Microsoft Azure Virtual Desktop has been deployed in production by businesses. However, many AVD environments are still not utilising all of FSLogix’s capabilities, Windows 10 / Windows 11, or AVD environments may be missing Microsoft-recommended settings to improve the performance of Azure Virtual Desktop Environment. Our AVD Assessment Tool – SmartProfiler, can be used to assess the entire AVD environment, improve performance of Azure Virtual Desktop and start generating an Assessment Report that includes issues and recommendations to resolve them. Improving performance of AVD environment requires to perform a complete assessment.
We’ve been using Azure Virtual Desktop since its initial release in December 2019. The first version of Windows Virtual Desktop (WVD) was implemented for a large customer in the United States. We learned a lot during deployment, and it was a pleasure to collaborate with the customer on AVD deployment. However, as time passed, we discovered that there are numerous important settings that an AVD environment must have in order to achieve maximum performance and run a smooth AVD environment.
As listed below, there are several reasons why we should perform an assessment of the Azure Virtual Desktop environment.
Various parameters from a Microsoft-recommended template are used during the AVD Assessment. The preceding list is only a summary of what important considerations or items we should be checking. Let’s take a look at each of them in turn in the section below.
Logon and performance must be optimised for all AVD Session Hosts. Please keep in mind that simply implementing an AVD Image in a Session Host does not imply that the Session Hosts have been optimised to run in an AVD Environment. In order to achieve maximum performance, Microsoft recommends that important settings be applied to Session Hosts. It should be noted that two important components in an AVD environment are the Windows Operating System and the FSLogix Service.
The Windows operating system includes settings that must be checked and modified based on the AVD environment type. Similarly, FSLogix Settings must be checked and modified to optimise user logon and performance.
As part of the AVD Assessment process, whether you use SmartProfiler or DynamicCloud Admin (AVD Optimization Status Assessment module), the process will check a single Session Host in each host pool and then compare it to a Template with Microsoft-recommended settings.
For AVD Performance and Optimization alone, we check 190 settings for each host pool. The “AVD Performance” category includes tests in a VDI environment with Microsoft-recommended settings as well as settings we believe can be configured to achieve maximum performance in an AVD environment. As shown in the screenshot below, the assessment process cloud collects settings for each item for each host pool and then displays the optimization status for each item in the “AVD Performance” category. INFO: Screenshot of AVD Assessment Summary when done using SmartProfiler
INFO: Screenshot of AVD Assessment Summary when done using DynamicCloud Admin
There are more than 400 Microsoft Recommended settings when you run Windows 10 or Windows 11 Operating System in an AVD Environment. Once you perform the AVD Assessment using either SmartProfiler or DynamicCloud Admin, the process is going to check all Microsoft Recommended settings for each host pool and then show the optimization status for each setting.
To ensure that the environment is private, most AVD environments require Windows Privacy settings to be configured. Essentially, all of the Windows Privacy settings must be blocked or disabled. We have several Windows Privacy items spread across various AVD Categories. One of the Privacy items checked during the AVD Assessment, for example, is “Privacy: Test Disable Allow unpaired devices to communicate with Windows apps”. In addition, “Privacy: Test Disable Continue Experiences on This Device” would be another item that is checked during assessment.
In the AVD environment, user experience is a major concern. It should be noted that not all AVD deployments consider user experience. When analysing parameters related to User Experience, we must keep the following points in mind:
The items mentioned above are just a few examples of ways to improve user experience. As part of the AVD Assessment, over 90 settings are checked for user experience in “Run-Time Optimization,” “Visual Effects Performance,” “Windows BITS Optimization,” and other categories.
Many AVD environments are still not taking full advantage of FSLogix’s capabilities. FSLogix includes a large number of registry entries that have a direct influence on the performance of your Session Hosts. FSLogix is a critical component that, if set wrong, can cause performance concerns. Many AVD environments, for example, just use FSLogix Profile Container, but they have also enabled Office Container, which may not be required for their AVD environment. Some parameters in FSLogix have a direct influence on the performance of an AVD environment.
After performing an AVD assessment with SmartProfiler or DynamicCloud Admin, you will see FSLogix Container Summary for all host pools in the console, as shown in the screenshot below. INFO: Screenshot of FSLogix Container Summary from SmartProfiler
INFO: Screenshot of FSLogix Containers Summary from DynamicCloud Admin
Microsoft Azure Virtual Desktop Environment should be protected. Nowadays, security is a major concern. When it comes to checking security in an AVD environment, we run a series of tests for Session Hosts, Host Pools, and some Windows Operating System settings. The following tests are performed in “AVD Security” category.
The first question is whether your configuration is consistent across host pools. Assume you have ten host pools and have deployed some settings to all of them. How do you know that the settings for all ten host pools are consistent? Some AVD environments have inconsistent settings across host pools, as we’ve seen. As a result, some host pools suffer from poor performance while others operate normally. SmartProfiler runs a test across all host pools to validate all recommended settings and determine whether or not the settings configured across host pools are consistent.
The console displays configuration inconsistencies for all categories after performing an AVD assessment with SmartProfiler. We can see some configuration inconsistencies in the “Run Time Optimization” category, as shown in the screenshot below. The Run Time Category contains important items that Microsoft recommends that each host pool configure. The process ensures that if a setting is configured for one business host pool, it is also configured for the other business host pools.
The assessment process discovered inconsistencies for two items, “Test Disable NTFS Last Access Timestamps” and “Test Disable Memory Dump Creation,” as shown in the screenshot above. Some host pools have settings configured, while others do not.
For each AVD Host Pool, there are numerous RDP properties that may be configured. For each host pool, a few essential RDP settings must be specified. Although if Microsoft configures some RDP parameters when you deploy a Host Pool, it is still advised that you utilise a tool to obtain all RDP properties from each host pool and display them in a console. Certain RDP settings, such as permitting device redirections, might lead to data theft by logged-in AVD users.
The “Test Host Pool Custom RDP Properties Test” collects all RDP Properties specified for each host pool in your production AVD environment and displays them in the console, as well as those that should not be configured in an AVD environment.
As seen in the screenshot below, it displays the RDP Properties defined for each host pool as well as the default value that is set when you install AVD Host Pool. INFO: Screenshot of RDP Properties Explorer from SmartProfiler
INFO: Screenshot of RDP Properties Explorer from DynamicCloud Admin
Please keep in mind that the AVD Environment necessitates antivirus exclusions since the FSLogix Service conducts multiple read/write operations to VHD/VHDX and the local Windows Operating System. If AVD Antivirus exclusions are not enabled, Antivirus software will interfere with FSLogix operations, potentially resulting in performance concerns.
Nevertheless, that is not the only test done as part of the “AVD Antivirus” category. The majority of our clients define AVD Exclusions using a third-party antivirus software. It is crucial to note, however, that if you are using a third-party antivirus solution in your AVD environment, you should disable Windows Defender altogether. Certain AVD environments do not disable all Windows Defender services and objects, as we have seen. The following tests are performed as part of AVD Antivirus category:
INFO: Below AVD Tests are performed as part of Assessment if the Windows Defender is disabled and a third-party antivirus product is in use.
Try SmartProfiler, a unified tool to help with security evaluation across many Microsoft technologies.