My name is Samim Erdogan, program manager in the RDV team in Windows Server. I am very excited to announce the preview of Azure RemoteApp, a brand new service from Microsoft that delivers Windows applications from the Azure cloud. Azure RemoteApp features the high fidelity, WAN-ready user experience of RDP and RemoteFX, builds on the proven Remote Desktop Services infrastructure in Windows Server, and leverages Azure’s global scale and utility-grade reliability as a leading cloud provider, providing a finished, turn-key service that offers Windows applications as a service accessible from anywhere.
Over the years, we have found that the RemoteApp experience strikes a chord for personal device users: Whether it is an iPad, an Android phone, a cherished Windows laptop, or a Mac, users form a personal bond with their devices. They want to use their personal devices for work as well as play, and for that, they need secure access to work applications. Increasingly, organizations are choosing to provide such access in order to harness that productivity. For both knowledge workers and IT, access to applications is paramount. That is why we are focusing this preview release of Azure RemoteApp on applications.
You can experience the service for yourself and join the preview today: http://remoteapp.azure.com
Those of you familiar with RemoteApp in Windows Server will instantly recognize the user experience in Azure RemoteApp: While the application is running remotely, it appears to the user as if it is running locally on the client device. Azure RemoteApp uses RDP, a WAN ready protocol that is resilient to network latency and loss. The applications are delivered with a high fidelity, fast and fluid user experience appropriate for a variety of interactive scenarios and content, from routine text input to multimedia.
With this announcement, we are releasing a brand new Microsoft RemoteApp app for Windows, and we are also issuing updates to our Microsoft Remote Desktop apps for iOS and Android to support Azure RemoteApp. We will soon add Azure RemoteApp support to our client apps for Mac, Windows Phone and Windows RT as well.
You can download the appropriate client app for your device from http://remoteapp.azure.com.
Persistent Storage for Users
Azure RemoteApp provides users with 50GB persistent storage. This storage is backed by highly reliable, fault tolerant Azure Storage and it is persistent.
Windows Server 2012R2 Session Virtualization
Azure RemoteApp builds on the Remote Desktop Services capabilities of Windows Server. Users share common underlying infrastructure through Session Virtualization, which provides for a highly efficient application hosting environment.
Office 2013 Preinstalled
Office is arguably the most important and prevalent application suite out there. During the preview, we are offering Microsoft Office 2013 ProPlus preinstalled with Azure RemoteApp.
Azure RemoteApp is built on Azure’s scalable fabric and extends it by providing a platform-as-a-service environment for Windows apps. This environment is dynamically scalable, expanding or shrinking capacity in real time in response to user connections. With traditional desktop virtualization deployments, capacity planning and capital expenditures are a major concern. In contrast, with Azure RemoteApp, you do not need to invest in expensive hardware and you get dynamic scalability built-in.
Azure RemoteApp benefits from Azure’s global network of datacenters. At preview, we are offering Azure RemoteApp in six regions: US West, US East, Western Europe, North Europe, East Asia, and Southeast Asia.
Two Deployment Choices: Cloud-only and Hybrid
You can use Azure RemoteApp in one of two deployment models: A standalone cloud-only deployment offers a rapidly provisioned, instantly accessible, automatically maintained app hosting service. Or you can bring your own applications to the cloud and connect them to your on-premises infrastructure, running them in a hybrid deployment that combines the customizability of RDS in Window Server with Azure’s scalability and intuitive management. Let’s take a look at these in a bit more detail.
Cloud deployment offers a standalone, turnkey way to host applications in the cloud. Provisioning is easy and fast: users can logon and use applications within minutes. The apps and the operating system are kept always up-to-date through regular updates, and Microsoft Anti-Malware endpoint protection provides continuous defense. Users use Microsoft Account or their corporate credentials to connect. As an IT administrator, you only need to think about which apps to offer and to whom. The rest is taken care of for you.
Setting up RemoteApp in cloud-only mode is easy. In Azure Portal’s new service setup wizard, RemoteApp preview is under the App Services category. Select “Quick Create”, pick a name and region, confirm Office 2013 ProPlus as your template image, and click OK.
That’s it! Now, all you have to do is to decide which of the apps you want to offer, and to which users. These two tasks are highlighted in the Quick Start page for the RemoteApp service.
You can use the “RemoteApp Programs” list to manage which applications are published. Several apps from the Office suite are published by default, others such as OneDrive for Business, Publisher, and Access are also available. Internet Explorer is available as the browser. Finally, we also included all-time favorites like Calc and Paint. J You can find them by clicking “Publish”.
