Preparation

Prepare an Azure Component

Pre-Requisite

• An Azure account with an active subscription. Create one for free.

Sign in to Azure

• Sign in to the Azure portal.

  

Create a Resource Group.

• Go to Azure Portal >> Resource Groups >> Click on New.

  

• Enter Basic Project Details, Select your Subscription, Create New Resource Group and Select Region of Deployment and select Next : Tags.

  Basic
  Subscription	Select your Subscription.
  Resource Group	Select Create new. Enter Accops-Resource-Group Select OK.
  Region	Select (Asia Pacific) Southeast Asia.

  

• Add Project Tags and click on Next : Review + Create.

  Name	Value
  Project	Accops VDI Project
  Resource	Resource Group
  Name	Accops-Resouce-Group
  Location	Southeast Asia
  Purpose	Demo Environment

  

• Click on Create after successfull validation.

  

• Review created Resource Group.

  

  More info About Resource Group.

Create a Virtual Network.

• Go to Azure Portal >> Virtual Network >> Click on New.

  

• Enter Basic Project Details, Select your Subscription, Select Resource Group Create New Virtual Network as Accops-Virtual-Network and Select Region of Deployment and Select the IP Addresses tab, or select the Next: IP Addresses button at the bottom of the page.

  Basic
  Subscription	Select your Subscription.
  Resource Group	Select Create new. Enter Accops-Resource-Group Select OK.
  Name	Accops-Virtual-Network
  Region	Select (Asia Pacific) Southeast Asia.

  

• In IPv4 address space, select the existing address space and change it to 10.100.101.0/24. Select + Add subnet, then enter HySecure-Access-Subnet for Subnet Name and 10.100.101.0/27 for Subnet address range. then Select Add. Select the Security tab, or select the Next: Security button at the bottom of the page.

  IP Addresses
  IPv4 Address Space	10.100.101.0/24
  + Add Subnet
  HySecure-Access-Subnet	10.100.101.0/27

  

• Keep Default seeting in Security and select the Tags tab, or select the Next : Tags button at the bottom of the page.

  Security
  Baston Host	Keep Default
  DDoS Protection Standard	Keep Default
  Firewall	Keep Default

  

• Add Project Tags and click on Next : Review + Create.

  Name	Value
  Project	Accops VDI Project
  Resource	Virtual Network
  Name	Accops-Virtual-Network
  Location	Southeast Asia
  Purpose	Demo Environment

  

• Once the validation is passed then click on Create.

  

• Review Created Virtual Network Accops-Virtual-Network.

  

• Overview of newely created Accops Virtual Network Address Space.

  

Add Virtual Subnet

HySecure-Virtual-Subnet

• Go to Home > Virtual Networks > Accops-Virtual-Network, Select Subnets from Settings Options.

  + Add Subnet	Subnet Address Space
  HySecure-Access-Subnet	10.100.101.0/27

HyWorks Virtual Subnet

• Go to Home > Virtual Networks > Accops-Virtual-Network, Select Subnets from Settings Options.

  Click on Add + Subnet , Add Name, Subnet Address Range and click on Save

  + Add Subnet	Subnet Address Space
  HySecure-Virtual-Subnet	10.100.101.64/27

• Review HyWorks Virtual Subnet.

VDI-Virtual-Subnet

• Go to Home > Virtual Networks > Accops-Virtual-Network, Select Subnets from Settings Options.

  Click on Add + Subnet , Add Name, Subnet Address Range and click on Save

  + Add Subnet	Subnet Address Space
  Accops-VDI-Subnet	10.100.101.96/27

• Review VDI Virtual Subnet.

HybridAD-Virtual-Subnet

• Go to Home > Virtual Networks > Accops-Virtual-Network, Select Subnets from Settings Options.

  Click on Add + Subnet , Add Name, Subnet Address Range and click on Save

  + Add Subnet	Subnet Address Space
  Hybrid-AD-Subnet	10.100.101.128/27

• Review HyBrid AD Subnet

More Info About Azure Virtual Network.

Create Network Security group

For this Project, We need to create Network Securit Group.

• Hysecure-Access-Network-Security-Group
• HyWorks-Network-Security-Group
• VDI-Network-Security-Group
• Hybrid-AD-Network-Security-Group

Hysecure-Access-Network-Security-Group

• To Create HySecure Network Security Group, Click on Network Secuirty Group Icon from left pane >> click on New >> Add Basics Details >> Add Tags >> Review + Create.

