Microsoft has announced yet another cloud service for virtual desktops called Windows 365. The main difference between this and Windows Virtual Desktop is that this service allows PCs to be provisioned and managed more easily. In addition, licensing is handled through a subscription per user and month.

Windows Virtual Desktop (WVD) is an Azure service that requires a relatively complex configuration process to deploy Windows from the cloud. This process has been made easier with the introduction of Azure Resource Manager-based deployment, but a fair bit of knowledge is still required to use the service. Billing depends on the resources consumed.

Windows 365 as a SaaS alternative to WVD ^

Windows 365 is part of Microsoft's SaaS products, which also include Exchange Online and Microsoft Teams. It also addresses the needs of smaller companies, even if they do not have the skills to manage IT infrastructure.

Once the prerequisites for using Windows 365 are in place, admins can delegate various tasks to users. These include upgrading to more powerful virtual hardware or rebooting the cloud PC.

Hybrid AD required ^

One prerequisite for Windows 365 is a hybrid Active Directory via AAD Connect. Support for a native AAD configuration will be added soon. Microsoft requires an active Azure subscription as well as a license, such as Microsoft 365 E3, which allows the use of Intune.

Generally, cloud PCs should not be restricted to resources on the internet, but must also access files and applications in the company. This requires the ability to resolve the hostnames of internal servers, and users will therefore need an Azure vNET that configures a route to a DNS server in the company.

Internal DNS servers are entered into the vNET configuration so that cloud PCs can use resources in the company network

Internal DNS servers are entered into the vNET configuration so that cloud PCs can use resources in the company network

Configuration with policies in Intune ^

A cloud PC is then provisioned via Intune, where the admin sets up the corresponding policies. These assign an OS image to the virtual computer, which is either a system image provided by Microsoft or one that is created by the administrator. These policies are then linked to the AD groups, and the included users are thus assigned their desktops.

Admins assign the desired Windows image to the cloud PCs via a policy

Admins assign the desired Windows image to the cloud PCs via a policy

Windows 365 is targeted at users who work either on the road or from home. It offers several advantages for these use cases. For one, companies do not have to open their networks for these users, be it via VPN or Remote Desktop Services. Instead, a connection to Azure vNET is sufficient.

Advantages for mobile users ^

In terms of security, cloud PCs can also take advantage of Azure AD's multifactor authentication. Further protection is provided by Conditional Access, which denies access to the virtual desktop unless certain criteria are fulfilled.

Mobile users also benefit from the fact that they do not need a particularly powerful (wireless) network for RDP access to the cloud desktop. In comparison, the virtual PC runs in Microsoft's data centers and has an extremely fast internet connection. It can even reach download speeds of 10 GB/s as shown in this Microsoft Mechanics video.

Management via Endpoint Manager ^

Managing the cloud PCs, for example, when installing software, is carried out either with Intune or, if co-management is activated, via Configuration Manager. Admins can then manage the virtual computers in the same console as the physical computers on-site.

The Watchdog service checks that all prerequisites are met when Windows 365 is deployed

The Watchdog service checks that all prerequisites are met when Windows 365 is deployed

Microsoft also provides a Watchdog service that checks all system requirements when Windows 365 is set up and makes suggestions for troubleshooting, if necessary.

Client support ^

Every system for which Microsoft has already offered an RDP client can be considered a terminal device. Aside from Windows PCs, these include mobile devices running iOS and Android as well as macOS computers. Other platforms are covered by the web client.

Microsoft supports multiple client platforms with Windows 365 but not all equally

Microsoft supports multiple client platforms with Windows 365 but not all equally

However, the capabilities of the respective clients vary greatly. In particular, access to local peripherals is often limited, and support for multiple monitors is exclusive to Windows PCs.

Licensing ^

As with other Microsoft 365 services, Windows 365 follows a license model that comprises a fixed price per month and user. The rate depends on the virtual hardware, which ranges from 1 vCPU, 2 GB RAM, and 64 GB disk for simple tasks to 8 vCPU / 32 GB / 512 GB for developers and similarly demanding activities.

However, the costs of the virtual PCs, which Microsoft has yet to announce, are not the end of the story. As with a VDI based on Windows Server, a licensed endpoint device is required for access. If this runs Windows, then a Windows 10 E3 + EMS1 E3 or Microsoft 365 F3/E3/E5/BP subscription is needed. Other devices require the purchase of a Windows VDA on top of that.

Subscribe to 4sysops newsletter!

Windows 365 is expected to be generally available in early August 2021.

+2
avatar
1 Comment
  1. Nice article. Would this support passwordless authentication?

    0

Leave a reply to Vignesh Mudliar (Rank: 3)
Click here to cancel the reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2021

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account