Microsoft today made a slew of announcements to help IT pros reduce costs, increase security, and boost employee productivity. The headline items are the launch of Windows Virtual Desktop in public preview and Microsoft Defender Advanced Threat Protection (ATP) for macOS in limited preview. But there are also updates around Office 365 ProPlus, Windows 10, Configuration Manager, Intune, and Microsoft 365.
But first, let’s tackle the big ones.
Windows Virtual Desktop
Microsoft announced Windows Virtual Desktop in September, but only made it available as part of a private preview. Now in public preview, the Azure-based service provides a virtualized multi-session Windows 10 experience and Office 365 ProPlus virtual desktop on any device. It supports Remote Desktop Services (RDS) desktops and apps in a shared public cloud and will even include free Windows 7 Extended Security Updates (ESU) until January 2023. Windows 7 will hit end of support on January 14, 2020, so Microsoft is strategically offering the almost decade-old operating system via Windows Virtual Desktop.
In November, Microsoft acquired app-provisioning startup FSLogix. That platform’s strength was reducing the resources, time, and labor required to support desktop and app virtualization. FSLogix technologies have now been put to work in Windows Virtual Desktop to enable faster load times for non-persistent users accessing Outlook or OneDrive, plus support for client and server RDS deployments.
Think of Windows Virtual Desktop as a tool for deploying and scaling Windows desktops and apps on Azure with built-in security and compliance. To deploy and manage your virtualization environment, you’ll need an Azure subscription — you can optimize costs by taking advantage of Reserved Instances (up to 72 percent discount) and by using multi-session Windows 10. You will not be charged more for accessing Windows 10 and Windows 7 desktops and apps if you have Microsoft 365 F1/E3/E5, Windows 10 Enterprise E3/E5, or Windows VDA. You will also not be charged more for using Windows Server desktops and apps if you’re a Microsoft RDS Client Access License customer.
Microsoft is slating Windows Virtual Desktop general availability for the second half of this year.
If you did a double-take here because you thought it was called Windows Defender, you’re not wrong. Microsoft is extending its endpoint protection platform to additional operating systems, starting with macOS. And so, with the release of Microsoft Defender ATP for Mac in limited preview, Windows Defender is now Microsoft Defender.
Microsoft Defender ATP gives macOS users “next-gen” antivirus protection, but Microsoft is also promising to add Endpoint Detection and Response, and Threat and Vulnerability Management (TVM) capabilities in public preview next month. TVM is designed to help security teams discover, prioritize, and remediate known vulnerabilities and misconfigurations exploited by hackers. Specifically, TVM promises:
- Real-time detection insights correlated with endpoint vulnerabilities
- Machine vulnerability context during incident investigations
- Built-in remediation processes through integration with Microsoft Intune and Microsoft System Center Configuration Manager
Microsoft’s security pitch is for a “comprehensive” platform with “built-in sensors, cloud scalability, unparalleled optics, AI & machine learning-based protection to enhance the power of defenders, and the seamless integration with Microsoft’s identity and information protection solutions.” Now the company can add cross-platform to that list.
Office 365 ProPlus and Windows 10
Microsoft also shared today that new installs of Office 365 ProPlus will include the Microsoft Teams app by default and that the default installation for ProPlus will now be 64-bit. The former comes just days after the company announced that Teams is now used by 500,000 organizations. As for the latter, those already on 32-bit installs will soon be offered an in-place upgrade to 64-bit that doesn’t requiring uninstalling and reinstalling.
Separately, Microsoft shared that since Windows 10 Creators Update (version 1703), it has seen a 20 percent reduction in operating system and driver stability issues. Starting with Windows 10 Fall Creators Update (version 1709), the company says devices are updating up to 63 percent faster.
Configuration Manager, Intune, and Microsoft 365
Configuration Manager and Intune are getting new insights and deployment options to help manage your devices across platforms.
More specifically, Configuration Manager branch 1902 arrives this week with the following:
- New Office analytics: Native integration with the Office Readiness Toolkit provides insights that help organizations with the end-to-end readiness, deployment, and status tracking of Office 365 ProPlus.
- Updates to CMPivot for real-time queries: CMPivot investigates the whole device estate using pre-built queries. You can now access CMPivot from the Configuration Manager Central Admin Site.
- New management and client health visibility: Improved management insights to prepare for co-management, new rules for optimizing and simplifying collections and packages, and a dashboard with detailed breakdowns of device status.
New deployment options will also be available, including phased deployments, configuring known-folder mapping to OneDrive, and Configuration Manager integration with the Office Customization Tool.
Intune has meanwhile received Mobile Device Management (MDM) Security Baselines in preview. Microsoft considers these recommended configuration settings that increase your security posture, operational efficiency, and reduce costs.
And finally, the new Microsoft 365 Admin Center is now generally available. Going forward, admin.microsoft.com is your single entry point for managing your Microsoft 365 services. It includes guided setup experiences, improved groups management, and multi-factor authentication for admins.