The Situation
An Australian-based engineering firm with a remote workforce operating across multiple regions faced mounting challenges in providing secure, high-performance access to resource-intensive engineering tools and company data.
Their engineering staff needed to work efficiently from anywhere, without compromising the security of sensitive intellectual property or violating local data residency requirements.
1. Support high-performance computing for 40+ remote workers, cost-effectively
Enable engineers and designers to run resource-intensive applications like AutoCAD and Autodesk Inventor remotely, without the need to issue and manage expensive high-spec physical devices for each employee.
2. Provide secure and reliable access to the central vault server
Ensure that all remote users can access the company’s central data repository hosted in Australia, while maintaining compliance with data residency requirements and avoiding performance bottlenecks.
3. Minimize data leak risks and protect intellectual property
Implement strong access controls, encryption, and network isolation to safeguard sensitive engineering designs and files, reducing the chances of data breaches or unauthorized access from external threats.
How did NSN Infotech help?
NSN Infotech designed and deployed an Azure Virtual Desktop (AVD) solution, configured with a private endpoint within Microsoft Azure. This allowed remote users to work seamlessly in a virtual environment optimised for graphics-heavy applications, while maintaining strict control over where data was stored and how it was accessed.
Azure Virtual Desktop (AVD) with Secure Connection
- AVD provided virtualized desktops capable of handling resource-intensive applications like 3D AutoCAD and Autodesk Inventor.
- A site-to-site VPN was required to access the AVD environment, ensuring a secure link between end-user devices and the company network.
- Microsoft Intune policies and Azure Active Directory Conditional Access were used to:
- Enforce multi-factor authentication (MFA)
- Restrict access to authorized and managed devices only
- The combination of technologies helped prevent unauthorized access and reduce security risks associated with remote work.
Cost-Effective Resource Allocation through Host Pool Management
- NSN Infotech configured a host pool of four virtual machines to balance performance and cost.
- Load balancing ensured smooth performance by distributing computing resources equally among remote users.
- To optimize operating costs: Three of the four virtual machines were scheduled to power down automatically during off-peak hours and weekends.
- One VM remained active to accommodate emergency or unplanned work outside business hours.
- This setup took advantage of Azure’s pay-per-use model, allowing the client to scale resources efficiently without sacrificing performance.
Private Endpoints for Enhanced Security
- The AVD environment and the company’s central vault server were hosted in Microsoft’s Sydney Data Centre, ensuring all data remained within Australia.
- NSN Infotech configured private endpoints instead of using public internet-facing ones.
- This configuration allowed only users connected to the company’s secure network to access the virtual desktops.
- The use of private endpoints significantly reduced the risk of data breaches and unauthorized access, supporting the client’s strict compliance and data protection requirements.
About Azure Virtual Desktop solution
Azure Virtual Desktop (AVD) is a comprehensive desktop and application virtualization service running in the cloud. AVD enables users to run virtual desktops and applications hosted on Azure infrastructure, providing a flexible, secure, and scalable solution for remote work.
Key features of AVD include:
- Scalable Virtual Desktops: AVD allows organizations to provision and scale virtual desktops on demand, depending on their workforce requirements.
- Secure Access Control: Integrating with Azure Active Directory and Conditional Access, AVD ensures that only authorized users and compliant devices have access.
- Integration with Microsoft 365: AVD seamlessly integrates with Microsoft 365 apps, enhancing productivity for remote users.
- Cost Efficiency: AVD offers pay-as-you-go pricing, allowing organizations to only pay for the resources they use, with capabilities for auto-scaling virtual machines during peak and off-peak times.
- Centralized Management: Administrators can centrally manage the AVD environment using Azure’s management tools, simplifying IT administration and reducing overhead.
