Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Securing Cloud PCs and Azure Virtual Desktop
  • Table Of Contents Toc
  • Feedback & Rating feedback
Securing Cloud PCs and Azure Virtual Desktop

Securing Cloud PCs and Azure Virtual Desktop

By : Dominiek Verham, Johan Vanneuville
5 (3)
Buy this Book
close
close
Securing Cloud PCs and Azure Virtual Desktop

Securing Cloud PCs and Azure Virtual Desktop

5 (3)
By: Dominiek Verham, Johan Vanneuville
Buy this Book

Overview of this book

Do you want to effectively implement and maintain secure virtualized systems? This book will give you a comprehensive understanding of Microsoft virtual endpoints, from the fundamentals of Windows 365 and Azure Virtual Desktop to advanced security measures, enabling you to secure, manage, and optimize virtualized environments in line with contemporary cybersecurity challenges. You’ll start with an introduction to Microsoft technologies, gaining a foundational understanding of their capabilities. Next, you’ll delve into the importance of endpoint security, addressing the challenges faced by companies in safeguarding their digital perimeters. This book serves as a practical guide to securing virtual endpoints, covering topics such as network access, data leakage prevention, update management, threat detection, and access control configuration. As you progress, the book offers insights into the nuanced security measures required for Windows 365, Azure Virtual Desktop, and the broader Microsoft Azure infrastructure. The book concludes with real-world use cases, providing practical scenarios for deploying Windows 365 and Azure Virtual Desktop. By the end of this book, you’ll be equipped with practical skills for implementing and evaluating robust endpoint security strategies.
Table of Contents (21 chapters)
close
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
Free Chapter
1
Part 1: An Introduction to Microsoft Virtual Desktops
Part 1: An Introduction to Microsoft Virtual Desktops
2
Chapter 1: Introducing Windows 365 and Azure Virtual Desktop
Chapter 1: Introducing Windows 365 and Azure Virtual Desktop
Advantages of using a virtual desktop
Introducing Windows 365
Introducing Azure Virtual Desktop
Licensing Windows 365 and Azure Virtual Desktop
Introducing Windows App
Summary
3
Part 2: Why Is Endpoint Security Important?
Part 2: Why Is Endpoint Security Important?
4
Chapter 2: Importance of Securing Your Desktops
Chapter 2: Importance of Securing Your Desktops
A desktop at the heart of a user’s workspace
Multiple users on a single desktop
What happens when a physical desktop is lost or stolen?
What can IT admins do to prevent data leakage?
Summary
5
Chapter 3: Modern Security Risks
Chapter 3: Modern Security Risks
What are bad actors?
Types of cyberattacks
Recovering from a cyberattack
Virtual desktops to the rescue
Summary
6
Part 3: Security Controls for W365 and AVD
Part 3: Security Controls for W365 and AVD
7
Chapter 4: Securing User Sessions
Chapter 4: Securing User Sessions
CA and MFA
Configuring RDP device and resource redirections for Windows 365
Configuring RDP properties for Azure Virtual Desktop
RDP session limit timeouts
Summary
8
Chapter 5: Preventing Data Leakage from Desktops
Chapter 5: Preventing Data Leakage from Desktops
Preventing screen captures
Introducing and configuring watermarking
Configuring screen locks
Summary
9
Chapter 6: Update Management Strategies
Chapter 6: Update Management Strategies
Windows Update for Business
Windows Autopatch
Managing updates using custom image templates
Manually creating custom images
Summary
10
Chapter 7: Threat Detection and Prevention
Chapter 7: Threat Detection and Prevention
Microsoft Defender for Endpoint
Introducing tamper protection
Encrypting data on the virtual desktop
Summary
11
Chapter 8: Configuring Access Control
Chapter 8: Configuring Access Control
Configuring Role-Based Access Control (RBAC)
Azure Bastion
Configuring JIT
Microsoft Privileged Identity Management
Windows Local Administrator Password Solution (LAPS)
Summary
12
Part 4: Additional Security Controls per Solution
Part 4: Additional Security Controls per Solution
13
Chapter 9: Securing Windows 365
Chapter 9: Securing Windows 365
Introducing the Windows 365 advanced deployment guide
Security guidelines for Windows 365
Local admin rights
Endpoint Privilege Management
Creating and exporting Cloud PC restore points
Tips and tricks
Summary
14
Chapter 10: Securing Azure Virtual Desktop
Chapter 10: Securing Azure Virtual Desktop
Configuring backups
Restoring an FSLogix profile
Securing AVD with private endpoints
Trusted launch and confidential computing
Configuring AppLocker
Securing OneDrive
Active Directory structure and security
Summary
15
Chapter 11: Securing Azure Infrastructure
chevron up
Chapter 11: Securing Azure Infrastructure
Configure storage security
Configure network security with Azure Firewall
Configure network security with NSGs
Deploying AVD on dedicated hosts
Configuring Defender for Cloud
Deploying an Azure VPN gateway
Summary
16
Part 5: Use Cases
Part 5: Use Cases
17
Chapter 12: Windows 365 Use Cases
Chapter 12: Windows 365 Use Cases
When to use Windows 365 as your personal desktop
Windows 365 as a replacement for on-premise VDI
Windows 365 for contractors
Using Windows 365 as a privileged access workstation
How Windows 365 Boot helps to secure an endpoint
Enhancing security by restricting access to Office 365 services to Cloud PCs
Windows 365 Frontline versus Windows 365 Enterprise
Summary
18
Chapter 13: Azure Virtual Desktop Use Cases
Chapter 13: Azure Virtual Desktop Use Cases
AVD for external users using Bring Your Own Device (BYOD)
Using remote apps instead of desktops
AVD as a disaster recovery solution
AVD for a break/fix scenario
Running AVD on Azure Stack HCI
Summary
19
Index
Index
Why subscribe?
20
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Configure storage security

When working with AVD, and especially with pooled host pools, the IT admin needs to configure the storage account for FSLogix and make it secure so that only the session host can access it. This is done with the help of the following:

  • RBAC roles on the storage account
  • Applying the correct NTFS permissions on the file share
  • Configuring private access using a private endpoint
  • Configuring NSGs

Let’s explore them one by one.

RBAC roles on the storage account

The first thing that needs to be configured on the storage account is the Azure permissions for the IT admins and the end users. This is done by assigning specific built-in roles on the storage account and file share. Of course, to assign these permissions, the IT admin has to create a storage account and file share first.

Be aware that in order to configure these permissions, an identity source such as Active Directory Domain Services (ADDS), Entra Domain Services...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 2
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY