Companies have been leveraging on various virtualization technologies for the past few years. However, with the increased need for mobility and scalability, cloud-based virtual desktops are raising in popularity. With companies encouraging their employees to work from home and increasing security vulnerabilities, time is ripe to embrace Desktop as a Service.
While employees’ “working from home” norm is great for productivity and business continuity, companies cannot depend on legacy IT infrastructure for this. It takes many functions to run a company successfully and they all have diverse infrastructure needs. While some teams like design teams work on GPU intense tasks, other work on processing intense tasks. The cloud-based virtual desktops address this need for diverse IT landscapes.
In some scenarios, companies might need to rapidly scale up or down. In scenarios like mergers and acquisitions, companies might need to create or delete thousands of desktops within a short period of time. This rapid provisioning is the need of the day.
Why Amazon WorkSpaces?
Desktop Delivered - Simplifed via Cloud
Amazon WorkSpaces simplifies desktop delivery to employees. Traditional desktops/laptops are rigid, diffcult to manage and prone to vulnerabilities. Amazon WorkSpaces rises above these limitations to provide a secure and managed cloud based desktop environment that can be provisioned seamlessly. DaaS through Amazon WorkSpaces also reduces the stress on procuring, deploying and managing a large amount of inventory.
Mitigate your Capital Cost on IT Infrastructure
With DaaS, IT infrastructure expense can be significantly brought down without compromising on the infrastructure capabilities. You can also pay for what you use by the hour. This helps companies mitigate IT expenditure for temporary demand which can quickly later turn into dead investment.
Amazon WorkSpaces deployment provides a comprehensive security cover that helps companies mitigate security threats. Additionally, Cloud4C offers a comprehensive role control mechanism allowing companies to have a tight control over their data and other digital assets.
Control the Instances from Anywhere in the World
By letting go of physical assets, companies do not risk losing any control over their IT infrastructure. Amazon WorkSpaces provide a feature-rich provisioning service that can help create, provision or delete a large number of workspaces within minutes. This coupled with Bring-Your-Own-Device (BYOD) can give a lot of control for the IT staff without compromising their security or breaking the bank.
Deploy Linux or Windows instances within minutes
Amazon WorkSpaces does not restrict from using any software or hardware. Users have the flexibility to choose OS, hardware and software. In fact, users can even save a small amount on the Amazon WorkSpace bill if they bring their own licenses.
Offload Infrastructure Management
IT staff no longer need to spend substantial amount of time on maintaining hardware inventory, OS updates, patch roll out etc. With Amazon Workspaces in place, they can now focus more on the core functions.
Cloud4C’s Managed Amazon Workspaces Offering
While AWS WorkSpaces is a great DaaS solution, clients still have to build their preparedness to adopt it. This includes choosing the right tier of AWS offering, creating the right kind of WorkSpace to suit their requirements and managing the offering. Cloud4C team has more than a decade of experience in building and maintaining virtualized desktop environments including DaaS.
Network & Security
Why Cloud4C to deploy Amazon Workspaces for you
To make the most of DaaS offering such as Amazon Workspaces, companies need the best of the tools along with a full suite of managed services. Cloud4C helped many companies successfully leverage on DaaS to take their infrastructure to the next level. Due to our comprehensive service portfolio, our customers can depend on us via a single SLA that covers all the services. Our processes and deployment approach are based on decades of experience in helping our clients.
Key highlights of Cloud4C are:
- 2000+ certified Cloud experts
- 24X7 support via NOC and SOC, even during difficult times like COVID-19 lockdown
- Total ownership through single SLA for all the services
- We successfully deployed and managed 5000+ VDI instances
- Pay-as-you-go Model - No capital cost towards IT infrastructure
- Automated deployment and management - Designed to save cost and time
- Continuous monitoring of industry compliance and security control
- Scale as per your business need within minutes
Amazon WorkSpaces Architecture Diagram
Cloud4C Amazon Workspaces Deployment Strategy
Cloud4C created a high level plan so that our customers can start using Amazon Workspaces as effective as possible from Day 1.
