HOW TO Lift and Shift Migration Strategy for Managed Service Providers (MSPs)

Introduction

As a quick overview and definition of terms, a “lift and shift” is where existing resources are migrated from the on-premises environment into Azure. A close cousin of this is a Greenfield deployment where new VMs are provisioned in Azure and only the data is moved from on-premises. In this white paper, we will use lift and shift (L&S) to reference both since in most cases, partners will be doing a little bit of each when migrating their on-premises environment to Azure.

Before we get too deep into the L&S strategy, let’s also discuss its counterpart which is known as a Hybrid Active Directory configuration. Hybrid AD is the process of extending an on-premises internal domain into the Azure environment, allowing you to keep existing infrastructure in place, as well as providing new resources in Azure under the on-premises internal domain.

In some cases when we bring up the idea of migrating the on-premises environment into Azure, our partners become a little overwhelmed at the prospect of moving everything. They say something like “we’ve spent a lot of time and energy building the existing environment, we don’t want to go through the headache of migrating everything or starting over.” This is definitely a valid argument, however, when we break down the process and go over exactly what’s included, most partners actually get excited about the L&S Azure migration option and elect to go this route.

Lift and Shift Concerns

In order to do this topic justice, let’s begin by bringing up the top three concerns we hear partners raise when considering the L&S strategy, and we’ll break down exactly why those concerns are largely unfounded.

Concern #1: Changing the Active Directory management from on-premisesises to Azure

“Transferring user data sounds like more work than it’s worth, plus it could cause major disruptions for the end-user.”

To address this effectively, we’ll break down both concerns in turn.

Active Directory

The process of severing the user’s connections with the on-premisesises AD and transferring ownership of those users to the AD in Azure is pretty straightforward. What’s, even more, is that the process of transferring ownership shouldn’t cause any disruptions to the end-user. Nothing is physically migrated (i.e.. email, contacts, calendar appointments, etc.); you’re only changing who has the rights to manage those user objects.

Transferring User Data

Since users will be moving to the cloud anyway, we see the process of transferring user data as the first step to get users thinking in that direction. Although there are several options for this, we normally see partners leverage something like SharePoint or OneDrive to easily backup the user’s data, and then copy that to the AVD environment. We’ve even seen this as something the end users appreciate because it gives them the option to do some house cleaning on their local session. Our partners will hand this task over to the end-user and have them decide what’s important to bring over to the cloud environment, and what on their computer is old or redundant data that can be cleaned up or left on the old environment. Once the users have synced their data with an application like OneDrive, the data migration phase is essentially over since the users will simply authenticate to OneDrive in Azure and have all their critical data ready and accessible.

As you can see, when we break down both of these concerns, the actual transition for the users won’t cause much disruption at all and can take place during standard work hours if necessary. The process of severing the user’s connections with the on-premisesises AD and transferring ownership of those users to the AD in Azure is pretty straightforward. What’s even more is that the process of transferring ownership shouldn’t cause any disruptions to the end-user. Nothing is physically migrated (i.e.. email, contacts, calendar appointments, etc.); you’re only changing who has the rights to manage those user objects.

Concern #2: Group Policy/On-premisesises Domain

“Our group policy and on-premisesises internal domain have been in place for years. It would be too difficult to start over in Azure.”

Since both the GPOs and the internal domain have sometimes existed for over a decade, it’s understandable why partners are initially hesitant to transition away. What makes matters worse is that most MSPs have inherited the domain and GPO from a previous provider, which adds another layer of uncertainty. In these situations, there are two options we see most often utilized by partners.

Option 1: Export/Import

The first option is to simply export the GPOs from the on-premisesises environment into Azure. This can be a good option, but one thing to keep in mind is that both the good and the bad get migrated over when going this route. If this environment had been operating for over a decade, it’s likely a mess and you’re bringing that mess into the Cloud with you. As a result, partners will frequently decide to go with option two.

Option 2: Clean Start with a Reference

The other option is to start over clean and fresh in the cloud but use the existing on-premises GPO as a template to build out the GPO in Azure. Although this sounds intimidating at first, once our partners think about it, they start to like the idea of having complete control and intentionality behind every rule and policy that’s in place in the environment.

Tied into this conversation is the idea of moving away from the internal domain on-premises. This would be something like contoso.local. After working with many partners in similar scenarios, we’ve found that since they are moving all the infrastructure and users to the cloud, there isn’t a great reason to keep the on-premises internal domain. All the on-premises servers will be in the cloud and the users and their AVD desktops will be managed by AD and GPO in the cloud. The only thing left on-premises are the users’ physical workstations which, to a degree, become irrelevant. What I mean by this is that technically, the users could log in from any computer in the world, as long as they have their phone nearby to verify 2- factor authentication. They could be at home, in the office, at the local library, etc.

