Employee Spotlight: Get to Know Pete Langas

  1. What’s your role here at Nerdio? What do you do on a day-to-day basis and how do you help partners/customers? 

My role is enterprise sales for the Northeast region…every day I’m helping customers deploy, manage and optimize Microsoft Azure Virtual Desktops and Windows 365 using Nerdio. I also help partners learn about Nerdio and how to use it to help their customers with virtual desktop initiatives. 

  1. What’s a fun fact about you that most people don’t know/couldn’t guess? 

I sing and play keyboards and guitar in a dad band called Artificially Hip. We’re been playing at local bars, events and fundraisers for the last 9 years or so. There are 6 of us, 5 dads and one mom. We play a mix of classic rock, pop and a little country. 

  1. What’s one technology advancement you hope to see or think we will see in the next ten years? 

Flying cars… assuming this can be done without a large carbon footprint, the ability to have a personal vehicle or semi personal vehicle to get from place to place quickly without having to use a road would be amazing.

  1. What are three books you’d bring with you to a deserted island?

Beach Music by Pat Conroy, The Godfather by Mario Puzo, Short Stories by Ernest Hemingway. 

  1. In your opinion, what’s the most rewarding part of working for Nerdio? 

The most rewarding part is contributing to our mission of helping customers succeed. We know if our customers are successful, we’ll be successful. Every day is filled with collaboration with coworkers and discussions with partners and customers, all geared towards better virtual desktop experiences

  1. What sitcom family or friend group would you choose to be a part of? 

Ted Lasso…I would love to be in the Diamond Dogs, and I think I’d give good advice.  

  1. Besides a standard computer, what is the earliest piece of technology you remember owning? 

I think I’d have to go with a Walkman. That was a big deal when it came out. I saved my money from my mowing lawns to get one. And then I used it when I mowed which made the work a little more tolerable. 

  1. You’ve been with Nerdio for a while now. What’s motivated you to stick around? 

We have an amazing group of people and an amazing product. I have worked at places that had one or the other, but rarely both at the same time. When you are able to work together to give customers a solution that impacts real challenges they have, it’s really cool. 

  1. What’s the most valuable thing you’ve learned while working in tech? 

Tech moves extremely fast. There is a great innovation and everything gets exponentially better, smaller, cheaper, faster very quickly. This means you have to be thinking about the future, and it also opens up many opportunities. 

  1. What’s a current technology trend you’re passionate about? 

I have been talking about the “year of the virtual desktop” for probably 12 years or so. I think it’s here! Fortunately I’m with a company that believes the same thing and has a product that helps with virtual desktops.

FSLogix Application Masking  

As a Nerdio partner, you get a standing invitation to our Monthly Partner Webinar. We use these 45-minute sessions to dive into the Azure, AVD and Windows 365 topics and tips most important to MSPs and their technical staff.  

In fact, our June webinar was entirely dedicated to FSLogix – a technology that has many benefits but is a bit complex to learn and master. One of the favorite things partners learned about from that session was the ability to perform application masking with FSLogix.  

Here we break it down in detail in addition to an overview of how MSPs can deliver it in their clients’ Azure environments.  

What Is Application Masking? 

Application masking is used to manage user access of installed applications. Within a shared AVD computing environment, this can amount to upwards of 80-100 applications. And we know not all users need access to the apps technically available to them.  

Desktop images with lots of apps typically feed one or two host pools. Without a tool like app masking, there’s a somewhat common practice of putting all apps on an image regardless of who could use them. Let’s face it, in today’s busy business climate there are not likely too many of your clients’ employees and contractors with extra time to poke around the environment aimlessly – so it’s not a horrible action to take as an overworked IT pro.  

But let’s talk through how not using app masking could negatively impact your organization. If an employee launches something they’re not supposed to, they could trigger a license issue or take a license out of the available pool and away from a user who needs it to do their job. This could lead to additional licensing fees or issues. Additionally, employees who do not need the app but come across it or are curious about its use, could create demand (or just the appearance of it) for applications they don’t really need. This could unintentionally lead to your clients’ organizations spending money on applications or licenses they do not need.   

How Do MSPs Deliver App Masking with FSLogix?  

Via FSLogix Rules Editor, these are the actions to take per each application you are looking to mask:  

1. Create a rule set  

  • Open FSLogix Rules Editor  
  • Click “File, New”  
  • Create new Rule Set and name it  
  • Choose the application you want to manage 
  • Scan to detect the application settings  
  • Some bulit in functionality with app masking and could manually do these settings  

2. Assign the rule set  

  • Click “File” then “Manage Assignments”  
  • Click “Add” 
  • Configure the assignment  
  • Determine the “Apply” or “Not Apply” status 

3. Deploy the rule set 

  • Copy over FSA and FXR files 
  • Must be on all hosts and client machines  

As (almost) always, there is an easier way to do this through Nerdio Manager for MSP 😊 Watch the below clip to learn how you can automate application masking with FSLogix:  

Looking for more FSLogix content? Check out my blog, ‘5 Things MSPs Must Know about FSLogix.’ And don’t forget to register for our next Monthly Partner Webinar for MSPs happening Wednesday, August 31 at 2pm CST!  

NerdioCon 2023 Registration Is Now Open!

