Information

There are several key decisions an admin must make when planning a design for a resource location to be used with the Citrix Cloud Virtual Apps and Desktops Service. The first of these decisions is the Subscription Workspace model they plan to utilize.
Subscriptions
Selecting a subscription model is a complex decision as it involved the planned growth of the footprint in azure considering both the initial design and planned growth of the environment.
Single Subscription workspace model
In a single subscription, all core and citrix infrastructure remain inside the same subscription. This configuration is recommended for environments that require up to 1,000 Citrix VDA Machines.
Multi-Subscription Workspace Model
In this model, Citrix and Core resources reside in seperated subscriptions to help manage scalability in large deployments.
Protecting Citrix Cloud Resource location hosted in azure
NSG (Network Security Groups) are simplified packet inspection devices the allow or deny traffic over specific ports to the resources hosted inside the azure platform for usage with Citrix Cloud Virtual Apps and Desktops Service. The port requirement for a Citrix Cloud Resource location are as follows:

Granting Access for Citrix Cloud to Access your Azure Subscirption
When considering how to connect the Citrix Cloud Virtual Apps and desktops Service to the Azure subscriptions, there are 2 primary options for connecting Citrix Cloud to the Azure Subscription:

1. Subscription Scope Principals.
2. Narrow Scope Service Principals
When an admin creates a host connection to azure for the first time, Microsoft Azure creates a Service Principal which is an application template created that impersonates the user and the rights it has over the subscription. When the Citrix Service creates the Service principal for the host connection through studio, a Subscription Scope principal is created that provides the list of permissions included in the service principal across all resources hosted in the Azure subscription.
Customers that have needs for more granular controls over their resources, the admin can also create what is called a Narrow scope service principal. This requires a bit more planning in designing the environment in that the admins not only need to pre-create the resource groups the vda's reside in, but the access to these resource groups needs to be defined to a pre-created service principal prior to creating the service principal.
The requirements and process to create this narrow scope service principal are defined in greater detail at Tech Article - https://support.citrix.com/article/CTX219243.
At this stage, the admin is now prepared to deploy their first machine catalog to Azure using the Citrix Cloud Virtual Apps and desktops service. For more information as to how to Prepare a Master Image and deploy a machine catalog, review the following article: https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/1912-ltsr/install-configure/machine-catalogs-create.html#prepare-a-master-image-on-the-hypervisor-or-cloud-service

Additional Resources

References:

https://docs.citrix.com/en-us/tech-zone/design/reference-architectures/virtual-apps-and-desktops-azure.html
https://support.citrix.com/article/CTX219243

The content of the CTX270373 article published by Citrix has brought worrying consequences for Citrix customers running or planning to run workloads over the cloud. The reason for this is that Citrix will no longer support any deployments running on Virtual Apps and Desktops 2003 and future Current Releases (CRs) if the deployments run workloads over public clouds such as Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform.

This blog post describes how this may affect Citrix customers and introduces Parallels® Remote Application Server (RAS) as an ideal alternative solution for delivering applications and virtual desktops over on-premises, hybrid and multi-cloud scenarios.

What does this announcement mean?

Citrix administrators deploying Virtual Desktop Agents (VDAs) to resources running over the cloud who are accustomed to upgrading their Citrix Virtual Apps and Desktops (CVAD) setup to the latest Current Release will need to choose an alternative. Here are some options for moving a virtual desktop and application delivery solution to a supported configuration:

• Migrate the CVAD setup to the 1912 Long Term Service Release (LTSR). LTSR versions, with a support lifecycle of five years, are only updated using Cumulative Updates which include security patches and fixes. Therefore, customers will not be able to apply any updates containing the latest product features.

or

• Migrate to the Citrix Virtual Apps and Desktops service. This cloud service includes support for public cloud and on-premises workloads but may require a complete redesign of the customer’s setup. Certain infrastructure components such as Delivery Controllers, Director and Studio will be hosted and managed by Citrix, whereas customers will be required to deploy cloud connectors for every resource location, as well as manage all components of the resource layer.

Both alternatives entail a migration process of your Citrix setup that may compromise its stability and affect business continuity.

Another important consequence of this announcement is that moving forward, if customers require to deploy hybrid models and need to remain on a Current Release version, then the use of Citrix Virtual Apps and Desktops service in Citrix Cloud is mandatory. In addition, if a migration to Citrix Cloud is finally required, enterprises will still need to navigate through a complex array of product editions to decide which line best fits their needs and perhaps might even have to readapt their previously purchased licensing model.

Because this announcement applies to CR versions, those Citrix customers using the 1912 LTSR version or running Citrix Virtual Apps and Desktops service in Citrix Cloud won’t be affected.

Parallels RAS is a Great Alternative

Download Citrix Virtual Desktop

Parallels RAS is an all-in-one application delivery and Virtual Desktop Infrastructure (VDI) solution that allows users to work remotely at any time and from any client device, including mobile platforms. When using Parallels RAS, enterprises have the flexibility to run workloads over both public cloud providers and on-premises infrastructure according to their needs, without having to analyze complex feature matrixes and subscription models.

There is only one full-featured product edition of Parallels RAS licensed by concurrent users that includes all enterprise features such as application and virtual desktop delivery, load balancing, high availability, reporting, monitoring and more. Also, support and software maintenance are included without additional cost.

In addition, the latest Parallels RAS 18 provides unified Microsoft Windows Virtual Desktop integration and enriches this Azure service. It does so by centralizing workload management and providing administrators the capability to easily manage workspaces, host pools and templates from one single point, the Parallels RAS Console.

The Windows Virtual Desktop service recommends FSLogix Profile Container as a user profile management solution. Parallels RAS provides the ability to deploy and configure FSLogix Profile Containers centrally—not only over Windows Virtual Desktop workloads but also over Remote Desktop Session Host (RDSH) and VDI workloads.

Citrix Cloud Virtual Apps And Desktops Pricing

Running a pre-configured trial of Parallels RAS over Microsoft Azure or Amazon AWS is very straightforward. Pre-configured virtual machines are available on Azure and AWS marketplaces, and organizations can deploy a fully functional Parallels RAS setup within minutes with just a few clicks.