In addition, given that AVD is now streamed to their local session, they could use something as simple as a Microsoft Surface Pro, Chrome Book, or some other low-level laptop. Once the connection is established, they’re then placed in the cloud with all the controls and restrictions that have been set via GPO. So again, being tied to an on-premisesises internal domain is really not necessary since there won’t really be anything left on-premisesises other than a few workstations.

Concern #3: Migration

“It’s going to be too much of a headache to migrate all the On-premisesises infrastructure into Azure”

The final concern we see partners raise is related to the migration process of moving their on-premises infrastructure into Azure. This is especially true when they’ve spent an extended period of time configuring their Servers with applications and customizations that would take 8 to 12 hours to reconfigure from scratch in Azure. In these situations, we see them leverage Azure native tools like Azure migrate or Azure Site Recovery to lift their servers and place them into Azure. This allows for a transition of the entire server without going through the headache of reconfiguring it. They can then place it on the new internal domain in Azure and move forward as if nothing changed. The other option is to use something like our Nerdio built in data mirroring tool. This is effective when the on-premises server is end-of-life and has an outdated operating system. In this case partners don’t typically want to move, for example, a server 2008 R2, or 2012 machine into Azure. Instead, they’ll migrate individual files/folders using our data mirroring tool, and provision a brand-new server in Azure as the new host.

As you can see, if we break down the top three concerns and talk about the details of what’s included, then the L&S option becomes far more appealing, and the vast majority of our partners choose to go this Azure migration route.

Advantages of L&S

Now that we’ve addressed the top three concerns let’s talk about the top three advantages of going the L&S route.

Advantage #1: Reduces Overhead and Increases Security

As you can imagine, not having the on-premises infrastructure will immediately reduce costs when compared to the Hybrid AD setup. With the L&S strategy, you don’t have to worry about refreshing end-of-life servers or keeping them backed up. The other benefit is that the L&S option requires less infrastructure to run than the Hybrid AD setup. Hybrid AD out of the box includes an additional DC to manage the Domain Trust between on-premises and Azure.

In addition to the reduced overhead, the L&S option is far more secure as there are less opportunities for security breaches. With everything sitting in Azure the only thing left on-premises are the physical workstations used to establish a connection to user’s virtual desktops, and those are usually secured with 2-factor. The actual infrastructure in Azure and the security protecting it is backed my Microsoft’s trillion-dollar budget, which makes it infinitely more secure than anything the average MSP could create, both physical and virtual.

Advantage #2: Run LOB Applications in Parallel

One of the advantages of a L&S deployment is the ability to test and verify the cloud infrastructure before providing access for end-users. This is especially true with Database applications such as SQL. You can restore the on-premises database in the cloud and run it for a few weeks or for however long is necessary to ensure everything is working as it should. Then as the last step just take one final backup of the SQL database, migrate it into the cloud environment over the weekend, and then use the Cloud environment as the authority starting the next week. This provides ample opportunity for testing and helps to ensure an outstanding end-user experience once the environment goes live.

Advantage #3: Clean Start

Going the L&S route provides for a good refresh of the entire environment. You’re getting a new internal domain, fresh GPOs, new infrastructure, and a clean AD forest. In addition, you’ll be running all servers on the latest OS and user desktops will be running Windows 10 natively, rather than a Server OS built to look like Win10.

In summary, going the L&S route can be a good way of bringing a client who was running on a legacy environment into the modern age of technology.

Migration Path

Now let’s look at the practical order and steps we usually see these Azure migrations take. In order to provide the least amount of disruption to end-users, the Infrastructure & GPOs are typically pulled over to the new Azure environment first. After that’s been thoroughly tested and confirmed to work, the end-users are then migrated over to the new environment and everything on-premises is done away with.

Step #1: Infrastructure

The first step when migrating the infrastructure is to select which servers will be migrated as a whole and which server will get built new in Azure. After this you’ll migrate the servers specified to get lifted into Azure by leveraging the Azure Migrate tool. The servers you selected to build new in Azure, you’ll use the Nerdio native Data Mirroring tool to transfer the data from the older server onto the new server in Azure. During this phase, you’ll also configure the AVD pools and any dedicated desktops that will get provisioned for new users.

Step #2: GPO

Migrating the policies from on-premises into Azure is pretty straightforward. You can either export them from on-premises and import them into the Azure environment or use the on-premises GPOs as a template and build them new in Azure manually.

After migrating both the infrastructure & GPOs to Azure, the on-premises environment should still be fully functional. This means that from a quality assurance standpoint you’ll be able to setup and configure everything in the cloud before moving to the user import phase. This allows you to test LOB applications, ensure GPOs are applying, and overall thoroughly test the environment to ensure that end-users have a great first impression. Once this is complete, you’re ready to move to the User migration phase.

Step #3: Users

The final piece in the migration is to import users over into Azure. This includes breaking their connection with the current on-premises AD and adjusting the management piece to the AD in Azure. One thing to keep in mind is that the migration will require a password reset for each user and can take sometimes 72 hours to enable dirsync. We recommend initiating the process EOD Thursday or Friday (if doing it over the weekend) to provide enough time for the resync to conclude and users to get fully configured for the workday on Monday.