In case you haven’t heard, we’re heading back to gorgeous Cancun, Mexico next year for our annual partner conference — NerdioCon! And, in addition to offering business and technical tracks for Managed Service Providers (MSPs), we are adding a new Enterprise track for our partners and system integrators (SIs) serving mid-size and large enterprises using Nerdio Manager for Enterprise.  

With dates confirmed for February 27 – March 2, 2023, at the Grand Fiesta Americana Coral Beach, we are pleased to open registration to the general public today.

As first dibs to NerdioCon and NerdioCon tickets and discounts are benefits of our new partner program, Partnerd – registration has been open for existing partners for the next two weeks. Parnerds receive NerdioCon tickets, ticket discounts and lodging codes based off their program tier.

To register for NerdioCon or to sign up for updates when general registration opens, please visit our event site www.nerdiocon.com. You’ll also want to follow us on LinkedIn, Twitter or Facebook to stay apprised of newly added speakers, sponsors and sessions this Fall.  

We recommend attendees register as early as possible. Space is limited and NerdioCon conference tickets and lodging will be booked separately this year. Guests may extend the NerdioCon group rate to book up to three additional days onto their stay, incurred at their own expense. Once lodging capacity is reached at the Grand Fiesta, guests will be referred by Nerdio to an adjacent resort to book their stay.  

Missed NerdioCon 2022 and not sure what the hype is about? Check out the video below. 

How Azure Virtual Desktop (AVD) & Nerdio Can Help MSPs Build a Successful Cloud Practice

How-AVD-and-Nerdio-Can-Help-MSPs-Build-a-Successful-Cloud-Practice-300x169

Azure Virtual Desktop (AVD) has been the go-to (remote working) virtual desktop solution throughout 2020 and will grow even bigger in 2021 and beyond. I am not telling you anything new here. However, being able to successfully leverage AVD as part of your Azure Cloud practice, keeping costs low and the user experience high is a challenge many MSPs are dealing with.

In general terms, building a cloud practice comes down to a few key pillars: standardization, simplification, and cost control. However, many MSPs think the cloud is risky. Risky because they are not familiar with the (hourly/monthly) consumption model and they have trouble packaging and pricing their Azure services. They’ve always done it the traditional way and don’t feel comfortable with changing their pricing and/or billing model.

Secondly, often MSPs do not know where to start. I mean, Azure offers 1000+ services; how do you know which ones to use and which ones to leave alone? In fact, 95% of all services offered, perhaps more, are irrelevant for an MSP to start out with. Sure, some of these services might become more relevant going forward, but to start building your cloud practice on Azure there are only a few you need to focus on.  

What about cost control? It’s one thing that your billing model changes, but how do you make sure to keep your Azure resources from spinning out of control? What about daily management tasks, automation, or shutting down machines when they are no longer needed or utilized by your users — those types of things? The cloud can be expensive if you do not know what to look out for or lack the proper tooling to help with that.

Enter Azure Virtual Desktop.

Simplicity and Standardization

Traditionally, MSPs would build up a Remote Desktop Services (RDS) environment based on Microsoft Server technology; mostly on-premises. They would try to keep costs low by cramming as many users as possible onto a single machine. While the user experience might not be optimal, it proved to be a relatively successful model. At least until now. I say “relative” because there is still a lot of manual labor and guessing involved. So, you could say it worked OK, but not great.

Moving these types of deployments into Azure, based on IaaS (Infrastructure as a Service) virtual machines, for example, also works but requires knowledge of Azure, automation, separate machines that need to be managed, optimized, and so on. Not ideal.

AVD greatly simplifies all of this. AVD is a managed service offered by Microsoft. In short, this means that all the infrastructure and management components (i.e., the backend) needed to run a AVD environment like a database, the broker and load balance service, web interface, etc. which used to be separate virtual machines are now turned into a service for you the MSP to consume.

You no longer must deploy and maintain these machines and services separately; this is all done by Microsoft. They will update, patch, and make sure all components are redundant, resilient, and more. In other words, it’s simple, consistent, and your (customer) deployments – at least from a backend perspective – will always be the same.

In short, you will be up and running quickly and won’t have to worry about ongoing maintenance. All that’s left for you to worry about are your users, data, and applications.

Free Trial of Nerdio Manager for MSP

Azure Virtual Desktop Flexibility

One of the big advantages of leveraging cloud services is that you only consume what you need, and that’s what you’ll pay for. Need a few more machines because user demand increases? No problem. No longer need them a few hours later? Fine. Turn them off and you will no longer be billed for consumption.

As you can imagine, this applies to AVD as well. While all the backend components are taken care of, you will still need to spin up multiple virtual machines as part of your AVD deployment for your users/clients to work on – a published desktop environment, for example, or published applications, a VDI type one-to-one scenario, etc.

From a cost control perspective, this is exactly the flexibility you are looking for. It’s also something that we at Nerdio specialize in. How do you make sure VMs are only running when needed, saving on costs? It’s something we take care of fully automated in the background without your users/clients noticing a thing.

AVD supports different kinds of Operating Systems; from single to multi-user, Windows 10 to Windows Server 2019 and upwards. Even Windows 7 is still supported with free security updates included. This enables you to serve different use-cases with ease and to deliver all types of applications and virtual desktop scenarios to your users/clients.

