How to modernize Windows Server apps with Remote Desktop Services | Windows Server Summit 2019

How to modernize Windows Server apps with Remote Desktop Services | Windows Server Summit 2019


>>Hi. I’m Jon Federico, I’m in Windows Server on
Azure Product Marketing here at Microsoft and I’m responsible for
Remote Desktop Services and Windows Virtual Desktop. Today, we’re going to
dive into a variety of topics around Remote
Desktop Services or RDS. First, we will talk about what’s improved in the core product of RDS, both 2016 and 2019. You can use these
wherever you are whether it’s On-Premises or on the Cloud. We release the newest version
of Remote Desktop Services, RDS 2019 in October of 2019
with Windows Server. RDS 2019 builds on
the strong foundation of RDS 2016 letting you rapidly deploy
on-premises or in the Cloud. In addition to the core investments
we’ve made in RDS 2016, we recognize there’s still
an opportunity to improve the non-persistent and complex
virtualization environments at scale that we see with
our customers today. So we’ll talk about an acquisition
of FSLogix, the product line, and how you can leverage
all of the benefits in your RDS environment today. Third, we also want to walk
you through how to think about RDS in different ways as you
begin leveraging the Cloud. You do not need to just lift
and shift your environment, instead you can use Azure
in a way that makes sense for you and lastly, one of those specific strategies we will go into in more depth may be to leverage Windows
Virtual Desktop easing the amount of RDS infrastructure, you have to manage as part of your Desktop Virtualization
Environment. So let’s dive into what’s
new with RDS 2016 and 2019. So first, we understand
that you still may be running workloads on 2008 or 2012 but we added a ton of value on our past two RDS releases that
really help improve the experience. First, there’s
the connection broker. So we heard that it was
difficult to scale, both in terms of peer connection
load but also in setting it up. So we’ve increased scale
during login waves, including support for
two-plus instances for high availability and
connecting with SQL off. For the gateway, we heard that use any number of third-party firewalls
and Load Balancers. So we wanted to make the gateway
as flexible as possible with functionality being like using
existing installed certificates. Then with the license server, we’ve time and time again heard
from customers that license management should focus on
simplification to scale deployments. Over the past few years, we have focused on
improving management of RD licensing servers and entitlement
through active directory. Now, you’ll be able to leverage high availability already
licensing servers with forward compatibility for
future versions of Windows Server to enable easier management of licenses from a variety of RDS releases. We’ve also made it easier
to manage licenses for your employees by
bringing the ability for the RD licensing servers to
update RDS Client Access Licenses or CALs into AD objects without accessing
Active Directory directly. Lastly, we’ve added PerfMon or Performance Counter APIs
to provide partners an easy way to access data to build monitoring dashboards and deliver
a consistent user experience. So let’s talk a little bit
about the web client. We also added web client support
for single sign-on to deliver a streamlined authentication
experience for users connecting via the web client which
we hear is very common today. We’ve also added modern
notifications for the remote app in our action center to
improve productivity with applications you use every
day like Microsoft Outlook. Then for clients, to how you access the service, in
case you didn’t know, we have Mac iOS, Android, Web, as well as Windows clients that you’ve come to
love and use every day. For iOS in particular, we’ve added support for our partner, Swiftpoint mouse and in Android, we integrated support for
Samsung’s decks offering to deliver remote desktops and
apps through their devices. Around the RDP protocol in
particular, we’ve made some updates. We added high-level redirection of built-in or attached
video cameras to deliver optimized video stream
at higher frame rates in new and legacy remote
apps in desktops. So now, users can have a better experience with
video intensive interactions. With RD session host, we’ve made several optimizations
to Windows Defender for multi-session to give you more confidence in bringing a secure, scalable, and cost effective
desktop experience to end users. We’ve also made optimizations
to advance Threat Protection, ATP exploit guard, Application
Control, Windows Admin Center, which specifically, we want to call out that it’s easy
to now consolidate all of your local and remote
server management into a single pane using the Windows
Server you have already today. A few additional features
include easy to configure DTLS based encryption
all of which work toward providing a trusted
end-to-end RDS deployment. Then on GPU functionality, RDS session hosts are now load
balanced across available GPUs. We have also improved upon innovations in Discrete
Device Assignment in RDS 2016 to bring better Virtual Machine isolation and performance for your graphic
intensive workloads. These improvements in GPU
Virtualization Tech will result in reduced network traffic and smooth
video playback for your users. So we’ve talked a little bit
about what we’ve done natively to build into
RDS on Windows Server, but now we want to discuss
new functionality for non-persistent environments
where we typically had a huge reliance on
our partners to solve key functionality gaps that
were important to your users. Now, with FSLogix, we we’re bringing that functionality into
the native RDS experience. So in November we acquired FSLogix to primarily enhance the office
experience but the suite of their technologies including
their profile containers help all non-persistent environments and overall application
management in totality. So what do they offer and
what’s the suite look like? So there have been numerous solutions throughout the industry
to try and solve the problem of always getting your profile in
non-persistent environments. The profile container
technology that they created simplifies
that experience and allows you to use your applications like Office, like you do today. Application masking, which
currently helps deal with manageability and maintainability