One important thing to note is that the process of breaking the user’s connection with the current on-premisesises AD does not cause any disruption, but that’s the piece that can take around 72 hours to complete. That timeframe is subjective and is something only Microsoft can speed up, however starting this on Thursday or Friday during work hours won’t cause any disruptions for the end-user. The only thing that will change is general user administration tasks such as password resets and user adjustments will need to be executed from the Office portal, rather than on-premises AD.

Once users are syncing with the AD in Azure, they will populate as eligible users to be imported through the Nerdio Admin Portal. That piece is where the password reset comes in and is the first place where end-users might be negatively impacted if enough foresight hasn’t been applied.

That’s it! At this point you’ve configured the infrastructure in the environment, you have it managed by the appropriate GPOs, and users have been migrated over and are operating smoothly in the new environment. Everything has been fully tested and it’s all backed up and totally secure.

Helpful Tools

As the final section, I thought it would be beneficial to highlight a few Nerdio native tools that are quite helpful when transitioning from on-premises to the cloud.

Bulk Add/Update Tools

One of the most underutilized Nerdio tools is the Bulk Add/Update tools. These are used most effectively during the import/configuration phase and for bulk changes after the fact. Our bulk add/update tools provide a comprehensive Excel spreadsheet to populate with various changes including new resource assignments, password resets, and adjusting Office licensing. You can make all these changes on one sheet, then upload that to the Nerdio Admin Portal and our script will run through the list and make all the changes in an automated fashion.

AVD Pool Templates

If you have an existing deployment with Nerdio then you realize how valuable our pool templates are for making bulk application/software changes for whole groups of users in a quick and automated fashion.

Data Mirroring Tool
I’ve mentioned this several times already, but it’s worth mentioning again here because it makes the data migration piece of deployments so simple and easy. It can be located under the “Onboarding” tab in the Nerdio Admin portal.

Final Thoughts

As we’ve seen, the L&S strategy for environment migrations is less expensive, more secure, and provides a more dynamic and flexible work environment than a Hybrid AD solution. When at all possible, we recommend utilizing this Azure migration strategy.

Interested in learning more? Contact us to chat more about your L&S migration questions.

Free White Paper Download!

How to Lift and Shift Migration Strategy for MSPs Download

The Best Vendor Support for MSPs, Medium, and Enterprise-sized Businesses

If anything, support needs to be top notch when dealing with medium-sized and enterprise companies. You cannot afford any single points of failure, and preferably you have access to a team of experts you can rely on to do the heavy lifting when things go wrong or when you are looking for someone to have a chat with.

Our Enterprise support team at Nerdio is fantastic– they really are. They’re knowledgeable, swift in their response, and always put the customer first.

One of the things I like best, though, is that support is included with both Nerdio Manager for Enterprise and MSP. You don’t need to purchase and pay for a separate support contract, renew yearly, or anything like that. Having said that, take a look at our licensing options and monthly pricing and it almost seems too good to be true.

In fact, during the PoC phase (both solutions are available from the Azure Marketplace, up and running within 45 minutes), you can make use of support as well. During the PoC we always try to make sure that our (potential) customers get the best out of Nerdio during their 30 day free trial. This approach lowers the barrier, saves time, money, and makes sure we are all on the same page.

Proof of Concept Support

On a few occasions I’ve had some customers who ran into an issue, a misconfiguration, or an error of some sort during the PoC phase. Whenever I can, I will always try to help them personally. However, I don’t mind sending them over to Nerdio Support because I know they will be satisfied later that day – or that same hour in many cases.

Even before you start using Nerdio in production, you will have experienced all facets that come with using an Enterprise solution and building a long-term relationship, which is the ultimate goal, of course.

Online Resources

I always point out our first line of defense–our online Nerdio Academy for both Manager for Enterprise as well as MSP. The content is brief, to the point, and very easy to digest.

We have videos and Knowledge Base articles on just about any configuration option available within both solutions. What about the inner workings of the solutions and the permissions they need? What data is stored where? You name it, you’ll find it online.

Our release notes page let you know what’s coming up and enables you to view all previous released versions including all features and functionalities released with it. Again, links to videos and Knowledge Base (KB) articles will be included there as well.

We often get questions about licensing, how licenses are counted and invoiced, the types of licenses and their differences per solution. This is also out in the open.

What about security? How to harden underlying services and secure communication within your AVD environment, advanced app service configurations, that sort of thing. Backup your Nerdio/AVD configuration, how to make your deployment highly available if desired. That and more, you can find it all online. Including various best practices.

Visit the Nerdio Academy

Go Live Engineer

When it comes to Nerdio Manager for MSP we even take it one step further and offer our customers additional FREE support in the form of a Go Live Engineer, or GLE for short.

The GLE engagement is offered to new partners looking to accelerate their cloud entry with Nerdio as they work towards growing an Azure practice with their first two accounts.

