apps iaas RD Web UPD File Server RD gateway RD broker firewall SQL server Active Directory All roles implemented in Azure virtual machines
4
RDS 2016 Improvements RD Clients RD Infrastructure RD session hosts Azure AD 6 DESKTOPS apps iaas 1 2 3 RD Web UPD File Server 4 5 RD gateway RD broker firewall Paas Azure AD Domain Services Azure SQL Database PaaS for Azure SQL Database and AAD Domain Services
5
RDS 2016 Additional Improvements
RD Clients RD Infrastructure RD session hosts & Win10 Azure AD DESKTOPS apps iaas RD Web RDVH UPD File Server RD gateway RD broker firewall Paas Azure AD Domain Services Azure SQL Database Integrated with RD Web, connect from any html5 browser device, no RD client installation RD Virtualization Host (VH) enabled using nested Virtualization in Azure Support Windows 10 VDI
6
RDS modern infrastructure: Web Services
RD Clients RD Infrastructure RD session hosts & Win10 Azure AD Azure AD RD diagnostics DESKTOPS apps iaas A A firewall RD Web UPD Azure files Paas Azure AD Domain Services RD gateway RD broker firewall firewall Azure SQL Database RDS roles refactored as web services, can be deployed as Azure App Services (PaaS) RD Virtualization Host eliminated with new guest agent installed on session host & Windows 10 RD Diagnostics service correlates events across the system, simplifies troubleshooting User Profile Disks (UPDs) can be stored on enhanced Azure Files supporting AD ACLs
7
Demo: RDmi Services as PaaS
Pavithra Thiruvengadam
8
RDmi: Azure AD Authentication
RD Clients RD Infrastructure RD session hosts & Win10 Azure AD Azure AD RD diagnostics DESKTOPS apps iaas A A firewall RD Web UPD Azure files Paas Azure AD Domain Services RD gateway RD broker firewall firewall Azure SQL Database RD infrastructure services are not AD domain joined RD clients authenticate with Azure Active Directory (AD) Enables Azure AD security features, e.g. CA, MFA, Intelligent Security Graph
9
RDmi: Connection Flow Client gets AAD token & presents to RD Web
RD Clients RD Infrastructure RD session hosts & Win10 1 Azure AD Azure AD DESKTOPS apps iaas A A 2 6 3 firewall 4 RD Web RD diagnostics UPD 5 Azure files Paas Azure AD Domain Services RD gateway RD broker firewall firewall Azure SQL Database Client gets AAD token & presents to RD Web RD Broker determines resources authorized for user Broker orchestrates connections from client and session host agent to the same RD Gateway
10
RDmi: Improved Isolation: Reverse Connect
RD Clients RD Infrastructure RD session hosts & Win10 Azure AD Azure AD DESKTOPS apps iaas A A firewall RD Web RD diagnostics UPD Azure files Paas Azure AD Domain Services RD gateway RD broker firewall firewall Azure SQL Database WebSocket connections from RD host agents to RD infra Bi-directional communications between session hosts and RD infra over https (443) No inbound ports need be opened to the session host environment
11
RDmi: Improved Isolation: Multitenancy
RD Clients RD Infrastructure RD session hosts & Win10 Azure AD Azure AD DESKTOPS apps firewall A A RD Web RD diagnostics UPD Azure files Azure AD Domain Services RD gateway RD broker Azure AD firewall firewall DESKTOPS apps firewall A A Azure SQL Database VPN RD Infra & all session host environments isolated Enables: Different Azure AD tenants & subscriptions Different AD configs in each session host environment VPN from tenant environments to on-prem UPD File server Active Directory …
12
Demo: Isolated Tenants Azure AD Multi-Factor Auth
Pavithra Thiruvengadam
13
RDmi: Extensible Platform
RD Infrastructure RD session hosts & Win10 Azure AD Azure AD DESKTOPS apps 3rd Party app, script, service iaas firewall A A RD Web RD diagnostics UPD Azure files Paas Azure AD Domain Services RD gateway firewall firewall RD REST API RD powershell RD broker Use RD PowerShell or RD REST API to extend RDmi platform Examples: Deployment automation, session host scaling, management GUI, etc.
14
Demo: Example Web Management GUI
Pavithra Thiruvengadam
15
Roadmap RDS modern infra v1 Public Preview General Availability
RDmi v2 2017 2018
16
Learn more BRK2169 Learn about our vision and upcoming innovations for Microsoft Remote Desktop Services – Scott Manchester BRK2286 Microsoft Azure File Sync – seamlessly extend file services across servers cloud – Klaas Langhout and Mine Tanrinian Demir BRK3295 What’s New in Azure Active Directory Domain Services - Mahesh Unnikrishnan
17
Summary of RDmi Improvements
Azure App Services simplify management Azure AD authentication enables new security features Reverse connect secures session hosts and user data Multi-tenancy reduces cost while increasing flexibility Extensible platform enables rich partner eco system
18
Please evaluate this session
Tech Ready 15 5/21/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite Phone: download and use the Microsoft Ignite mobile app Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
19
5/21/2018 9:40 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.