NerdioCon Nerd Icon: Scott Davis, Quickpass Cybersecurity

If January sets the tone and pace for 2023 then we better buckle up! This month we’ve been heads down getting the agenda, content tracks, excursions, and all the moving parts ready for our all-inclusive, in-person partner conference taking place Feb 27 – Mar 3 in beautiful Cancun, Mexico. You can read our press release from last week to learn more.

But more so than “learn more” you might want to jump on registering as only a few more NerdioCon spots are available! We’ve received incredible interest in the event and are looking forward to having over 300 partners join us in paradise this year. Please visit www.nerdiocon.com to register today and ensure your spot is saved.

To bring visibility to the event’s fantastic speaker lineup, we’re pumped to share our interview with the third Nerd Icon in this series: Scott Davis, Director of Cybersecurity Education, Quickpass!

Tell us a bit about Quickpass and your current role with them. 

Quickpass Cybersecurity provides solutions to empower MSPs, or what we like to call the superheros of technology, the ability to eliminate stale, static passwords and automate helpdesk security. Quickpass will deliver better security and productivity that enables your team of superheros to do what they do best.

My current role at Quickpass is to educate and strengthen the emerging and already established community leaders across cybersecurity and the channel. At Quickpass we are highlighting the successes of the community while adding value, security, and resources to help us all succeed together.

How did you get to this point in your career, and what sustained or prompted your interest in the tech industry?  

I have been listening and learning between enterprise IT, managed services, and the vendor community for over twenty years. The belief that true strength comes from sharing the struggles, experiences, successes and failures with each other makes us all stronger. That strength is a core principle and driving force that has allowed me to help so many fellow leaders find their success in technology. Technology is a constantly evolving and changing field: yesterday’s proven method can be tomorrow’s security risk. This reality requires us all to put education first. I am honored to be NerdioCon Nerd Icon, and can’t wait to learn something new from you.

Can you tell us about what you plan to speak about at NerdioCon? Why will this be relevant/important for partners?  

Making sense of the Acronym Soup. Industry jargon leaves many even the most experienced superheros confused as everyday a new acronym or category is created with some even having different meanings depending on which technology vertical you’re in. IAM, PAM, PIM, and others are dominating conversations while becoming the latest best practices, but it’s easy to get lost in translation. Together we will explore these, and some other common acronyms used today and their practical applications to help you find the right tools and services you need in 2023.

What are you looking forward to at the event?  

Sunshine and warm weather. Let’s be real, technology superheros usually don’t get the vacation time and even when they are “signed out” we are a phone call or message away from helping someone keep their systems online. It’s the conversations and stories from the community of superheros and what new things I will learn while sharing my experiences and stories with the other leaders of the community. I can’t wait to start the next conversation with each of you.

What trends do you think we’ll be seeing in the partner space in the year to come?  

The trends of last year are still the hot topics of today and tomorrow including:

  1. Security is driving the majority of conversations as more organizations begin to accept the notion of it’s not if but when will you be the target of a cyber attack. Cyber threats will continue, and brute force attacks will run faster, even strong passwords will need to get stronger.
  2. Compliance requirements and new cybersecurity insurance requirements are pushing more businesses to adapt to the core accepted standards or find themselves unprotected when it matters most.
  3. Social Engineering will continue its evolution and the art of phishing will target more emotional tendencies and continue to be an arch-nemesis for all the superheros.
  4. Mergers and acquisitions (M+A) are also going to continue as customers demand more and the available skilled superheros are fewer and fewer. From those staffing challenges or those just looking for their next journey, we will continue to see the continued merging of both MSPs and the tools and services they use.
  5. The economy is the unknown and none of us can see what tomorrow will bring. Remaining flexible and mobile while educating and planning for potential economic doom, should be a part your business continuity and disaster recovery plans both internally and for your clients.

Overall, it’s up to each and every superhero to step up their game with education and drive to improve security and compliance for us all. You got this!

Finally, who are your “nerd icons”? That is, who do you look up to in the tech industry? And/or who has influenced your career in it? 

You have the educators and coaches that have always been there to help extend a hand or identify that next step or goal. Even the superheros across the community are also always ready to share and help others succeed.

I personally would probably label my ‘nerd icons’ as Walt Disney and Steve Jobs. As visionaries, they put product and community above all else and “it’s not possible” was not in their vocabulary. Pushing the limits and creating something that has never been seen or done before requires a tremendous amount of education even when so many doubt your success and promote the failures.

Employee Spotlight: Get to Know Chuck Mikuzis

  1. What’s your role here at Nerdio? What do you do on a day-to-day basis and how do you help partners/customers?  I’m the Solutions Support Director here at Nerdio, running the gamut from support request escalation to technical webinars for our partners and customers, like our “What The Chuck?” Series.   
  1. What’s a fun fact about you that most people don’t know/couldn’t guess? I’m deep into music. I know everyone says that, but I’m really into current hip-hop and especially old, pre-reggae, Jamaican music (dancehall, early ska) and I’m a bit of a historian when it comes to music coming out of Jamaica in the 50s and 60s.   
  1. What’s one technological advancement you hope to see or think we will see in the next ten years? Consistently reliable and affordable broadband internet coverage across the planet. The internet is the basis for much of what we touch in technology and the foundation for cloud computing. 
  1. What are three movies you’d bring with you to a deserted island? Pulp Fiction, The Pope of Greenwich Village and Star Wars Episode V: The Empire Strikes Back 
  1. In your opinion, what’s the most rewarding part of working for Nerdio? The people, and not just my Nerdio family, but our partners and customers as well. During the pandemic, our support team had a strange luxury of being able to connect with so many people and build relationships that went beyond just support.  
  1. What sitcom family or friend group would you choose to be a part of? The gang from It’s Always Sunny in Philadelphia. I feel like I’ve been prepping my entire life for this with my brothers and sister.   
  1. Besides a standard computer, what is the earliest piece of technology you remember owning? I’ll never forget seeing my dad and uncle playing baseball on an Atari 2600. Just mind-blowing to see a video game in our house when I was a kid and seeing adults argue over who’s going to win. Things haven’t changed much, just the graphics.  
  1. You’ve been with Nerdio for a while now. What’s motivated you to stick around? Growth, Growth and More Growth. When I arrived at Nerdio, we were still in our infancy, with Nerdio Private Cloud. Now with Nerdio Manager for MSP and Nerdio Manager for Enterprise, I’m on the edge of my seat to see what’s next. Along with product growth, my personal growth here is a huge motivator. What I’ve learned about the technology and business with my time at Nerdio has been exponentially greater than anything else I’ve experienced in nearly 20 years in the industry.  
  1. What’s the most valuable thing you’ve learned while working in tech? “I don’t know” is an acceptable and very mature answer. You can always learn something you don’t know. Technology does not care about egos. It’s all 1s and 0s at the end of the day. 
  1. What’s a current technology trend you’re passionate about? I’d be lying if I didn’t say “everything cloud” but I’m also quite passionate about Data Science. I’m always looking for “Metrics that matter” based on data and Data Science will likely continue to grow with how much data is available out there. Making predictions on statistics really gets me fired up (I know, super exciting). I’m really interested in where this goes with further space exploration.  

NerdioCon Nerd Icon: Amelia Paro, Kaseya

Have you claimed your spot at NerdioCon 2023 yet?! Spaces are limited and selling out fast so please visit www.nerdiocon.com to register to attend and join us and our fantastic partners and sponsors in paradise.

To bring visibility to some of the experts you catch at the conference, we’re pumped to share our interview with Amelia Paro, Director of Channel Development, Kaseya!

Tell us a bit about Kaseya and your current role with them. 

Kaseya provides best-in-breed technologies that allow our customers to efficiently manage, secure and backup IT under a single pane of glass, known as IT Complete. It’s the world’s first and only purpose-built platform designed to directly address the challenges of DO-IT-ALL, multi—function, IT professionals. Kaseya is one vendor with everything you need, with tools integrated to save you time and smart enough to help you get more done, all in a way you can afford. We have solutions that serve both MSPs and internal IT teams.  

My current role at Kaseya is that of a brand ambassador, responsible for developing new partner relationships and building and cultivating long-term relationships within the MSP / IT Channel community to add value to and drive growth for our customers and partners. My primary objective is to evangelize Kaseya’s products and services within the communities/markets we serve, engage via various channels, and build a community of user/customer evangelists. I strive to serve as a leader within the MSP community (and be the voice of the MSP for Kaseya) through continual engagement with current peer groups and unlocking new industry opportunities with new peer groups, MSP communities, industry leaders, and others. I also provide support to our partners through our MDF and partner support & enablement programs. 

How did you get to this point in your career, and what sustained or prompted your interest in the tech industry?  

