Desktop as a Service in AWS

DaaS in AWS – A perfect harmony of rapid deployment and IT Management

The IT department of most organizations is responsible for deploying desktops to end-users and can be considered a routine task that can be optimized from a cost and time standpoint.

With AWS Workspaces, deploying desktops via the GUI (up to 20 at a time) or via the CLI (up to 25 at a time) can be accomplished very quickly for any sized organization. You can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe.

You can pay either monthly or hourly, just for the WorkSpaces you launch, which helps you save money when compared to traditional desktops and on-premises VDI solutions.

Amazon WorkSpaces helps you eliminate the complexity in managing hardware inventory, OS versions and patches, and Virtual Desktop Infrastructure (VDI), which helps simplify your desktop delivery strategy. With Amazon WorkSpaces, your users get a fast, responsive desktop of their choice that they can access anywhere, anytime, from any supported device.

With the end of Windows 7 support in 10 months, there has never been a better time for organizations to migrate their managed IT desktops to Windows 10.

From a high-level, here are the easy steps on how to get started within WorkSpaces which can be accomplished within 1 hour.

1.  Create AWS account and setup with best practices

2.  Create VPC, subnets and any additional networking. For this step, using a CloudFormation template can save time and reduce the potential for provisioning error(s).

3.  When setting up the VPC, configure it with one public subnet and two private subnets using a NAT Gateway as illustrated.

4.  Amazon WorkSpaces uses a directory, either AWS Directory Service or AWS Managed Microsoft AD, to authenticate users. Users access their WorkSpaces by using a client application from a supported device or, for Windows WorkSpaces, a web browser, and they log in by using their directory credentials. The login information is sent to an authentication gateway, which forwards the traffic to the directory for the WorkSpace. After the user is authenticated, streaming traffic is initiated through the streaming gateway.

Note: You can also configure Microsoft AD using a standard EC2 instance and manage it yourself but strongly consider using an AWS service to reduce costs and overall management

5.  Client applications use HTTPS over port 443 for all authentication and session-related information. Client applications uses port 4172 for pixel streaming to the WorkSpace and for network health checks. Each WorkSpace has two elastic network interfaces (ENI) associated with it: an ENI for management and streaming (eth0) and a primary ENI (eth1). The primary ENI has an IP address provided by your VPC, from the same subnets used by the directory. This ensures that traffic from your WorkSpace can easily reach the directory. Access to resources in the VPC is controlled by the security groups assigned to the primary ENI.

6.  This architectural diagram taken from AWS illustrates all components within WorkSpaces

7.  To create a Workspace from the CLI, perform the following:

8.  This example creates a WorkSpace for user jimsmith in the specified directory, from the specified bundle.  aws workspaces create-workspaces –cli-input-json file://create-workspaces.json

9.  This is the contents of the create-workspaces.json file:



“Workspaces” : [


“DirectoryId” : “d-906732325d”,

“UserName” : “jimsmith”,

“BundleId” : “wsb-b0s22j3d7”






“PendingRequests” : [


“UserName” : “jimsmith”,

“DirectoryId” : “d-906732325d”,

“State” : “PENDING”,

“WorkspaceId” : “ws-0d4y2sbl5”,

“BundleId” : “wsb-b0s22j3d7”



“FailedRequests” : []


Reference link –

Have a question?

Innovative Solutions is an Advanced Consulting Partner with expertise in Microsoft Workloads. Innovative is a service delivery partner for Windows on EC2 and part of the Service Delivery Program.

Learn more about our CLOUD services

Contact us to START THE conversation

Migrating to AWS

May Be Easier Than You Think

Many companies are migrating their workloads to AWS as-is to take advantage of the capabilities of the cloud. Moving your existing workload allows you retire aging hardware that is prone to failures.

Microsoft Windows is typically supported for ~10 years meaning the hardware is due for a refresh before having to go through the process of reinstalling and migration the applications.

AWS has a variety of tools and automation to move an on-premise workload to AWS. One of the most common tools is AWS Server Migration Service. There are no additional fees to use AWS SMS. You pay the standard fees for the S3 buckets, EBS volumes, and data transfer used during the migration process, and for the EC2 instances that you run.

From a high-level, here are the steps.

1.  Create AWS account and setup with best practices

2.  Create VPC, subnets and any additional networking. For this step, using a CloudFormation Template saves a lot of time.

3.  Review SMS requirements and create the necessary permissions. For this step, again a CloudFormation Template will save more time.

4.  Setup the SMS appliance on VMware or Hyper-V

5.  Create a replication job and monitor the progress. For Windows instances, you can choose to bring your own licenses or use pay-as-you go through AWS.

6.  One the job is finished; you can create new instances with the AMIs generated with SMS. This is typically done twice, once to test and a second time after a final sync is complete during the cutover window.

AWS SMS allows you to migrate your existing on-premise workloads to AWS with little to no down time. CloudFormation allows you to automate some of the steps to eliminate mistakes and quickly deploy the basic resources.

Have A Question?

Innovative Solutions is an Advanced Consulting Partner with expertise in Microsoft Workloads. Innovative is a service delivery partner for Windows on EC2 and part of the Service Delivery Program.

Learn more about our CLOUD services

Contact us to START THE conversation

SQL 2008 End of life

Choosing the best path when migrating unsupported Microsoft SQL 2008 to AWS

On July 9, 2019, support for SQL Server 2008 and 2008 R2 will end. After this date, Microsoft will no longer support these products via product enhancements (service packs/CUs) and security updates.