  

• Add Basics Details then click on Next tab Tags.

  Basic
  Subscription	Select your Subscription.
  Resource Group	Select Create new. Enter Accops-Resource-Group Select OK.
  Network Security Group Name	HySecure-Access-Network-Security
  Region	Select (Asia Pacific) Southeast Asia.

  

• Add Project Tags and click on Next tab Review + Create.

  Name	Value
  Project	Accops VDI Project
  Resource	Network Security Group
  Name	HySecure-Access-Network-Security
  Location	Southeast Asia
  Purpose	Demo Environment

  

• Once validation is passed click on Create.

  

• Review newly created HySecure-Access-Network-Security NSG.

  

• Add Inbound Ports to HySecure-Access-Network-Security NSG.

  Priority	Name	Port	Protocol	Source	Destinataion	Action
  100	HTTPS	443	TCP	Any	Any	Allow
  110	SSH	22	TCP	Any	Any	Allow

  

HyWorks-Network-Security-Group

• To Create HyWorks Network Security Group, Click on Network Secuirty Group Icon from left pane >> click on New >> Add Basics Details >> Add Tags >> Review + Create.

  

• Add Basics Details then click on Next tab Tags.

  Basic
  Subscription	Select your Subscription.
  Resource Group	Select Create new. Enter Accops-Resource-Group Select OK.
  Network Security Group Name	HyWorks-Access-Network-Security
  Region	Select (Asia Pacific) Southeast Asia.

  

• Add Project Tags and click on Next tab Review + Create.

  Name	Value
  Project	Accops VDI Project
  Resource	Network Security Group
  Name	HyWorks-Access-Network-Security
  Location	Southeast Asia
  Purpose	Demo Environment

  

• Once validation is passed click on Create.

  

• Review newly created HyWorks-Access-Network-Security NSG.

  

• Add Inbound Ports to HyWorks-Access-Network-Security NSG.

  Priority	Name	Port	Protocol	Source	Destinataion	Action
  100	Hyworks_Controller	38866	Any	Any	Any	Allow
  110	RDP	3389	TCP	Any	Any	Allow

  

VDI-Network-Security-Group

• To Create VDI Network Security Group, Click on Network Secuirty Group Icon from left pane >> click on New >> Add Basics Details >> Add Tags >> Review + Create.

  

• Add Basics Details then click on Next tab Tags.

  Basic
  Subscription	Select your Subscription.
  Resource Group	Select Create new. Enter Accops-Resource-Group Select OK.
  Network Security Group Name	VDI-Network-Security-Group
  Region	Select (Asia Pacific) Southeast Asia.

  

• Add Project Tags and click on Next tab Review + Create.

  Name	Value
  Project	Accops VDI Project
  Resource	Network Security Group
  Name	VDI-Network-Security-Group
  Location	Southeast Asia
  Purpose	Demo Environment

  

• Once validation is passed click on Create.

  

• Review newly created VDI-Network-Security NSG.

  

• Add Inbound Ports to VDI-Network-Security NSG.

  Priority	Name	Port	Protocol	Source	Destinataion	Action
  100	RDP-ANY-PROTOCOL	3389	Any	Any	Any	Allow
  110	Accops-VDI-Communication-Port	38861-38871	Any	Any	Any	Allow

  

HyBrid-AD-Network-Security-Group

• To Create Hybrid AD Network Security Group, Click on Network Secuirty Group Icon from left pane >> click on New >> Add Basics Details >> Add Tags >> Review + Create.

  

• Add Basics Details then click on Next tab Tags.

  Basic
  Subscription	Select your Subscription.
  Resource Group	Select Create new. Enter Accops-Resource-Group Select OK.
  Network Security Group Name	Hybrid-AD-Network-Security
  Region	Select (Asia Pacific) Southeast Asia.

  

• Add Project Tags and click on Next tab Review + Create.

  Name	Value
  Project	Accops VDI Project
  Resource	Network Security Group
  Name	Hybrid-AD-Network-Security
  Location	Southeast Asia
  Purpose	Demo Environment

  

• Once validation is passed click on Create.

  

• Review newly created Hybrid-AD-Network-Security NSG.

  

• Add Inbound Ports to Hybrid-AD-Network-Security NSG.