How did I get to this point in my career? I have been in the tech industry for over ten years in both B2B and B2C environments. I cut my teeth selling ERP software – SAP and Oracle, and then eventually left to join a small MSP just starting out. I gained a wealth of experience from managing and growing a successful MSP in AZ and working with clients across the US in the financial sector, non-profits and unions, and Fortune 500 retail organizations. Through my own struggles and successes, I have a deep understanding of the challenges faced by MSPs and have extensive experience with the development of strategies for fast-tracking ROI after adopting a new technology solution. I experienced great success during my years with the MSP and am passionate about seeing Partners gain the same success and profitability. 

Can you tell us about what you plan to speak about at NerdioCon? Why will this be relevant/important for partners?  

I’m going to be speaking about Datto’s Global State of the MSP Report, because this year’s study resulted in some really interesting statistics. Competition, revenue growth, and new client acquisition ruled as the top challenges facing MSPs, with profitability and improving operational efficiencies coming in right behind them. Partners will walk away with ideas on how they can apply these statistics to their 2023 business plan, and insight into the ways Kaseya is applying the findings to our roadmap moving forward 

What are you looking forward to at the event this year?  

This will be my first time attending NerdioCon, so I’m excited for the whole experience! 

Looking forward to connecting with partners and sharing the research we’ve done on how MSPs can continue to grow and capitalize on trends in the market. At the end of the day, MSPs continue to be the core of the IT channel and Kaseya’s business. They are essential service providers for millions of small and midsize businesses (SMBs) worldwide. We hope that this event provides great insights and sheds light on this industry that continues to thrive.

What trends do you think we’ll be seeing in the partner space in the year to come?  

Based on Datto’s recent State of the MSP report, the key findings showed:

  • Cybersecurity is still a very large area for growth. While services for ransomware and phishing/email security remain the top focus for MSPs, others are finding further growth offering services around expanding reporting, auditing, training and policy building for clients.
  • Revenue associated with managed security services seems to be shifting to break-fix across regions. Reasons vary, but many feel this shift is not the same as the break-fix the industry dealt with 20 years ago. Break-fix has conceptually changed to more of a co-managed service offered by MSPs to help over-burdened IT departments in larger companies stay afloat.
  • Cloud-based infrastructure design and management and office productivity software services are the top managed services currently offered. There is a big opportunity for new solution offerings with a strong intent to add new solutions in the next year across the board, primarily around collaboration software (26%) and storage design and implementation (25%).
  • The hybrid workforce (remote + office) is here to stay. There are a few MSPs that have clients whose workforces are fully remote, but most have settled into a permanent hybrid plan. MSPs will now need to ensure all offerings accommodate this model.

Overall, MSPs are looking to reduce operational cost and become more efficient. That is the goal of IT Complete, Every technician needs to be Multi-Functional – one person or a small team has to DO-IT-ALL, bouncing between different applications and tools. IT Complete is built specifically to serve these over-worked, under-resourced, under-funded, and under-appreciated IT generalists. The platform is purpose-built for the MSP to be complete, integrated, intelligent and prices-right.

Finally, who are your “nerd icons”? That is, who do you look up to in the tech industry? And/or who has influenced your career in it? 

My ‘nerd icons’ aren’t necessarily nerds per ser, but icons who have influenced my career. Sarah Blakely, Gary V, Shari Levitan, Richard Branson, Tony Robbins  

Azure Virtual Desktop for Contractors & Third-Party Workers

Organizations are increasingly looking to adopt the benefits of flexible working to enhance productivity and ensure that staff feel both trusted and valued in their roles. Providing your team with a secure, consistent workspace is a significant milestone for flexible working initiatives.

However, while many businesses may have developed a mature flexible-working model for permanent staff over the last 2-3 years, the same cannot always be said for contracted staff and third-party workers. Contractors often sit outside the purview of the IT support team and as such are typically expected to provide their own devices.

The Virtual Desktop Use Case for Contractors

A recent study by Talon Cyber Security showed that around 45% of respondents performed their work activities indirectly via a DaaS or VDI platform. However, around 55% of third-party workers used personal, unmanaged devices to access company systems. This means that the majority of third-party workers are interacting directly with corporate data from unmanaged and potentially compromised devices.

DaaS and VDI platforms separate the user’s work activities from the local device, meaning that a secure ‘air gap’ exists between the potentially compromised personal device and corporate data. DaaS and VDI platforms are also managed centrally by the IT support team, meaning required security policies and auditing can be enforced for all users, both permanent and contract.

The implications of data breaches from both a revenue and reputation perspective are significant. The most recent IBM Data Breach Report found 83% of studied organizations have experienced more than one data breach in their lifetime and found nearly 50% of breach costs are incurred more than a year after the breach.

So, if DaaS & VDI offer a secure, practical solution to the problem of providing secure remote access to staff and contractors, why then have only 45% of businesses adopted it?

Addressing Cost Concerns around Contractor Remote Access

Desktop virtualization platforms can be expensive to run and maintain. Historically, organizations would need to purchase the hardware and licensing for these platforms upfront (CapEx) and run the service from private data centers (OpEx). This meant committing to high up-front costs before the service could even be tested on a meaningful scale.

With the advent of cloud-based desktop virtualization solutions such as Azure Virtual Desktop, this barrier has been removed. AVD lets administrators create and test virtual desktops globally, without any future commitment to onboard users. Once the concept has been proved, these services can be dynamically scaled to the required user numbers.

However, cost is still a significant barrier here. Native AVD deployments can be expensive from an OpEx perspective, both in terms of the Azure resource costs and the administrative overhead to run and manage the platform. Nerdio Manager simplifies platform management, provides management enhancements such as Disaster Recovery (DR), and significantly reduces resource costs via automated desktop scaling. This last bit alone saves typically between 60-80% when compared to a standard, ‘always on,’ unoptimized AVD deployment.

Lastly, outside of using a third-party platform to optimize and lower AVD costs, it is important for IT decision makers to understand the total value of VDI and DaaS when they are considering costs. Physical devices do not cost as much but also do not provide the same scalable, flexible, resilient, and secure benefits that cloud-based desktop virtualization does. When looking at how to equip contractors with the applications and tools needed to do their jobs, VDI/DaaS and traditional on-prem-based EUC cannot be compared on just cost alone.

Checklist: Secure Remote Access for Contractors

The below list provides some tips and ideas for managing contractor access and reducing your attack surface.

  1. Fully unmanaged personal or 3rd party devices should never be allowed to access your corporate data or networks.
  2. Where cloud services such as Microsoft 365 are in use, access to these services should be restricted or blocked on unmanaged devices using conditional access policies.
  3. Never install corporate applications or VPNs on personal, unmanaged devices. Doing so compromises your organization’s security and leaves the network open to attack.
  4. Ensure that permissions assigned to 3rd party workers follow the principle of least privilege. Workers should only have access to the services they require to complete their tasks.
  5. Where possible, deliver desktops and applications to users via a secure virtual desktop solution such as AVD. These desktops exist within the corporate environment, and will be subject to the correct security and administrative policies to reduce your attack surface.
  6. Where virtual desktop platforms exist, ensure they are sufficiently restricted or hardened. A poorly implemented virtual desktop estate offers limited protection. Invest in penetration testing to discover any issues or exploits which may exist.

Our team is always happy to connect and dive deeper into any specific use cases your organization is considering supporting via AVD. Contact us today to see how we can help!

Breaking Down Microsoft Azure VMS Series: A, B, D, E, and N

Virtual Machines (VMs) in Azure come in predefined sizes that are called  families  or  series.  An individual VM is often referred to as an  instance.  Different VM families are designed for common use-cases and are comprised of certain amounts of CPU cores and GB of RAM.  It’s not possible to arbitrarily mix and match CPU cores and GB of RAM as can be done with Hyper-V and VMware.  Therefore, it is important to understand the specific VM Series you wish to deploy when thinking through the specific IT environment you are deploying in Microsoft Azure. 

Here, we will focus on five of the most common Azure VM Series, how they compare to each other, and when to use each. You can also check out our YouTube video.

Microsoft Azure VMs: A Series 

Entry-level economical VMs for dev/test * 

These are generally used in small deployments where cost consciousness outweighs performance.  You should only use these in rare instance implementations with non-customer facing VMs.  

Microsoft Azure VMs: B Series 

Economical burstable VMs * 

B-series are economical virtual machines that provide a low-cost option for workloads that typically run at a low-to-moderate baseline CPU utilization, but sometimes need to burst to significantly higher CPU utilization when the demand rises.  

We like B series for AD servers, servers that are 24×7 and non-customer facing servers.  

When idle, the B series will bank credits and use those credits later when CPU utilization needs to burst past the baseline.  When rebooted, B series will lose their credits which can take hours to rebuild without too much impact.  When booted without any banked credits, the B series will only have access to allow for a small fraction of total CPU utilization until a bank of credits can be built up.  

Microsoft Azure VMs: D Series 

General purpose compute * 

D-series VMs feature fast CPUs and optimal CPU-to-memory configuration, making them suitable for most production workloads. DSv3-series instances carry more powerful CPUs and the same memory and disk configurations as the D-series.  However, these CPU cores are hyper-threaded, meaning that a single physical CPU core is behind each two CPU cores in a Dsv3 VM.  

