Home

Managing User Access to Internet on Windows Virtual Desktop

%3CLINGO-SUB%20id%3D%22lingo-sub-791067%22%20slang%3D%22en-US%22%3EManaging%20User%20Access%20to%20Internet%20on%20Windows%20Virtual%20Desktop%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-791067%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20very%20interested%20in%20this%20product%20and%20previously%2C%20we%20implemented%20our%20own%20solution%20through%20Azure%20Virtual%20Machines%20which%20we%20had%20to%20manage%20completely.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20our%20particular%20use%20case%20scenario%2C%20we%20want%20to%20control%20users'%20access%20to%20Internet%20and%20block%20certain%20protocols.%20Here%20are%20two%20specific%20examples%20of%20what%20we%20want%20to%20do%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3COL%3E%3CLI%3EWe'd%20like%20to%20create%20a%20white%20list%20of%20websites%20users%20can%20visit%20and%20block%20all%20the%20rest.%3C%2FLI%3E%3CLI%3EWe'd%20like%20to%20turn%20off%20FTP%20protocol%20completely%20and%20take%20any%20other%20action%20we%20can%20to%20prevent%20users%20from%20%22uploading%22%20files%20to%20outside%20world.%3C%2FLI%3E%3C%2FOL%3E%3CP%3EHow%20could%20we%20handle%20these%20two%20scenarios%20if%20we%20were%20to%20use%20Azure%20Windows%20Virtual%20Desktop%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-791067%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Control%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EFirewall%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eproxy%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EProxy%20settings%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1083866%22%20slang%3D%22en-US%22%3ERe%3A%20Managing%20User%20Access%20to%20Internet%20on%20Windows%20Virtual%20Desktop%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1083866%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F242305%22%20target%3D%22_blank%22%3E%40Sam%20Uresin%3C%2FA%3E%26nbsp%3B%3A%20Apologies%20for%20the%20delay%20here.%20Unfortunately%2C%20I'm%20not%20a%20networking%20expert%2C%20but%20anything%20you%20can%20do%20on%20a%20standard%20Azure%20VM%20you%20can%20do%20on%20a%20Windows%20Virtual%20Desktop%20VM.%20My%20best%20guess%20is%20to%20use%20something%20like%20Azure%20Firewall%2C%20or%20another%20firewall%20appliance.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFor%20additional%20discussion%2C%20I'd%20refer%20you%20to%20Azure%20(%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure%2Fbd-p%2FAzure%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure%2Fbd-p%2FAzure%3C%2FA%3E)%20or%20Azure%20Security%20Center%20(%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-security-center%2Fbd-p%2FAzureSecurityCenter%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-security-center%2Fbd-p%2FAzureSecurityCenter%3C%2FA%3E%26nbsp%3B).%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Sam Uresin
New Contributor

I'm very interested in this product and previously, we implemented our own solution through Azure Virtual Machines which we had to manage completely.

 

In our particular use case scenario, we want to control users' access to Internet and block certain protocols. Here are two specific examples of what we want to do:

 

  1. We'd like to create a white list of websites users can visit and block all the rest.
  2. We'd like to turn off FTP protocol completely and take any other action we can to prevent users from "uploading" files to outside world.

How could we handle these two scenarios if we were to use Azure Windows Virtual Desktop?

1 Reply

@Sam Uresin : Apologies for the delay here. Unfortunately, I'm not a networking expert, but anything you can do on a standard Azure VM you can do on a Windows Virtual Desktop VM. My best guess is to use something like Azure Firewall, or another firewall appliance.

 

For additional discussion, I'd refer you to Azure (https://techcommunity.microsoft.com/t5/azure/bd-p/Azure) or Azure Security Center ( https://techcommunity.microsoft.com/t5/azure-security-center/bd-p/AzureSecurityCenter ).