Windows Virtual Desktop vs Citrix: Choose One or Use Both?

What is Windows Virtual Desktop?

Windows Virtual Desktop (WVD) is a cloud-based solution for application virtualization. Using WVD on Azure enables you to:

• Configure a fully scalable Windows 10 multi-session deployment
• Run and optimize Microsoft 365 enterprise applications in virtual multi-user scenarios
• Get free extended security updates for Windows 7 virtual desktops
• Deploy existing desktop services (RDS), as well as Windows Server desktops on any computer.
• Centralize the management of applications and desktop running with Windows 10, Windows Server.

What is Citrix Virtual Apps & Desktops?

• Citrix Virtual Apps and Desktop is a solution for virtualization, which provides access to desktops from all devices while providing IT control and visibility over virtual machines (VMs), applications, security, and licenses.You can leverage Citrix Virtual Apps and Desktops to:
  • Run applications and desktops separately from the operating system and device interface.
  • Allow administrators to perform network management and control access from user devices.
  • Enable administrators to manage a large number of virtualized desktops from a central data center.

  Citrix Virtual Apps and Desktops is based on the Flexcast Management Architecture (FMA). The main features of FMA are integrated provisioning and the ability to run multiple versions of Citrix Virtual Apps or Citrix Virtual Desktops in a single location.

Windows Virtual Desktop vs Citrix

Let’s compare Windows Virtual Desktop vs Citrix Virtual Apps and Desktops across several key dimensions: system requirements, cost efficiency, accessibility for small to medium businesses, and administration experience required.

System Requirements

Windows Virtual Desktop

To run WVD on Azure, you need to use a supported operating system (OS) and use the required license. Supported operating systems for WVD on Azure are either Windows 10 Enterprise multi-session, Windows 10 Enterprise, or Windows 7 Enterprise. These operating systems should be accompanied by an appropriate licence.

An Office 365 licence includes plans for Enterprise 3, Enterprise 5, Academic 3, Academic 5, Firstline Workers 3, or Business Premium. A Windows license comes as either Enterprise 3, Enterprise 5, Academic 3, or Academic 5. If you are using Windows Server 2012 R2, 2016, or 2019, the required licence is RDS Client Access License (CAL).

To support Windows Virtual Desktop, your infrastructure must meet certain requirements. The first must-have is an Azure Active Directory that is synchronized with Windows Server Active Directory. You can set this up using either Azure AD Connect or Azure AD Domain Services.

Additionally, you need to connect your Azure subscription with Windows Server Active Directory. Lastly, any Azure VMs you create for WVDs must run on supported images and use either “standard domain-joined” or “Hybrid AD-joined” options.

Citrix

Citrix has specific requirements for machine images, operating systems, and any other software required on the machine for different components of the desktop virtualization platform.

In general, all core components, including StoreFront, located on one server and used for evaluation, require a minimum of 5 GB RAM hardware. If your core components and StoreFront are needed for testing deployment or are used as a small production environment, you will need to reach a minimum of 12 GB RAM hardware.

In addition to general hardware requirements, certain Citrix components should be run using specific operating systems. Citrix Delivery Controller, for example, requires the minimum 5 GB RAM, but also needs 800 MB hard disk. The controller works with either Windows Server 2019 or 2016 (Standard and Datacenter Editions).

If you’re using Citrix Studio, you need a minimum of 1 GB RAM, as well as 100 MB hard disk, and the supported operating systems are Windows Server 2019 or 2016 (Standard or Datacenter Editions) and Windows 10 (64-bit only).

To run Citrix Director, you need a minimum of 2 GB RAM and 200 MB hard disk, and the supported OSs are Windows Server 2019 or 2016 (Standard or Datacenter Editions).

Citrix StoreFront requires 2 GB RAM of hardware and supports Windows Server 2019 or 2016 (Standard and Datacenter Editions) and Windows Server 2012 R2 (Standard and Datacenter Editions). Citrix License Server also needs a minimum of 2 GB RAM.

Additional software requirements:

• If Microsoft .NET Framework 4.8 (or higher) is not installed, it will be installed automatically.
• Microsoft Management Console 3.0 (included in all supported operating systems).
• Windows PowerShell 3.0 or higher.

There are more software requirements for specific components, as you can see in the official system requirements.

Cost Efficiency

One of the biggest differences between Citrix and Windows Virtual Desktop is cost. WVD was designed as a low-cost solution for smaller businesses.

Windows Virtual Desktop

For 100 multi-session desktops with Office on WVD, Azure estimates a total monthly cost of $11,615.26 (see the official pricing page). This includes Office license costs, compute costs, and expected bandwidth for standard knowledge workers. It does not include consulting or implementation costs, which are minimal because WVD is a fully managed service.

