Hi everyone
We are deploying single session Azure Virtual desktop and are in design phase where we will put the Ztna agent into the session host so user can have access to private network (on prem). The network infrastructure (in azure and firewall) already in place and our job is to installing agent and start testing
We would like to know any best practice of how ztna agent is working inside Azure virtual desktop, anything we need to consider?
Also another challange we got with Ztna agent is that the Ztna team will also install the agent in our SoE laptop. That should be fine but we would need to whitelist all AVD gateway address .so that the AVD client can connect to Azure virtual desktop gateway in the cloud. So far based on microsoft article they recommend to whitelist all *.wvd.microsoft.com but the Ztna team is only happy to whitelist based on IP addresses which pose the risk as the IP address of AVD gateway will keep changing and we may run into the risk of Soe Laptop cannot connect to AVD gateway due to missing IPs or IPs change dynamically
Just wonder if anyone is having this scenario before and would like to know your experience and suggestion