of the number of images, sometimes upwards of a few thousand
if you’re a large enterprise, can help simplify how you’re managing a complex set of apps for your users. Then Java redirection, which
just ultimately helps with different versions of Java that you might have to maintain in
your environment today. So let’s specifically dive
into Profile Containers. Profile Containers
historically have helped in running desktops and apps in
non-persistent environments and eliminated the difficulties that were presented in moving and
roaming profiles of users between different VMs as
they logged on and logged off of VMs between different days, different parts of the week, and making sure that that experience
that your employees get is a persistent look and feel with the scale of RDS compared
to a traditional VDI. So this is where
the Profile Containers can help. It is similar in design to UPD
but it is a strong offering that enables mounting of a VHD
file to the VM as users roam. So when a user logs on, that VHD will mount to that VM
and when they’re done, it will be stored in a specific
centralized storage location that you can dictate and
when they log on again, it would be mounted to that next VM. So it allows you in a non-persistent
environment like in RDS as well as some scenarios we’ll talk about with Windows Virtual Desktop, to provide a persistent
look and feel with a non-persistent scaling
and back-end. Now Office 365 containers
are a subset of the Profile Containers
we just discussed but specifically for
Office 365 cache data. They help to enable
functionality such as roaming of Outlook OST files, OneDrive cache, and Windows search to make
the user experience personalized despite the non-persistent virtual
desktop and app experience that they may have
provisioned to them. This really specifically
targets the office experience, which we know has not always been the best in a remote desktop scenario. An Application Masking. Again there are
different ways to solve the number of images problem that enterprises and companies of
all sizes are impacted by today. Application Masking is
an approach that enables application management through
installation of a base image. All you need to do here is
install the application. Then you can reveal only the apps that you have entitled for a user, and this can be changed in real time. This approach will help simplify your app management
through a consolidation of base or golden images that needs to be maintained for
different sets of users, ultimately simplifying and
consolidating what IT needs to manage on the back-end to provide
desktops and apps to end users. Then ultimately, Java. We understand that there
are supportive apps with different Java versions of
the same base images are necessary. Coupled with that masking, you can hide unused versions
of Java but provided on one centralized base image
so that you don’t have to manage different apps or golden
images with different forms of Java and deciding how
to make sure you’re appropriately keeping them updated. This is where
Java redirection can help. So we’ve talked a lot about
what the functionality of different technologies in this suite or profile container set can do, but we’re first going to now
talk about how their support and consistency across the totality
of your environment. That’s really what we want
to focus on with Microsoft and providing this technology
in our RDS environments. Consistency. You can use the same profile format across
On-Prem and on the Cloud. We’ll get to licensing
and a little bit, so you’ll see how easy it is to bring it out to your entire
environment immediately. Client and server. We understand that
you’re currently running RDS but you also might
have some VDI environment. You want to have
one set of user profile formatting across
your entire environment. This ultimately provides consistency across not only end-user experience, but also flexibility and consistency from an IT perspective
for hybrid scenarios, and understanding how you can manage that consistent user experience no matter where you are
running those workloads. The best news, you’re likely already entitled if you’re virtualizing
desktops and apps today. As you can see, the Remote
Desktop Service is client access license or CAL, gives you the entitlement
to FSLogix technology, and we’re working on
an integration plan as we speak. You also have access
through a variety of Windows enterprise licenses
as you can see there as well, including E3, E5, VDA, and a variety of other Microsoft
365 licensing options. So in a nutshell, the FSLogix technologies provide
consistency wherever you are, and what that really
will help you do is decide and maintain a larger, more complex remote
desktop environment. So now that we’ve covered
the amazing benefits of FSLogix to create consistency and strength in your end user experience
across your environment, let’s talk about how to think
about extending or migrating your RDS deployment to Azure as you assess your
broader move to Cloud. These are a few common scenarios
that we have seen, and as you’ll notice, there are different ways
to think about how you can use Azure in regards to
your RDS environment. In the first one, you see you have an extend motion in
a Burst-to-Cloud model that leverages Azure to scale up above your On-Prem environment
capacity as needed. In the second scenario, you can see a disaster recovery model
where you can replicate your environment on Azure so that you can have
a complete backup when needed. In the third model, this is
where we’re starting to talk about migration in
the more pure sense, and this is where you’re
running RDS on an IaaS model on Azure through a lift and shift of your RD session host and
infrastructure roles to Azure. In this scenario, just so you know, you can also manage the infrastructure
roles and the VMs in Azure, but you can flexibly run
the VMs themselves On-Prem. So that provides you an opportunity for some flexibility
on how you want to manage your RD infrastructure roles
and your session hosts. Then on the furthest option of
lift and shift in a migration, you see Windows Virtual Desktop. This is where we have
infrastructure management, such as gateway broker and
diagnostics managed by Microsoft, us, as a service on Azure. Your entire environment is on Azure
including the VMs but you have simplified management
of the infrastructure to focus on what matters most to you, managing the desktops and
