AVD Workspace design best practice

Copper Contributor

What is the  AVD workspace design best practice in terms of security in mind?

In my current design, I have three desktop host pools, which are completely isolated within the desktops, network and users. (One region only)

The question is, do I use one workspace or 3 workspaces? Any pros and cons

3 Replies
I plan to have my own AVD workspace for each desktop group, assuming that each desktop group user doesn’t require access to another desktop group. Also, I assume that publishing in a single workspace will be less secure than having one workspace for each desktop pool. Yes, this comes with additional admin task.

Hey @nvisa44,

 

I don't think I understood your approach correctly. Why shouldn't it be safer?

 

The assignment of user authorisations takes place at the level of the Azure Virtual Desktop Application Group and not at AVD Workspace level.

 

But I understand that from an organisational point of view, for example for connected organisations, it is better to build classic silos. So running multiple AVD workspaces.

 

We also implement this in various customer projects, but as already indicated, not due to security aspects.

 

If my answer has helped you, I would of course appreciate a Like 🙂

 

Best regards,

Matthias