Confessions of a Technical Trainer... 5 Blind Spots That Could Break Your Deployment

Over the years, I’ve worked closely with hundreds of customers and partners around the globe—across architecture sessions, live demos, deeper dives, and post-implementation reviews. And no matter the industry, skill level, or project size, the same “cotcha's“ tend to surface. Some are small; others cost organizations thousands per month or tend to hurt the end-user experience in general.

This post isn’t a checklist of obvious best practices—it’s a dive into the often-overlooked, and sometimes counterintuitive lessons from the field. If you’re building or managing Windows in the Cloud at scale, these are the things you may not have thought about—but should.

1. Misreading Cost vs. Performance in Session Host Selection

One of the more surprising mistakes I see is choosing VM sizes based solely on “sweet spot” sizing blogs or generic cost calculators. While cost-per-user matters, what’s more important is session consistency. Slight performance instability, even if rare, can cause users to lose trust in virtual environments fast.

What’s wrong?

• Optimizing purely for cost, ignoring (storage) latency or burst limits

• Forgetting that different users don’t just consume CPU—they consume differently (IOPS-heavy apps, memory-hungry tools, etc.)

• Not size for the (highest) peaks

• Assuming all latency is storage-related and overlooking compute responsiveness or network round-trip times

• Making use of older version VMs because the newer ones are more “expensive”. This is, overall, not the case. Always invest some time reviewing and testing newer version VM’s

As a side note, stay tuned as we have been doing some testing with our friends over at Login VSI - results will be available soon.

Latency, in the context of storage and compute, is the time it takes to complete a single operation from the moment it is issued to when it's completed—such as reading or writing a file, or executing a compute task. While IOPS (Input/Output Operations Per Second) measures how many operations can be handled in a second, it doesn’t tell you how long each operation takes. You can have a high number of IOPS but still experience poor performance if the latency per operation is high. In other words, it’s not about how many cars you can fit on the road, but how fast each car can complete the journey.

For example, I’ve seen session hosts with standard SSDs technically delivering sufficient IOPS, yet applications still lagged noticeably. The issue wasn’t capacity—it was storage responsiveness. Switching to Premium SSD with lower latency made an immediate difference, even though the IOPS numbers didn’t change drastically.

Out-of-the-box tip: Build a temporary "sacrificial" pool of low-cost VMs just to monitor actual workload behavior for two weeks (if you are new to Nerdio, get some help from one of our SE’s and do this during your free Proof of Value). Use that data to size your production pool accurately—and don’t forget to test responsiveness across regions, VM types, and times of day.

Keep in mind, though—latency isn’t a one-size-fits-all metric. A 50-100-millisecond round-trip time (RTT) might be perfectly acceptable for a network connection, but that same 50-100 ms would be painfully slow for a storage subsystem. When evaluating performance, make sure you’re comparing latency figures in the right context: storage latency is measured and experienced very differently than network latency.

2. Assuming FSLogix Is 'Set and Forget'

Yes, FSLogix is a foundational component of any AVD deployment—but it’s not a silver bullet. The most successful partners and customers understand that FSLogix profiles are not static or invincible; they’re dynamic, sometimes fragile, and require proper planning, monitoring, and maintenance. Treating them as living, evolving parts of the environment—rather than a set-it-and-forget-it solution—leads to far more stable and scalable implementations.

What’s missed?

• VHDX storage running out of space due to temp file buildup

• Bloated profile containers with years of browser cache and logs

• Lack of cleanup policies (no automated shrink or defrag)

• No lifecycle management to remove unused profiles after X days of inactivity

Out-of-the-box tip: Set up a scripted action to check VHDX size growth weekly. Flag profiles over a certain threshold and run scripted actions cleanups. Additionally, schedule another scripted action to remove profiles that haven’t been used in, for example, 30 or 60 days to keep storage clean and manageable. Run it bi-weekly.

Out-of-the-box tip 2: Consider a split profile strategy, where FSLogix containers are separated into distinct (virtual) disks for profile and Office data. This offers several benefits:

• If a profile becomes corrupted, you can reset it without losing Office data/cache or OneDrive data

• Faster / easier recovery from login/profile-related issues

• Improved performance and backup flexibility

To separate FSLogix containers for profile and Office data, you should utilize FSLogix’ s built-in capability to create distinct VHD(X) files for each, either through Registry and/or GPO’s. Of course, this can also be done directly from the Nerdio interface.

Out-of-the-box tip 3: Don’t overlook or at least consider FSLogix even in persistent environments. Using profile containers on persistent virtual machines ensures consistency and simplifies profile management across reboots and policy updates. It also gives you the same recovery and portability benefits as in pooled deployments. Do keep in mind that additional storage, and thus cost will be required.

3. Overengineering Image Management When You Could Just Use a Base + Layered Applications

Many companies overinvest in master image creation, versioning, and layering and then change the image once a week anyway. Instead, the most agile AVD teams adopt a simpler pattern:

• One (or a couple, the trick is to get this number down as much as possible, making life a little easier) base image: OS + core agents and software

• Applications installed dynamically using Nerdio’s Unified Application Management (UAM)

• Applications layered using App Attach + App-V, for example, also using Nerdio’s UAM module.

• Using Nerdio’s base image virtual machine concept, you have a single source of truth and monthly patches, for example, can be scheduled, plus more.

Nerdio’s UAM allows you to import applications from sources like public (or private) WinGet repositories and assign them using Nerdio deployment policies to AVD hosts, Windows 365 Cloud PCs, or even physical devices via Intune. These apps are then delivered directly to the assigned session hosts / devices. UAM integrates with Microsoft Intune and SCCM as well, allowing you to deploy and manage applications across your environment using familiar tooling while maintaining consistency through Nerdio. The keyword here is; fast!

Out-of-the-box tip: Use UAM to centrally assign and manage apps based on devices or groups, pushing them directly to endpoints. For legacy or stateful applications, you can combine UAM with traditional (scripted) installers, App-V, or MSIX App Attach. This hybrid model minimizes the number of image changes while maintaining flexibility.

For example, you can deploy Microsoft Teams and Adobe Reader via WinGet through UAM, and then handle a legacy LOB app via App-V or MSIX App Attach (you will soon be able to combine these two as well). With Nerdio’s policy-based assignment model, applications are assigned to (physical) devices / session hosts, ensuring they are automatically (re)installed each time a machine is reimaged, rebuilt, or redeployed—enabling consistent, scalable deployments across environments.

This approach also simplifies pathing, standardizes the user experience, and makes automation easier to implement. You’re far less likely to fall behind (something I have also seen many, many times, unfortunately) or introduce errors, and you’ll significantly reduce manual intervention over time.

4. Forgetting That End-Users Don’t Care About the Tech Stack

Your users don’t care that it’s AVD/W365 or something else. They care that their desktop opens in under 15 seconds, their apps don’t freeze, and their printer shows up.

Common blind spots:

• Login delays caused by bloated or misapplied group policies (GPOs), and/or poorly optimized FSLogix profile containers

• Slow application launches due to legacy app dependencies or mapped drives pointing to offline/on-prem file shares

• Confusing UI elements like “Windows Server” on the desktop—breaks immersion and undermines trust. Make sure to always use the Windows 10/11 multi-session images instead

• Inconsistent peripheral support (e.g., printers, webcams) that frustrate remote/hybrid workers

• No clear point of contact for IT support—users don’t know who to turn to when things go wrong or when they have questions in general

Out-of-the-box tip: Don’t treat AVD and Windows 365 as mutually exclusive. Instead, give users a workspace that fits their needs. Sometimes a Cloud PC is the better fit for a specific workflow, department, or scenario—especially when offline caching, persistent personalization, or simple licensing (cost) models are priorities.

With the right monitoring in place—including host performance, session density, and user behavior—you can determine when a user would benefit from switching platforms, or even just a different VM SKU. Keep in mind that switching becomes much easier when FSLogix and centralized application deployment strategies are already in place.

Monitor not only login performance and app responsiveness, but also the type of VM SKU in use. For example, shifting from an E-series to a D-series machine might cut costs while improving CPU efficiency and performance stays consistent. The same goes for switching storage tiers or resizing VMs based on peak usage windows.

By building a flexible foundation, you empower IT to adapt dynamically to end-user needs—and that’s what they’ll remember, not the name of the platform.

5. Treating Nerdio as a Deployment Tool Instead of a Control Plane

This is a big one. Customers often use Nerdio Manager solely for initial deployment—setting up host pools, provisioning session hosts, and assigning users. I don’t blame them, it is ridiculously fast in doing those kinds of tasks for you. But they sometimes fail to realize that Nerdio is designed to be an ongoing cloud operations platform, not a one-time setup wizard. I mean, you have the tools, so use them wisely.

Let’s break that down:

• Drift Detection: Nerdio Manager can track configuration drift. If something in Azure is changed manually (say, through the portal or PowerShell), Nerdio can flag it—helping you maintain compliance and governance.

• Guardrails and Policies: Through custom RBAC roles, host pool restrictions, dynamic app assignments, and auto-scaling rules, you can create an environment that enforces consistency without constant admin involvement.

• Cost Visibility and Automation: Nerdio integrates Azure pricing logic and lets you automate based on budget controls, usage windows, and VM availability. If your customer’s VMs are running outside working hours, Nerdio can shut them down, or remove them completely and notify you—or scale them back up when demand returns.

• Unified Monitoring: With integrations like Intune, W365 and AVD Insights and Log Analytics, Nerdio helps consolidate health and usage telemetry into actionable dashboards. No need to bolt on a dozen external tools.  

• Scripted Actions and Scheduling: This is where things get powerful. Nerdio lets you schedule cleanups, refreshes, reporting, and advanced automation via Scripted Actions that tie directly into lifecycle events (like VM creation, user login, etc.).

• W365 Integration: If you’re managing both AVD and Windows 365, Nerdio lets you standardize policies, naming conventions, app assignments, and more—across both platforms—from a single UI.

Out-of-the-box tip: Treat Nerdio like your cloud-based “operations console.” Create baselines for each customer, use-case or department. Use naming templates, deployment policies, and tags for segmentation. Audit your environment every month using Nerdio’s Change Log or automation (cost) reporting. And most importantly—train your engineers to operate from Nerdio, not just Azure.

When Nerdio is treated as the control plane it was designed to be, IT teams move faster.

Final Thoughts: What They Don’t Teach You in Docs or Sales Decks

AVD, W365 or Intune isn’t just a product you buy or a project you complete—it’s a living platform that evolves with the business. The best environments I’ve seen weren’t the most expensive or complex. They were the most observed, iterated, and aligned with real-world user behavior.

And the secret weapon? A mindset that questions defaults, tests everything, and automates what works. Build smart. Break things early. Learn fast.