Azure Virtual Desktop (AVD) is a powerful and increasingly popular solution that allows businesses to provide secure, scalable, and cloud-based desktop virtualization, usually without the overhead of on-prem infrastructure. However, many organizations underestimate the importance of monitoring, leading to performance, compliance, and cost issues. Today, I will debunk several common myths surrounding AVD monitoring and explain why a proactive approach can save you time, stress and billing costs.

What is Azure Virtual Desktop?

Azure Virtual Desktop (AVD) is Microsoft’s cloud-based desktop and application virtualization service. It offers flexibility, scalability, and secure access to users from virtually anywhere. While Microsoft manages the underlying infrastructure, businesses are responsible for managing user experience, application performance, and cost control. Monitoring plays a vital role in ensuring that AVD deployments operate smoothly and efficiently, meeting user expectations and business requirements. Here are seven common myths about AVD monitoring and the realities behind them.

Myth #1. “AVD is a cloud service. Microsoft manages it. I don’t need to worry about monitoring and analytics.”

A widespread misconception is that since AVD is a cloud service, Microsoft takes care of everything, including monitoring. While Microsoft maintains the infrastructure, it’s important to note that ensuring user experience is still your (the customer’s) responsibility. Afterall, what applications to deploy, what type of profiles to use, what integrations to support, are all determined by you. And the decision to use AVD (rather than other digital workspace technologies like Citrix, Omnissa Horizon, etc) is also yours. Users don’t care what VDI technology is used as long as it is available and performing.

When users encounter issues such as login slowness, application failures, or sudden disconnections, they will still turn to you for resolution of these problems. It will be your responsibility to determine what caused the issue: is it a network connectivity issue to Azure, a profile management issue, an Azure storage or network failure, or whether it is a problem with application connectivity (e.g., the application being accessed could be remote – e.g., Salesforce) or with the application code. Issues at the user end – e.g., poor Wi-Fi connectivity or a bad ISP connection – can also lead to complaints about slow access. The cloud service provider, Microsoft is not responsible for troubleshooting any of these issues.

Continuous monitoring helps detect problems proactively and to identify whether the cause of these problems lies. Without monitoring, pinpointing and resolving user complaints will be much harder and take more time.

Additionally, AVD is a usage-based service, meaning that you pay based on consumption. Your interest should be in controlling the service cost and for this, you need visibility into usage patterns and trends. You will need to understand who is using the service, what resources are being consumed, and how to control costs effectively. Good end-to-end observability and monitoring are essential – and these are not areas that Microsoft handles.

eG Enterprise report on AVD connection failures

Figure 1: A Connection Failure report in eG Enterprise allows the administrator to quickly identify the most problematic areas of their AVD deployment to target effort where most effective. Instant visibility on whether certain Host Pools, Session Hosts, Users or Session Desktops experience connection problems.

Myth#2. “Azure Service Health allows customers to track the status of Azure services. That’s enough.”

Microsoft does provide overall service health updates on the Azure status portal. The Azure Service Health dashboard provides an overview of health updates and open service advisories.

Screenshot of the Microsoft Azure Service Health Screen

Figure 2: The Azure Service Health dashboard: While this is useful to track general service availability, it is not designed to offer real-time, detailed insights into specific AVD deployments.

The information presented in the Azure Service Health updates is often very generic, and status updates usually lag significantly behind real-time outages or incidents. We have some useful information on how to track Azure outages available, see: How to Protect your IT Ops from Cloud Outages (eginnovations.com).

The Azure Service Health updates reflect the actual status after a problem has become severe enough to impact a large number of customers. Further, the health indicators are not specific to your subscription and your systems. Even if the Azure status portal indicates that AVD is operational, specific issues within your subscription — such as configuration errors, Entra ID (formerly Azure AD) authentication problems, FSLogix or storage issues, or a runaway application on a session host — are not reflected.

Therefore, you cannot rely solely on the Azure status portal and the Azure Service Health dashboard for operating the AVD service efficiently.

Synthetic monitoring, which simulates user activity 24×7, is often necessary to identify performance issues that the Azure portal might miss. With this approach, software robots simulate user logons to AVD and measure logon availability and logon times. A more sophisticated approach is full session simulation, where an entire workflow – a user logging in to their session, logging into an application, doing work in the application and then signing out of the app and VDI – is simulated and the success of each step of the workflow and its response time tracked. This type of monitoring provides a proactive way to track key performance metrics like login times and application responsiveness, allowing you to address issues before they impact users, rather than relying on delayed status updates.

Full session synthetic monitoring dashboard in eG Enterprise is available for AVD

Figure 3: Full session simulation showing the performance of each step of the simulated workflow

External synthetic monitoring for AVD can simulate user access from specific geographic locations, mimicking home, remote workers, or branch offices. This ensures performance consistency and identifies location-specific issues before they impact users. Synthetic monitoring can also be used to simulate users using multiple applications in a realistic way even when no real users are accessing your AVD deployment. Learn more: Synthetic Monitoring of Microsoft Azure DaaS | eG Innovations.