apps for your employees. For our partners, we’ll get
into that a lot more now. But ultimately, with
Windows Virtual Desktop and Remote Desktop Services, we made a lot of expansions
and improvements to how we bring partners in and develop
a large partner ecosystem. We announced availability of Remote Desktop
Services subscriptions or RDS CAL subscriptions through the Cloud Solution
Provider Program, CSP. The availability of RDS in CSP
addresses customer needs for additional cost effective solutions that support desktop
and app virtualization. With RDF subscriptions,
partner can now directly sell RDS subscriptions
through CSP program, eliminating the extra step of
customers and partners acquiring different licenses through
different licensing programs. With this model, now
you customers can enjoy a faster licensing cycle due to CSP integration with
other Microsoft licenses, including Windows Server, SQL server, and Office to make it easy for partners to simplify
the buying process. We also have a strong
partner ecosystem that continue to leverage partners like Citrix and VMware to run
your RDS environment On-Premises, Hybrid, or fully on Azure
with Windows Virtual Desktop. So I’ve been talking a lot about Windows Virtual Desktop as
a longer-term Azure solution. So what is that? So now
I’m going to dive into the brand new Windows Virtual
Desktop that we announced at Ignite. There are four key pillars. I want to emphasize
though most importantly that you can bring
your existing RDS environment with no rebuilding required with
a simplified management of Microsoft managing
the infrastructure roles as a service in
our subscription in Azure. But you also can deliver the only multi-session
Windows 10 experience and have optimizations
for Office 365 ProPlus, including those FSLogix technologies
we already talked about, as well as new functionality that the engineering teams
of Office and the remote desktop team with
Windows Virtual Desktop have built-in to this new
Windows 10 Multi-session, because Windows 10
Multi-session plus Office 365 ProPlus can provide
the best desktop experience. But we want to make sure
you understand that Remote Desktop Services
can be brought and lifted into Windows
Virtual Desktop as is. Then if you want, you can modernize
workloads as you see fit, and you can simplify desktops
and apps all in one. So as you see on the right,
in this diagram, there’s the traditional setup of
a remote desktop environment. You see on the very top, there’s remote infrastructure roles, and that would be the traditional
RD infrastructure roles that we were just talking about
earlier in this discussion, but also are more that
we provide as a service. So that’s the web access, the diagnostics, the gateway. Those are the things that
Microsoft is now managing as a platform within
Azure in our tenant, and you no longer have
to host configure and deploy those to each
of your environments. We also are managing all of
the difficult On-Premise infrastructure in
our Azure data centers. So you can just have the ability
to stop deciding on how to forecast your end user computing needs through a data center capacity. So what do you have
to really focus on? Now, all you have to focus
on is the desktops and apps that you provide to
your customers or to your end-users. You utilize Azure Active Directory
for an identity management. You can deploy and manage
your VMs in Azure, as well as you only
deploy desktops and apps, or any combination of the two. So we’ve talked about how you can run your RDS environment
On-Prem or in Hybrid. This is a purely Azure model, but it allows you to have streamlined
management to really provide a differentiated more scalable
and flexible solution for your desktops and apps long-term as you assess and migrate to Cloud. So how do you have access to it? Just like with FSLogix technology, you are very likely RD
entitled to this. With the RDS CAL or the client access license with
active software assurance, you can run this service today. You can also run Windows client operating systems
such as Windows 7, Windows 10, and this new Windows 10
multi-session capability in Windows Virtual Desktop with your existing Windows
Enterprise licenses. So you have two options that you can really use to provide
Windows Virtual Desktop. You can provide
a server operating system with your existing RDS Cal with Iaas. You can provide a Windows client
operating system with Windows 7 with three extended
security updates, Windows 10, and the brand new multi-session
Windows 10 that’s exclusive to Windows Virtual Desktop all within one environment where you can
provide desktops and apps, combinations of
different operating systems of Windows client and Windows Server, all with the licenses you
probably already have today. So this is great opportunity for an Azure and Cloud-first story for your remote desktop
environment as you start to think about
the Cloud ready workloads. To summarize, we’ve continued
making investments to the core RDS technology and Windows Server since
Windows Server 2012 R2. In addition to the core
investments we’ve made in RDS. 2016 and 2019, we’ve listened to customers and
acquire technology that we can integrate into
the RDS platform for broad usage wherever
your workload runs. These technologies are available
wherever you need them, so you can provide
a consistent platform. When you’re running
your RDS workload in the Cloud, the best option is to run it with Windows Virtual Desktop where
Microsoft will take a bunch of these difficult management of the infrastructure off of your hands
and manage it as a service. As a call to action from this, there are three big points
to take away. Modernize your existing Windows
Server 2008 environment with free extended
security updates on Azure, whether you want to run that in an IaaS model or you want
to leverage a partner such as Citrix or VMware and use their existing management
components as well. Begin integrating FSLogix to provide a consistent format across
your environment and make your user profile experience consistent across
everything you’re running, and start testing
Windows Virtual Desktop for Cloud ready workloads. You can visit that link
to get started in preview today. Thank you. This was an amazing opportunity to talk about all the
new improvements in Remote Desktop Services and the new Windows Virtual Desktop
on Azure. Thank you.

Leave a Reply

Your email address will not be published. Required fields are marked *