Citrix

The starting price of Citrix Virtual Apps & Desktops is $12 per month per user – only $1,200 for 100 desktops. But this does not include license costs or the on-premises infrastructure required. For a comparative setup you’ll need 100 Office Pro Plus licenses, you must set up several local Windows Server machines, and deploy Citrix components on them. You must consider hardware costs and ongoing maintenance costs. In addition, typically you will need consulting services and ongoing support services from Citrix, which also increase the cost of an enterprise deployment.

Accessibility for Small to Medium Businesses

Compared to Citrix, Windows Virtual Desktop is easier to use for small businesses. While Citrix has many advanced features, the cost of implementation and maintenance is high. However, not all businesses (especially small ones) need or want to pay for these capabilities. WVD offers faster and more affordable setup without requiring advanced IT expertise.

Administration Experience

With Microsoft Windows Virtual Desktop, IT administrators can manage their infrastructure in the cloud, with no need to go to or connect remotely to a server room. WVD lets you manage all Microsoft 365 apps, desktops, business applications, security functions and profiles in one web interface. To gain additional capabilities offered by Citrix, you can add Citrix on top of WVD (see the following section).

Security

Citrix provides extensive enterprise security features, including FIPS compliance, Common Criteria certification, Microsoft Credential Guard compliance, multi-factor authentication, smart card integration, ICA proxy, and more.  However, WVD provides adequate security measures based on the strong security features of the Azure cloud.

Windows Virtual Desktop

Includes security features like Reverse Connect, a secure virtualization control plane, security for physical hosts, the physical network, and the physical datacenter. However, Azure emphasizes customers need to take responsibility for identity and access management, user device protection, application security, session host operating system security, correct deployment configuration, and network controls.

Citrix

Citrix provides analytics that helps reveal unusual behavior or malicious access to desktops. You can apply Citrix Policies to enable or disable any functionality, and limit application access based on context with Citrix Cloud. Citrix provides a Secure Browser for locked-down access to specific SaaS applications.

User Desktop Experience

What users see on Citrix and Windows Virtual Desktops is completely different.

Windows Virtual Desktop

WVD provides a standard Windows 10 desktop experience. In terms of usability, this is very useful for users who are already familiar with Windows 10.

Citrix

In Citrix, users are presented with a Windows Server operating system. For users acquainted to Windows 10, this is a different experience which can cause challenges for some users. It is possible to configure Windows 10 desktops on Citrix, but this might incur extra costs.

Combining WVD with Citrix

WVD itself is an ideal choice for many businesses (especially startups and small businesses). For large businesses, Citrix can extend Microsoft’s WVD, offering a management layer that increases flexibility, security and optimizes costs.

The combination of WVD and Citrix offers the following advantages:

• Optimization packs for Microsoft Teams and Skype for Business—provides a good audio-visual experience for Microsoft Teams and Skype for Business.
• Hybrid Cloud Model—WVD can only run Windows 10 workloads in multiple sessions on Azure. Citrix provides the ability to also run existing RDSH workloads, either on-premises, on Azure, on any other cloud, or on HCI solutions like Nutanix.
• Citrix HDX—an improved remoting protocol.
• Citrix Machine Creation Services (MCS)—provides a hypervisor API that enables quick generation of VMs with minimal infrastructure utilization.
• AutoScale—quickly adds or removes workloads as needed, with “vertical load balancing” which balances the number of user sessions on a single machine until optimal performance is reached, improving utilization and reducing the number of servers needed.
• App Layering—this Citrix capability significantly reduces management time for Windows images and applications. It separates the applications from the management infrastructure and the operating system. It lets you install each application and operating system patch only once, then update the appropriate template and reload the image.
• App Protection—this Citrix feature improves security when using public resources on virtual desktops and Citrix applications.
• Session Recording—lets users record screen activity during VDA-hosted user sessions for any connection type, in accordance with company policies.
• Citrix Analytics—security and performance analysis leveraging AI, which can help identify and resolve issues and anomalies.
• Citrix SD-WAN—Citrix SD-WAN is a next-generation WAN solution that provides better security, and an improved application environment for SaaS, cloud, virtual applications and desktops.
• Multi-factor authentication (MFA)—Citrix integrates with third-party MFA providers, including Okta, OAuth, and RADIUS.

Addressing DaaS Challenges with Hysolate Isolated Workspace as a Service

DaaS is a great solution for delivering a desktop experience in the cloud, but is far from perfect. When users work remotely, especially in low bandwidth environments, user experience is lacking, especially when running intensive workloads. Users cannot use desktops offline, and there is still management overhead, although less than in an on-premise VDI deployment.

Another factor to consider is the pricing of these solutions. Hosting desktops and storage in the cloud requires a large infrastructure investment from the DaaS vendor, which is passed on to organizational users, creating a heavy, ongoing OpEx expense.

Hysolate solves these problems with an innovative approach called isolated workspace as a service (IWaaS). Users get a local isolated operating system running on their machine deployed within minutes and managed from the cloud. 

