O documento discute opções para trabalho remoto com o Azure, incluindo VPN, Azure DevTest Labs e Windows Virtual Desktop. Ele destaca desafios do trabalho remoto como falta de notebooks e banda larga para usuários, e como essas soluções do Azure podem ajudar a implementar rapidamente uma infraestrutura remota segura para centenas de usuários de forma remota.
6. Azure DevTest Labs
O DevTest Labs facilita o controle de custos. Por exemplo, ele
permite que você coloque controles no número de máquinas
virtuais que cada usuário pode ter. Além disso, permite criar
políticas para fechar automaticamente máquinas virtuais com
base em sua agenda de negócios ou outros critérios.
Pronto para uso
Crie ambientes mais rápido do que nunca. Use modelos
reutilizáveis que lhe dão tudo o que seus desenvolvedores
precisam para começar a desenvolver e testar aplicativos. Com
alguns cliques, você terá um ambiente onde a compilação
mais atualizada do seu aplicativo está pronta para que você
possa começar a trabalhar imediatamente.
7. Rápido e fácil de criar ambientes DevTest no Azure.
Azure DevTest Labs
71. From inside the lab
account,
administrators can
add educators as
lab creators, set up
policies across all
labs, and select
which virtual
machine images to
make available.
Blur out subscription ID
88. +
Desktop-como-serviço na Nuvem
Hailita otimizações para o
Office 365 ProPlus
Migra desktop e apps do
Windows Server (RDS)
Entrega de uma experiência multisession
com Windows 10
Implemente e escale em minutos
Windows Virtual Desktop
+
+
+
MOTION IN PROGESS
89. Azure
>90 compliance offerings
>3,500 global cybersecurity experts
6.5 trillion global signals daily
$1b annual cybersecurity investment
Microsoft 365
Conditional Access
Multi-Factor Authentication
Role-based Access Control (RBAC)
Windows Virtual Desktop
Reverse Connect
Azure AD authentication
AD-joined virtual machines
Convergindo a segurança do ecossistema Microsoft
90. Cliente
Os clientes podem acessar o Windows 10 single e multi-session e
o Windows 7 com o Windows Virtual Desktop se tiverem uma das
seguintes licenças:*
Muitos clientes já são elegíveis para o Windows Virtual
Desktop
Windows Virtual Desktop Requisitos de licenciamento
Server
clientes são elegíveis para acessar
cargas de trabalho de servidor com o
Windows Virtual Desktop se tiverem
uma das seguintes licenças:
• RDS CAL license with active
Software Assurance.
* Customers can access Windows Virtual Desktop from their non-Windows Pro endpoints if they have a Microsoft 365 E3/E5/F1, Microsoft 365 A3/A5, or Windows 10 VDA per user license.
• Microsoft 365 E3/E5
• Microsoft 365
A3/A5/Student Use Benefits
• Microsoft 365 F1
• Microsoft 365 Business
• Windows 10 Enterprise E3/E5
• Windows 10 Education A3/A5
• Windows 10 VDA per user
91. Visão geral de arquitetura
Utiliza o serviço de gerenciamento de identidade
do Azure Active Directory
Fornece infraestrutura de virtualização como um
serviço gerenciado
Implantar e gerenciar VMs na assinatura do Azure
Gerencie usando ferramentas existentes como
System Center Configuration Manager ou o
Microsoft Intune
Basta conectar-se aos recursos locais
Sua assinatura — seu controle
Gerenciado pela Microsoft
Clients
Management
Diagnostics Gateway
Broker Load balancing
Windows Virtual Desktop Service
Compute Storage Networking
Infrastructure
Windows 7 Enterprise
Full Desktop
RemoteApp
Windows 10 Enterprise
Windows Server
2012 R2 and newer
Windows 10 Enterprise
multi-session
Desktops and remote apps
User management and
identity
Image, app and profile
management
Networking policies
User density, VM sizing,
and scaling policies
Management and policies
Full Desktop
93. O que é?
Nova experiência de implantação e gerenciamento do
Portal do Azure
Suporte para grupos do AD
PowerShell integrado com módulo Azure
Integração no Azure Monitor e Log Analytics
Usa Azure RBAC e Lighthouse
Suporte do portal do Azure para criação,
gerenciamento e diagnóstico
WVD Management Experience
94. Yes, we’ve built it to be flexible, you can choose any size VM from the catalog and vary the
density of users on the VM based on the workload.
You also have agility in how you distribute users across VMs. We have several modes for
load balancing users across VM.
MG2_1
AVD- Scott Manchester
95. Let’s say you want to optimize your deployment for performance.
For a group of 120 users you spin up 5 VMs for your users to log into.
MG2_2
AVD- Scott Manchester
96. For best performance you can configure the load balancing to breadth mode, which evenly
allocates the users across this pool of virtual machines for even distribution of the workload.
MG2_3
AVD- Scott Manchester
107. Global presence
Consistent standards
and IT architectures
Comprehensive
partner ecosystem
Aka.ms/wvdpartner
Hardware
partners
ISVs and
value-
added
partners
SI and GSIs
Link to script: WVD Virtual Event draft script_Live session_Kam and Jeremy.docx
Azure DevTest labs:
Facilita el control de costos ya que lo deja controlar el máximo numero de maquinas virtuales. También lo deja poner políticas sobre las cuales las maquinas virtuales se deben cerrar para controlar los costos.