New partners are entitled to have two free GLE engagements. A GLEs primary goal with a partner is to help them bring a closed deal to its go live in a timely manner using best practice and methods aligned with giving their customers a positive and sustainable cloud experience. The following are the details of the process to achieve that goal.

For direct partners, a GLE involvement will be scoped as follows:

Architectural and proposal (quote) validation
Nerdio Orchestration and best practices
Host and Golden Image/Template management
VPN Configuration
- Including IKEv1 vs IKEv2
Office installation knowledge transfer (Nerdio to provide KBs)
Nerdio pool management and optimization features
Azure VM series evaluation and configuration
FSLogix review and walk through from Nerdio orchestration.

How about that?

Let us know if you would like to learn more or have a customer-case where you think this approach makes sense and we can set it up together.

What About Nerdio Manager for Enterprise?

Even though we do not have a similar service for Nerdio Manager for Enterprise, we always put in the effort necessary to make sure our clients and partners are successful. We often organize extensive deep(er) dive sessions, demos, one to many questionnaires, one-on-one meetings; you name it, it always works out!

Once we start a PoC, we make sure to discuss success criteria and act accordingly in the weeks that follow. We’ll schedule additional sessions, do a quick health check in between, to make sure that together we get the most out of the 30-day free trial.

Partnerd Program

As part of our Partnerd program, we offer various benefits based on tiered partner levels, which can be achieved in multiple ways. This includes but is not limited to free Nerdio certifications, exclusive training and webinars, and an all-expense paid trip to NerdioCon (annual event) as you add more customers and move up in partner tiers.

From a marketing perspective, you can count on access to exclusive, white-labeled content, up-to-date product demo videos, e-guides and white papers, and monthly partner webinars.

Furthermore, you can gain access to the previously highlighted Nerdio’s Go Live engineering team and earn monthly training sessions with Nerdio leadership.

Learn more about the Partnerd program here

Next Steps

As you can see, there is a wealth of free information and support available. We support our partners and customers in any way you can think of, and we always go the extra mile, as they say. I would like to invite you to become part of ecosystem as well, you won’t be disappointed, I promise!

Thank you for reading and until next time.

Get your first 10 users free

How Nerdio Enhances the Provisioning & Management of NEW Windows 365

Now that Windows 365 is out in the open, you might be wondering: what is the added value of Nerdio Manager on top of the native service? A fair question. Let’s dig in a bit more and see how Nerdio makes the life of a (future) Windows 365/AVD administrator easier and more efficient.

First, it’s important to understand that Windows 365 has been built on top of the existing Azure Virtual Desktop architecture, meaning there are many similarities, even though most might be hidden to the end user.

Second, Nerdio has a proven track record when it comes to automating, managing, and optimizing new and existing Azure Virtual desktop (AVD) environments. In fact, from a development and support perspective, Nerdio has been partnered with Microsoft even before day 1 of AVD availability. We go as far back as when it was still referred to as RDmi a few years ago.

So, you could say that we have some experience in that area (understatement). Today, Nerdio Manager is recognized by thousands of companies globally as being the go-to management and automation platform regarding everything AVD (and now also Windows 365) related.

When it comes to Cloud PC, history repeats itself, in a good way. For the past year,  Nerdio has  worked closely with Microsoft  Engineering to help  develop Windows 365  and provide support for  cloud PCs in  Nerdio  Manager for MSP and Nerdio Manager for Enterprise, and is once again ready to go on day 1 of availability. 

Nerdio is familiar with all the ins and outs, the pros and cons, limitations and flexibility of both platforms and we are well known for helping our customers pick the right solution for their unique use-case(s), which, needless to say, we’ll continue doing.

Next to everything we have been building for AVD throughout the last couple of years, this has now been complemented by a complete, designed from the ground-up management suite for Windows 365  Cloud PCs.

The Two Types of Windows 365 Cloud PC

As you might be aware, Windows 365 comes in two different SKUs: Enterprise (MEM-Managed) and Business. MEM stands for Microsoft Endpoint Manager. While this document is not meant as a deep dive into Windows 365, it’s important to understand the differences between these two models, including a few things to keep in mind in terms of evaluating both options.

As a side note… For more details on the underlying architecture, license requirements, how to set things up, and such, see this article.

Enterprise Cloud PCs are designed for companies that have invested in Microsoft Endpoint Manager and are using this powerful platform to manage their existing, physical Windows 10 desktops.  Enterprise cloud PCs require an Intune license for each user  who is  assigned a cloud PC M365 SKU. 

However, if you are new to MEM and still have not implemented it, this might come with a (steep?) learning-curve and some other forms of investment.

On the other hand, Business Cloud PCs are designed for individual users and very small businesses that typically go to their local Best Buy (or European equivalent) when they need a new PC.  Now, instead of  visiting  a Best Buy, they can go to Microsoft and subscribe to a new Cloud PC and have it ready to use in an hour.  Business Cloud PCs do not require  an MEM/Intune license and are managed entirely by the user,  which is similar to  a stand alone physical PC.

