RDP protocol improvements in Windows 10

Intro
As you might know the RDP protocol in Windows 10 consists of different type of codecs (both proprietary and standardized video compression codecs). They belong to a broader set of technologies also known as RemoteFX. There are currently 2 type of codec configurations possible in Windows 10:

  • A combination of different codecs, one optimized for text and one for moving graphics (like video content)
  • The full screen AVC video codec

You can configure them with policies and check which configuration you are using by checking Event ID 162 in the following eventlog location:

Applications and Services Logs -> Microsoft -> Windows -> RemoteDesktopServices-RdpCoreTS -> Operational

  • Initial profile 2 means you are using the codec combination
  • Initial profile 2048 means you are using the full screen AVC codec

Both configurations gives a good out-of-the-box experience with a high level of quality. The full screen AVC codec implementation is pretty neat because they managed to leverage hardware encoders that normally only supports 4:2:0 encoding to reach a 4:4:4 quality level. While 4:2:0 compression is ideal for video content, 4:4:4 quality is needed to make text and still images sharp without blurry side affects. The full screen AVC codec implementation operates best when encoding can be done in hardware (GPU), it can however work with software based encoding (emulated GPU) but that will result in increased CPU utilization. Good to know is that the new HTML5 based web client always leverages the full screen AVC codec implementation.

(v)GPU
You might have heard that RemoteFX vGPU has been deprecated in Server 2019. Times have changed and GPU virtualization technologies have matured making the API intercept based technologies (like RemoteFX vGPU was) a legacy technology.  But no need to get sad about this, because we will get something nice in return: GPU Partitioning or GPU-P for short. It’s still under development but sounds very promising. With this technology multiple virtual machines can leverage the GPU directly (even load balance across multiple GPU’s) and by leveraging the GPU directly Microsoft can move away from the man in the middle role where they needed to maintain the API intercept driver to support new graphic standards. For now we can only leverage the GPU directly by using DDA (GPU pass through) or use GPU virtualization technologies from other vendors.

Windows Virtual Desktop (WVD)
The new GPU-P technology also opens the door for Microsoft to implement this on Azure, which would be a very welcome feature for WVD (the new RDS infrastructure  and multi-session Windows 10 edition hosted on Azure). Hopefully Microsoft will not be supporting the GPU-P technology only in Azure like they do with the new multi-session Windows 10 for WVD edition, this will really isolate this technology preventing broader use cases. I don’t think they will be doing this because they pull away RemoteFX vGPU and should provide an alternative for it.

What happened in a year time with the RDP protocol
With almost every new Windows 10 build the RDP graphics stack is updated, there is not much information you can find about such improvements, but they are certainly there.

While doing some investigation on different Windows 10 builds I noticed the protocol version is matched with the client to enable support for the latest features (both client and servers side). You can find this version numbers in the same eventlog as described in the intro. They look like this:

The client supports version 0xA0400 of the RDP graphics protocol (Build 1709)
The client supports version 0xA0600 of the RDP graphics protocol (Build 1809)

Some of the improvements in the RDP protocol are:

  • Screen regions and content are better classified (to make optimal use of the right codec and compression algorithm)
  • Webcam redirection improvements leveraging H.264
  • Down-scaling for 4K resolutions
  • GPU-P technology (announced) the AVC codec will also benefit from this

Time for a test!
I decided to do a simple test using Remote Display Analyzer to look at the improvements and changes Microsoft made to the RDP protocol in a year time. To do this I used 2 different Windows 10 builds: The 1709 and 1809 build (without updates) this will give more a less an indication of the improvements in a year time frame.
Remote Display Analyzer now also supports WVD, but I did not use it in this test because the current WVD private preview only has its RD gateways in the US and it doesn’t make much sense to let traffic flow across the globe. Will do some more testing with WVD later when it’s GA. To check the differences in the RDP protocol between the Windows 10 builds I performed the following test:

  • A direct RDP connection to both builds
  • Connection over LAN using a Windows 10 1809 client
  • Used the out-of-the-box RDP configuration on both builds
  • Both builds running on the same infrastructure
  • The test consists of playing a short video (not full screen) and scrolling some text. Exactly the same has been done on both builds
  • Please note that this was a manual test and it’s always better to automate such tests (I recommend REX analytics for this)
  • This results come without warranty of any kind and are based on my own observations using my own infrastructure. This is only to give you an indication of the differences I observed while performing this test

The results are below:

On the left you see the results of running the test on the 1709 build and on the right the results of running the exact same test on the 1809 build. I observed the following:

  • The 1809 build used less bandwidth (almost half) while I didn’t perceived a noticeable difference in frame quality. The send frames are more or less identical
  • The reported “available bandwidth detected” is different across the builds, I’m not sure what the reason for this is, the value of this counter looks a bit inconsistent so I’m not relying to much on this one
  • Overall my perceived user experience on the 1809 build was better (more fluid and snappier screen updates)

Conclusion
While you don’t hear much about it, Microsoft still makes improvements in their remote graphics stack and they should be doing this because it’s one of the most critical success factors of the upcoming WVD platform. The 1809 build performed much better on the LAN then the 1709 build, the lower bandwidth is also great news for WAN scenarios. I’m expecting more protocol improvements inline or shortly after the WVD release, I will certainly keep an eye out on this and will write a new blog post when more information is (publicly) available. Thanks for reading!

Remote Display Analyzer 1902 released

Hi all,

Happy to announce that a new version of Remote Display Analyzer (RDA) has been released. We decided to change the format of the version number to align with new versioning standards and update cycles. The latest RDA build number is 1902.0.52.1 where 1902 is the year and month, 52 is the day of the year and 1 is the build revision. The short name is RDA version 1902. You can check the RDA version number by clicking on the about (i) button.

What’s new in Remote Display Analyzer version 1902:

  • Added new information like the Windows build number and when running on Citrix or VMware the agent version number is now also displayed
  • Next to the primary screen resolution the DPI scale has been added
  • Support for the latest VMware Horizon (7.6\7.7) versions (integration with the latest Blast API)
  • Support for the latest Citrix VDA (1811) and latest HDX updates
  • Support for Windows Virtual Desktop (WVD) and the new Windows 10 Enterprise for Virtual Desktops build (currently in private preview)
  • Added new Nvidia GPU usage information like the license type being used and the video encoder usage
  • Overall improvements and bug fixes

Below you will find some screenshots of the latest RDA version in action.

Screenshot of RDA running on Windows Virtual Desktop (private preview at the moment):

Screenshot of RDA running on the latest Citrix VDA (note the added DPI and updated Nvidia information, which is supported for all display protocols):

Screenshot of RDA running on the latest VMware Horizon agent:

All subscribers should have received a download link to the latest version, you can also download the latest version on the website by filling in the form for the community edition (free) or the subscribed edition, they point to the same executable. Thanks for reading and thanks to the community for testing, validating and providing valuable feedback!

Key considerations when designing your Windows 10 Virtual Desktop solution

Key considerations when designing your Windows 10 Virtual Desktop solution

Intro
Together with TeamRGE co-member Ryan Ververs-Bijkerk we did a short presentation at E2Evc about the performance impact of different components you will find in every Windows 10 Virtual Desktop solution. Ryan used to work for LoginVSI and is really good at performing this kind of benchmarks, you can find some of them here. We shared some benchmark results together with some key designing considerations. Because time in a presentation is always limited, this blogpost dives a bit deeper into the designing considerations around the following 5 topics:

  • Windows 10 build
  • Office build
  • Application deployment
  • Remote display protocol and (v)GPU
  • Antivirus

Please note that one of the assumptions in this blog post is that you are leveraging Windows 10 Enterprise edition.

Some design considerations also applies to other Windows 10 deployment types, so this blog post might also be worth reading when you are not designing a Windows 10 Virtual Desktop solution.

Windows 10 build

Deciding which Windows 10 build you are going to pick is one of the first design choices you are going to make. Basically you have the following 2 options:

1: Windows 10 LTSC (Long Time Servicing Channel)

This separate build of Windows 10 (also known as LTSB) is released by Microsoft for special use cases. Think of locked down and general purpose PC’s you will find for example in factories or in medical peripherals. For this use cases you might not want to leverage new features, but only stay current on security updates. A new LTSB build is released every 2 to 3 years and security updates are supported for 10 years after the release.

Please consider the following when choosing this Windows 10 build for your Virtual Desktop solution:

  • There is no Edge browser
  • There are missing features like no built-in UWP applications which your users might expect
  • You need to re-install your image when a new Windows 10 LTSB build has been released to get new features or to extend support
  • You only have to optimize your image once
2: Windows 10 SAC (Semi-Annual Channel)

This is the primary Windows 10 build which receives new features twice a year. One release around March and one around September, you can recognize the release by looking at its name, the first 2 digits are the year, the second 2 digits the month. For example the 1803 is the 2018 March release and 1809 is the 2018 September release. This may sound very obvious, but I often speak people who didn’t know this. Important to take into account is the servicing period for each release: The March release will be serviced for 18 months and the September release for 30 months. As you can see on the below print screen (source: Microsoft).