1. Network and Access to AWS WorkSpaces
While most companies today have all the necessary tools for accessing AWS WorkSpaces, we need to make sure all the necessary inventory is in place and the basic setup is done. At this stage, we setup VPC - private subnets and NAT Gateway. We ensure that the users have the necessary connectivity and associated protocols defned like S2S and VPN tools. We also look at the IP allocation and other HDLP aspects such as web and data access, IP access control, and trusted devices.
2. Authentication and User Access Management
At this stage, we use Microsoft Active Directory (AD) to create authentication and user access protocols. We create an AD on AWS and map it to the on-premise domain. This enables users to access fles that are part of the on-premise domain.
3. Security and Data Protection
This is a vital step where we create a security layer for all the data that is being transferred in the network. Encryption of data, mapping protocols for secure data transfer, deploying HDLP software, antivirus and any security features needed to ensure compliance, are done at this stage. This will make sure that using Amazon WorkSpaces does not violate any compliance norms.
4. Monitoring and Management
While ensuring security from all aspects, it is still workspaces. We install tools and create processes to track events and metrics of the network to auto- very important to monitor and manage the matically create performance reports periodically. We also make sure regulars backups are created for the data.
Use cases for AWS Managed Azure Active Directory
Cloud4C Phase-wise Approach and Implementation
We believe that successful adoption of AWS WorkSpaces is possible only by making sure the onboarding process is done the right way in addition to the necessary maintenance. To achieve this, we have created a phase-wise approach and implementa- tion process.
Introduction of Cloud4C AWS CCoE & CAF
- Introduction to Cloud4C
- DaaS use case and scenarios
- Understand the landscape for building the DaaS -> AD / File servers / Desktops / Laptops / DaaS (on premise if deployed)
- Understand the Organization Security / Compliance needs
- Understand the IT standard operating procedure
- Discuss supported client device(s) (PC, Mac, Linux, iPad, Kindle Fire, or Android Tablet)
Prepare Deployment Plan and Landing Zone Design
- DaaS user profling and
- User Category with bundle mapping
- Process of accessing the DaaS (Technical)
- AWS landing zone
- Active directory integrations Planning
- Planning Data Protection , IAM, Resilience ,Infrastructure Security, Backup & DR Planning
- Data migration from on-premise to Cloud
- Commercial Estimates
- Deployment Timelines
Deployment / Migration of DaaS Environment
- AWS Account Setup
- Building Landing Zone
- Ideality integration
- Confgure MFA and other security controls
- Build Image and launch workspaces
- Test Profles and Client experiences
- Migrate on-premise data
- Test and Commission
- Operationalize & Confgure Backup
- Optional -Confgure advanced application catalogs using AWS WAM, AWS appstream, Custom Bundles, BYOL, cross region DR and other advanced features
Introduction to Our Processes and Practices
We initially introduce our customers to the standard templates we follow for each use case and scenario. After we pick the closest scenario, we go about customizing it to suit the requirements of the specifc customer. We also understand what infrastructure do they currently have and what additional infra they have to obtain for this project. Additionally, we understand the customers’ security needs to create a suitable offering.
Prepare Deployment Plan and Landing Zone Design
To start with, we will profle end users of the DaaS product for providing apt solutions to them. Based on this informa- tion, we create user category bundle mapping to make it easy for IT administrators to provision services. We also lever- age on AWS Landing Zone and Active Directory to create the necessary provisioning infrastructure for the WorkSpac- es.
Additionally, we investigate, plan and estimate the need for security, IAM, compliance, resilience, infrastructure securi- ty, backup and disaster recovery. The project scope is understood based on these aspects.
Deployment of and Migration to Amazon WorkSpaces
Once we understand our customer expectations and we agree upon the requirements, we get to execution of the project. Starting from setting up the AWS account to operationalizing and confguring the backup, we have a predefned set of processes which are executed meticulously.