Microsoft introduced Windows Virtual Desktop (now called Azure Virtual Desktop or AVD) in three years ago and released it into General Availability two years ago. AVD allowed for a fully customized virtual desktop and application infrastructure in the cloud providing clients with multiple scenarios for deploying applications, personal desktop assignments, and multi-session desktop capabilities. However, it came with complex requirements and increased management and governance needs. Windows 365 is meant to simplify the complexities of AVD by changing the cost model from usage to licensing and reducing the infrastructure required to implement.
There are two different editions of Windows 365: Business and Enterprise. Business, similarly to Microsoft 365 Business licenses, is for customers with less than 300 users. While it does not have the granularity, customization, or integrations that Enterprise has, it is meant to be simple. Procure and assign a license and a PC will be auto provisioned for the user it was assigned to.
Windows 365 Enterprise has a bit more requirements and setup involved to provide virtual desktops to users. All desktops are directly assigned in a one-to-one relationship to users. Windows 365 does not support multi-session desktops or application deployments. Windows 365 Enterprise simplifies and streamlines security and administration of a deployment by taking advantage of three primary Microsoft solutions:
- Azure Active Directory
- Microsoft Endpoint Manager
- Azure Virtual Desktop
Pricing and licenses
Most costs associated with Windows 365 are a flat, fixed monthly fee associated with the license procured. Licenses are based on the size of the VM. Additional charges may occur within your Azure Subscription based on network usage. Business edition has outbound data limits based on the VM size, anywhere from 12-70 GB/month of outbound data use per user.
You cannot switch between Business and Enterprise license models; however, you can upgrade VM sizes to a larger size using the Resize feature. Downgrading the size is currently unavailable and requires reprovisioning the VM.
Users can only be assigned one license from any single VM size. However, you can assign multiple licenses to a single user if the license types are for different size VMs.
The following chart are all the current available licenses for Windows 365:
Requirements
Windows 365 Business has a single requirement, Azure AD Join. Ensure the Device setting Users may join devices to Azure AD is enabled for either All or Selected to ensure any user with a Windows 365 license can join the VM to Azure AD.
Windows 365 Enterprise has a few requirements. Each requirement is listed below.
Azure |
An active Azure Subscription Windows 365 must have the following permissions:
Supported Azure Region for provisioning PCs Azure Virtual Network
|
Azure Active Directory |
A valid Azure AD Tenant
|
Microsoft Endpoint Manager |
Microsoft Endpoint Manager \ Intune tenant required for management
|
Active Directory |
Valid Organizational Unit to be used.
Users must be synced via Azure AD Connect |
Networking |
No network interception, SSL Decryption, deep packet inspection, or other similar technologies used to monitor or intercept Windows 365 provisioning traffic |
Windows 365 has all the typical Azure AD and Intune RBAC Permissions to fully administer the environment. No custom roles are available to be created, however, two new RBAC roles have been created for least privilege management of Windows 365:
Cloud PC Administrator:
Manages all aspects of Cloud PCs, including:
- OS image management
- On-premises network connection configuration
- Provisioning policies
Cloud PC Reader:
Views Cloud PC data in Microsoft Endpoint Manager but cannot make changes.
Planning
Once you understand the pricing and requirements of Windows 365 Enterprise, you can begin planning considerations of your deployment. Each deployment may differ from one customer to the next as all customers have some variance and uniqueness to their needs and current state. However, there are several areas that all customers should review to ensure a proper plan is put in place for a successful implementation of Windows 365.
Goals and Objectives
Clarify what you are trying to do and the desired end state that a Windows 365 deployment will satisfy:
What are you trying to accomplish with a deployment of Windows 365?
Use Cases
Identify the different use cases and scenarios that require a Windows 365 Cloud PC:
What scenarios and use cases call for a virtual desktop in your environment?
Will users connect via web or desktop client?
Do you have to account for a Microsoft Teams environment?
Existing environmental review
Many organizations will already have the core infrastructure requirements deployed in some capacity prior to a Windows 365 deployment. It would be wise to review the current state of each of these area as it relates to the requirements and dependencies of a Windows 365 deployment including:
- Azure
- Azure AD
- MEM\Intune
- Windows 10 PCs and current inventory
- Networking
- Other as necessary
Rollout plan
With proper identification of a desired end state and review of current state, you can develop a rollout plan and strategy for your Windows 365 deployment including:
- Deployment Phases
- Success Metrics
- Communication plan
Communication and training
Any deployment, big or small, requires proper communication and training to be successful. This goes for both end users and administrators. Be sure to create proper change management and training plans for both users, to ensure successful adoption, and administrators, to ensure successful support and maintenance.
Windows 365 has significantly less requirements than that of an Azure Virtual Desktop environment. However, it is still a significant piece of technology that still requires to due diligence of any new implementation.
Enabling Technologies can help you properly prepare for moving to the cloud based on Microsoft Best Practices and utilizing a secure and productive environment. You can check out more in the Cloud section of our website.