Ds2-64 v3 instances (ie. Ds4v3 – 4 core x 16GB RAM) are the latest hyper-threaded generation of general-purpose instances and are based on the 2.4 GHz Intel Xeon® E5-2673 v3 (Haswell) processor or the latest 2.3 GHz Intel XEON ® E5-2673 v4 (Broadwell). They can achieve higher speeds with Intel Turbo Boost Technology 2.0. The Ds-series supports Standard and Premium SSD storage.  

We like D series for performance as they pair well with premium SSD – a must for solutions or presentation layers that are customer-facing.  There is not a lot of difference in price with v3 instances (as opposed to v2), which makes them ideal.  

Example use-cases include many enterprise-grade applications, relational databases, in-memory caching, and analytics. The latest generations are ideal for applications that demand faster CPUs, better local disk performance or higher memories.  

Microsoft Azure VMs: E Series 

Optimized for in-memory hyper-threaded applications*

The E-series family of Azure virtual machines are optimized for heavy in-memory applications such as SAP HANA. These VMs are set up with high memory-to-core ratios, which makes them well-suited for relational database servers, with medium to large caches, and in-memory analytics. The E-series VMs range from 2 to 64 vCPUs and 16-432 GiB RAM, respectively. The Es-series supports Azure Premium SSDs. 

We like the E series for session hosts and collections where the line of business applications consumer a higher than normal memory footprint per user.  Software that is optimized for multi-user session hosts can often consume large footprints of memory. 

Example use cases include SAP HANA, SAP S/4 HANA, SQL Hekaton and other large in-memory business critical workloads. 

Microsoft Azure VMs: N Series 

GPU enabled virtual machines * 

The N-series is a family of Azure Virtual Machines with GPU capabilities. GPUs are ideal for compute and graphics-intensive workloads, helping customers to fuel innovation through scenarios like high-end remote visualization, deep learning, and predictive analytics.  

The N-series has three different offerings aimed at specific workloads:  

  • The NC-series is focused on high-performance computing and machine learning workloads. The latest version—NCv3—features NVIDIA’s Tesla V100 GPU.  
  • The ND-series is focused on training and inference scenarios for deep learning. It uses the NVIDIA Tesla P40 GPUs. The latest version – NDv2 – features the NVIDIA Tesla V100 GPUs.  
  • The NV-series enables powerful remote visualization workloads and other graphics-intensive applications backed by the NVIDIA Tesla M60 GPU.  

We like NV series for graphic needs related to engineering and 3D modeling.  The footprint is quite large which makes them good shared machines.  Assigning 2-4 users per N series as an RDS Session Host is an ideal for cost distribution and performance requirements.  NV series will be the primary N series instance.  Approach other N series with a very specific need or application requirement as they are not a good fit for GPU enabled virtual desktops. 

Example use-cases include simulation, deep learning, graphics rendering, video editing, gaming, and remote visualization.  

Microsoft Azure Site Recovery (ASR): What You Need to Know

One of the most common questions we get from managed service providers (MSPs) who are in the process of building a cloud practice in Microsoft Azure is “what is Azure Site Recovery (ASR) and when should I use it?” 

Let’s review this important Azure service from Microsoft and its relevance to MSPs.  

Why does Azure Site Recovery exist? 

Azure Site Recovery (ASR) is Microsoft’s Disaster Recovery-as-a-Service (DRaaS) solution built specifically for Azure workloads. ASR enables companies to recover from catastrophes quickly with minimal downtime. ASR can also be used as a tool to migrate existing servers into Azure from an on-premises environment or migrate workloads between Azure regions and resource groups. 

Who is Azure Site Recovery designed for? 

  • Companies that need to meet specific requirements or regulations for their industry such as ISO 27001 
  • Companies who are sensitive to downtime or want to limit impact from region-specific Azure outages 
  • Companies who wish to migrate current workloads into Azure from an on-premises environment, between Azure regions, or between resource groups 
  • Anyone seeking a complete business continuity and disaster recovery (BCDR) strategy for their business 

When can Azure Site Recovery be used? 

  • Replication of Azure VMs from one Azure region to another 
  • Replication of on-premises VMware VMs, Hyper-V VMs, physical Windows and Linux servers, and Azure Stack VMs to Azure 
  • Replication of on-premises VMware VMs, Hyper-V VMs managed by System Center VMM, and physical servers to a secondary site. 
  • Replication of specific workloads running on a machine that’s supported for replication 

What are some of the key features of Azure Site Recovery? 

