If you don’t know, I love VDI and Security things, but I have a special place for thin clients in the VDI world. I have been using and managing thin client solutions for around 14 years and I have seen many solutions come and go and what works and what doesn’t.
The admin nerd in me loves the simplicity of a thin client solution over a traditional Windows endpoint. Having to manage its domain membership, group policies, OS patching and third-party application patching gets to be a full-time job pretty quickly depending on the number of devices to manage. When we move to a thin client solution, we still must manage them, but they typically will also be the same OS and patch level of other components and can be managed from one console instead of multiple. The administrative benefits are great but also the security nerd comes out and knows there is massive attack surface difference with having a purpose-built device to connect to VDI systems. Most thin clients will have to be patched less than monthly unless there is a security issue. Third-party applications are usually included in those updates, they get configured typically once and you’re done. Not having a full featured OS like a typical Windows endpoint, and listening to fewer network ports also helps reduce the attack surface.
With all that being said the one thing that sets thin client vendors apart is how they manage devices and also what manages them. Without a good management console and management policies you will not have a good experience managing thin client systems. After years of so many variations of the thin client management console I was excited when I saw Straodesk was the first to announce their Stratodesk NoTouch Center within the Microsoft Azure Marketplace Azure as a native offering. I already loved their virtual appliance approach to managing their current systems locally or even in the cloud, but with the adding it within Azure I thought, “I wonder how easy it would be to setup and get going?”
There are many times you need to get a deployment up fast, and with the work from home emphasis this past couple years, you must also be agile to adapt to new solutions. I have worked with Stratodesk’s software in local and cloud datacenters, but wanted to kick the tires on this new way of doing things. I have seen such a big push to the cloud from so many companies that I would have never thought they would have moved anything, but many have move their VDI deployments, external facing services and of course Mail to the cloud. I
I hope this blog helps anyone wanting to get started with this new solution from Stratodesk. If you have a Citrix Virtual Apps and Desktops, Microsoft Azure Virtual Desktop or VMware Horizon deployment you will be ready to manage Stratodesk endpoints in just a couple minutes.
- Login with your Azure\Microsoft Account.
- Azure Market Place Link https://azuremarketplace.microsoft.com/en-us/marketplace/apps/stratodesk1611152769936.stratodesk_ntc_mp_1
- Or you can search for Stratodesk in the main search bar or down under resources.
- Fill out your Info
- Select “Continue”
- Wait for It
- Almost there
- Select “Create”
- Pick the Size, I picked the V3 as is a little cheaper than the V2 and give you a bit more RAM too.
- Enter your Resource Name and username and then Select which Resource Group, Region and Authentication then Select “Review + Create”. This selection is near default.
- Wait about 20 seconds
- Ensure your name, e-mail address and phone number are correct and Select “Create”
- As the resource is being prepped to be created make sure and download your SSH Key Pair by selecting “Download private key and create resource”.
- Make sure and download your SSH Key and store it in a Safe Spot (Encrypted Storage Containers are recommended)
- The deployment is cooking, 10 More Seconds
- Select “Go to resource”
- Head to your Public IP or Private IP based on your resource and network configurations for your Azure tenant.
- Log in (UN admin, PW admin) and build your Configuration and Start Managing Endpoints all over the world with this now Cloud Native Thin Client Management System!
- Make sure and change that Admin password from its default ? and then Create a Login for your users for them to use. We recommend binding this deployment to your LDAP provider to awesome role-based access. Then you want to change that VDI Client Administrator Password too.
- Then Create your Profile for your Microsoft WVD, Citrix Virtual Apps and Desktops or VMware Horizon configuration and you are ready to go. In just under 2 minutes, you are ready to start configuring your endpoints and start launching resources.
- Changing Passwords Overview https://www.stratodesk.com/kb/Client_admin_password
- Citrix Setup Guide https://www.stratodesk.com/kb/Citrix_Workspace_App
- VMware Horizon Guide https://www.stratodesk.com/kb/VMware_Horizon_View
- Microsoft Azure Virtual Desktop (AVD) and Windows Virtual Desktop https://www.stratodesk.com/kb/Microsoft_Windows_Virtual_Desktop_(WVD)
If you are a Citrix, Microsoft, or VMware VDI customer and have clients that just connect to VDI resources and don’t require local application access then I would suggest looking at Stratodesk especially if you are already an Azure customer too. Being able to set up this appliance quickly can not only help you get started faster, but also keep you in control of the resource in a familiar cloud. If you have a majority of work from home users, this can make your deployment even simpler. Make sure to work with your Cloud team to ensure you have the appropriate resource group and network settings based on your security standards for this deployment in place.
*Note – Since this isn’t a managed service offering you will have to patch this system on a regular basis which is around quarterly for Stratodesk NoTouch Center and monthly for the Stratodesk NoTouch OS. They make the process very easy with version lookups within the console and the ability to update the appliance OS (Stratodesk NoTouch Firmware Update Link https://www.stratodesk.com/kb/Firmware_Update) and management software separately.
As of July 2021, I only see IGEL with any solution in the Azure Marketplace and that is their Cloud Gateway appliance used to bridge external devices to their UMS server. I’m sure over the next year we will see more thin client vendors in the marketplace along with more offering cloud-based management systems as the work from home push continues.
IGEL Cloud Gateway Snapshot