The “User Access” view allows you to manage the users who have access to the service and the apps published from it. In the cloud deployment model, users can be identified with their Microsoft Accounts. In addition, if your Azure subscription is associated with an Azure Active Directory, you can grant access to users from that directory too.
As your users connect, you can view logged on users under the “Sessions” tab. Or, for a summary view of usage, take a look the service’s dashboard:
The cloud deployment model is an ideal way to provide access to a standard office productivity app suite. In contrast, the hybrid deployment model offers significantly more customization: Apps, OS, and settings are under your control. You own the template image and manage it directly through the Azure Portal. The apps run in a domain-joined environment, with full access to your on-premises network and data. Through integration with Azure AD, users use their corporate credentials to logon.
Four key concepts play an important role in the Azure RemoteApp’s hybrid deployment model:
- Federated Identity
- Hybrid Networking
- Hybrid Management
- Custom Template Images
With Azure RemoteApp hybrid deployment, users can use their familiar corporate identities to access hybrid applications. The core technology in play here is Azure Active Directory with DirSync. Azure Active Directory is your directory in the cloud that can be synchronized with your on-premises Active Directory. You can choose to synchronize your user’s passwords to the cloud or keep them on-premises by using ADFS. You can configure this using the Active Directory section of the Azure Portal.
With Azure RemoteApp hybrid deployment, applications running in the cloud can seamlessly access data and resources available on-premises. This capability is built on Azure Virtual Networking with site-to-site VPN. RemoteApp Virtual Networks (VNets) extend this technology to bridge into your corporate network so apps hosted in Azure run with the same data fidelity and network access as applications hosted on-premises.
You can manage your RemoteApp VNets using the “Virtual Networks” tab of the RemoteApp management interface. This will show you the list of VNets you have configured.
RemoteApp VNet builds on Azure VNet and therefore has similar configuration options: You provide address spaces in the cloud and on your local on-premise network, identify your DNS servers, and specify the public IP address of your VPN device.
With Azure RemoteApp hybrid deployment, your corporate policies can reach out to the cloud and control the apps hosted in the cloud. On-premises Active Directory is the foundational technology here. Group Policy, System Center, and many other enterprise management and policy tools rely on AD for this purpose. RemoteApp enables this control by joining the RD Session Host server VMs hosting the applications to your on-premises domain.
You can configure this by providing a service account with domain-join privileges for an Organizational Unit (OU) that you specify. RD Session Host VMs will be joined to this OU. You can use the OU to target policies specific to your hybrid cloud deployment.
Custom Template Images
A hybrid RemoteApp service runs with a template image that you provide. The template image must be based on Windows Server 2012 R2 with RD Session Host role service, and it must be configured with the applications which you want to publish through Azure RemoteApp. RD Session Host VMs will be created as instances of this template image.
You can manage your template images using the “Template Images” tab of the RemoteApp management interface. This will show you the list of template images you have uploaded and their distinguishing features. You can start a new upload, obtain a script that will resume an upload, or delete a template image.
Patch and Update Management
One of the key differences between a hybrid RemoteApp service and a cloud-only RemoteApp service is how software updates are handled.
With a cloud-only RemoteApp service, you do not have to worry about the OS and application updates. The service maintains itself automatically and rolls out updates on an ongoing basis. As a result, you always have the latest OS and Microsoft Office 2013 version.
In contrast, with a hybrid RemoteApp service, you are in control. Since the RD Session Host instances are joined to your domain, you can control them using on-premises software management tools like Windows Update services, Group Policy, or System Center.
You also completely control the template image from which RD Session Host VMs are created. Therefore, you can also use image-based management to update the OS, application, and settings. This update function is available on the Quick Start page of the RemoteApp service.
When you update a RemoteApp service with a new template image, you will be asked to decide what to do with logged on users. The default option is to roll out the update in the background, without affecting connected users. When update is complete, users will be asked to log off and reconnect to receive the new apps and settings. The second option is intended for updates that are deadline driven. Users will be asked to logoff immediately. No user will be allowed to connect back to the app collection until the update is complete. In both cases, the users’ persistent storage is maintained.
Preview Release Features Summary
Below is a summary of the key attributes of Azure RemoteApp during preview.
Try it Now!
For more information on Azure RemoteApp and to find out how to get started, visit us at http://remoteapp.azure.com. You can find more information and request to join the preview at the Azure RemoteApp website.
And let us know what you think! You can get in touch with us by leaving a comment here, or at the Azure RemoteApp forum.
-The RDV Team