It’s an exciting time for Azure Virtual Desktop as we continue to deliver new enhancements based on customer requests. I’m pleased to share the new capabilities we’ve recently released that improve storage, enhance configuration, deliver exceptional endpoint security, and more.
Storage enhancements for better efficiency and a better employee experience
A few of the most important reasons customers choose Azure Virtual Desktop include its flexible architecture and its cost-effective pooled environments enabled by FSLogix profile roaming technology. By using FSLogix profiles for Azure AD-joined VMs in Azure Virtual Desktop—now in general availability—you can seamlessly access file shares from Azure AD-joined virtual machines (VMs) for Users that are synchronized from Active Directory and use them to store your FSLogix profile containers.
Managing storage needs is a key ask from customers as it is a variable cost and critical for ensuring a good employee experience. We have added three key storage enhancements to help manage user space more efficiently and improve the employee experience. First, with FSLogix 2210 for Azure Virtual Desktop (and the recommended hotfix) now generally available, VHD Disk Compaction allows the employee’s container to shrink during the sign-out phase, which reduces the amount of consumed storage for an employee’s profile. Next, we’ve added a new process during the sign-out phase which creates an AppX package manifest for employees. This enables faster app launch experiences the next time they sign in as the manifest is used to re-register the AppX applications. And lastly, when employees delete data from a session, we now roam their Recycle Bin which allows them to restore it from another session.
Easily configure new endpoint security policies
Microsoft Intune user scope configuration for Azure Virtual Desktop multi-session VMs is generally available for Azure Virtual Desktop virtual machines running Windows 11 and Windows 10 multi-session. It lets IT administrators configure user scope policies using settings catalog, configure user certificates, and configure PowerShell scripts in user context.
Insights at scale with reporting across multiple host pools
To date, Azure Virtual Insights has been used by customers to review information related to a single host pool at a time. Now Azure Virtual Desktop Insights at scale—in general availability—allows for reporting of key information across resources in one view, including the ability to view and correlate diagnostic and connection information across multiple host pools and subscriptions. It also requires no additional configuration or setup for existing users of Azure Virtual Desktop Insights.
More security and improved public network reliability
The advanced built-in security of Azure Virtual Desktop is an important benefit to customers looking to improve the security posture of their environment. Plus, improvements we've made to decrease latency over public networks can help streamline the end user/employee experience.
We recently announced public preview for watermarking on Azure Virtual Desktop. This new feature helps prevent the capture of sensitive information on client endpoints by enabling watermarks to appear as part of the remote desktops. Any screenshots captured can be traced, as the watermark is a QR code which includes the session connection ID. Watermarking helps automate forensic investigations for organizations by allowing the investigators to quickly find the source of a breach and take corrective action.
Another top security request from our customers is Private Link for Azure Virtual Desktop, which is now in public preview. Customers who require their information to remain on trusted private networks now have the option to use Private Link, which enables access to their session hosts and workspaces over a private endpoint in their virtual network. Customers can choose to have traffic between their virtual network and the Azure Virtual Desktop service travel over the Azure backbone network—keeping the connection secured and data off the public Internet.
There are also some enhancements to network reliability. RDP Shortpath for public networks using the Simple Traversal Underneath NAT (STUN) protocol is now generally available. RDP Shortpath improves the transport reliability of Azure Virtual Desktop connections over public networks by establishing a direct UDP-based data flow between the remote desktop client and session hosts. Now enabled by default for customers, the connection will first be established with UDP, then fallback to TCP if a UDP connection cannot be established. The outbound traffic goes directly between the session host and client over the Internet, decreasing latency and improving employee experience.
In addition, Symmetric NAT support for RDP Shortpath on Azure Virtual Desktop using the Traversal Using Relays ar..., is now in public preview. This feature is an extension of RDP Shortpath and establishes a UDP connection indirectly using relay with the popular TURN protocol for symmetric NAT.
We are constantly extending the Azure Virtual Desktop regional database capability to ensure lower latency and meet customer needs. Azure Virtual Desktop metadata database is available in India, which means we currently have an Azure Virtual Desktop service presence in every Azure geography. Of course, customers can specify the geography where we store their service metadata—which is often imperative for regulatory or compliance reasons.
More improvements to the employee experience
The seamless Microsoft Teams experience on Azure Virtual Desktop makes it easy to provide employees the same familiar experience they would have on a local desktop. Now with general availability of Microsoft Teams application window sharing, users can choose a specific window to share from their desktop screen. Previously, users could only share their full desktop or a Microsoft PowerPoint Live presentation. Application window sharing helps reduce the risk of displaying sensitive content during meetings/calls and keeps meetings focused by directing participants to specified content.
I’d like to also highlight a few more features that are now generally available and will enhance employee experience with the service. We have updated the Azure Virtual Desktop web client user interface for a cleaner, more modern look and feel. There is also a new resource view with the option to choose between grid or list, and the ability to switch to a dark mode theme.
And Multimedia Redirection (MMR) on Azure Virtual Desktop was recently made generally available. It enables smooth video playback while viewing videos in a browser running on Azure Virtual Desktop and supports 30+ popular and essential business sites on the Internet.
We’re pleased to share all these developments and we hope you’ll try them out. These feature enhancements come directly from customer requests and represent our commitment to continually improving Azure Virtual Desktop to meet real customer needs. With features that improve storage, enhance configuration, deliver exceptional endpoint security, and create a better employee experience, we’re excited to hear your feedback and eager to get to work on the next set of customer needs for Azure Virtual Desktop.
Stay current on the latest Azure Virtual Desktop releases and updates: https://aka.ms/avdwhatsnew
Get started with the Azure Virtual Desktop Landing Zone accelerator: aka.ms/AVDLandingZones
Learn more: https://aka.ms/AVDDocumentation
Join the discussion and provide feedback: Azure Virtual Desktop - Microsoft Community Hub
Watch the new Azure Virtual Desktop Microsoft Mechanics Series