Azure Virtual Desktop and Bastion

Jevon Davis 141 Reputation points
2021-09-24T15:06:51.56+00:00

I am playing around with my setup and currently have a Azure Virtual Desktop Environment setup. There are concurrent sessions setup on our Windows 10 instances as to facilitate staff working. I am looking to make it more secure and include Bastion in the process. Does Bastion facilitate multiple concurrent user sessions or is it restricted to one user per VM? I am trying to weigh the pros and cons of it

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,113 questions
Azure Bastion
Azure Bastion
An Azure service that provides private and fully managed Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to virtual machines.
241 questions
Azure Virtual Desktop
Azure Virtual Desktop
A Microsoft desktop and app virtualization service that runs on Azure. Previously known as Windows Virtual Desktop.
1,362 questions
0 comments
Accepted answer
  1. Pierre-Luc Giguere 1,076 Reputation points
    2021-09-24T20:08:55.527+00:00

    Hi Davis,

    It can support multiple connections to the same host.

    Bastion connectivity to Azure Virtual Desktop is not supported.

    Source: https://learn.microsoft.com/en-us/azure/bastion/bastion-faq#peering

    Bastion is aimed toward administration of IaaS VMs and not to facilitate end users work.

    When you configure Azure Bastion using the Basic SKU, two instances are created. If you use the Standard SKU, you can specify the number of instances. [...] Each instance can support 10-12 concurrent RDP/SSH connections. The number of connections per instances depends on what actions you are taking when connected to the client VM. For example, if you are doing something data intensive, it creates a larger load for the instance to process. Once the concurrent sessions are exceeded, an additional scale unit (instance) is required.

    source: https://learn.microsoft.com/en-us/azure/bastion/configuration-settings#instance

    I do not believe that this is the product you are looking for.

    You might want to consider using Azure Firewall and App Locker. May I suggest an excellent Learning Path : Deliver remote desktops and apps with Azure Virtual Desktop

    https://learn.microsoft.com/en-us/learn/paths/m365-wvd/

    Don't forget to mark this answer if it helped you.

    3 people found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alan Kinane 16,786 Reputation points MVP
    2021-09-24T18:36:35.973+00:00

    Azure Bastion is only used for administrative purposes, you can't use it to provide user access to Azure Virtual Desktop - https://learn.microsoft.com/en-us/azure/bastion/bastion-faq#does-bastion-support-connectivity-to-azure-virtual-desktop

    In terms of administrative access, you can have 10-12 concurrent sessions per instance of Azure Bastion across all of your VMs - https://learn.microsoft.com/en-us/azure/bastion/configuration-settings#instance

    2 people found this answer helpful.
    0 comments