  • A simple BCDR solution – ASR is built into Azure and can be managed entirely from within a single location
  • Data Resilience – Data is replicated inside of Azure storage with all the resilience and security provided by Azure
  • RTO and RPO Targets – Manage and meet organizational RTO/RPO targets with continuous replication at intervals as low as 30 seconds for Hyper-V servers
  • Easy and Flexible Failover– Test failover and disaster recovery scenarios without disrupting replication
    • Failovers can also be planned for expected outages with zero-data loss
    • Unplanned failovers can happen with minimal data loss and fail back to your primary site can be done easily when it’s available again 

How do I setup a basic Azure Site Recovery replication?  

Enable replication for an Azure VM  

  • In the Azure portal, click Virtual machines, and select the VM you want to replicate 
  • In Operations, click Disaster recovery 
  • In Configure disaster recovery > Target region select the target region to which you’ll replicate 
  • For this QuickStart, accept the other default settings 
  • Click Enable replication. This starts a job to enable replication for the VM

Verify your settings  

  • After the replication job has finished, you can check the replication status, modify replication settings, and test the deployment
    • In the VM menu, click Disaster recovery
    • You can verify replication health, the recovery points that have been created, source, and target regions on the map

Clean up resources/stop replication  

  • The VM in the primary region stops replicating when you disable replication for it:
    • The source replication settings are cleaned up automatically. The Site Recovery extension installed on the VM as part of the replication isn’t removed and must be removed manually. 
    • Site Recovery billing for the VM stops

Stop replication as follows 

  • Select the VM 
  • In Disaster recovery, click Disable Replication

Where can I get more information on Azure Site Recovery? 

NerdioCon Nerd Icon: Tim Coach, Pia

Next month, February 27 – March 3, we will be back in Cancun for NerdioCon 2023, our second in-person, all-inclusive partner conference! We are once again looking forward to bringing attendees the best content, sponsors and speakers from around the channel and are stoked to have a new enterprise partner track added this year. Spaces are limited and selling out fast so please visit www.nerdiocon.com to view our agenda and register to attend.

To bring visibility to some of the experts you catch at the conference, we’re excited to kick off our Nerd Icon blog series that will run January – March. First up is none other than Tim Coach, Global Channel Chief, Pia!

Tell us a bit about Pia and your current role with them. 

Pia is a true automation platform that integrates a SaaS solution with a PSA but is also a standalone platform. This will allow MSPs to automate the day-to-day tasks of their help/service desk services thereby creating efficiencies, standardization and improved relationships with both employees and clients.

My role as the Global Channel Chief of Pia is to bring awareness of the PIA solution to the MSP channel that will drive and deliver the next big thing to MSPs; automation. In essence the role allows me to bring the value of true automation to the MSP and enterprise communities to improve their quality of business and life.

Pia’s partners are both MSPs and enterprise level businesses. Our primary focus is to serve the community of MSPs as well as partners that are looking to the future of their business and discovering a solution that will help automate day-to-day tasks. With the current trends in the economy along with the deficiency in the tech labor force, new forward-thinking solutions are needed. MSPs carry an extremely difficult task and are the backbone to ensure business stay open and server their clients. True Automation gives the MSPs the ability to switch the focus off overworked staff to the client. This allows for a deeper and more meaningful relationship between the two.

How did you get to this point in your career, and what sustained or prompted your interest in the tech industry?  

I began my career as a client of an MSP. Then jumped over to the MSP side in management. From there I worked my way up to COO, rebuilding and consulting with other MSPs to help create a better version of the MSP.  I did that for over a decade, during that time I was a guest speaker for various vendors and realized how much I loved the channel side of the business. That is when I decided to change my focus and bring products to the MSP that improved both their day-to-day quality of running the business and as a result improved their relationships with their clients.

Can you tell us about what you plan to speak about at NerdioCon? Why will this be relevant/important for partners?  

My session, “Next big shift for MSPs, the future of using true automation,” is coming at the perfect time to help MSP partners amid current market factors. Given the current state of the economy, in correlation with the lack of talent in the hiring pool, SaaS solutions providing true automation will relieve the burden of growing your business while increasing efficiencies and profitability.

What are you looking forward to at the event this year?  

We are looking forward to being able to partner with Nerdio at your premier event to put automation at the forefront of the MSP community as a primary resource to help move the MSP business model forward.

We are also looking forward to spicy margaritas for everyone (on me 😉)

What trends do you think we’ll be seeing in the partner space in the year to come?  

We feel the trends for 2023 will move heavily towards automations and platforms that are focused on AI and machine learning space. Pia wants to help take the load off the MSPs, by providing more within a solution to make up for resources, lack of talent as well as assist in the expandability of the MSP.

Finally, who are your “nerd icons”? That is, who do you look up to in the tech industry? And/or who has influenced your career in it? 

Nerd icons for me, are always the passionate innovators. Those that work tirelessly behind the scenes with little recognition but are the ones that are moving the industry forward. Our very own developer and CTO at Pia, Aron Hardy-Bardsley is a great example of this. If you look at all the successful IT companies over the years there is always a front person, someone who is the face of the company that we all know. Very few know the people that put the long hours in on the keyboard, or envisioned the next version, the next enhancement, the next BIG thing. Those are the innovators/creators that should inspire us all, those are the folks that allow me to represent them to our community.

Azure Virtual Desktop Calculator: Finding the True Cost of AVD

The most common question we hear from Managed Service Providers (MSPs) on Microsoft’s Azure-only Azure Virtual Desktop (AVD) is how to think through its pricing and the resulting impact on an MSPs’ business.

To answer this question, it is important to break AVD down into its sub-components and consider the costs of each as compared to other alternatives, such as utilizing Remote Desktop Services (RDS).

First, it is important to point out that contrary to how some are portraying it in the market, AVD is not a packaged virtual desktop offer from Microsoft. AVD is a set of Microsoft technologies available to IT departments and cloud service providers to build virtual desktop offers for customers and users. This is an important distinction.

The building blocks of Azure Virtual Desktop

When talking about Azure Virtual Desktop pricing, it’s important to consider these three primary building blocks:
1. Azure infrastructure to run desktops and apps (i.e. AVD session hosts)
2. AVD Management Services (i.e. Control Plane)
3. Software licensing (i.e. Windows 10 Enterprise)

Let’s examine the costs associated with each of these while comparing them to the legacy RDS technology.

1. Azure infrastructure to run desktops and apps (i.e. AVD session hosts)

AVD supports two types of desktops:

  • Personal (1-to-1 assignment between a user and desktop VM)
  • Pooled (many-to-1 assignment between users and desktop VM)

AVD can also be used to deliver individual apps instead of full published desktops. In all of these scenarios (virtual desktop for personal use, pooled, apps), there are VMs running Windows (typically Windows 10 Enterprise multi-session) that provide this functionality. These session host VMs run inside of a customer’s Azure subscription and require the use of computer, networking, and storage resources in Azure.

The consumption cost for Azure resources supporting AVD session hosts VMs will depend on many factors such as:

  • Average number of users per vCPU (e.g. 3 users per vCPU)
  • Average GB of RAM per user (e.g. 1GB RAM per user)
  • Azure VM family (e.g. B, Dsv3, Esv3, NVv2)
  • Type of storage used by each VM (e.g. Premium SSD, Standard SSD, Standard HDD)
  • OS disk capacity of each VM (e.g. 128GB, 256GB, 1TB)
  • Amount of data transferred out of Azure per user (e.g. 25GB/month)
  • Other infrastructure services such as backup, replication, VPN, etc.
  • Reserved Instance use (e.g. pay-as-you-go, 1-year or 3-year reservations)

You can use virtual desktop pricing tools such as the Azure Calculator or the Nerdio Cost Estimator to better understand and estimate the exact costs and to model multiple “what-if” scenarios.

This Azure VDI (virtual desktop infrastructure) pricing is largely the same if you were using RDS to deliver Windows desktops using “desktop experience” rather than the native Windows 10 look and feel that you get with AVD. From a resource utilization and cost perspective, this component of AVD is very much similar to the cost of Azure infrastructure to run RDS session hosts, rather than AVD session hosts. (Note: this is assuming Windows Server 2016 VMs running RD Session Host roles have Azure Hybrid Usage enabled).

2. Azure Virtual Desktop Management Service (i.e. Control Plane)

The job of a control plane is to orchestrate the creation and management of desktop and app session hosts, authenticate users who are logging into their desktops and to determine where to “land” a user’s desktop connection (meaning what desktop VM to patch the user through to). In the RDS world, this was handled through a number of “RDS roles” namely: RD License Server, RD Web, RD Webclient, RD Connection Broker and RD Gateway. With AVD, it is no longer necessary to install and manage any of these roles as they are now part of the AVD Management Service, which is hosted in Azure and operated by Microsoft. It is a PaaS product that can be controlled via RestAPI, PowerShell, and soon the Azure admin portal.