Isolated workspaces enable: 

• A higher level of freedom on employees corporate devices
• Ability to receive 3rd party generated content in an isolated zone 
• Access to IT admins, DevOps, developers, and other privileged users in their everyday environment
• Access to employees from personal, unmanaged devices

The behavior of the workspace is managed in the cloud, while all of the computing resources run locally on user machines.

This eliminates the need to invest in a large and costly infrastructure, and provides a better local user experience, with offline availability.

Learn more about our Isolated- Workspace as-a-Service platform

VDI on AWS: Making the Most of Amazon WorkSpaces

What is VDI on AWS?

Virtual desktop infrastructure (VDI) enables IT departments to design and customize

virtual desktop images, and use them to serve virtual desktops to remote users. Only keyboard, mouse and monitor signals are transferred over the network. Users can access their desktop from any device, retaining their data, settings and applications.

Amazon Web Services (AWS) provides Amazon Workspace, a cloud service that addresses several challenges that arise when managing VDI. It provides virtual desktops on demand, a deployment model called desktop as a service (DaaS), while supporting businesses that require a large-scale VDI infrastructure. End users can access the workspace from Windows and Mac computers, Chrome and Firefox browsers, and mobile devices, with fully synchronous storage.

What is Amazon Workspaces?

Amazon Workspaces enables IT administrators to grant remote access to cloud applications, services, and files on a variety of end-user devices. AWS manages the desktop infrastructure as a service, eliminating the complexity, high cost, and security challenges involved in managing local VDI systems.

Source: AWS

The IT team configures Amazon WorkSpaces via the AWS console, and end users connect to their workspaces from any supported device. Administrators assign each user a workstation bundle, which defines compute resources, storage, and applications. Based on each bundle, administrators can create up to five virtual desktop images in each Amazon region.

Supported end-user devices include Windows and Macintosh computers, machines running Ubuntu Linux 18, mobile devices including Chromebook, iPad, Fire tablets and iPad, and zero client devices.

Amazon also provides WorkSpaces Application Manager (WAM), which lets IT teams deliver desktop applications in containers. WAM makes deployment and updates easier, by packaging virtualized applications in containers, which can run like natively installed apps. Amazon provides two tools that let you manage containerized apps:

• WAM Studio packages applications into containers.
• WAM Player validates applications and runs them, with the ability to assign up to 50 applications for each user.

AWS WorkSpaces Pricing

Amazon WorkSpaces is billed monthly or by the hour, based on the bundle used and the number of active user workspaces. It does not require an upfront investment or long-term commitment.

Monthly billing

A fixed monthly rate per desktop user, with unlimited usage during the month. This is ideal for workers who use Amazon WorkSpaces as their primary desktop.

For Windows bundles in the US East region, monthly pricing ranges from $25 to $140 per user per month, depending on the resources available to each user.

Hourly billing

In an hourly billing model, the organization pays a flat monthly fee to cover the infrastructure and storage costs of each workspace, with an hourly rate for ongoing use. This is suitable for part-time workers, short-term or freelance projects, job-sharing or training scenarios.

For Windows bundles in US East region, hourly pricing ranges from $7.25 per user per month (flat fee) and $0.22 per hour, to $19.00 per user per month (flat fee) and $1.53 per hour.

For both monthly and hourly billing, additional storage is charged at $0.10/GB, and an application bundle including Microsoft Office Professional Plus, Trend Micro security and other utilities is charged at an additional $15 per month.

Check official pricing for the latest Amazon WorkSpaces pricing.

Amazon also provides the Amazon WorkSpaces Cost Optimizer, to help organizations analyze WorkSpaces usage and convert workspaces to the most effective billing option.

Windows Licensing Considerations

Amazon WorkSpaces offers a Bring Your Own License (BYOL) arrangement, so if your organization owns existing Windows 10 Enterprise or Pro licenses, you can use them for your DaaS deployment. BYOL lets you save costs compared to the regular cost of Windows desktops on WorkSpaces, and also helps you deliver a consistent experience to your users.

When using BYOL, take note of the following:

• To be eligible for BYOL, you need to meet several requirements, which are detailed in the Amazon documentation.
• When you use BYOL, AWS runs your WorkSpaces environment on dedicated hardware in the AWS cloud, which meets Microsoft’s hardware requirements.

Enterprise Integrations with Active Directory/AAD

Amazon WorkSpaces integrates with Microsoft Active Directory (AD) in your on-premises data center. It uses the AWS Microsoft AD (AWS Directory Service for Microsoft AD). Amazon WorkSpaces creates a single interforest trust connection that lets you assign users in any domain in your on-premise Active Directory to virtual desktops.

AWS Microsoft AD automatically detects authentication requests and redirects them to the appropriate domain controller. This means that users can log into their workspace with existing Microsoft Active Directory credentials, without specifying a domain name.

Another option is to use a separate AD Connector for each on-premises domain. This setup works well for organizations with a single domain, or POC projects with a small number of users.