In fact, Windows 10 multi-session offered as part of AVD is optimized for Office 365 usage offering one of the best Cloud based user experiences up to date.

All this is backed by an enhanced RDP protocol and AVD client allowing you to use any type of end-user device you can think of (Windows, Linux, Android, MacOS, iOS etc.) or to consume AVD applications and/or virtual desktops no matter where you are – another added advantage of cloud based services.

Azure Virtual Desktop Security

From a security point of view, all user sessions run in an isolated state. You can leverage Role Based Access so granular access control can be applied. Also, the overall attack surface has been greatly reduced by introducing a technology named Reverse Connect. Finally, Azure Active Directory helps to secure your AVD environment even more by applying Multi-Factor Authentication and Conditional Access.

So, what is the catch? I read your mind, right?

Azure Virtual Desktop Management and Cost Control

Well, I wouldn’t call it a catch, per se. AVD offers a ton of flexibility, from a management perspective, cost savings, adding simplicity, and so on. However, AVD has also been developed as a platform, or framework for others to build on top of. Like Nerdio Manager for MSP.

In other words, if you use the native AVD service directly from the Azure portal, you will still get all of the above, though from an ongoing (user, VM, image, etc.) management perspective you will still run into a couple of surprises and challenges from time to time.

That’s exactly why Microsoft and Nerdio have partnered together on the development of products that enhance the AVD environment for MSPs. To enable you, the MSP, to leverage all of the added advantages that AVD and Azure offer together with the pricing, deployment, management, and optimization capabilities of Nerdio Manager for MSP.

While AVD makes virtual desktop environments simpler and more efficient, adding Nerdio Manager for MSP to the equation takes it to a whole new level.

Nerdio Manager for MSP

Nerdio Manager for MSP (a brand-new solution build from the ground-up) offers a unique mix of extreme power, unique AVD management, and autoscale capabilities (for AVD as well as IaaS), combined with different forms of automation, auto-deployment options, native Azure integrations, and a pallet of the user, IaaS virtual machine, security, and Microsoft 365 management options. The best thing is NMM is multi-tenant so you can manage all of your customers from a single pane of glass console. You can onboard as many customers as you want while still being able to get to all of them through a single mouse-click once logged in (you only need to log in once) to the main management console.

Nerdio specifically focuses on the Azure services that you, the MSP, needs to efficiently manage and optimize your customer virtual desktop environments. You will save time, money, and we’ll enable over 80% of your IT workforce to work with, manage, and optimize AVD and Azure virtual desktop environments on a daily basis.

We also offer an extensive Cost Estimator that will help you price your virtual desktops, per user, per month. Just about everything you can think of will be taken into consideration.

It includes licensing options, the types of VMs used, user roles, profiles and density, additional IaaS based machines, backup, plus a whole lot more. You will be able to include Reserved Instances, CSP discounts, AHB, etc. and if you are not familiar with these concepts, we’ll be happy to explain them to you to help you on your way towards building a successful cloud practice with AVD.

Our roadmap for 2021 is ambitious, to say the least. Networking, backups, disk management, shadowing users, Azure Files, Role Based Access, MSIX App Attach, and more is all in there, or will be there shortly.

In summary, you will not find a more complete, efficient, and easier to use AVD and IaaS based management platform out there. Brought to you by the power of the Microsoft Azure cloud combined with AVD and Nerdio.

Bas van Kaam

Nerdio Field CTO, EMEA

Free White Paper Download!

Breaking Down Microsoft Azure VMS Series: A, B, D, E, and N

Virtual Machines (VMs) in Azure come in predefined sizes that are called  families  or  series.  An individual VM is often referred to as an  instance.  Different VM families are designed for common use-cases and are comprised of certain amounts of CPU cores and GB of RAM.  It’s not possible to arbitrarily mix and match CPU cores and GB of RAM as can be done with Hyper-V and VMware.  Therefore, it is important to understand the specific VM Series you wish to deploy when thinking through the specific IT environment you are deploying in Microsoft Azure. 

Here, we will focus on five of the most common Azure VM Series, how they compare to each other, and when to use each. You can also check out our YouTube video.

Microsoft Azure VMs: A Series 

Entry-level economical VMs for dev/test * 

These are generally used in small deployments where cost consciousness outweighs performance.  You should only use these in rare instance implementations with non-customer facing VMs.  

Microsoft Azure VMs: B Series 

Economical burstable VMs * 

B-series are economical virtual machines that provide a low-cost option for workloads that typically run at a low-to-moderate baseline CPU utilization, but sometimes need to burst to significantly higher CPU utilization when the demand rises.  

We like B series for AD servers, servers that are 24×7 and non-customer facing servers.  

When idle, the B series will bank credits and use those credits later when CPU utilization needs to burst past the baseline.  When rebooted, B series will lose their credits which can take hours to rebuild without too much impact.  When booted without any banked credits, the B series will only have access to allow for a small fraction of total CPU utilization until a bank of credits can be built up.  

Microsoft Azure VMs: D Series 

General purpose compute * 

D-series VMs feature fast CPUs and optimal CPU-to-memory configuration, making them suitable for most production workloads. DSv3-series instances carry more powerful CPUs and the same memory and disk configurations as the D-series.  However, these CPU cores are hyper-threaded, meaning that a single physical CPU core is behind each two CPU cores in a Dsv3 VM.  