Listo para usar ya que usted crea un ambiente una vez, y lo puede seguir usando con el build mas actualizado de su equipo.
Start from the Azure portal…
Click the “+” icon on the left-hand side and in Browse, search for the DevTest Labs to open the Labs blade. You can pin it on the quick start navigation menu on the left. Select the “DevTest Labs” resource.
Create a new lab by clicking the “Create” button in the DevTest Labs blade that appears.
Fill in the basic info…
By default, auto-shutdown policy is on when creating a lab, but can be updated. Users can also get notifications about shutdown.
Lab creation is in progress. A tile is auto-created at the Azure dashboard.
In a couple of minutes, a new lab is created and ready to use.
Click a lab tile on the dashboard (if pinned) from the Azure dashboard (or select from the lab blade).
Settings blade is opened automatically when opening a lab blade, which contains all the policy settings.
As the 1st iteration, Cost Threshold shows the cost trending chart based on the resource usage in the lab, and offers a projection based on the current spending.
Allowed VM Sizes allows to pick a list of VM sizes that lab users can choose when creating VMs in the lab.
Maximum VMs Per User allows to set a threshold on the # of VMs each lab users can create.
Total VMs Allowed allows to set threshold on the total # of VMs that can be created within the lab.
Auto Shutdown allows to set a time when all the VMs in the lab (except opt-out ones) will be shutdown so as to reduce the spending.
Auto Start allows VMs in the lab to opt-in automatic start based on the specified time and the days. It allows the VMs to be ready for use automatically before the lab users start their work.
Select a Vnet to see it in more detail and edit settings…
Existing VNET in the subscription can be added into the lab for the lab users to use when they create a lab VM.
Qualified VNET in the subscription can be added into the lab as long as it meets the following criteria:
In the same subscription.
In the same region.
The lab owner has the permission to access the VNET.
Click on the section with the checkmarks to edit Vnet subnet settings
Lab owner can define rules how the subnets in the VNET to be used, including whether it’s allowed for lab users to use when creating a VM, whether to use a private or public IP (and whether to share this public one), and the maximum number of VMs allowed for each user in the subnet.
At VM creation, Labs loads artifact files (which is defined in JSON format) from Git repos. It comes with a public GitHub repo, but private repo can also be added to feed more custom artifacts.
Private repos can be added or updated through the lab Settings.
If your compliance policy doesn’t allow any artifacts in Labs’ public repo, the Public Repo can be disabled through Settings. When it happens, a recommendation for better productivity is to browse the existing artifacts in the public repo, and copy that ones you need into the private repo and tweak them in a way that follows the compliance. You can also temporarily disable a private repo before it’s ready for lab users to use.
The public repo is disabled.
VM Bases are used when creating a VM, including formulas, custom images and Azure Marketplace images. Formula is a template with pre-defined values to the lab VM creation settings. Custom images are from the VHDs added into the lab. Lab owner can whitelist Azure Marketplace images allowed to show up in the lab VM base.
Lab owners can whitelist marketplace images for the ones they want to allow in the lab for VM creation.
Lab users can also create formulas from scratch and manage the existing ones.
Lab owner can add more users to the lab as a DevTest Labs user, who can only create VMs and manage their own VMs.
Select “DevTest Labs Users” role.
Users are not necessarily to be in the Azure Active Directory, as long as they have a valid Microsoft account.
Click OK to add the user as a DevTest Labs User.
User is successfully added.
Click the Add Lab VM button on the top of the lab blade to create a new VM in the lab.
Lab VM creation starts with choosing a VM base. The base list consists of formulas, custom images and Azure Marketplace images. Formula is a template with pre-defined values to the lab VM creation settings. Custom images are from the VHDs added into the lab. Lab owner can whitelist Azure Marketplace images allowed to show up in the lab VM base.
Choose a Formula where you can see most of the settings have pre-defined values.
Select a VM size. What’s allowed to be selected is based on the Allowed VM Sizes policy set in the lab.
Only allowed VNET can be selected. Users can also specify whether they want to use a public, private or shared IP. The shared IP setting uses a NAT to share a single IP across VMs, which enables the creation of more VMs without being limited by the # IP addresses available in an Azure subscription.
2 artifacts have been selected with this Formula to enlist code and install Fiddler4. More can be added and the added one can also be updated based on real needs. In general, artifacts allow you to install apps or run system configurations right after the VM is created with the base image. Labs comes by default with a lot of artifacts stored in a public GitHub repo that you can reuse immediately after a lab is created.
You can also view the ARM template content that will be used for this VM creation. You can copy and save it for later reuse (through ARM template deployment) when desired.
Lab creation is in progress…
IT Administrators can set up Azure Lab Services via the Azure Portal at portal.azure.com1.
To find Azure Lab Services, select All Services2
IT Administrators can set up Azure Lab Services via the Azure Portal at portal.azure.com1.