The managed Microsoft AD service has several limitations you should be aware of:

• Up to 20 AD directories
• Up to 5 AD snapshots retained up to 180 days
• Up to 20 domain controllers for each directory
• Up to 5 shared domains (for standard Microsoft AD) or 125 (for Enterprise Microsoft AD)

AWS WorkSpaces Best Practices

Use the following best practices to plan a successful Amazon WorkSpaces deployment.

Network Considerations

In Amazon WorkSpaces, each workspace is associated with a specific AWS Directory Service and Amazon virtual private cloud (VPC). AWS Directory Service configurations, including Simple

AD, AD Connector, and Microsoft AD, require two subnets, each with a different availability zone.

Before creating subnets, consider the following:

• How many workspaces will you create in the foreseeable future?
• What types of users will use the workspaces?
• How many Active Directory domains need to participate in the setup?
• Where are corporate user accounts stored—in AD or elsewhere?

WorkSpaces Images and Bundles

Each organization should have a clear process for creating and duplicating desktop images. Maintaining golden images is a complex, time consuming process, which can have a dramatic effect on resource utilization in AWS WorkSpaces.

Here are important considerations for managing WorkSpace images:

• An image should never contain passwords or other sensitive data.
• Ensure each workspace instance is in compliance with the relevant software licenses
• Never include license details in the image.
• To save time, it is recommended to use CloudFormation templates or other automated methods to create and update golden images
• Create a modular application package, and use scripts to automatically create images based on these applications.
• Ensure all images have a bootstrap function that allows them to read runtime info when they launch.
• Tag images consistently to facilitate easier organization images and their content.

WorkSpace Management

Amazon WorkSpaces lets you enable self-service workspace administration to give users more control over their experience. This can also reduce the workload for IT support staff.

In Amazon WorkSpaces, users can perform the following activities directly from their local client:

• Store credentials on the client, enabling reconnection without repeated login
• Restarting a workspace
• Increase size of workspace root and user directory
• Change the workspace bundle (compute instance type)
• Change workspace running mode—AlwaysOn, AutoStop, or AutoStop Time
• Rebuild the workspace from the image

Addressing DaaS Challenges with Hysolate Isolated Workspace as a Service

DaaS is a great solution for delivering a desktop experience in the cloud, but is far from perfect. When users work remotely, especially in low bandwidth environments, user experience is lacking, especially when running intensive workloads. Users cannot use desktops offline, and there is still management overhead, although less than in an on-premise VDI deployment.

Another factor to consider is the pricing of these solutions. Hosting desktops and storage in the cloud requires a large infrastructure investment from the DaaS vendor, which is passed on to organizational users, creating a heavy, ongoing OpEx expense.

Hysolate solves these problems with an innovative approach called isolated workspace as a service (IWaaS). Users get a local isolated operating system running on their machine deployed within minutes and managed from the cloud. 

Isolated workspaces enable: 

• A higher level of freedom on employees corporate devices
• Ability to receive 3rd party generated content in an isolated zone
• Access to IT admins, DevOps, developers, and other privileged users in their everyday environment
• Access to employees from personal, unmanaged devices

The behavior of the workspace is managed in the cloud, while all of the computing resources run locally on user machines.

This eliminates the need to invest in a large and costly infrastructure, and provides a better local user experience, with offline availability.

Learn more about our Isolated- Workspace as-a-Service platform

VDI on Azure: WVD vs. RDS

What VDI Options are Offered on Azure?

Virtual Desktop Infrastructure (VDI) allows organizations to provision operating systems and applications to users remotely. The Microsoft Azure cloud offers two VDI solutions, in a desktop as a service (DaaS) model. These are:

• Windows Virtual Desktop (WVD)—a new offering based on a redesigned version of Windows 10 that supports multi-session access.
• Remote Desktop Services (RDS)—a legacy option that runs both on-premises and in the Azure cloud, based on Windows Server 2016.

We’ll discuss both WVD and RDS, and which solution is best for your organization.

Azure VDI Services

Windows Virtual Desktop (WVD)

Azure can provide either multi-session virtual desktops based on Windows 10, or dedicated virtual desktops. It provides a complete desktop virtualization environment without running gateway servers or other management components, in a full desktop as a service (DaaS) model.

WVD allows you to run multi session desktops to save costs and conserve resources on virtual machines, while providing an authentic Windows 10 user experience, using the new Windows 10 Enterprise Multisession. Desktops can be persistent, to allow users to save personal data and settings. You can import desktop images from Azure Gallery for production workloads or testing.