Ds2-64 v3 instances (ie. Ds4v3 – 4 core x 16GB RAM) are the latest hyper-threaded generation of general-purpose instances and are based on the 2.4 GHz Intel Xeon® E5-2673 v3 (Haswell) processor or the latest 2.3 GHz Intel XEON ® E5-2673 v4 (Broadwell). They can achieve higher speeds with Intel Turbo Boost Technology 2.0. The Ds-series supports Standard and Premium SSD storage.  

We like D series for performance as they pair well with premium SSD – a must for solutions or presentation layers that are customer-facing.  There is not a lot of difference in price with v3 instances (as opposed to v2), which makes them ideal.  

Example use-cases include many enterprise-grade applications, relational databases, in-memory caching, and analytics. The latest generations are ideal for applications that demand faster CPUs, better local disk performance or higher memories.  

Microsoft Azure VMs: E Series 

Optimized for in-memory hyper-threaded applications*

The E-series family of Azure virtual machines are optimized for heavy in-memory applications such as SAP HANA. These VMs are set up with high memory-to-core ratios, which makes them well-suited for relational database servers, with medium to large caches, and in-memory analytics. The E-series VMs range from 2 to 64 vCPUs and 16-432 GiB RAM, respectively. The Es-series supports Azure Premium SSDs. 

We like the E series for session hosts and collections where the line of business applications consumer a higher than normal memory footprint per user.  Software that is optimized for multi-user session hosts can often consume large footprints of memory. 

Example use cases include SAP HANA, SAP S/4 HANA, SQL Hekaton and other large in-memory business critical workloads. 

Microsoft Azure VMs: N Series 

GPU enabled virtual machines * 

The N-series is a family of Azure Virtual Machines with GPU capabilities. GPUs are ideal for compute and graphics-intensive workloads, helping customers to fuel innovation through scenarios like high-end remote visualization, deep learning, and predictive analytics.  

The N-series has three different offerings aimed at specific workloads:  

  • The NC-series is focused on high-performance computing and machine learning workloads. The latest version—NCv3—features NVIDIA’s Tesla V100 GPU.  
  • The ND-series is focused on training and inference scenarios for deep learning. It uses the NVIDIA Tesla P40 GPUs. The latest version – NDv2 – features the NVIDIA Tesla V100 GPUs.  
  • The NV-series enables powerful remote visualization workloads and other graphics-intensive applications backed by the NVIDIA Tesla M60 GPU.  

We like NV series for graphic needs related to engineering and 3D modeling.  The footprint is quite large which makes them good shared machines.  Assigning 2-4 users per N series as an RDS Session Host is an ideal for cost distribution and performance requirements.  NV series will be the primary N series instance.  Approach other N series with a very specific need or application requirement as they are not a good fit for GPU enabled virtual desktops. 

Example use-cases include simulation, deep learning, graphics rendering, video editing, gaming, and remote visualization.  

6 Ways to Make Your Azure Virtual Desktop (AVD) Environment Highly Secure

Security is an important factor in many organization’s cloud strategies and a reason why many choose Microsoft’s public cloud. Inheriting its security posture from Azure itself, Azure Virtual Desktop (AVD) offers excellent foundations for a highly secure IT environment and incorporates the full set of security services. When a user logs into AVD, Azure creates a secure reverse connection, from Azure to the endpoint device. Additionally, all data transferred within Azure and is encrypted in flight and at rest. 

But the inherent security positives of Azure and services like AVD aside, organizations can and should take extra steps to harden their security environment. IT teams can architect an AVD environment that is highly secure by leveraging native Azure technologies along with Nerdio Manager to complete the six steps below in this article.  

Properly Configuring Nerdio Manager for Enterprise for a Highly Secure Environment  

But wait…some of you may undoubtedly be asking, “but isn’t Nerdio Manager secure out-of-the-box?”  

Yes. By default, Nerdio Manager for Enterprise is protected with Azure AD (Active Directory) authentication, including multifactor authentication (MFA) and conditional access. It is accessible from any internet location and is an Azure-managed application installed into a customer’s own tenant.  

That all in mind, when deploying Nerdio, it is important to implement full security across the board and properly configure it to avoid any security vulnerabilities.  

When Nerdio Manager for Enterprise is installed for the first time, the solution does not configure the detailed security configuration because each environment has different requirements and configurations. Additionally, a number of the security configurations require a “New” empty subnet. Many companies have restrictions or policies in place to require approval for network/subnet additions.  

Enterprises can easily configure these post-installation and take the actions below to make their AVD environments highly secure. These actions all seek to eliminate unauthorized individuals from accessing sensitive databases, networks, access keys, etc. 

6 Actions to Make Your AVD Environment Highly Secure 

1. Restrict Access to the Nerdio App Service  

  1. Access Restrictions  
  • Locate Nerdio app (similar to nmw-app-xxxxxxx)  
  • Settings -> Configuration -> General Settings -> Networking -> Inbound Traffic -> Access Restrictions  
  1. Private Endpoint  
  • Locate Nerdio app (similar to nmw-app-xxxxxxx)  
  • Settings -> Configuration -> General Settings -> Networking -> Inbound Traffic -> Private Endpoints  

2. Remove FTP Services from Nerdio App Service  

  • Locate Nerdio app (similar to nmw-app-xxxxxxx)  
  • Settings -> Configuration -> General Settings ->  
  • On the FTP state selector, change the option from All allowed (default) to Disabled. 