Depending on your requirements, knowledge level, and management capabilities, this may or may not be a good fit.

Finally, Windows 365 VMs can best be compared to physical machines, meaning they are persistent to the user and everything a user does on that machine will be stored and saved on the underlying/attached hard disk.

Overall Management of Windows 365

Enterprise  Windows 365 Cloud PCs  are  managed via  Microsoft Endpoint  Manager (Intune)  and via  the Azure portal  for networking.  Administration of  MEM-managed Cloud PCs  can also be unified  (together with AVD) via a single portal like the Nerdio Manager. MEM  allows management  of Cloud PCs at the OS  level and above. 

This means that  admins do not have access to  make changes to the underlying VM resources; they can  only make changes to Windows and applications.  As highlighted, virtual networking is managed  via the Azure portal, unless Nerdio is used, of course.

We enable you to manage all of your Cloud PC network connections directly from Nerdio Manager.

Business Windows 365 Cloud PCs are not  integrated with  Endpoint Manager  and do not have a dedicated management portal (except for the 365-license portal to assign licenses and kick-off the (re)provisioning process).  They can  only be managed  by the  end user assigned to the desktop while logged into it, much like a physical PC.

Actions such as  PC restarts  can be performed by the user  from the cloud  PC  web portal. Nerdio Manager enables you to set up all pre-requisites, provision/re-provision your Cloud PCs, run scripted actions, and restart them as needed.

Applications and (Image) Updates

Enterprise Cloud PCs can be updated via MEM or  manual methods. Image-based software deployments are not typical without  third-party tools like Nerdio Manager, as is the necessary user profile management that comes with it.

Also, MSIX AppAttach application delivery  is not  currently supported with Windows 365, however, it wouldn’t be a surprise if this is introduced in the future, and when that happens, Nerdio has MSIX AppAttach support fully integrated and ready to go.

Business Cloud PCs can be updated  with Windows update manually by the user or by using third-party management tools. 

Enterprise Cloud PCs support Microsoft provided images based on Windows 10 Enterprise (single-user only and persistent only, remember), or any custom images that the customer might have available in their subscription.

Nerdio already offered unparalleled image management options for AVD and now offers the same functionality for Windows 365, all from a single management interface, side-by-side. This makes image-based software deployments, updating and patching your Enterprise Cloud PCs a breeze since everything can be automated and scheduled at will. The same image can be used to update both AVD and Windows 365.

Azure Virtual Desktop and Windows 365 Go Hand-in-hand

I already mentioned that both solutions are based on the same underlying architecture and thus have a lot in common. As such, we expect many organizations to be using some form of Windows 365 next to AVD.

Click here for a comparison of Windows 365 and AVD.

By using Nerdio Manager, you’ll have it all in one place; one single management console to provision, manage, and optimize both AVD as well as Windows 365 – single and multi-tenant.

Multi-tenant

MSPs who are managing dozens, if not hundreds of customer tenants – and even more users- might want to start exploring Windows 365 as well. Nerdio Manager for MSP offers a single management interface where you can build, manage, and optimize as many customer tenants as you would like globally and goes way beyond the concept of Azure virtual desktops, regardless of type.

Spinning up a Windows 365 and/or an AVD host is one thing; taking care of everything else (users, identity, backup, networking, monitoring, autoscaling, and the list goes on) is something different altogether. What about all of your other virtual machines (outside of AVD and or Windows 365)? Are there any VPNs you might need? This could be a single environment or hundreds – all it takes is just a few clicks.

In short, Nerdio Manager for MSP enables managed service providers to build their entire cloud practice around AVD, Windows 365, or both.

The above partly applies to Manager for Enterprise as well. We tightly integrate with many other native Azure services often used in combination with AVD, and I can imagine Windows 365 as well going forward.

Scripted Actions

These have been a big hit as of day one. Extremely flexible and powerful at the same time. You can leverage Scripted Actions (100% PowerShell based) on your Windows 365 environments as well. Even though this might seem like a small matter, it’s huge! More info on this specific topic will be published soon.

Windows 365 + Nerdio Feature Set Available as of Day One

The below will be available using Nerdio Manager as soon as Windows 365 will enter General Availability (GA). Do remember, though, we have an extensive roadmap lined up and as you are used to from Nerdio, you can expect many more updates, features and functionalities to be added going forward – we’re just getting started.