Myth#3. “I have configured auto-scaling. This is sufficient for my AVD service to operate well.”

While auto-scaling is a valuable feature of AVD, it is not a substitute for comprehensive monitoring. There is a misconception that simply configuring auto-scaling will solve performance problems – this is akin to throwing more computing resources whenever there is an issue.

Auto-scaling responds to increased resource usage and demand by adding more session hosts, but it doesn’t analyze the underlying causes of the usage/demand spike. For instance, a rise in CPU or memory usage could be due to an application misconfiguration or a malfunctioning application. Auto-scaling may increase capacity, raising costs without resolving the root cause. By monitoring your AVD landscape, you can identify if the resource demand is legitimate or if there are application inefficiencies or misconfigurations that need addressing to optimize costs effectively.

Hence, auto-scale up is useful when configured correctly but it is not a replacement for 24×7 monitoring.

Root-cause Diagnostics for AVD – An Example

The CPU time used by user sessions (%) indicates the percentage of time, across all processors, that a user used the CPU. In contrast, the CPU usage for a user’s processes measure indicates the percentage of overall CPU time that a user is using. For example, if a user is taking up one of the CPUs for 100% of the time and there are 8 CPUs on the AVD, CPU usage for user’s processes will be 12.5% (100/800). While 12.5% may seem to be a low number, the fact that the user is taking up one of the CPUs of the AVD is significant.

Hence, CPU time used by user’s session measure is a better indicator of CPU usage by users. In the above example, since the user is consuming 100% of one processor, CPU time used by user’s session will be 100%. A high value of this measure or a consistent increase in the value of this measure demands attention. Use the detailed diagnosis to know what CPU intensive activities are being performed by the user.

eG Enterprise screenshot showing the monitoring of RemoteFX metrics and some other metrics useful for troubleshooting user experience problems.

Figure 4: Note the detailed diagnostics icon (the magnifying glass) is available for CPU time used by user sessions (%). Clicking on this will give you instant access to detailed information on the individual applications and processes that are using the CPU and affecting the metrics value.

Figure 5:The root-cause diagnostics showing what is using the CPU and affecting the value of the CPU time used by user sessions (%) value.

Myth#4. “Azure Monitor gives me all I need for monitoring the AVD service.”

Azure Monitor is the built-in monitoring tool in the Azure tools stack. It offers visibility and alerting on different aspects of Azure and AVD performance. One of its significant drawbacks is that it requires significant manual setup to configure log analytics and build custom dashboards. Setting up metric thresholds and alerting is manual and time-consuming. We have a detailed guide on automating metric thresholding and alerting available, see: White Paper | Make IT Service Monitoring Simple & Proactive with AIOps Powered Intelligent Thresholding & Alerting (eginnovations.com).

Also, Azure Monitor operates on a pay-per-metric / alert model, meaning costs can quickly increase if you monitor a large number of metrics or run a complex environment. It is also incredibly hard to estimate costs and budget for Azure Monitor usage. See also: How to Reduce Azure Log Analytics Costs | eG Innovations. Since Azure Monitor cost is included in Azure costs, there is a misconception that Azure Monitor is free to use, which is not the case.

A joint survey on AVD uptake from AVD Techfest and eG Innovations found that the cost concerns around Azure Monitor – both the expense (30%) but also the uncertainty (30%) as to what those costs will be are the top obstacles to using Azure Monitor with AVD. Manual configuration and the lack of out-of-the-box features (26%) were the next most significant issue reported.

Source: Azure Virtual Desktop (AVD) Adoption Trends (eginnovations.com)

Often, many customers are using multiple types of digital workspaces – e.g., Citrix on-prem for legacy applications and for use cases that need higher security, and AVD for newer use cases or to support off-shore workers. In such cases, Azure Monitor does not provide the cross-platform visibility needed. You will need to use one tool to monitor AVD and another one for the other digital workspaces. Alternatively, you may need to integrate third-party solutions or additional monitoring tools to cover gaps in Azure Monitor and ensure a comprehensive view of your entire environment. Having a unified monitoring interface and consistent dashboards and reports minimizes the learning curve for your operations and helpdesk teams.

For information on what eG Enterprise offers for AVD monitoring beyond native Azure Monitor functionality, please see: Top Azure Monitor Alternatives: eG Innovations.

Myth#5. “Monitoring is needed only to troubleshoot when AVD problems occur.”

There are many who believe that monitoring is only valuable when issues arise. While it is true that having comprehensive monitoring does simplify and accelerate troubleshooting, monitoring has several other uses, especially for a digital workspace in the cloud.