3. Set Up Storage Account Private Link  

  • The most common misconfiguration we see today is setting up a Private Link for a storage account and not configuring App Service for vNet integration on the web app. Without setting up vNet integration on the web app, Nerdio cannot manage the MSIX and FSLogix storage, so it is required to complete this step.  

4. Set Up Key Vault Private Link  

5. Automate Hybrid Runbook Worker to Access Key Vault  

  • Done via Nerdio Scripted Action  

6. Restrict Azure SQL Access  

  • Add the App Service’s outbound IP addresses to the Azure SQL Server’s firewall. 
  • Route traffic from the App Service using a vNet. 

AVD Security Maintenance and Management Considerations  

It is very important that AVD deployments are reviewed every six months for changes in security posture. Organizations should verify their current security and have it well documented and logs in place. It is also essential to review our Enterprise (Nerdio Manager for Enterprise) Release Notes, on a regular basis, for any new security updates or resolved security issues. 

Demystifying Microsoft Azure Site Recovery (ASR)

One of the most common questions we get from managed service providers (MSPs) who are in the process of building a cloud practice in Microsoft Azure is “what is Azure Site Recovery (ASR) and when should I use it?” 

Let’s review this important Azure service from Microsoft and its relevance to MSPs.  

Why does Azure Site Recovery exist? 

Azure Site Recovery (ASR) is Microsoft’s Disaster Recovery-as-a-Service (DRaaS) solution built specifically for Azure workloads. ASR enables companies to recover from catastrophes quickly with minimal downtime. ASR can also be used as a tool to migrate existing servers into Azure from an on-premises environment or migrate workloads between Azure regions and resource groups. 

Who is Azure Site Recovery designed for? 

  • Companies that need to meet specific requirements or regulations for their industry such as ISO 27001 
  • Companies who are sensitive to downtime or want to limit impact from region-specific Azure outages 
  • Companies who wish to migrate current workloads into Azure from an on-premises environment, between Azure regions, or between resource groups 
  • Anyone seeking a complete business continuity and disaster recovery (BCDR) strategy for their business 

When can Azure Site Recovery be used? 

  • Replication of Azure VMs from one Azure region to another 
  • Replication of on-premises VMware VMs, Hyper-V VMs, physical Windows and Linux servers, and Azure Stack VMs to Azure 
  • Replication of on-premises VMware VMs, Hyper-V VMs managed by System Center VMM, and physical servers to a secondary site. 
  • Replication of specific workloads running on a machine that’s supported for replication 

What are some of the key features of Azure Site Recovery? 

  • A simple BCDR solution – ASR is built into Azure and can be managed entirely from within a single location
  • Data Resilience – Data is replicated inside of Azure storage with all the resilience and security provided by Azure
  • RTO and RPO Targets – Manage and meet organizational RTO/RPO targets with continuous replication at intervals as low as 30 seconds for Hyper-V servers
  • Easy and Flexible Failover– Test failover and disaster recovery scenarios without disrupting replication
    • Failovers can also be planned for expected outages with zero-data loss
    • Unplanned failovers can happen with minimal data loss and fail back to your primary site can be done easily when it’s available again 

How do I setup a basic Azure Site Recovery replication?  

Enable replication for an Azure VM  

  • In the Azure portal, click Virtual machines, and select the VM you want to replicate 
  • In Operations, click Disaster recovery 
  • In Configure disaster recovery > Target region select the target region to which you’ll replicate 
  • For this QuickStart, accept the other default settings 
  • Click Enable replication. This starts a job to enable replication for the VM

Verify your settings  

  • After the replication job has finished, you can check the replication status, modify replication settings, and test the deployment 
    • In the VM menu, click Disaster recovery
    • You can verify replication health, the recovery points that have been created, source, and target regions on the map

Clean up resources/stop replication  

  • The VM in the primary region stops replicating when you disable replication for it:  
    • The source replication settings are cleaned up automatically. The Site Recovery extension installed on the VM as part of the replication isn’t removed and must be removed manually. 
    • Site Recovery billing for the VM stops

Stop replication as follows 

  • Select the VM 
  • In Disaster recovery, click Disable Replication

Where can I get more information? 

What are Microsoft Azure VMS Series? B, D, E, and N Azure VM Series Explained

Virtual machines (VMs) in Azure come in predefined sizes that are called families or  series.  An individual VM is often referred to as an instance.  

Different VM families are designed for common use cases and are comprised of certain amounts of CPU cores and GB of RAM.  It’s not possible to arbitrarily mix and match CPU cores and GB of RAM as can be done with Hyper-V and VMware.  Therefore, it is important to understand the specific VM series you wish to deploy when thinking through the IT environment you are deploying in Microsoft Azure.  

Additionally, selecting the right VM for your host pools and user needs is one of the biggest ways to control and bring down costs in Azure. If you want to investigate other ways to bring down costs in Azure, check out this blog.  

Here, we will focus on four of the most common Azure VM series, how they compare to each other, and when to use each.  