Please consider the following when choosing this Windows 10 built for your Virtual Desktop solution:

  • It includes all Windows 10 features and builtin apps
  • You don’t have to re-install your image to get new features or to extend support, you can instead just update the same image
  • Recommended is to use the September release because of its longer servicing period
  • While you can defer updates by for example using Windows Update for Business, eventually you have to go with the release waves and stay current
  • You will need to check your image optimization after each release, there might be new services or scheduled tasks that could impact your performance and server density. This was clearly noticeable on the LoginVSI benchmark across the Windows 10 builds (without optimization)

Office build

Like the Windows 10 build, you also have 2 options when it comes down to the Office build you are going to deploy in your Windows 10 Virtual Desktop solution:

1: Office365 ProPlus

The version of Office that comes with the Office365 subscription and can be downloaded and installed locally, this version is installed by a click-to-run method, which basically is a container based installation similar to App-V. This Office version is also based on a Semi-Annual update Channel (SAC), but can also be configured to receive monthly updates. The latter might not be very practical in a Virtual Desktop solution.

2: Office Stand-Alone (also known as perpetual Office)

This is the on-premises variant of Office like we used pre-cloud era. You know this Office builds by the names: Office 2013, Office 2016 and now Office 2019 has also been released. This Office build is not meant to connect to cloud services, but is intended for restricted (offline) use cases or if you have no Office365 license of course.

Deciding on which Office build you should pick depends on:

  • Licensing (which license type you are using or bound to use)
  • If you use Office365 or not
  • Application compatibility and support (add-ins, macro’s, templates, etc)

Besides above please consider and note the following when deciding the Office build for your Virtual Desktop solution:

  • When you decided to go for Windows 10 LTSC (the LTSB build), also use the Office Stand-Alone (Perpetual) build. Microsoft will stop supporting (even block) Office365 ProPlus on their Long Time Servicing Channel builds (same goes for Server 2019)
  • When you decided to go for Windows 10 SAC, you can use both Office365 ProPlus or the Office Perpetual build. You will primarily make this decision based on the current license type but also don’t forget to investigate the application landscape you need to support on your Virtual Desktop solution

The LoginVSI benchmark included Office 2013, 2016 and 2019. The results showed that Office 2016 scored better than 2013 but also better than 2019. The latter had a noticeable higher impact and it needs to be deeper investigated to check what the exact reason for this higher impact was.

Application deployment

When you are at the point of choosing a way to deploy your applications you basically have 3 options:

1: Leverage traditional application installation methods

In this option you deploy applications with MSI’s, scripts, etc. Be aware that central deployment and life cycle management can be hard to manage and when you remove applications there is often still footprint (files and registry) of the application which pollutes your image over time. Central deployment tools doesn’t solve this issue and are often not designed for Virtual Desktop solutions.

2: Leverage App-V

As you might know the App-V client is built-in Windows 10 and ready to use. You only have to enable it. App-V has a lot of great features for both VDI and non-VDI scenarios. For VDI the Shared Content Store mode is a really handy feature in combination with non-persistent images. Consider using App-V Scheduler for real-time insight, control and advanced cache management for your Virtual Desktop solution. This will make your life a lot easier. By the way App-V Scheduler is not limited to VDI and also supports RDS and Fat-client\Laptop Windows 10 deployments. App-V will be supported for a very long time, you maybe don’t hear much about it because it’s now part of the operating system and Microsoft doesn’t need to sell it as additional product any more.

3: Leverage MSIX

This application format is based on the UWP framework (also previous known as AppX format). This makes it possible to deploy applications through, for example, the Windows Store. You might want to consider if this matches your deployment strategy and if it makes sense for your VDI environment. There are similarities between App-V and MSIX, like they both run the application isolated from the OS inside a container. There will be even a way to easily convert the file format. MSIX is quite new and lacks real-time deployment and management features, good to know is that App-V Scheduler already started building support for MSIX in the product to support real-time control and management features also for MSIX. You are already a step ahead if you are managing your applications with App-V.