This is a key distinction between legacy RDS deployments and AVD. With RDS, IT departments and MSPs had to build one or more domain-joined Windows Server VMs, and then install and configure the RDS roles on those VMs. This meant that additional Azure infrastructure (i.e. cost) was needed to support the control plane. With AVD, Microsoft has taken over the responsibility for the control plane and there is not an incremental cost for this service. Not to say that it is free, but rather that it is included in the pricing of a AVD software license subscription.

3. Software licensing (i.e. Windows 10 Enterprise)

AVD Management Service that is hosted and managed by Microsoft in Azure is a benefit that comes at no additional cost with a subscription to Windows 10 Enterprise license. There are multiple ways to purchase a Windows 10 Enterprise subscription. Including:
1. Microsoft 365 (E3, E5, A3, A5, Business)
2. Windows (E3, E5, A3, A5, Business)
3. Windows 10 Enterprise VDA

In the legacy RDS world, you would need to purchase a Windows Server license and an RDS Subscriber Access License to create a desktop deployment in Azure and use additional VMs to run and manage the RDS roles.

Let’s summarize the above with a table that compares RDS virtual desktops in Azure versus AVD using the Windows 10 Enterprise multi-session operating system.

 Azure Virtual DesktopRDS Virtual Desktops in Azure
Azure infrastructure to support desktop virtual machines (session hosts)Compute, storage and networking Roughly the same in both deployment scenarios (assuming AHU)
Control PlaneAVD Management Service Hosted and managed by Microsoft in Azure No Azure VMs needed No additional cost beyond Windows 10 licenseRDS Roles (e.g. LS, Web, GW, etc.) Hosted and managed in Azure by customer or service provider Azure VMs needed for RDS roles Azure infrastructure costs for VMs hosting RDS roles
Microsoft LicensingWindows 10 Enterprise subscription Microsoft 365 (E3, E5, A3, A5, Business) Windows (E3, E5, A3, A5, Business) Windows 10 Enterprise VDA Approximate licensing cost: $7/user/monthWindows Server and RDS subscription RDS CAL with Software Assurance RDS via CSP Software Subscription Server via CSP Software Subscription Server VL with Software Assurance Approximate licensing cost: $6/user/month

How should an MSP decide on the right path forward?

When it comes to AVD vs. legacy RDS, there are many technical reasons to choose Azure Virtual Desktop. Among these benefits are:

  • AVD is a new, up-to-date and very exciting technology from Microsoft
  • AVD allows for native Windows 10 desktop instead of a Windows 10 “desktop experience” with RDS
  • AVD includes profile management technology from FSLogix
  • AVD management service is managed by Microsoft and is a PaaS service
  • AVD supports OneDrive and indexed search in pooled desktops

Some MSPs may choose to continue using RDS over AVD for the following reasons:

  • RDS is a mature, well understood and market tested solution
  • Applications that were written for RDS on Server OS may not work in Windows 10 Enterprise multi-session right away
  • Customers and service providers may want to retain full ownership of not just the desktop VMs but also the control plane (i.e. RDS roles)
  • RDS can be used both on-premise and in Azure while AVD is Azure only

Let’s assume a customer feels indifferent between AVD and RDS based on the technical reasons above. If the primary decision factor is based on pricing, then how would they decide? That depends on whether the customer already owns a subscription to Windows 10 Enterprise under any of the Microsoft licensing programs mentioned above.

Customer already owns Windows 10 Enterprise subscription or is going to be licensing Microsoft 365 anyway

  • AVD is the winner on cost
  • There is no additional licensing cost for AVD Management Service
  • There is no need for any additional Azure VMs to run the control plane

Customer does not own Windows 10 Enterprise subscription and is not planning on purchasing it for any reason other than potentially using AVD

  • RDS and AVD tie on cost
  • Incremental cost of a Windows 10 Enterprise subscription is $7 per user/month and the incremental cost of RDS SAL & Server 2016 license is roughly $6 per user/month (assuming CSP Software Subscriptions are used to license RDS and Server OS)
  • For sizable deployments, the incremental cost of RDS infrastructure VMs will average out to $1 to $2 per user/month making the true cost AVD and RDS about the same.  In small deployments (<25 users), where there aren’t enough users to amortize the cost of RDS infrastructure VMs across, RDS will be slightly more expensive

AVD holds the promise to simplify virtual desktop licensing and deployment in Azure. With many organizations moving toward Microsoft 365 and Azure, it is a natural and relatively low-cost way to deploy desktops and applications in the cloud, unlike anything else that is available from other public cloud providers.

Try out our free Azure Virtual Desktop Cost Calculator here!

Free White Paper Download!

Calculating The True Cost of Azure Virtual DesktopGET IT NOW