Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Securing Cloud PCs and Azure Virtual Desktop

You're reading from   Securing Cloud PCs and Azure Virtual Desktop Start implementing and optimizing security for Windows 365 and AVD infrastructure

Arrow left icon
Product type Paperback
Published in Jun 2024
Publisher Packt
ISBN-13 9781835460252
Length 396 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
Dominiek Verham Dominiek Verham
Author Profile Icon Dominiek Verham
Dominiek Verham
Johan Vanneuville Johan Vanneuville
Author Profile Icon Johan Vanneuville
Johan Vanneuville
Arrow right icon
View More author details
Toc

Table of Contents (21) Chapters Close

Preface 1. Part 1: An Introduction to Microsoft Virtual Desktops FREE CHAPTER
2. Chapter 1: Introducing Windows 365 and Azure Virtual Desktop 3. Part 2: Why Is Endpoint Security Important?
4. Chapter 2: Importance of Securing Your Desktops 5. Chapter 3: Modern Security Risks 6. Part 3: Security Controls for W365 and AVD
7. Chapter 4: Securing User Sessions 8. Chapter 5: Preventing Data Leakage from Desktops 9. Chapter 6: Update Management Strategies 10. Chapter 7: Threat Detection and Prevention 11. Chapter 8: Configuring Access Control 12. Part 4: Additional Security Controls per Solution
13. Chapter 9: Securing Windows 365 14. Chapter 10: Securing Azure Virtual Desktop 15. Chapter 11: Securing Azure Infrastructure 16. Part 5: Use Cases
17. Chapter 12: Windows 365 Use Cases 18. Chapter 13: Azure Virtual Desktop Use Cases 19. Index 20. Other Books You May Enjoy

Configure storage security

When working with AVD, and especially with pooled host pools, the IT admin needs to configure the storage account for FSLogix and make it secure so that only the session host can access it. This is done with the help of the following:

  • RBAC roles on the storage account
  • Applying the correct NTFS permissions on the file share
  • Configuring private access using a private endpoint
  • Configuring NSGs

Let’s explore them one by one.

RBAC roles on the storage account

The first thing that needs to be configured on the storage account is the Azure permissions for the IT admins and the end users. This is done by assigning specific built-in roles on the storage account and file share. Of course, to assign these permissions, the IT admin has to create a storage account and file share first.

Be aware that in order to configure these permissions, an identity source such as Active Directory Domain Services (ADDS), Entra Domain Services...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime