Manage virtual access with best practices for AWS WorkSpaces
Amazon Web Services (AWS) WorkSpaces offers scalable, secured, cloud-based managed services for virtual desktop infrastructure (VDI) or end-user access to systems through desktop virtualization. AWS best practices include creating an implementation strategy and project plan to meet a business’s unique needs. WorkSpaces provides a fully managed portable desktop environment for use with nearly any device type.
WorkSpaces provides organizations with a variety of unique setup options to fit any business model. Where do you start? How do you design a WorkSpaces environment for seamless, scalable virtual access? Where do you go to find support for troubleshooting setup and deployment issues? Read on to find out.
This guide provides information to help you successfully implement WorkSpaces using best practices for account setup, deployment, and finding troubleshooting help.
Why create a project plan for a WorkSpaces implementation?
Any project requires planning. Would you build a house without a plan? It’d be a disaster. All software projects need an implementation plan that functions like a blueprint for building a house. Call it a project, implementation, or strategy – as long as it provides the details of the plan.
The importance of developing a WorkSpaces implementation plan revolves around understanding the project requirements, including specifying how user accounts are set up and what configuration, security access, and functions they use. Additionally, the plan needs to include a deployment plan and a way to track data and analyze results to make changes as needed to create a productive, cost-effective desktop virtualization environment.
Consider adding a list of risks that a new virtual environment presents as well as a plan for managing each risk. Include employee training considerations as well as a flexible timeline for deployment. For example, perhaps the initial launch is restricted to a specific group of employees. The selected group can use the WorkSpaces environment for a set period and provide feedback on changes needed or suggest improvements.
Other factors to consider when developing a project plan include the resources that will do the implementation and whether these resources will have assistance or will attempt to configure the system independently. The plan must define where the configuration starts or provide a baseline configuration for each end user account as well as identify how or when the project is to be deployed and active. Consider including a failover approach in case the implementation does not work as expected so all know where or whom to go to for assistance.
What are the best practices for designing WorkSpaces accounts?
AWS best practices for WorkSpaces account setup require specifying details for each end user as well as user groups or roles. For example, system and application access for a system administrator or security director differs from that of a software developer or executive assistant role.
Account setup requires understanding the end user device types used and the IP addresses for each. Additionally, understanding each user’s role affects what security or application access they receive. Where organizations have large groups of the same user roles and access needs, consider assigning account access by role to reduce the amount of end user setup required.
During account setup, the administrator or deployment resource must know the list of applications needed for each end user, role, or group to assign the appropriate bundle type.
Other considerations affecting user account setup include the following:
- User bundle selection per user or group
- Software applications included per user
- Security configuration per user or user role
- Data storage limits at rest and in transfer
- Data storage encryption at rest and in transfer
The entire user account setup design revolves around the decisions made on what services are deployed.
What are the best practices for deploying WorkSpaces successfully?
A successful WorkSpaces deployment requires the following three components to start:
- Connection details for a supported client device type
- A directory service specification for authenticating users (role and user security)
- Two subnets of Amazon Virtual Private Cloud (VPC)
Additionally, understanding the network needs is required. Network considerations include the following:
- Number of WorkSpaces
- Expected change in WorkSpaces required and an estimate of when
- End user account types and roles needed
- Storage location of the enterprise user accounts
- Sizing of VPC and subnets
-
- Subnets cannot be changed, so plan accurately for future growth, if applicable
- Determine the server types used, and list the IP addresses for end user devices
- Directory service
- Traffic flow
- Between the client device and the WorkSpaces service
- Between the WorkSpaces service and all network traffic
- Disaster recovery plan
Use the project plan created to guide the implementation choices and provide project documentation for future use. Documenting project details provides crucial decision and reasoning information for successfully setting up the WorkSpaces system.
Where can you find troubleshooting tips for WorkSpaces?
WorkSpaces provides a quality service for desktop virtualization. However, the setup requires a deep understanding of the project plan, end users, network, and security requirements. Troubleshooting information may help. Additional information on managing a WorkSpaces implementation may also provide needed assistance. The value of WorkSpaces is immense, but the setup and deployment require details and a complex understanding of system requirements as well as AWS best practices.
Why is virtualization is the future of business
Need help deploying WorkSpaces? CloudHesive provides the expertise needed for support, assistance, and implementation using AWS best practices for successful WorkSpaces deployments and management.
CloudHesive provides support and deep expertise in using the Amazon Web Services cloud for the best business advantage. As an Amazon Managed Services Partner and Amazon Premier Partner, CloudHesive helps businesses take full advantage of all the features AWS offers, including WorkSpaces virtualization services or desktop as a service (DaaS). See what other customers have to say in case studies available from CloudHesive.