Microsoft Azure VMs: B Series  

Economical burstable VMs *  

B-series are economical VMs that provide a low-cost option for workloads that typically run at a low-to-moderate baseline CPU utilization, but sometimes need to burst to significantly higher CPU utilization when the demand rises.   

We like B series for servers that are 24×7 and non-customer facing servers.   

When idle, the B series will bank credits and use those credits later when CPU utilization needs to burst past the baseline.  When rebooted, B series will lose their credits which can take hours to rebuild without too much impact.  When booted without any banked credits, the B series will only have access to allow for a small fraction of total CPU utilization until a bank of credits can be built up.   

Microsoft Azure VMs: D Series  

General purpose compute *  

D-series VMs feature fast CPUs and optimal CPU-to-memory configuration, making them suitable for most production workloads. DSv5-series instances carry more powerful CPUs and the same memory and disk configurations as the D-series. However, these CPU cores are hyper-threaded, meaning that a single physical CPU core is behind each two CPU cores in a Dsv5 VM.   

Dsv5 instances (ie. Ds4v_5 – 4 core x 16GB RAM) are the 3rd Generation Intel® Xeon® Platinum 8370C (Ice Lake) processor in a hyper threaded configuration, providing a better value proposition for most general-purpose workloads. This new processor features an all-core turbo clock speed of 3.5 GHz with Intel® Turbo Boost Technology, Intel® Advanced-Vector Extensions 512 (Intel® AVX-512) and Intel® Deep Learning Boost. The Ds-series supports Standard and Premium SSD storage.   

We like D series for performance as they pair well with premium SSD – a must for solutions or presentation layers that are customer-facing.  There is not a lot of difference in price with v5 instances (as opposed to v4 or v3), which makes them ideal.   

Example use-cases include many LOB applications, SQL databases, in-memory caching, and analytics. The latest generations are ideal for applications that demand faster CPUs, better local disk performance or higher memories.   

Microsoft Azure VMs: E Series  

Optimized for in-memory hyper-threaded applications* 

The E-series family of Azure VMs are optimized for heavy in-memory applications such as SQL Servers and AVD session hosts. These VMs are set up with high memory-to-core ratios, which makes them well-suited for relational database servers, with medium to large caches, and in-memory analytics. The E-series VMs range from 2 to 64 vCPUs and 16-432 GiB RAM, respectively. The Es-series supports Azure Premium SSDs.  

We like the E series for session hosts and collections where the line of business applications consumes a higher-than-normal memory footprint per user.  Software that is optimized for multi-user session hosts can often consume large footprints of memory.  

Example use cases include Application Servers, Database Servers, Azure Virtual Desktop session hosts 

Microsoft Azure VMs: N Series  

GPU enabled virtual machines *  

The N-series is a family of Azure VMs with GPU capabilities. GPUs are ideal for compute and graphics-intensive workloads, helping customers to fuel innovation through scenarios like high-end remote visualization, deep learning, and predictive analytics.   

The N-series has three different offerings aimed at specific workloads:   

  • The NC-series is focused on high-performance computing and machine learning workloads. The latest version— NC A100 v4 —features NVIDIA’s A100 PCIe GPUs.   
  • The ND-series is focused on training and inference scenarios for deep learning. The latest version – ND A100 v4 – features the NVIDIA Ampere A100 40GB Tensor Core GPUs 
  • The NV-series enables powerful remote visualization workloads and other graphics-intensive applications backed by the NVIDIA A10 GPU.  NVadsA10 v5 – features AMD Gen3 CPU’s and NVIDIA A10 GPUs packing a powerful combination 

We like N series for graphic needs related to engineering and 3D modeling.  The footprint is quite large which makes them good shared machines.  Assigning 2-4 users per N series as an AVD Session Host is an ideal for cost distribution and performance requirements.  NV series will be the primary N series instance.  Approach other N series with a very specific need or application requirement as they are not a good fit for GPU enabled virtual desktops.  

Example use-cases include running applications like AutoCAD, SolidWorks, Revit, BlueBeam, Photoshop, Lumion.  

Learn more about Azure by attending one of our upcoming Training Camps 

A Guide to Microsoft Azure SQL Server Pricing and Licensing

One of the most common workloads that managed service providers (MSPs) support for their customers are line-of-business applications with a SQL Server database back-end.  This also happens to be one of the more popular Azure workloads.  Microsoft has created several SQL offerings in Azure, including Azure SQL and SQL Managed Instance.  However, most MSPs prefer to start out with a traditional VM in Azure running a full version of SQL Server just like it does on-premises. 

In this article, we will review all available SQL options in Azure with a special focus on licensing considerations when running SQL Server on a Windows VM.  We’ll clear up some common misconceptions and focus on cost implications of each licensing scenario. 

There are three common ways to host a SQL database in Azure: 

  1. Azure SQL database 
  2. SQL Server on Azure VM – Microsoft Managed Instance 
  3. SQL Server on Azure VM – MSP managed 

We will focus primarily on #3 – SQL Server on an MSP-managed Azure VM.   

Azure SQL Server Pricing

Azure SQL database  

A fully-managed SQL database engine based on the latest stable Enterprise Edition of SQL Server.  

This is a relational database-as-a-service (DBaaS) hosted in the Azure cloud that falls into the category of Platform-as-a-Service (PaaS).   

