News

Microsoft Readies Preview of Improved Remote Desktop Services

Remote Desktop Services (RDS), a Windows Server capability for virtual desktop infrastructure (VDI) scenarios, will soon get Azure Active Directory (AD) support, a more secure architecture and HTML5 browser access support.

Microsoft announced the improvements this week, indicating that all would be "in preview soon," though the company did not specify a release date.

New RDS security protections will be enabled by coming Azure AD support. Organizations will be able to impose multifactor authentication, an identity verification scheme that uses phone calls or text messages to secondarily confirm a user's identity. They'll also get conditional access support, which might be used to affirm a device's compliance status with IT policies before granting access.

Microsoft's video showed that users logged into an application will be able to quickly switch to other applications with the new RDS security approach. RDS also will get access to the Microsoft Security Graph service.

Microsoft is contending that an architectural change will add security to the service. Specifically, the RDS Gateway and Web roles aren't Internet facing anymore and thus subject to attack. Here's how Scott Manchester, principal group program manager for Remote Desktop Services, described it:

With the modern infrastructure roles, we isolate the infrastructure components from the Application and Desktop Host, and the infrastructure roles, like the Gateway and RD Web, and the rest of the infrastructure, are no longer joined to the domain. And because of this, now we can support multitenant deployments. And notice one other change. There's no RDVH role now. We've brought those same capabilities for VDI management directly into the Connection Broker. And we've also added a new role, Diagnostics. This new role collects information on the health of the deployment and can be used to troubleshoot end-to-end connectivity problems. And finally the Application and Desktop Host no longer requires open inbound ports. They establish an outbound connection to the infrastructure using Port 443.

This new "modern infrastructure" for RDS was illustrated by this slide:

[Click on image for larger view.] Coming Remote Desktop Services architectural change. (Source: Microsoft video.)

The architectural changes will help RDS hosters better serve multiple tenants, Manchester added. They can use cloud infrastructure such as Microsoft Azure, as well as hybrid deployments where the Application and Desktop Host role gets located on the organization's premises.

RDS can also be accessed via HTML5 browsers with the new approach, in addition to RDS applications. The new browser-based access can be used to support remote access to resources by travelers. It also supports kiosk worker types of scenarios.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.