Prepare your environment with all pre-requisites for Windows 365
Create and manage on-premises network connections and provisioning policies
Create and manage desktop images, including backups and versioning
Manage Active Directory profiles
Assign users, groups, and licenses
Provision and re-provision cloud PCs
Restart cloud PC machines
Manage multiple environments from a single interface (multi-tenant)
Manage cloud PC user settings (i.e., local admin role)
Consolidated view of all cloud PCs provisioned and their status
All Windows scripts scripted actions capabilities of Nerdio Manager
Everything is audited and can be viewed in detail
And a whole lot more (coming)

Differentiating Windows 365 and AVD

Nerdio  Manager for MSP provides Managed Service Providers with a unified console to price, deploy, manage,  and optimize  all types of virtual desktops  in  the  Microsoft  cloud – both AVD and Windows 365 – across multiple customers. Selecting the right technology for the right  use-case  and deploying it with ease, using best-practices, and in the most cost-effective manner. 

Nerdio  Manager for Enterprise  helps IT pros enable Windows 365 in their existing Azure environment and to manage both AVD and Windows 365 from a unified console leveraging  powerful and automated image management, monitoring,  auto-scaling,  and scripted actions.  Nerdio  Manager will also enable  migration scenarios from AVD to Windows 365 and vice versa so each user can get the right type of virtual desktop  in the most  cost-effective  way. 

AVD is a  flexible, Azure-based VDI solution , while Windows 365 is a  simpler  and more limited Cloud PC service.  Nerdio  Manager integrates the two  services  into the  simplest, most  cost effective,  and  automated  way to deploy, manage and optimize virtual desktops  and applications  in the Microsoft  Cloud. 

Conclusion

These are exciting times. With Windows 365. Microsoft offers another, and in some cases more simplified way, to leverage cloud based virtual desktops at a fixed price. Though, before getting too excited, make sure to read through the details, prerequisites, and such — or come and have a talk with us; we’ll make sure to pick the right solution for your use-case while keeping a strong focus on ongoing manageability and the financial side of things.

Thank you for reading.

Bas van Kaam

Nerdio Field CTO, EMEA

Learn more about Microsoft Windows 365 product by clicking here!

Nerdio Manager for MSP Case Study: Chelsea Technologies

CASE STUDY

Discover how this large US-based Managed Service Provider saves significant time and money using Nerdio Manager for MSP’s automatic management and deployment of AVD, and powerful backup and auto-scale capabilities.

About Chelsea Technologies

Chelsea Technologies is a Managed Service Provider (MSP) in the United States and has provided business technology solutions to the global financial industry for over 25 years. They help clients navigate complex technical issues and focus on creating the infrastructure that helps clients succeed. Typical clients include hedge funds, banking institutions, and private equity firms. From startups to those with billions of dollars under management, Chelsea Tech also serves clients in other sectors that rely on their technical and business expertise, such as aerospace, law firms, and many others.

The Situation

Working with clients in complex and often highly regulated industries, Chelsea Technologies needs to ensure the highest standards of network uptime, hardware reliability, data integrity, and application stability.

As a trusted partner to their clients, Chelsea Technologies works tirelessly to meet clients’ business and technology requirements, creating solutions that meet their needs in an IT landscape that is constantly evolving. Building native Azure Virtual Desktop (AVD) environments was proving time and resource intensive. The complexities of Microsoft Azure resulted in a limit on the number of engineers who had the skills to deploy it correctly. Chelsea Technologies needed to be able to use those engineers’ time efficiently and expand their ability to bring the advantages of AVD to clients. As it became apparent that they would need a partner to help drive success, they researched their options, looking for the right tool to help drive its growth.

“We were migrating everything to Azure, and we really needed a tool that was right for the job – powerful, yet easy for our team to deploy and manage,” said Justin Vashisht, Professional Services Director for Chelsea Technologies.

The Solution

After previewing Nerdio Manager for MSP, it became clear to Vashisht and the Chelsea Tech team that the ease of deployment, auto-scaling technology, and potential for cost-savings were the kinds of solutions they needed to successfully leverage their engineering talent and manage internal resources. Nerdio Manager for MSP held other attractive features as well, including built-in backup and audit trail capabilities, which, Vashisht noted, would be helpful for clients in highly regulated industries, like financial services and aerospace, among others. “This is especially important to clients in financial services and highly regulated clients for whom everything must be tightly monitored and controlled,” said Vashisht.

Since initially partnering with Nerdio over two years ago, the Chelsea Tech team has continued to work with Nerdio Manager for MSP, which launched in public preview in January 2021. This solution enables them to get the most from the technology and their most critical assets– their technical staff.

“For example, we have a client with over 250 users with AVD, and our help desk is managing it through the Nerdio platform. I didn’t have to worry about creating a custom portal, spending time testing it, and all the associated details. Nerdio provides it all to me in a single pane of glass. That represents substantial savings and reduced burden right there.”

“Nerdio Manager for MSP is seamless, and it will allow me to migrate the rest of my clients over. Nerdio hit the sweet spot for us,” – Justin Vashisht, Professional Services Director for Chelsea Technologies.

The Results

Auto-scaling is a standout feature for the team at Chelsea Technologies. The ability to automate what can be a labor-intensive and costly process saves time and effort, and the cost savings is a game-changer.

“We have several large, expensive VMs. With Nerdio Manager for MSP, I can scale them down at 7:00 pm and scale them back up at 7:00 am. I get savings by automatically detecting usage and demand. You can’t put a price on that. Actually, yes, you can! It makes a big difference,” Vashisht said.

“There are so many details that come into play when building a secure Azure infrastructure. With all that complexity, human error is a reality of life. Nerdio Manager for MSP handles all those intricacies. It does everything for me. To set up a VPN takes minutes, not hours.” – Justin Vashisht, Professional Services Director for Chelsea Technologies.

The knowledge-sharing and resources made available by Nerdio have made a real impression on Chelsea Tech. “The videos and blogs on the Nerdio Academy are clear,
concise, and very helpful. It’s almost like getting a graduate degree in Azure,” said Vashisht. “The Nerdio team has increased the value of the platform for us. They’re knowledgeable about the MSP space, and understand the challenges we face. That’s why we continue to invest in the platform.”

During Chelsea Tech’s deployment of Nerdio Manager for MSP, the key differentiator has been the ease with which Nerdio was able to immediately onboard and scale its solution, especially considering the challenges the Chelsea Tech had faced with clients going through painful digital transformations.

Implementing Nerdio Manager for MSP has been a great success for Chelsea Tech. “If you’re looking to take an organization from a legacy, on-prem, physical server mindset and looking to jump into the cloud and accelerate the process, it would normally take six months to a year to do it right,” he said.

“With Nerdio, you can dive right in. The console is great and Nerdio is very forgiving as a platform, so implementation is easy.” – Justin Vashisht, Professional Services Director for Chelsea Technologies.

Vashisht has straightforward advice for anyone considering Nerdio Manager for MSP: “If you’re looking to get into Azure, look no further than Nerdio. It will make your life easier.”

DOWNLOAD THE CASE STUDY HERE

Find Nerdio in the Azure Marketplace: nerdio. co/nmm

Nerdio Manager for Enterprise Case Study: Petrofac

Case Study

Learn how an energy company deploys, manages and cost-optimizes Azure Virtual Desktop company-wide with Nerdio Manager for Enterprise quickly and easily.

About Petrofac

United Kingdom-based global company Petrofac provides services to energy companies that deploy large teams across the globe. The company helps design and build complex structures for deployment on job sites, providing engineering, construction, procurement, and administrative services. In its quest to support remote work, Petrofac began planning an Azure Virtual Desktop deployment in late 2019. Little did the company know that the project would become a bedrock for its remote workers when the COVID-19 crisis forced widespread remote work practices a few months later. Even though employees at some locations are now able to access their office buildings, the engineering team continues to use Azure Virtual Desktop with Microsoft Azure NetApp Files, a fully managed cloud service. Petrofac attributes survivability during a multinational lockdown, enhanced performance, and falling costs to its deployment of these critical Microsoft services.

Petrofac was working on digital transformation when the COVID-19 crisis increased the urgency of the initiative. The compute demands created by thousands of engineers working on bulky 3D image files on specialized desktop devices added complexity. But the company’s pivot to remote work with Azure Virtual Desktop solved that problem and created other benefits. The resulting performance gains sped up timelines, and engineers can now work anywhere. Increased scalability saves operational budget, too. Most importantly, business continues smoothly regardless of challenging times.

Meshing complex needs across the globe

Petrofac is largely an engineering company, depending on its talent to deliver construction plans and schema for complicated processes. Those 3D workloads are complex enough in isolation: they’re demanding, comprise large files, and engineers generally need graphical interfaces to work on them. Add globally distributed engineering teams to this data-intensive enterprise, and it’s easy to understand the challenges of supporting that functionality at scale. Vladimir Krdzic, Chief Digital Officer at Petrofac, decided to set the organization on a digital transformation path. “Many of our engineers had been doing the same work for decades and were entrenched in very traditional methods,” he says. “I wanted Petrofac to become a more agile and flexible company that would also attract millennial workers to join our team.”

The complex 3D models that engineers create require specialized desktop devices that cost at least four to five times that of a standard office device often much more. An even bigger challenge lies in the demanding workloads inherent to those models millions of central processing unit (CPU) and graphics processing unit (GPU) cycles. That dictated a culture of working onsite because every office that works on the same engineering model must sync to the application database daily. This requires bandwidth that isn’t available in many homes in India, where most of the Petrofac engineering team is based. Many engineers don’t have fiber connections, and productivity can suffer in regions where frequent power outages take down internet connections at inopportune moments.

Adding to these demands, large 3D files must be shared between teams that are spread across the globe. Every revision must go through a review cycle, from engineering teams in Mumbai to reviewers in Dubai, possibly cycling back and forth tens to hundreds of times. Other external parties such as Petrofac joint venture partners or clients also need to access the files, and when they store them on personal devices, the amount of data in play grows further.

With multiple concurrent joint ventures, Petrofac often found itself in the position of having to work with companies across multiple continents, creating what Krdzic considers an operational and security burden. “It was time-consuming and unstable; it had the potential to increase cyber-exposure issues,” he says.