Key managed and administrative features include:

• Multiple management features—using Azure portal, PowerShell, and REST APIs
• A single host pool can serve entire desktops or virtualized applications
• Assigning users to multiple application groups to conserve images, reducing storage
• Delegated access to user desktops to troubleshoot errors and provide support, with a full diagnostic service to help remediate errors.
• Administrators only need to manage desktop images and virtual machines—the rest of the VDI infrastructure is managed by Azure

Related content: read our guide to Windows Virtual Desktop vs Citrix

Azure Remote Desktop Services (RDS)

RDS, a veteran VDI solution from Microsoft which is nearing end of life, can run in several deployment models:

• On-premises using Microsoft Server 2016 instances and additional management components
• In the Azure Cloud
• On other partner solutions

RDS supports two main virtualization options:

• Session-based virtualization—enables multiple users to share the resources of one Windows Server machine, but requires users to work in a Windows Server UI
• VDI—uses a Windows client to provide high performance, application compatibility, and a familiar Windows desktop environment.

Virtualized environments can be exposed to users as a full desktop with an environment that lets them install and manage a variety of applications. This is suitable for users who use the remote desktop as a primary work environment.

Alternatively, RDS provides RemoteApps, which provides a single application, hosted on a virtual machine but looks like a local application on the user’s desktop. This is suitable for allowing users to access applications from a remote desktop.

Azure WVD vs RDS: Choosing a VDI Solution in Microsoft Azure

There are several factors to consider when deciding whether to use RDS or WVD for VDI on Azure. RDS technology has evolved over time, and is robust and predictable. It isn’t perfect, but it works well as a hosted desktop solution, and is used by many organizations as a low cost replacement for VDI technology like Citrix.

Consider using RDS in Azure for the following reasons:

• RDS provides more control over the VDI control plane, including RDS roles, which are fully managed in WVD. This may be important for security or compliance reasons.
• RDS has been operating successfully for years in large-scale enterprise environments
• Applications created for Windows Server may not work without updates in Windows 10 Enterprise Multisession, which is used by WVD.

Conversely, WVD may be more attractive for the following reasons:

• Allows you to use native Windows 10 desktops with a familiar user experience, instead of a Windows 10 “experience” on a server operating system in RDS.
• Much simpler license management—straightforward pay per use model, as opposed to complex management of multiple layers of licenses in RDS
• DaaS-style hosted service which is much less complex to operate than RDS. The WVD control plane is fully hosted and managed by Azure.
• WVD supports index search on OneDrive, which is not provided by RDS
• Includes user profile container technology from FSLogix, which includes support for bookmarks, shortcuts, and a custom Start menu.
• Improved integration with Azure AD – see the detailed note in Azure AD documentation

Addressing DaaS Challenges with Hysolate Isolated Workspace as a Service

DaaS is a great solution for delivering a desktop experience in the cloud, but is far from perfect. When users work remotely, especially in low bandwidth environments, user experience is lacking, especially when running intensive workloads. Users cannot use desktops offline, and there is still management overhead, although less than in an on-premise VDI deployment.

Another factor to consider is the pricing of these solutions. Hosting desktops and storage in the cloud requires a large infrastructure investment from the DaaS vendor, which is passed on to organizational users, creating a heavy, ongoing OpEx expense.

Hysolate solves these problems with an innovative approach called isolated workspace as a service (IWaaS). Users get a local isolated operating system running on their machine deployed within minutes and managed from the cloud.

Isolated workspaces enable:

• A higher level of freedom on employees corporate devices
• Ability to receive 3rd party generated content in an isolated zone
• Access to IT admins, DevOps, developers, and other privileged users in their everyday environment
• Access to employees from personal, unmanaged devices

The behavior of the workspace is managed in the cloud, while all of the computing resources run locally on user machines.

This eliminates the need to invest in a large and costly infrastructure, and provides a better local user experience, with offline availability.

Learn more about our Isolated- Workspace as-a-Service platform

Desktop as a Service: Can it Work For Your Organization?

What is Desktop as a Service (DaaS)?

DaaS is a cloud computing service that remotely provides end users with virtual desktops or applications. Because DaaS delivers remote resources over the Internet, end users can access virtualized desktops from personal computers or mobile devices. Users can then interact with remote resources just like interacting with resources installed on a local machine.

DaaS vendors provide and manage the backend virtual desktop infrastructure (VDI), including maintenance, backups, updates, and data storage. This is in contrast to traditional VDI solutions, which require several components to be licensed, deployed and managed in the local data center.

In a DaaS model, the organization is only responsible for managing desktop images and user access to eligible apps and desktops, and billing is typically per user subscription or time used.

Read on to understand how DaaS works, get a quick review of leading DaaS providers, and understand if a traditional VDI model or a DaaS model is right for your organization.

How Does DaaS Work?

Desktop as a Service solutions are typically designed using a multi-tenant architecture. This architecture enables organizations to purchase services based on subscription models. For example, organizations can choose a billing subscription based on the number of virtual desktop instances used each month, or in some cases according to per-hour usage of individual desktops.

In a DaaS delivery model, cloud computing providers manage all aspects of the infrastructure, including backup, data storage, security, maintenance, and upgrades. Organizations using DaaS services manage virtual desktop images, virtualized applications, and security for end users.

