30 years ago, IBM invented Virtualization. So what exactly is virtualization? It's the aggregation of computer resources like CPU, RAM and Storage into a pool and share them among distinct entities called Virtual Machines. Each Virtual Machines have their own CPU, Hard disk and RAM so on and so forth where you can install an operating system on in (Windows or MacOS is an operating system).
With the evolution of Virtualization, comes Desktop Virtualization. So what's the difference? The main difference is Desktop Virtualization is mostly used to emulate what a user can see or "feels" like they are actually using a physical machine. The beauty of it is you can use close to any device to access it. Imagine running windows on an IPad Pro! There are many reasons why businesses want's to use Desktop Virtualization and here are some of them:
Ability to work anywhere from any devices (think what it did for us during Covid-19!). Organizations who spent tons of money on setting up Desktop Virtualization experienced close to little or no disruption when Covid-19 hit their businesses. Employees could work anywhere!
Data loss prevention aka DLP. This buzzword is very frequently used by security folks and data governance teams. With Desktop Virtualization, 99% of the data stored doesn't gets out of the environment (less the 1% which is obviously using your camera. Nothing can guard against theft from the camera). Desktop Virtualization if properly secured helps to prevent data leakage. Something where it's harder to achieve if a physical machine is utilized (but not impossible, it's just more difficult because it's out of your control sometimes. Think of theft or hardware damage etc.)
While these are not only the reasons that organization go for Desktop Virtualization, these are usually the top 2 reasons.
While advising my client on Desktop Virtualization, I wanted to give it a run down on how AWS Workspace compared to Windows 365 Cloud PC (the name has been changed many times over the years to a point I don't even know what to call it now!). I have deployed a few versions of the predecessors of Windows 365 Cloud PC (known as Windows Virtual Desktop or WVD) but I never had the chance to try out Workspace.
I did had a chance to deploy AWS AppStream but the concept isn't really the same and cannot be compared with Windows 365 Cloud PC. Ok, enough of the story already, let's rock and roll!
Here We Go! Go! Go!
So the first thing that I did was to create a AWS workspace and install the Workspace application on my physical machine. I won't go into the detail of how I did that as this is not the intent of this article. You can read up more on AWS Workspace on their very well written document here: https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces.html
The first step is to enter your registration code. The invite should be sent to your email address during the spinning up of the workspace where you create the user account.
After successfully logging in and creating my password I am presented with the Windows Desktop! While this looks like a Windows 10, it is not. This image was created using Windows 2019 and there will be some difference for sure especially when you install 3rd party applications and some times, the application code may not be 100% compatible for Windows Server 2019 and that's when you will hit a snag. I faced tons of such issues when deploying Citrix Shared desktops running on Windows Server too. This is the significant difference compared with Microsoft 365 Cloud PC where the official Windows 10 and 11 are used instead.
Microsoft Windows 365 Cloud PC uses Windows 10 or 11 which aids in 3rd party application compatibility.
The first thing that I did was to install my favourite browser Chrome! I also did a bandwidth test and boy I was not impressed! I mean logically this is physically running on AWS which should mean that it got to be using one of the fastest internet connection on the planet and yet I am not even getting half a gigabyte. Why??
What I noticed also was that the machine was running a little bit sluggish. I mean I am an impatient guy and I detest needing 3 seconds to launch my Chrome! So what I then found out was that the machine was high on certain resources due to Windows Update. That's a good problem actually.
When the machine was running high on resources, it indirectly affects the speed of it's internet connection naturally.
After a couple of windows update and restarts, the resources tapered down and the experience became amazingly snappy.
As you can see above, the bandwidth test churned out much better results and the CPU\RAM decreased to a more steady state. Chrome also open instantaneously.
Customizing the Workspace App
Next, I started to play around with the Workspace app and I realized that I am able to change the sizing of the machine from within the app itself. That's definitely not something that I had expected because this would usually lead to higher cost. Users being users wouldn't really consider the cost, they would want to have maximum performance. Hence, I went ahead to turn off these capabilities off.
In the Workspace Portal, I get to turn these features off. In my personal opinion, this is crucial. Especially my customers are usually SMEs who does not have a fat pocket to start with.
Workspace VS Microsoft 365 Cloud PC
Next I explored the possibility of activating MFA. This greatly improves the security of the environment. Because in the case the username and password was compromised for whatever reason, external malicious parties would still not be able to access without having access to the MFA device which in many case is an app on your mobile phone.
After some research, a possible scenario could be integrating Workspace with a Azure AD. Since most of our customers are using Microsoft 365, this would be the most logical setup. AWS did have a detailed blog on how to set this up which I have provided below. This to me is a big difference compared to Microsoft Cloud PC which negates the need of this setup because it's natively built-in with MFA.
In terms of cost wise, Workspace seems a little bit more expensive but it's not a completely apple to apple comparison. Workspace does have another hourly pricing but I doubt many organization would chose that because it's much more expensive if the machine is used frequently. Also, you will be paranoid to ensure that the machine is powered down whenever not in use since you are paying hourly charges instead of a monthly flat fee.
Microsoft only charges a monthly flat fee but has a limit of 300 users for the business plan. If you need more than 300 users, you would need the enterprise plans.
Lastly, Workspace has the ability to create a customized golden image which is essential since most organizations have their own set of applications for day to day operation.
After installing all my favourite applications, I created a golden image and customized bundle and use it to create a new workspace machine. The new machine would contain all my favourite applications pre-installed. A thing to note, the applications that you install on the golden image needs to be compatible with something call sysprep. Basically it's a Windows process to generalizing the image removes computer-specific information such as installed drivers and the computer security identifier (SID). This is especially important to make the machine "unique" across the organization.
Hence, don't install an application that requires you to enter a "unique" license key. The application most likely would not function well after the sysprep completes during the spinning up process using the image bundle.
I hope this post has been helpful. Please let us know if you have any questions in the comments section and give us some comments to help us improve in future posts!
Comments