With massive workforces now remote, IT admins and security professionals are under increased pressure to keep everyone productive and connected while combatting evolving threats.
Windows Virtual Desktop is a comprehensive desktop and application virtualization service running in Azure, delivering simplified management for virtual desktop infrastructure (VDI).
While organizations go through this transformation, allowing their employees to remain productive, IT and security professionals required to ensure the deployment of Windows Virtual Desktop is done in accordance with security best practices so it doesn’t add unnecessary risk to the business. In this blog, we will explore how Azure Security Center can help maintain your Windows Virtual Desktop environment configuration hygiene and compliance, and protect it against threats.
When setting up your Windows Virtual Desktop environment, you first need to create a Host Pool which is a collection of one or more identical virtual machines (VMs). To support the remote workforce use case, these VMs will usually run a Windows 10 multi-session OS. Below is an overview of the architecture:
You can find the VMs running in your host pool by checking the Host Pool details and clicking on the Resource Group name:
This will bring up the resource group details. Filtering by Virtual Machine will show the list of VMs:
Considering the shared responsibility model, here are the security needs customers are responsible for in Windows Virtual Desktop deployment:
These needs should be examined both in the context of security posture as well as threat protection. Here is an example:
Azure Security Center the following security posture management and threat protection capabilities for Windows Virtual Desktop VMs:
#security #azure #azure-ad #virtual-desktop