Windows-as-a-Service a step closer to reality as Azure RDS opens up
Microsoft slipped one under the radar for everyone who relies on its Azure service for Windows virtual machines. In a move that even took me off guard, Microsoft has reversed a longstanding policy of not allowing any form of RDS (Remote Desktop Services) on Windows Azure.
Previous policies strictly enforced remote desktop access on Azure only for the purposes of "administration and maintenance." As of July 1, this stumbling block for many Azure early adopters is finally gone, with a few caveats which I'll point out shortly.
I've been following the silent cold war Microsoft is slowly ramping up in the desktop-as-a-service arena for the past half year or so. In many ways, Redmond is competing against a very unlikely foe: itself. Just like Microsoft is trying to wean people off traditional desktop Office and onto Office 365 plans, with the ultimate goal being Office Web Apps taking over entirely, its plans to combat a gargantuan user base of desktop Windows users may be brewing sooner than you think.
A week ago, I covered the likely plausibility of Active Directory-as-a-Service offerings through Intune or Azure -- or a little mix of both. The idea doesn't seem so crazy if you take into account Microsoft's aggressive behind the scenes research under the guise of "Mohoro". This top-secret initiative is a supposed full blown effort to bring Windows desktop-as-a-service capability to the masses sometime later next year.
So why isn't Microsoft's latest Laissez-faire about face on Azure Remote Desktop that surprising? If you view it in the context of everything else that is seemingly going Azure-centric as of late, then it becomes clear that Microsoft is just bringing down the barriers to a quickly evolving 'Azure first' future.
What the new RDS licensing entails for Azure VMs
Remote Desktop Services (RDS) is a collective technical backbone caked right into Windows Server 2012 that allows for numerous use case scenarios. The most classic one, which we still use heavily with customers of my company, is what used to be called Terminal Services. Microsoft calls these virtual desktops run on a centralized server "session based desktops" over RDS, and this is precisely the item which was strictly forbidden on Azure -- until recently.
Session based Remote Desktops are very convenient in many ways. For one, Remote Desktop is a free tool that has been bundled with every copy of Windows since 2000. It replicates nearly everything that GoToMyPC or LogMeIn can do minus a few bells and whistles. Companies looking to either host these "virtual workspaces" for clients or for workers of their own organization were locked out from doing so due to Microsoft's arcane licensing policies regarding RDS on Azure virtual machines.
Session-based Remote Desktop hosting was strictly forbidden on Azure virtual machines until July 1. While the relaxed rules do allow a lot of flexibility in using RDS on Azure going forward, the concession brings with it a requirement of licensing each device or user on Azure RDS with Subscriber Access Licenses (SALs) that are primarily geared towards service providers. A tough sell for companies heavily invested in RDS Client Access Licenses (CALs) through Enterprise agreements.
Microsoft gave us a signal that it is moving its Azure regulations in the right direction, and on July 1, opened up the use of Azure for the purpose of serving virtually hosted desktops. Mind you, if you believe that this means you can run your copy of Windows 7 or 8 in the cloud, you're absolutely wrong.
While Microsoft does allow for desktops to be served off virtual Windows Server editions (like 2008 R2 or 2012), tossing up client copies of Windows into Azure is still strictly forbidden. To the same end, Microsoft's legalese prevents anyone from hosting client copies of Windows in any shared multi-tenant user environment -- which pretty much covers Azure, Amazon AWS, RackSpace cloud, etc.
Before you get too excited about the rule changes, Microsoft is sticking it to the large majority of organizations that could have benefited most from this move by requiring a wildly different licensing model than what corporations are used to. The traditional way that Microsoft has always licensed access to RDS session-based desktops is via RDS Client Access Licenses (CALs) sold through distributors or Enterprise Agreements.
Azure's foray into RDS desktop-as-a-service runs slightly off course and requires RDS Subscriber Access Licenses (SALs) which are procured solely through a Microsoft Services Provider Licensing Agreement (SPLA). You can read through the full FAQ provided by Microsoft to see what steps are necessary to leverage RDS on the Azure platform. While it's technically legal for any organization to purchase these licenses as far as I know, it's just another layer of expense, especially if you're already invested knee-deep in traditional CALs.
RDS on Azure only a stopgap until Mohoro is ready?
It's pretty evident that Microsoft is going only halfway in on its licensing concessions for Azure RDS in order to keep an ace up its sleeve for something to come. More likely than not, I think Microsoft opened the gates to those who were clamoring for Azure RDS the most (that is, developers who needed it to host software for customers in the cloud) while keeping the average corporation or small business at bay. Presumably, because it's got grander intentions down the road in the form of 'Mohoro'.
Looking at how Microsoft is falling in love with the subscription models that Office 365 have been pushing, it's not far fetched to believe that a hosted Windows desktop-as-a-service future is on Microsoft's near term 2-4 year radar. Doubly, the way that Azure's new licensing model for RDS strictly prohibits the use of long-established CALs in favor of the more peculiar SALs, Microsoft wants to make it a rocky road for any company looking to move its remote desktop backbone into the cloud too soon.
As a proof of concept, Azure's allowance of formal RDS may not be the golden gem that many companies were hoping for by now, but it does solidify the fact that Azure is more than capable of being considered a remote desktop powerhouse -- even if it serves it up in a flavor that isn't our cup of tea right now.
Photo Credit: auremar/Shutterstock
Derrick Wlodarz is an IT Specialist that owns Park Ridge, IL (USA) based technology consulting & service company FireLogic, with over 8+ years of IT experience in the private and public sectors. He holds numerous technical credentials from Microsoft, Google, and CompTIA and specializes in consulting customers on growing hot technologies such as Office 365, Google Apps, cloud hosted VoIP, among others. Derrick is an active member of CompTIA's Subject Matter Expert Technical Advisory Council that shapes the future of CompTIA exams across the world. You can reach him at derrick at wlodarz dot net.