en flag
en flag

Azure Virtual Desktop: What Microsoft Manages vs. What You Manage

Who manages what — Microsoft or us?

AZURE

Nyan

6/7/20251 min read

Azure Virtual Desktop (AVD) is a powerful Desktop-as-a-Service (DaaS) solution that enables organisations to deliver secure, remote Windows desktops and applications from the cloud. But when deploying AVD, one key question many businesses ask is:

Who manages what — Microsoft or us?

🏢 What Microsoft Manages

Microsoft takes care of the platform-level infrastructure, so you don’t have to worry about maintaining core services. Here’s what falls under Microsoft’s responsibility:

✅ Control Plane Services

  • Web Access: Portal where users access desktops and apps.

  • Gateway: Securely routes user traffic to session hosts without requiring a public IP.

  • Connection Broker: Determines which session host a user connects to.

  • Diagnostics: Provides performance and health data for the AVD environment.

✅ Azure Infrastructure

  • Data Centres: Global infrastructure that hosts your virtual machines.

  • Service Availability: Microsoft ensures high availability and uptime of the AVD service.

  • Patching and Scaling (Control Plane): Behind-the-scenes updates for AVD backend services.

✅ Security for Control Plane

  • Encrypted connections and secure access to Microsoft-hosted components.

👨‍💼 What You (the Customer) Manage

As a customer, you have flexibility and control over the session host environment, user management, and virtual networking. Here’s what you’re responsible for:

🧩 Session Hosts (Virtual Machines)

  • Provisioning and sizing VMs

  • Patching Windows OS and installed applications

  • Configuring images (e.g., Windows 10/11 multisession, FSLogix)

👥 User Identity and Access

  • Azure Active Directory or Hybrid AD Join

  • User group assignments and access policies

  • Conditional Access and MFA (if enabled)

📦 Applications and Profiles

  • Installing and updating apps

  • Managing user profiles using FSLogix

  • Publishing desktops or individual apps

🌐Virtual Network and Connectivity

  • Creating and managing VNets

  • Connecting to on-premises resources (via VPN or ExpressRoute)

  • Network security (NSGs, firewalls)

📊 Monitoring and Optimisation

  • Use tools like Azure Monitor, Log Analytics, and third-party tools to track performance, usage, and errors.

Insights

Explore the latest in cloud computing technology.

Resources

Connect With NLHmag

info@nlhmag.com

© 2025 NLHmag. All rights reserved.