The LoginVSI benchmark showed that App-V and MSIX have similar application start times. This was tested with a simple PDF reader. The traditional installed instance had a lower start time, but of course that’s because there is no isolation layer that isolates the application from the OS. Also note we are talking milliseconds here and this might not even impact the perceived user experience.

Remote display protocol and (v)GPU

A Windows 10 Virtual Desktop workspace is highly secure because all information stays in the cloud or datacenter and only screen updates are sent to the client. One of the key success factors of your Virtual Desktop workspace is the configuration of your remote graphics stack. The remoting protocols from all major vendors matured over time to the point they are all very suitable for all kinds of general uses cases.

Please consider the following when designing the remote graphics stack for your Windows 10 Virtual Desktop solution:

  • Consider to apply (v)GPU power to your VDI machines, besides your applications the remoting protocol can also benefit from this. But:
  • Investigate if a (v)GPU makes sense for your workload type and if it’s really worth the investment. LoginVSI benchmark results showed us that the CPU reduction when adding a (v)GPU can be minimal for general workload types like task workers and knowledge workers. This benchmark included the latest Office versions, scrolling through data and playing a video through internet explorer
  • Don’t primarily size your VDI workspace based on (v)GPU profiles, don’t forget that a decent CPU and enough Memory is just as important. A good example are applications like AutoCAD and Revit which relies a lot on CPU also when you have a (v)GPU in place
  • Take note of the recommended memory size for (v)GPU’s: Use at least 1GB profiles for Windows 10. If you are designing your environment for heavy 3D workloads also look at the recommended GPU specs for the applications you need to support
  • Use REX Analytics to capture and analyze the perceived end user experience
  • Use Remote Display Analyzer to analyze, configure and understand your remote display protocol behavior and to verify your (v)GPU implementation

Antivirus

It goes without saying that antivirus and anti malware is an important security aspect of your Windows 10 deployment. Whether you use a virtual desktop or not, it’s important to understand the impact of your antivirus solution.
Please consider the following when designing  your Windows 10 Virtual Desktop solution:

  • Apply best practices and optimizations like: file exclusions, pre-scans, scheduled scans & the definition update interval. Especially for state-less VDI this is a very important part to invest time in
  • Consider to analyze the workspace performance before and after the antivirus solution has been implemented\enabled. In this way you know if it has an impact on your application performance or not. The pilot phase might be a good moment to verify this
  • Consider leveraging Windows Defender, it’s already build in Windows 10 and it scores really well in numerous independent virus and malware detection tests (score of 99,5%). The LoginVSI benchmark showed an performance impact when not doing any optimization at all in Defender, so please pay attention for the optimizations part (see bullet 1)
The end

Thanks for reading, hopefully this design considerations are helpful for you!

Remote Display Analyzer 3.0 released

Hi all,

We are happy to let you know that Remote Display Analyzer (RDA) 3.0 has been released!  As you might know we extended the RDA team to invest more time in building new features in RDA and to continuously add support for new remote display protocol versions and settings.

What’s new in Remote Display Analyzer 3.0:

  • Logging feature, this is a much requested feature and makes it possible to (automatically) log to an external logfile which you can use to visualize the output with for example Graphs and Power BI
  • Support for the latest Remote Display protocol configurations from all supported vendors (Microsoft, Citrix, VMware)
  • New subscriber edition (besides the free community version) to offer support and advanced features

To download RDA 3.0 and for more information visit the RDA website.

Remote Display Analyzer project update

Hi all,

With this blog post I want to update you about some changes in the RDA project.
A couple of years ago Remote Display Analyzer (RDA) was born from the idea to make the remote display protocol easy to understand and to help troubleshoot and identify remote display configuration issues. Or just to confirm that everything is configured and working properly. It’s been really amazing how much great feedback RDA received from the community and how it became a standard tool in the toolbox of virtualization engineers & consultants.

I didn’t calculate the time spend on developing RDA, but I can say a lot of time went into this project. It started small with only support for Citrix, and now it supports all 3 major display protocols (Microsoft, Citrix & VMware) and also new functionality has been added like support for NVidia to analyze the entire chain in regard to the remote display configuration.

As you might know RDA has a free community edition and extra functionality can be unlocked by becoming a member of the sponsor program. The sponsor program really helps to balance the amount of time spent into this project, so a big thanks to all the sponsors of the RDA project and also for the great feedback from the community that provides new energy to work on this project, it’s because of you that RDA is where it is today.