If you are developing a new application or re-architecting an existing one, this is the option that you should use first.  There are no VMs involved and Microsoft manages the entire back-end for this PaaS, including patching, updates, and high-availability.  The cost is relatively low compared to a full license of SQL Server — especially the Enterprise version.  However, there are a small number of feature limitations and you are locked into the latest version of SQL Enterprise without admin rights. 

SQL Server on Azure VM – Microsoft Managed Instance  

Managed Instance is a new deployment option of Azure SQL Database, providing nearly 100% compatibility with the latest SQL Server on-premises (Enterprise Edition) Database Engine.  This provides a native virtual network (VNet) implementation that addresses common security concerns, and a business model favorable for on-premises SQL Server customers.  

The Managed Instance deployment model allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database changes.  The managed instance deployment model is designed for customers looking to migrate a large number of apps from on-premises (or IaaS), self-built, or in an ISV provided environment, to fully managed PaaS cloud environment with as low migration effort as possible. 

With Managed Instance, Microsoft manages the VM, SQL Server installation, patching, updates, high-availability, etc.  MSPs and customers do not have administrative access to the managed instance.  This is an interesting deployment model for some scenarios, but in our experience uncommon among MSPs and their customers. 

Azure SQL Server Licensing

SQL Server on Azure VM managed by MSP 

This is by far the most common deployment model for customers looking to lift-and-shift their existing LOB applications into Azure without re-architecting them.  The VM is set up and managed by the MSP or customer’s IT team, and any SQL Server version can be installed just like on a regular on-premises server. 

Many MSPs also choose to migrate existing SQL servers to Azure without rebuilding the VM and reinstalling SQL Server.  They simply use Azure Site Replication (ASR) or another data transfer tool to move a server from on-premises into Azure as a VM.   

With Nerdio’s Hybrid AD functionality, this allows the migrated VM to work without any modifications since Active Directory spans both the on-premises network and the Azure deployment where the VM now resides.  With Windows Server 2008 and SQL Server 2008 nearing end of support, Microsoft is providing three years of extended security updates to those who move the SQL Server VMs into Azure.   

Paying for your license 

Despite SQL Server on Azure VM being the most popular deployment model, it generates a lot of confusion around the valid and most efficient way to pay for the license.   

Let’s review the available options. 

1. Rent SQL Server via Azure (Pay-as-you-go) 

The easiest way to deploy a VM running SQL Server in Azure is to select it as an image from the Azure image library.  A new VM will be created with SQL Server pre-installed on it and Microsoft will bill for the SQL license as part of the VM price.   

This is one of the more expensive SQL licensing options but provides the most flexibility.   

  • List price for SQL Server license only: 
    • SQL Standard – $146/month per two CPU cores (4 cores minimum per VM) 
    • SQL Enterprise – $548/month per two CPU cores (4 cores minimum per VM) 
  • Payment model: Hourly, pay-as-you-go with no commitment or upfront payments 
  • Deployment model: Only from Azure image library 

2. Bring your own SQL Server Volume License with Software Assurance (License Mobility) 

Many Enterprise customers already own SQL Server licenses under an existing license program with Microsoft such as EA or Select.  These licenses can be used in Azure due to the License Mobility benefit that is part of the Software Assurance subscription.  Without active Software Assurance, an existing SQL Server license cannot be used in Azure because it is a multi-tenant hosting environment. 

SQL Server license with SA can be used by enabling Azure Hybrid Usage on a VM where SQL is installed.  If the VM was provisioned as a SQL VM from the Azure image library, it can be converted to “bring-your-own SQL license” mode.  Alternatively, SQL Server can be installed on a clean VM or the entire VM can be imported from on-premises with SQL Server already installed.  In all these scenarios, having a SQL Server license with active Software Assurance will cover the license obligation for SQL. 

This is not a common scenario for most MSPs, as customers don’t often maintain active Software Assurance on SQL Server licenses, and therefore rarely used when deploying SQL in Azure. 

3. SQL Server licensed via CSP Software Subscription 

Purchasing SQL Server via CSP Software Subscriptions is the most cost-effective option but requires an upfront investment and pre-payment for a 12- or 36-month license.  This license can be returned for a full refund within 60 days of purchase but cannot be returned after the 60-day mark. 

MSPs can use a CSP Software Subscription to SQL Server under any VM deployment scenario.  If the VM was migrated via Azure Site Replication (ASR) from on-premises, deployed as a Windows VM and then had SQL installed on it, or deployed from Azure image library as a SQL VM and was then converted to “bring-your-own license”, a CSP Software Subscription license can be used. 

  • List Price for SQL Server license subscription: 
    • SQL Standard 12-month subscription: $130/month per two CPU cores (4 cores minimum per VM) 
    • SQL Standard 36-month subscription: $118/month per two CPU cores (4 cores minimum per VM) 
    • SQL Enterprise 12-month subscription: $498/month per two CPU cores (4 cores minimum per VM) 
    • SQL Enterprise 36-month subscription: $454/month per two CPU cores (4 cores minimum per VM) 
  • Payment model: Upfront, 60-day full refund 
  • Deployment models: 
    • Migrate existing VM with SQL installed to Azure 
    • Deploy a new Windows VM in Azure and install SQL 
    • Deploy a new SQL VM in Azure, convert to “bring-your-own” license 

Azure SQL Server Pricing and Licensing Simplified

What about SPLA?  

MSPs often ask if they can use their existing SPLA agreements to license SQL Server in Azure.  The answer is yes and no.   

Yes, you can license SQL via SPLA using the SAL (Subscriber Access License) model, which is where you pay for each user who connects to the SQL Server.  However, you cannot use SPLA to license a per-core SQL model, which is by far the most common way to license SQL Server. 

The reason for this is the “DCP Eligibility” of SQL Server product in SPLA.  DCP stands for Data Center Provider and DCP Eligibility is a benefit of SPLA that allows certain services to be brought to other providers with Azure being a DCP.  SQL SAL licenses are DCP Eligible, while SQL Core licenses are not DCP Eligible (you can read more about that here). 

In summary, the PAYG SQL license is flexible from the payment perspective, expensive, and must be deployed from an Azure library.  SQL via CSP Software Subscriptions is the least expensive, most flexible in terms of deployment options, but requires an upfront payment.  SQL Server with Software Assurance is the least common option since many customers of MSPs don’t maintain active Software Assurance. 

MSPs building a cloud practice in Microsoft Azure need to be aware of the various options for licensing SQL Server since it is often a large component of the overall cost of an Azure IT environment.  Choosing the correct one can have a significant impact on an MSP’s overall margin for a particular customer deployment.   

At Nerdio, our mission is to empower MSPs to build successful cloud practices in Microsoft Azure.  We continue to stay up-to-date on all the latest developments with Microsoft licensing and help our MSP partners make the right choice when selecting among the multitude of alternatives. 

How Azure Virtual Desktop Can Help Your Organization Be More Sustainable 

With increasing awareness of the importance of sustainable practices, it’s no wonder so many businesses are looking to implement and scale new methods of supporting sustainability. Among various culprits of high carbon emissions is end-user computing.  However, Azure Virtual Desktop is different – it helps companies reduce their carbon emissions.  

Microsoft has reported that Azure has been carbon neutral, emitting as much carbon as it has reduced, since 2012. And in 2018, they conducted a significant study (access it here) on the sustainability of the Microsoft Cloud versus on-site computer systems in 2018. The study showed significant results indicating that switching to cloud products could largely improve how sustainable and energy efficient a company is. Specifically, switching to Microsoft Azure from an on-premises environment could increase energy efficiency by up to 93%, and increase sustainability by decreasing carbon emissions by up to 98%.   

But more than just the environmental benefits of Microsoft Azure, Azure Virtual Desktop can help improve energy efficiency through three key factors: IT operational efficiency, IT equipment efficiency and datacenter infrastructure efficiency. These three components all work to reduce the amount of energy needed to deliver Azure Virtual Desktop and related services, which is much lower than the energy needed for traditional on-prem VDI.  

IT Operational Efficiency  

While an emphasis on application availability can lead to an overprovisioning of computing resources due to predicted demands, Azure is able to calculate the actual anticipated demand and ensure that that is met without allotting more resources than needed and taking more energy to do so. In addition, the cloud infrastructure of Azure can host thousands of companies and millions of users with balancing use patterns that create a predictable fluctuation of use loads. This also helps with the cost efficiency and predictability of Azure as organizations can leverage cost reduction strategies, Azure Reserved Instances (which you can learn more about here), and more to best align with their cloud budgets.   

IT Equipment Efficiency 

Keeping hardware components exacted to the services that will run ensures that all processes are being run on a leaner amount of energy. In addition, by working to ensure servers are functioning with maximum efficiency, Azure allows for highly advanced scaling. This is extremely important to the energy efficiency of a company, as Microsoft discovered in their study that specialized IT equipment can reduce electricity consumption by at least 10%.  

Datacenter Infrastructure Efficiency  

The hyperscale datacenters that power the Microsoft cloud are able to monitor every little component of datacenter overhead tasks, such as lighting, cooling and power conditioning. In doing so, they can achieve better power usage effectiveness, thus using less energy than an enterprise would with on-premises infrastructure.  

The Nerdio Benefit 

While using Microsoft Azure does lead to a lesser carbon footprint, a large part of that is because of the significant carbon offsetting Microsoft partakes in. Reducing carbon emissions through off-setting is a great step in the direction of becoming more sustainable; however, it is only one piece of the puzzle. Another significant component is power consumption. One of the key features of Nerdio Manager for Enterprise is auto-scaling, which can drastically reduce the power consumption of your Azure Virtual Desktop by customizing the power usage exactly to your needs so that you are not consuming (or paying for) more than you will use. You can learn more about what sets Nerdio’s auto-scaling apart from native Microsoft auto-scaling in this blog

In addition, Microsoft has launched a major initiative for renewable energy that’s helped reduce carbon emissions when using Azure Virtual Desktop. By 2025, they will ensure that Azure is supplied by 100% renewable energy.  

More and more companies are beginning to see the benefits of moving to the cloud, such as financial benefits, as well as the benefit of conserving resources. Those benefits are all significant and certainly helpful to your company, but when looking at the overarching, global benefits of Azure, the sustainable backing provided through the service should not be ignored. In a time when all eyes are on technology to begin providing answers to the climate crisis, it’s important to not overlook technology that is creating solutions to help individuals do their part.