End user personal data is typically copied into a virtual desktops during login, and copied back to a central data store on logout. Desktops and applications behave consistently irrespective of device, location, or network used to access it.

DaaS Options in the Public Cloud

VDI on AWS: Amazon WorkSpaces

With Amazon WorkSpaces, you can offer your users virtual cloud-based workspaces based on Microsoft Windows or Amazon Linux.

Key features:

• Choose your operating system (Windows or Amazon Linux), then choose from a variety of hardware and software options, and select in which AWS region to run your desktops.
• Two protocols available—PCoIP or WorkSpaces Streaming Protocol (WSP).
• For Windows desktops, you can bring your own licenses and applications (BYOL), or you can purchase them from the AWS Marketplace for Desktop Apps.

Learn more in our detailed article about VDI on AWS

VDI on Azure: Azure WVD

Windows Virtual Desktop (WVD) uses Azure resources and services to create an infrastructure for remote desktop delivery. This service is designed to deliver desktops with an authentic Windows 10 experience to virtually any client device.

Key features:

• Fully scalable Windows 10 multi-session deployment—based on the new Windows 10 Enterprise Edition Multisession
• Run and optimize Microsoft 365 enterprise applications in a virtual multi-user scenario
• Free Enhanced Security Updates for Windows 7 virtual desktops
• Seamless subscription-based license management, with the ability to bring your own license

Learn more in our detailed article about VDI on Azure

Google Cloud VDI Options

While Google Cloud does not provide its own DaaS solution, leading software vendors provide virtual desktop solutions on Google Cloud infrastructure. These include:

• Itopia—a cloud native automation and orchestration solution. It allows you to migrate VDI workloads to Google Cloud and quickly deploy Windows virtual desktops and applications.
• Citrix Virtual Apps and Desktops—lets you deploy a Citrix VDI environment on dedicated, pre-integrated Google Cloud infrastructure.
• VMware VMware Horizon 7—Google Cloud VMware Engine lets you to run VMware Horizon in a dedicated environment. This allows IT departments to control, secure and manage Windows desktops at scale.

VDI vs DaaS: Key Considerations

Here are some key considerations when deciding if your organization should:

• Deploy virtualized desktops on-premises in a VDI model
• Operate virtualized desktops as a managed service using a DaaS model

Single Tenant vs Multi-Tenant

VDI solutions are based on a single tenant model. VDI is deployed to accommodate a single organization with hundreds to thousands of virtual desktops. VDI technology is ideal for organizations that want full control over their server resources and hardware infrastructure.

DaaS solutions work using a cloud-based delivery model that facilitates multi-tenant hosting. Multiple organizations share a cloud environment, and each organization gets its own isolated space.

Updates, Maintenance, and Control

VDI is an on-premise platform that gives IT complete control over the network and server infrastructure. You can implement specific security measures to protect your data, and can more easily adapt your deployment to compliance requirements.

In addition, teams using VDI are responsible for updating the VDI platform. New versions of VDI platforms are released once, at most, several times per year, and upgrades are complex and risky to manage.

DaaS is based on public cloud resources, which are inherently more vulnerable to cyber attacks. However, major DaaS providers have strong security measures, and may also be certified for regulations or compliance standards (check your specific vendor’s compliance features).

A major benefit of DaaS is its fast update cycle. DaaS solutions may be improved on a weekly basis, and updates do not require any effort from the organization, and can immediately benefit desktop users.

Administrator Experience

VDI environments require a control plane, known as a broker, to handle tasks such as setting up user sessions and ensuring users have secure access to appropriate resources. Brokers also handle many other tasks such as capacity management, network management, infrastructure processes, and image deployment.

With VDI, the IT team is responsible for the design, installation, protection and management of the entire platform, including the broker. This can be very complex and incurs major expenses, both in terms of licenses of VDI components, and due to hardware that must be procured.

DaaS is a managed service, in which the control plane is fully operated by the DaaS provider. If you don’t have the people or expertise to manage VDI infrastructure, or the upfront costs are prohibitive, DaaS is an obvious choice.

User Experience

VDI virtualized desktops should be deployed physically close to end-users to provide a good user experience. If the data center is too far away from users, high latency and low bandwidth can have a significant impact on the user experience of many remote display protocols. To support users in multiple locations, you may have to deploy VDI infrastructure in several regions (for example, in each regional branch office).

In addition, VDI solutions may be limited in their ability to provide the operating system or application versions your users expect. Some VDI solutions may be limited to non-standard operating systems such as Windows Server. This can cause incompatibility and inconvenience to users.

DaaS makes it easier to support end users in multiple regions, because cloud providers have data centers in all corners of the globe. You can deploy virtual desktops physically close to each group of users with the click of a button.

In addition, DaaS solutions typically offer more choices in terms of operating systems and virtualized applications. Ideally, virtualized desktop users should have the same UI and application compatibility as a dedicated workstation.