To find Azure Lab Services, select All Services2
The Lab Services shortcut is now visible1 in the left navigation bar.
Click Lab Services2 to return to the administration home page.
On the Lab Services introduction page, the IT Administrator will be prompted to create the central lab account for the institution.
The lab account is where all lab permissions and policies are managed.
To continue creating the Lab Account, additional information is required.
Note: An Azure subscription is required to continue.
Once the Lab account name1, subscription2, resource group3, and location4 are selected, the lab account is ready to be created.
Click create5 to start the lab account deployment process.
Once deployment is complete, the administrator will be taken to the new lab account.
From inside the lab account, administrators can add educators as lab creators, set up policies across all labs, and select which virtual machine images to make available.
Educators can be added as lab creators either by clicking ‘Add Lab Creators’1, or through the ‘Access Control’ link2 on the left navigation.
From the Access Control page, click Add a role assignment1 and select ‘Lab Creator’2 as the role.
Enter email addresses for educators to add as lab creators1.
It should be either an AAD account or Microsoft account.
They will now have permission to create their own labs.
Now that the admin has added educators to the lab account, let’s walk through the steps of how educators set up labs for their students.
Educators do not need to visit the Azure Portal. They can get started by visiting labs.azure.com, and clicking Sign in.1
To create a new lab, click ‘New lab’1 at the top of the page.
Educators that have already been added to a lab account by an admin will automatically be taken to the My labs list view.
Existing labs will be visible and accessible in this list.
Enter the name of the lab.1
, select the virtual machine size.2
,and an image to use.2
The location will default to the location set at the lab account level. 4
To learn how to calculate the cost for a lab, visit azure.Microsoft.com
The next step is to set the default credentials for all virtual machines in your lab.
Keep the “Use same password for all virtual machines”1 setting disabled to prompt students to set their own passwords for their virtual machines.
Educators can control students’ usage of the virtual machines by setting the hourly quota per user and/or setting schedules.
The Quota per user feature1 limits how many hours a student can use a VM, outside of scheduled hours.
This helps manage cost as organizations are billed only for active usage hours inside the lab.
Once the lab is created, the educator will land on the Template page.
Click on Customize template1 to connect to the Template VM.
Inside the VM, educators can set up software and tools that students need.
Once the template is ready, click Publish.1
This will kick off the creation of the student virtual machines, which will be exact copies of the template.
This can take up to one hour to complete as multiple virtual machines are getting created.
To give students access, go to the Users tab and click Add users1
Add students by providing e-mail addresses of the students who can register for the lab,
or by uploading a CSV file of a list of students.
Once all users have been added, the registration link is read to be shared by clicking on ‘Registration link’1 and the copy button2 under to the link.
Students will have instant access to Virtual Machines in the lab.
Once the student receives a registration link from the professor, he or she can enter the link into their web browser.
The student will be prompted to sign in1 using either their school organization AAD account or a personal Microsoft account.
Once the student signs in, they will automatically be registered to the lab, and get access to a Virtual Machine in the lab.
After initial registration, the registration URL is no longer needed. Instead the student would use https://labs.azure.com to access labs.
In the student view, students will see a list of VMs they have access to across all labs for which they have been added.
To start the VM, a student will simply press the play button1 on the bottom left and confirm the status of the VM is set to ‘running.’
To connect to the lab’s VM, the student will select the computer icon button.
Educators should remind students the importance of stopping1 the VM once they are finished.
Leaving the VM running can cause a student’s hours quota to be met prematurely.
Each VM will show the lab name, operating system, and the progress
Windows Virtual Desktop—what it is, in brief.
Best virtualization experience for end users and IT, delivered on Azure
Value pillars
MultiOS support
Desktop app assurance with shout-out to their booth
(Transition to timeline of how we got to this point.)
You’ve told us you like the built-in security offered by Windows Virtual Desktop:
Reverse connect
Azure AD authentication
AD-joined virtual machines
Windows Virtual Desktop is linked with Microsoft 365 Security features, including:
Conditional Access
Multi-factor Authentication
Role-based Access Control
All of this exists within Microsoft Azure We believe our customers should fully trust the cloud they choose to bank on for their business
We drive to provide the most Secure and Compliant Cloud platform with Privacy at the center of all our innovations.
We have the most certifications in cloud.
Secure foundation of our cloud services including some of the best physical security
Operational security through continual testing for vulnerabilities, restricted access
Customer controls to manage data and access, including MFA for admins
Network and distributed denial of service protection
Inclusion of WVD entitlements including Windows 10 multi-session in your Azure DevTest rights
THOSE FOLLOWED, RDmi. FEEDBACK SERVICE. BOXESPROVIDE TOOLSAAD
VM’s SUBSCRIPTION, VM’s OUTBOUND, NO 3389TCP
SUPPORT 7/10/SERVER, DESKTOP/APP
MG1
MG2
We’re committed to offering a secure, robust platform to bring your use cases to life.
Windows Virtual Desktop is a finished solution for many customers.
But we continue to fulfill our customers’ specific needs.
And our partners help us with that.
Our comprehensive partner ecosystem allows us to extend Windows Virtual Desktop and have a global presence.
And now we’re extending it further.