  Priority	Name	Port	Protocol	Source	Destinataion	Action
  100	W32Time	123	UDP	Any	Any	Allow
  110	RPCEndpointMapper	135	TCP	Any	Any	Allow
  120	KerberosPasswordChange	464	Any	Any	Any	Allow
  130	RPC-for-LSA-SAM-NetLogon	49152-65535	TCP	Any	Any	Allow
  140	LDAP	389	Any	Any	Any	Allow
  150	LDAP-SSL	636	TCP	Any	Any	Allow
  160	LDAP-GC	3268	TCP	Any	Any	Allow
  170	LDAP-GC-SSL	3269	TCP	Any	Any	Allow
  180	DNS	53	Any	Any	Any	Allow
  190	Kerberos	88	Any	Any	Any	Allow
  200	SMB	445	TCP	Any	Any	Allow

  

More Info About Network Security group

Create Storage Account

• To Create Storage Account, Go to Azure Dashboard, Select Storage from left pane then Click on New >> Add Basics Details >> Add Networking >> Define Data Protection >> Add Advanced Details >> Add Tags >> then click on Review + Create.

• Add Basic Details, Select Subscription, Resource Group, Add Storage Account Name, Select Location, Choose Performance Type, Account Kind and Replication Type then Select Next: Networking.

  Basic
  Subscription	Select your Subscription.
  Resource Group	Select Create new. Enter Accops-Resource-Group Select OK.
  Storgae Account Name	Add a Storage Account Name azvdifiles
  Location	Select (Asia Pacific) Southeast Asia.
  Performance	Choose from Standard or Premium
  Account Kind	StorageV2(general purpose v2)
  Replication	Chooose from drop down Read-access geo-redundant storage (RA-GRS)

• Add Networking Details, Connection Method and Routing Preference then Select Next : Data protection .

• Keep Default Settings in Data Protection then Select Next : Advanced Tab.

• Keep Default Settings in Advanced Tab then Select Next : Tags Tab.

• Add Tags and then Select Next : Review + Create Tab.

• Once Validation is passed then click on Create.

• Review Newely created Storage Account.

• Details of Storage Account.

Read More About Storage Account

Prepare an Infra Resources

Authentication Server

You can set up authentication using an Accops internal user database or use an existing authentication server for Example: Active Directory, LDAP Server, Radius Server or SAML Based Authentication.

In This Demo Environemnt we will be using AD DS Server for Authetication based on Windwos Server 2019. This Server is deployed in same Azure Region with Diffrenet Virtual Subnet.

Please Refer Installing AD DS by using Server Manager for More Details.

User Profile Management

In This Demo Environment we will be using Azure Files with Fslogix for Profile Management.

How to Integrate Azure File authentication with On-premise AD Server

How to Setup Fslogix

Centralize File Server

Centralize File Server is required to collaborates between the Teams. For Example: Accessing Common Drive, Centralize Software Repostitory, Personal Drive With Quota Management, File Screen, Audits & Report Management on a Network Volumes or Network Folders.

Prepare Accops Resources

• To deploy Accops Digital Workspace Suite below are the required components.

HySecure Gateway

In This Demo Environment we will be deploying 1-Node HySecure Gateway.

• Minimum Requirement
• HySecure Gateway Deploy it from Azure MarketPlace
• HySecure Gateway Configuration

HyWorks Controller

In This Demo Environment we will be deploying 1-Node HyWorks Controller.

• Minimum Requirement
• Supported Operating Systems
• Hyworks Controller Deploy it from Azure MarketPlace
• Software Requirements
• Database Requirement
• Download Link
• HyWorks Controller Installation
• HyWorks Controller Configuration
• Cluster Installation
• Session Host Delivery Configuration

HyWorks Session Host

In This Demo Environment we will be deploying below Session Host.

WIndows 10 Multisession Host

Windows 10 Dedicated Host

Windows Server 2019 Multi-Session Host.

• Minimum Requirement
• Supported Operating Systems
• Deploy Hyworks Session Host in Microsoft Azure Cloud
• Software Requirements
• Download Link
• HyWorks Session Host Installation

DVM Tools

• Accops DVM Tools for Dedicated Desktop

Accops HyID

• This module is part of HySecure Gateway.

Whats' Next

• Stanadalone Deployment

• HA Deployment

Help/Support

Please send a mail to support@accops.com for further Help/Support.