Cost

VDI generates large capital expenditures (CapEx), due to initial infrastructure costs, and period costs of scaling and updating the infrastructure.

DaaS offers a more flexible consumption model. It’s a model completely based on operating expenses (OpEx), because all service costs are charged on a per-user or per-hour basis.

Some solutions allow you to use existing on-premises VDI infrastructure, with the broker running as a cloud service, making it possible to mix CapEx and OpEx investments.

Agility and Elasticity

VDI usually requires a long time to perform software upgrades. Any changes to the deployment  are complex and can be limited by budget and data center capabilities.

DaaS provides much greater flexibility. For example, if one of your requirements is to accommodate temporary workers, seasonal workers, or contract workers, a DaaS model lets you add seats when needed and pay only when you use them without wasting unused capacity.

DaaS deployments can get up and running quickly, and make it possible to leverage the latest CPU and GPU hardware, without having to physically purchase and integrate the hardware.

Democratizing your Desktop Environment with Hysolate

Organizations now have the option to use an isolated workspace as a service (IWaaS) as an alternative to DaaS. Essentially users get a local isolated operating system running on their machine deployed within minutes which is managed from the cloud. This workspace can be used in a variety of use cases in an organization including:

• A higher levels of freedom on employees corporate devices
• Receive 3rd party generated content in an isolated zone
• IT admins, DevOps, Developers, and any other privileged users that require access to privileged systems and data from their everyday environment can now do so freely.
• IT can enable employees that require access to the organization from their personal, unmanaged machines to do so

The behavior of the workspace is managed in the cloud, while all of the computing resources are running locally on user machines.

This ensures the low cost of the solution, with great user experience and offline availability.

Learn more about the Hysolate Workspace as-a-Service platform

Learn More About Desktop as a Service (DaaS)

There’s a lot more to learn about Desktop as a Service solutions. To continue your research, take a look at the rest of our blogs on this topic:

VDI on AWS: Making the Most of Amazon WorkSpaces

Amazon Workspace is a desktop as a service (DaaS) solution that enables organizations to remotely manage and deploy cloud-based virtual desktops and applications. Amazon WorkSpaces is managed by Amazon Web Service (AWS) and can support large-case VDI infrastructure. This article explains how WorkSpaces work, reviews licensing considerations, and explains key best practices.

Read more: VDI on AWS: Making the Most of Amazon WorkSpaces

VDI on Azure: WVD vs. RDS

Microsoft Azure offers two main solutions for cloud-based virtual desktop and application delivery. Windows Virtual Desktop (WVD) is based on a VDI model, and supports multi-session access. Remote Desktop Services (RDS) is based on a DaaS model, and can leverage cloud and on-premise resources. This article discusses the main differences between the two services.

Read more: VDI on Azure: WVD vs. RDS

Windows Virtual Desktop vs Citrix: Choose One or Use Both?

Windows Virtual Desktop (WVD) and Citrix Virtual Apps & Desktops are two different solutions. WVD is cloud-based and leverages Windows and Microsoft 365 technologies, whereas Citrix centralizes the management of various cloud environments. This article discusses key differences between the two services, to help you better decide which solution suits your needs.

Read more: Windows Virtual Desktop vs Citrix: Choose One or Use Both?

VDI vs DaaS: How to Choose?

What is Virtual Desktop Infrastructure (VDI)?

Virtual Desktop Infrastructure (VDI) is the traditional way of serving virtual desktops to corporate users. It involves setting up servers in the local data center, running virtualization software and virtual desktop management infrastructure, from providers like VMware or Citrix, and has high upfront costs.

VDI is centralized, so the IT team is responsible for managing the infrastructure. This means that hardware, software, licenses and distribution are all handled internally. The IT department has full control over the VDI site and can keep sensitive data on-premises.

What is Desktop as a Service (DaaS)?

Desktop as a Service (DaaS) is a cloud-hosted VDI service, offered by providers like Amazon, Microsoft Azure, Google, VMware, and Citrix. With DaaS, organizations do not need to provision servers or manage VDI infrastructure—both hardware and the VDI control plane is fully managed by the service provider.

DaaS systems are subscription-based, usually billed on a per-user basis, with little or no initial investment. All infrastructure setup and maintenance is handled by the DaaS provider.

VDS vs. DaaS: What is the Difference?

Below we cover some of the key differences between on-premises VDI and cloud-based DaaS services.

See a head-to-head comparison between a popular VDI and DaaS solution in our article: Windows Virtual Desktop vs. Citrix

Architecture

The main components of a VDI architecture are a hypervisor and a connection broker.

A hypervisor decouples any physical hardware from an operating system (OS) residing in a server, which is located at the data center. The hypervisor enables you to serve multiple virtual desktops from one physical server.

A connection broker is a software gateway in charge of connecting desktop users with individual desktop instances. The connection broker serves as a layer that authenticates each user, rather than an endpoint device.