To solve some challenges in the current state of the RDA project a couple of things are changing, please read the below announcement on the RDA site for more information:

https://www.rdanalyzer.com/remote-display-analyzer-announcements/

Thanks for reading!

App-V Scheduler 2.6 Released

Very excited to announce the latest release of App-V Scheduler, version 2.6!

This release contains a lot of new features and improvements based on customer feedback. App-V Scheduler, started in 2014, has a large install base at customers ranging from small to large Enterprises. App-V Scheduler is a proven application life cycle management solution for Government, Finance and Healthcare organisations. Since the App-V client is embedded in the operating system we have seen a fast growth in the adoption of the App-V Scheduler solution. We also see a very high success rate in the deployment of applications with App-V 5, this is also due to the simplified architecture of the App-V client, basically the client consists of a couple of filter drivers that redirects reads and writes making the application run isolated and portable. It’s easy to adopt and learn how this technology works and because it’s already part of the operating system it’s very easy to enable and use!

App-V Scheduler 2.6 new features:

  • The Central View Console has been redesigned from the ground up and build on the latest industry standards
  • Central View now includes advanced filtering, performance improvements and new features
  • The agent is thinner and faster
  • The agent doesn’t need a service account anymore and can be configured to use impersonation
  • Machine groups based on Active Directory OU’s are now supported and it’s possible to provide friendly names for machine groups
  • Multiple content shares can now be configured for a single machine group
  • New feature to disable logons on machine startup until the cache is up to date
  • New package and connection group drain mechanism
  • You can now edit an existing connection group and easily redeploy it
  • Simplified installation and configuration
  • Control all App-V client settings directly from the agent (single point of configuration)
  • Overall improvement and bug fixes

Below you can find a print screen of the new Central View console:

And below a print screen of the new Central View console in action in a production environment:

You can also configure a different theme depending on your preference:

New machine group options:

Furthermore the Agent is even thinner and faster then before, also the installation and configuration has been simplified:

Please click here for more print screens and here for the full App-V Scheduler 2.6 release blog about all the new features!

MSIX: The platform for all Windows applications

MSIX: The platform for all Windows applications

Intro
As you might know Windows 10 includes an application platform called the Universal Windows Platform (UWP), UWP applications run inside a container and as the term universal implies the goal is to make them run on every Windows platform\device available and to distribute them by using the Windows Store. UWP also comes with a set of API’s to integrate with functionality like live tiles. The file format used by UWP is APPX and software vendors can adopt this format directly or convert their applications to the APPX format by making use of the Desktop Bridge conversion tool.

Sounds clear right? For consumer applications it does but the reality is that there are a huge amount of traditional applications out there and they all have their own unique configuration and requirements. With configuration I mean integrations with the OS, integrations with Office, their own update mechanisms, etc. They often release their software by using MSI files to modify this properties. While software vendors often develop against the latest frameworks they don’t necessarily have UWP and Windows Store integration high on their list.

For a lot of vendors this will not change any time soon and luckily Microsoft is aware of that. That’s why they came up with a new application format called MSIX.

MSIX
MSIX is the successor of the APPX format and the MSI format, MSIX will close the gap between traditional applications and UWP applications by making them both part of the same platform. Clever idea, because when software vendors are leveraging the latest frameworks but don’t use the UWP integrations that doesn’t make them legacy or obsolete. Far from that, they are often the most sophisticated applications with years of development inside. So at the end they are all Windows applications and now fall under one umbrella called the MSIX platform.

Traditional applications are often installed by using MSI files provided by the software vendor, this file format contains the application files and installation properties. This properties can be modified depending on specific needs. While MSIX is different, it has some of the same characteristics as MSI like a method to do customizations.

MSIX facts

    • MSIX is the successor of APPX and inherits all of its features
    • MSIX is the successor of MSI and it inherits features like custom customizations
    • Customizations are separated in a different layer. This makes updates easier.
    • It builds further on the container functionality inside the UWP platform, providing more security options to be compatible with more applications
    • MSIX applications can be deployed from anywhere (when they are signed) not just the Windows Store
    • MSIX will support all Windows applications
    • MSIX is open source (GitHub link)

App-V
When you are using App-V 5 to deploy and manage traditional applications you are already ahead of the game, there are even similarities in the way the applications are running in their own sandbox. A smooth transition from the APPV format to MSIX will be very easy.

We are also looking to integrate the MSIX format in a future release of App-V Scheduler to accommodate a real-time delivery and management solution for both App-V and MSIX for both RDS and physical deployments.