In today’s digital-first world, organizations are under constant pressure to deliver secure, scalable, and cost-effective solutions for remote work. Enter Azure Virtual Desktop (AVD), Microsoft’s managed service that enables businesses to provide virtualized desktops and applications to employees anywhere, on any device. AVD eliminates the complexity of managing on-premises VDI infrastructure, offering elasticity, centralized management, and enterprise-grade security.
With AVD, IT teams can:
- Deploy virtual desktops and apps quickly without investing in physical hardware.
- Scale resources up or down based on demand, optimizing costs.
- Ensure security through integration with Azure Active Directory, MFA, and conditional access.
- Simplify management using the Azure portal, PowerShell, or REST APIs for automation.
But while AVD is powerful on its own, running it on Azure Local takes things to the next level.
Why Azure Local Changes the Game
Azure Local is Microsoft’s answer to the growing need for data sovereignty, low latency, and compliance. It brings the full Azure experience closer to your users by hosting services in local or regional data centers. This means:
- Reduced Latency: Applications like AVD thrive on speed. Hosting desktops closer to end-users ensures faster response times and smoother performance, critical for real-time collaboration and productivity.
- Compliance and Data Residency: For industries like healthcare, finance, and government, keeping data within national borders isn’t optional, it’s mandatory. Azure Local helps meet GDPR and other regional regulations effortlessly.
- Hybrid Integration: Azure Local integrates seamlessly with existing on-premises environments via Azure Arc, enabling unified management of virtual machines, containers, and storage alongside your AVD deployment.
Benefits of Running AVD on Azure Local
Running Azure Virtual Desktop on Azure Local delivers a transformative experience for organizations seeking performance, compliance, and resilience. By minimizing latency, virtual desktops become far more responsive, offering employees a near-native experience even when working with graphics-intensive applications. This improvement in user experience translates directly into higher productivity and satisfaction.
Beyond performance, Azure Local provides regulatory confidence by ensuring sensitive data remains within your region. This approach reduces legal risks and simplifies audits, making compliance with data residency laws far less complex. Business continuity is another critical advantage. Hosting workloads locally mitigates the impact of global outages or connectivity disruptions, ensuring that essential applications and desktops remain accessible when they are needed most.
Security and scalability remain uncompromised. Organizations can still leverage Azure’s global capabilities, such as identity management, advanced security features, and automation, while maintaining local control over their infrastructure. Finally, combining AVD with Azure Local creates a future-proof architecture. It positions businesses to embrace hybrid cloud strategies, offering flexibility and adaptability as technology and organizational needs evolve.
RDP ShortPath
RDP ShortPath is an enhancement to the Remote Desktop Protocol (RDP) designed to improve performance and reliability for Azure Virtual Desktop connections. Instead of relying solely on the traditional TCP channel, ShortPath uses the UDP protocol, which offers lower latency, faster data transmission, and a smoother experience, especially for graphics-heavy applications or multimedia.
Normally, RDP traffic routes through the Azure Gateway, adding extra hops and potential delays. With ShortPath, a direct connection is established between the client and the session host, provided the network configuration supports it. This can occur over managed networks like VPN or ExpressRoute, or over public networks using ICE/STUN techniques for NAT traversal.
To enable ShortPath, you need to open UDP port 3390 and configure settings via Group Policy or local policy to allow UDP transport alongside TCP. This approach reduces congestion and packet loss, resulting in a more stable and responsive session. In short, RDP ShortPath is a key technology for optimizing Azure Virtual Desktop performance by delivering faster, more reliable remote connections.
https://learn.microsoft.com/en-us/azure/virtual-desktop/rdp-shortpath?tabs=managed-networks
RDP ShortPath via GPO
To install ADMX files for Azure Virtual Desktop Group Policy, first download the official administrative template from Microsoft Learn. Extract the files and copy the .admx file to the PolicyDefinitions folder on your local machine or the domain’s Central Store, and place the corresponding .adml language file in the appropriate language subfolder. Ensure you have administrative rights—Domain Admin for Active Directory or local Administrator for standalone hosts. After installation, open the Group Policy Management Console, create or edit a GPO targeting your session hosts, and configure settings such as RDP ShortPath, watermarking, and screen capture protection under Remote Desktop Services policies.
Create a new Group Policy Object in the Group Policy Management Console and link it to the Organizational Unit that contains, or will contain, the Azure Virtual Desktop session host computer accounts. Ensure the GPO scope targets those hosts and apply appropriate delegation as needed. This placement guarantees the policy is processed by the correct machines once they join the domain, enabling consistent configuration and management aligned with your AVD standards and security requirements.
Enable the setting: Enable RDP ShortPath for managed networks.
In the next post we will setup Azure Virtual Desktop and deploy virtual machines to Azure Local.
IT Professional on a journey to discover the cloud platforms and become certified and an expert.
A Blog that follows the journey to get to the Cloud.
Azure Local | Azure Bicep | Azure Virtual Desktop | Powershell | Azure Certified | MCSA | Microsoft 365