  • Compliance: IT organizations are subject to stringent controls these days, and it is important to track user activities including who logged in, at what time, for how long, what applications they accessed and what resources they utilized. Monitoring of AVD provides access to reports that provide all of these usage insights that are important for compliance.
  • Security: Monitoring access attempts to your AVD service can highlight break-in attempts to your session hosts. Entra ID (was Azure ID) is a key for security in Azure and continual real-time monitoring of Entra ID sign-in logs can identify malicious attacks on your AVD deployments such as brute force and password spraying attacks.

    Malicious password attacks can be monitored for AVD deployments and Entra ID by eG Enterprise. A screenshot showing this.

    Figure 6: Brute force and password spraying attacks can be easily identified and the details examined via built-in reports.

    Learn more about monitoring Entra ID sign-in logs: Entra ID Monitoring – Sign In Logs & Attack Detection (eginnovations.com).

  • Right-sizing and cost-control: Deployment of resources in the cloud costs money. If your session hosts have excess resources (CPU, memory, etc), this will result in unnecessary cost. At the same time, malfunctioning applications (or misconfigured applications – e.g., antivirus scans or backups running during peak hours) or inappropriate user activity, if left unchecked, can lead to wastage of resources, leading to increased cost. Monitoring tools provide reports highlighting which session hosts are under-sized and which ones are over-sized. Real-time monitoring also highlights conditions where a user or an application are using a high/unexpected share of resources. IT operations teams can respond to alerts regarding such conditions and ensure that user experience does not suffer, and unnecessary auto-scaling does not happen.
  • Improved capacity planning: With empirical insights from monitoring tools, IT operations teams can plan better for growth. They can estimate how many more users can accommodate on the current infrastructure and can plan for the number and sizing of the session hosts needed to handle additional user growth.
  • Management reporting: Performance and usage reports can be used to highlight to management how the digital workspace service is working and how widely it is being used. These insights can also be used to justify additional expenses on the AVD service.

In summary, don’t look at monitoring tools as being useful for troubleshooting alone.

Myth#6. “Monitoring of AVD is about monitoring your session hosts.”

A common myth is that monitoring session hosts is sufficient to manage AVD performance. Obviously, the session hosts are important because they are the ones that handle user sessions and host applications accessed by users. But monitoring the session hosts alone provides only a part of the picture.

The performance of the AVD service also depends on components such as Entra ID (formerly Azure AD), networking layers, the Azure subscription in which the session hosts reside, the connection brokering layer of Azure, etc. All of which all impact user access and experience.

For example, problems in Entra ID can prevent users from accessing the environment, and these issues will not be visible if you only monitor session hosts alone. Additionally, the logon process and user authentication are managed largely at the connection broker layer (learn more about the AVD broker in Monitor and investigate AVD Broker issues | eG Innovations), meaning that only monitoring session hosts will miss critical information about logon delays or failures. Therefore, to fully understand user behavior and experience, it is essential to monitor all layers of the AVD environment, including Entra ID and broker services, for comprehensive visibility.

Learn more:

Myth#7. “Monitoring can be added later after the AVD service is operational.”

Often, the focus prior to and during deployment of AVD is on the applications to be delivered, the desktop configurations to be supported, sizing of the session hosts, the technology to be used for user profiles (e.g., local profiles, FSLogix, etc), how auto-deployment will be done (e.g., scripts or by using a tool like Nerdio), etc. While the focus on these aspects of provisioning the service are important, monitoring is often an after-thought. Monitoring is often considered after costs have shot up or users are complaining about issues.

Having a proactive monitoring strategy upfront during AVD deployment is a key to a successful deployment. If you are migrating applications and desktops to AVD, use monitoring to benchmark performance before the move and after the move to AVD. This way, all the stakeholders can be on the same page, and you can determine if the migration improved user experience or not.

Having monitoring in place from day one ensures that you have visibility into performance, usage, cost, and user experience, and when an issue is detected, you don’t have to wonder what changed. You will have the data to easily determine what caused a change in cost or usage. Not considering monitoring during the planning of your AVD deployment leads to cost overruns, slow performance complaints and finger-pointing between management and operations teams.

Conclusions

Supporting a virtual desktop service in the cloud is not as simple as it sounds. With Azure Virtual Desktop technology, while Microsoft manages the cloud infrastructure, you are responsible for managing user experience, application performance, and resource optimization. Having a robust and proactive end-to-end monitoring strategy in place is a key to the success of any AVD initiative.

Learn more about AIOps-powered AVD monitoring using eG Enterprise: Azure Virtual Desktop Monitoring | eG Innovations.

eG Enterprise is an Observability solution for Modern IT. Monitor digital workspaces,
web applications, SaaS services, cloud and containers from a single pane of glass.

About the Author

Babu is Head of Product Engineering at eG Innovations, having joined the company back in 2001 as one of our first software developers following undergraduate and masters degrees in Computer Science, he knows the product inside and out. Based within our Singapore R&D Management team, Babu has undertaken various roles in engineering and product management becoming a certified PMP along the way.