Typically, VDI technology uses a dedicated point of delivery (PoD) model, which contains predefined network, compute, and storage resources dedicated to supporting a specific number of virtual desktops. The PoD is isolated from other systems, to ensure any desktop fluctuations do not interfere with other workloads located in the data center.

A DaaS architecture, on the other hand, serves VDI using a multi-tenant delivery model. First, you purchase a subscription, which defines how many virtual desktop instances you want to use on a monthly basis. Next, the cloud vendor starts managing the back-end tasks, including data backup, security, upgrade, and storage.

When you purchase a DaaS subscription, if not specified otherwise in the agreement, you are still required to manage your virtual desktop images, your applications, and the security of your workloads.

Cost

VDI requires a high capital expenditure (CapEx), especially if you need to purchase or upgrade servers or prepare a data center facility. However, if hardware already exists, organizations can pay off their technical debt and save the ongoing subscription fees charged by cloud service. For enterprise-level organizations with predictable growth and resource requirements, the initial investment is usually less expensive than DaaS.

DaaS requires almost no upfront investment, but there are ongoing subscription fees. This cost model allows you to dynamically scale your operations and pay only for the resources you are using. For small to medium-sized organizations with major changes in the number of desktops, or fast growing organizations, the DaaS option may be cheaper.

Setup

VDI requires managing all areas of the infrastructure yourself. This includes hardware, operating systems, applications and related software. You are responsible for addressing any problems that may arise, from software patches to hardware replacements.

DaaS is a cloud-based service that is fully set up by a third-party service provider. Organizations do not need servers and data center facilities. The provider configures, manages, and monitors the platform as needed, usually with a guaranteed service level agreement (SLA).

Data Backup

VDI typically does not come with backup built in. It will require you to set up, test and manage backup and business continuity infrastructure and processes.

DaaS service providers typically back up data as part of their service. Backup functionality is built into the service or underlying cloud infrastructure, and does not require special setup. However, backups may incur additional costs, typically according to storage volume used.

Agility

VDI is a complex infrastructure that requires large efforts and major costs to build. Organizations typically take a long time to complete upgrades to the VDI software, to allow users to benefit from new features. Changes such as scaling up or down, or adding new types of hardware such as GPUs, involve a major effort and may be limited by your budget and IT update cycle.

DaaS offers greater flexibility. For example, if one of your requirements is to accommodate temporary workers, seasonal workers, or contract workers, the DaaS option lets you add seats when needed and per usage, and scale down when the desktops are no longer needed, without wasting underutilized resources.

DaaS deployments let you deliver virtualized desktops quickly for urgent needs. In addition, you can easily support new technological trends, such as software innovations or the latest CPU or GPU hardware, because these options are typically added and offered as a subscription option by the DaaS provider.

End User Experience

VDI virtual desktops must be physically deployed near end users to provide a good user experience. If the data center is too far away from users, high latency and low bandwidth can have a significant impact on the user experience. To support users in multiple locations, you may need to deploy a VDI infrastructure in multiple regions (e.g. a VDI site in each branch office).

Additionally, VDI solutions may not be able to provide the operating system or application versions that users expect. Some VDI solutions may be limited to non-standard operating systems such as Windows Server. This can cause incompatibility and inconvenience to users.

With DaaS, because cloud providers have data centers around the world, you can easily support end users in multiple regions. You can deploy virtual desktops near each group of users simply by selecting the nearest cloud region.

In addition, DaaS solutions generally offer more choices when it comes to operating systems and virtualized applications. Ideally, virtualized desktop users should have the same UI and application compatibility as a dedicated workstation.

Addressing VDI Challenges with Hysolate Isolated Workspace as a Service

Creating and managing a VDI solution is a large project and a huge undertaking for an organization. Creating, planning the infrastructure correctly, and making sure everything is tested, has the proper sizing to support the target population requires thousands of hours of work and a huge investment. In addition, running the servers on premise, involves tremendous costs of purchasing the servers, and of course maintaining the infrastructure leading to high OpEx and CapEx costs.

With that said, in today’s remote first world, users connecting to the datacenter VDI solution, sometimes over a VPN tunnel will get poor performance and user experience and desktops are not available when offline.

Hysolate solves these problems with an innovation called isolated workspace as a service (IWaaS). Users get a local isolated operating system running on their machine deployed within minutes which is managed from the cloud.

Isolated workspaces enable:

• A higher level of freedom on employees corporate devices
• Ability to receive 3rd party generated content in an isolated zone
• Access to IT admins, DevOps, developers, and other privileged users in their everyday environment
• Access to employees from personal, unmanaged devices

The behavior of the workspace is managed in the cloud, while all of the computing resources run locally on user machines.

This eliminates the need to invest in a large and costly infrastructure, and provides a better local user experience, with offline availability.

Learn more about our Isolated- Workspace as-a-Service platform