We’re using Azure Virtual Desktop to spin up projects very quickly and add as many users as we need without file synchronization issues. That means faster time to market for us. – Vladimir Krdzic: Chief Digital Officer Petrofac

Coordinating people and data

While version control issues might be annoying when collaborating on a Microsoft Word document, getting out of sync when collaborating on a 3D file can result in unnecessary costs for Petrofac if engineers need to rework files. “Our files ping pong between departments and offices, with people in different disciplines layering their contributions to the work on top of each other,” explains Krdzic. “It’s essential that we have everyone focused on the same version to avoid errors and the high cost of rework.”

That need for tight coordination is complicated by the need for highly skilled contract engineers during peak periods of engineering demand. Petrofac relies on contractors to keep projects on schedule when its own teams are at capacity. Because Petrofac engineering teams depended on onsite infrastructure, the company’s choice of contractors has until now been dictated by their proximity to a Petrofac office. If no one in the vicinity was available, that could affect deadlines.

Krdzic needed power and flexibility to bring his vision for agility and centralized governance home. “My strategy was to create an engineering platform that would enable our engineers to work from anywhere, anytime,” he says. When his team began to deploy Azure Virtual Desktop, the Petrofac transformation took off.

Deploying not just a solution, but a better way of working

The team immediately went to work to deploy Azure Virtual Desktop with an FSlogix user profile, the recommended user profile for the service. It added Microsoft 365 management and set up Azure NetApp Files to enable file storage on Azure—a perfect fit for the bulky 3D engineering files that require a high-performance environment. Because Azure NetApp Files is a high-performance, low-latency, and scalable solution, it’s highly cost-effective for Petrofac’s demanding but fluid production needs. Petrofac specified NVv3-series virtual machines, which are designed to support GPU-accelerated graphics and virtual desktops. The increased RAM in the series gives engineers the performance they need for graphics-intensive work.

We definitely see the positive impact on performance, especially with the complex setups inherent to our business. The flexibility to scale to demand and keep business continuity is helping us navigate through difficult times. – Vladimir Krdzic: Chief Digital Officer Petrofac

The team added Nerdio Manager for Enterprise to automate Azure Virtual Desktop management, which further contributed to cost savings. Nerdio Manager for Enterprise fits perfectly into the Petrofac platform as a service environment because it runs in the company’s tenant, helping ensure that data never leaves its Azure subscription. The team uses the dynamic host pool feature to quickly deploy vast pools for user data, easily scaling to demand with Azure Auto-scale. The team set it to scale in resources after business hours, taking advantage of its ability to scale out as needed during business hours for maximum cost savings storage costs through its advanced auto-scaling capabilities.

Finding that old habits might die easily, after all

If Petrofac management had any misgivings about converting engineering teams to Azure Virtual Desktop, they were soon put to rest. Krdzic describes the former method for setting up a 3D-modeling project for engineers as a lengthy, complicated, and expensive endeavor. Separate instances of the project had to deploy to multiple geographic locations with secure connections between those instances and strictly controlled user access. Petrofac made an immediate impact with its Azure Virtual Desktop deployment. “We no longer need to replicate the same model between four or five different offices with our new environment,” says Krdzic. “We’re using Azure Virtual Desktop to spin up projects very quickly and add as many users as we need without file synchronization issues. That means faster time to market for us.”

The solution is popular not just for all these reasons. No longer facing often lengthy commutes, the engineers are delighted with the new freedom to work anywhere and better work-life balance. It’s a game-changer for them and the company. Krdzic’s team has received rave reviews for the solution and its fast work in rolling it out. “Within three weeks, we had all our projects and engineers up and running because we had already tested Azure Virtual Desktop,” says Krdzic. “It was a big win because we achieved a lightning-fast deployment of something that had been culturally and technically unimaginable four or five months earlier.”

The project received an unexpected nudge to hasten the timeline when much of the world went into lockdown. The Petrofac IT team had just completed a series of successful proof of concepts and simulations. “The COVID-19 crisis forced our hand,” says Krdzic. “It made us run faster, and we got much more sponsorship and support for our digital transformation.

That was the silver lining in a very gray cloud. Now we’ve achieved our number one goal of mobility for our engineering teams.” Petrofac was perfectly placed to achieve the survivability it needed when the world abruptly changed. It was realizing significant cost savings at the same time while also taking advantage of better performance. “We definitely see the positive impact on performance, especially with the complex setups inherent to our business,” adds Krdzic. “The flexibility to scale to demand and keep business continuity is helping us navigate through difficult times.”

Within three weeks, we had all our projects and engineers up and running because we had already tested Azure Virtual Desktop. It was a big win because we achieved a lightning-fast deployment of something that had been culturally and technically unimaginable four or five months earlier. – Vladimir Krdzic: Chief Digital Officer Petrofac

Download the application today from the Azure marketplace and begin a free 30-day trial: nerdio.co/nme