There are two main ways to run SQL on AWS:

Amazon RDS for SQL Server
A fully managed service that offers several versions of SQL while offloading the database administration tasks like managing backups, detecting failures and recovering and much more.
Amazon EC2 running Windows Server and SQL Server
The EC2 option offers you flexibility to run a database and control the underlying operating system. You can run for as much, or as little time as you need with complete control over the Windows settings.

SQL Server Versions

SQL Server comes in a variety of different versions, so it is important to compare the features to make sure you are running the right one. Picking too large of a feature set could end up costing your business unnecessary licensing costs. View a high-level comparison of the different versions

Instance Types

AWS offers a variety of different instance types for both EC2 and RDS. Picking the right instance type can also save you money. More importantly, matching the instance type and size with the workload will better improve performance. Learn more about: EC2 instance types and RDS instance types

Innovative Solutions is an Advanced AWS Consulting Partner and Solution Provider helping SMBs migrate to AWS. Our team of certified cloud architects have the expertise in both Microsoft and AWS to build scalable, reliable, and cost-effective services designed specifically for each business’ need.

Have a question or want to learn more?

Learn more about the end-of-life for SQL 2008 + Microsoft Server 2008 – Click Here

Learn more about our AWS services – Click Here

Contact us today to get the conversation started – Click Here

3 Reasons Why Backing Up Office 365 is Critical

Office 365 provides application availability and uptime to ensure your users never skip a beat, but an Office 365 backup (not included in your Office 365 subscription) can protect you against many other common use cases.  It’s imperative that you know your IT team is in control and never loses access to your business-critical data.  Here are three major reasons to think about:


Accidentally deleted DATA is NOT backed up and lost forever

The native recycle bins and version histories included in Office 365 can only protect you from data loss in a limited way, which can turn a simple recovery into a big problem after Office 365 has geo-redundantly deleted the data.  Once this happens, it is unrecoverable, unless there is a backup solution in place.


Security breaches from inside your organization are very common

Organizations fall victim to threats posed by their very own employees, both intentionally and unintentionally.  A certain level of education is needed to combat these issues, but human error and malice will always pose a threat without proper safeguards like a backup in place.


Cyber attacks can happen to ANY business, regardless of size

Did you know almost 50% of small businesses have experienced a cyber attack?  Malware and viruses, like ransomware, are capable of doing serious damage to your organization. External threats can sneak in through emails and attachments and with regular backups these attacks will prevent the situation from getting out of hand.

Our Trusted Backup Partners.  As a vendor neutral organization, we partner with many different companies.  Here are a few of the industry leaders in backup solutions that we work with:

Now Is The Time To Take That Next Step!  You already made a smart business decision by deploying Microsoft Office 365, now consider a cloud based backup solution with no onsite IT component to protect your compliance requirements and avoid data loss.

Call us at 585-292-5070 and speak directly to one of our Office 365 technology advisors, use our live chat in the bottom right corner or contact us by email.

We would love to walk you through the process and share some of our successful implementations.

Download our Office 365 Backup PDF    Contact us for more information

Office vs. Office 365

Evaluating Office 365 against the traditional Microsoft Office Suite your organization is currently using?  Check out our head-to-head comparison on some key differences!

Virtual Desktop Infrastructure (VDI) – The Future of Desktops

Virtual Desktop Infrastructure (VDI) – The Future of Desktops

An important new development in cost effective deployment of IT solutions is “Virtual Desktop Infrastructure” (VDI).  It’s highly advisable to add this solution for evaluation as you review/update your existing IT strategy roadmap.

Current desktop solutions limit the users to a single device in one location.  In the past, if a user wanted to switch between devices, they would have to manually copy files and data so they can continue to work.  Users would have to take a flash drive or some kind of removable media and copy the files.

With virtual desktops the files and desktops will follow the user.  All their data and settings look exactly the same even when accessed from different devices.  The users’ data will be stored in the cloud and accessible from many different devices.


Microsoft is a major player in this space and has three primary solutions to support VDI. Microsoft’s solutions can be implemented to give users a seamless desktop experience that is both cost effective and easy to manage.

Remote Desktop Sessions

Remote Desktop Sessions (RDS) was the first way this was done. This was the easiest way to get into a VDI like solution. All the users would log into one single server that contains their desktop and programs.

Pooled Desktops

Pooled Desktops is one of the new ways to do it. A single server can be setup with a snapshot of a desktop. A user could log in and use the programs they need to. The administrator decides if the changes should be saved and the computer is reverted back for the next user.

Personal Desktops

Personal Desktops is the true desktop replacement strategy. Each user logs into a dedicated virtual machine made just for them on the server. In a perfect deployment, the user may not even know their machine is in the cloud.

VDI Advantages

VDI will save organizations money by reducing the power needed at each end station. The users will connect to their machine using just about anything including computers, phones, tablets or even thin clients. Users won’t have to worry about where they are saving files when switching from tablets to desktops and laptops. Every time the user logs in, they will be presented with the same familiar desktop.
In many situations, VDI can be an innovative way of adding a flexible, controlled and cost effective solution to improve your business and an integral part of your IT strategy roadmap. However like most large scale investments, assessment and planning is a critical component and should not be underestimated. Innovative Solutions has a long and successful history of IT strategy planning and extensive experience in infrastructure implementations, contact us today, we’d love to help!  – email us today!


  • This field is for validation purposes and should be left unchanged.