Windows 365 and its various editions
Windows 365 is available in multiple editions: Windows 365 Business and Windows 365 Enterprise—and now also Windows 365 Frontline (which we will talk about shortly).
Windows 365 Business and Enterprise
Windows 365 is intended to provide value for businesses of all sizes—from enterprises that employ thousands to a small business of one. Subscriptions can be purchased by individuals through http://www.windows365.com/, using a credit card or similar payment method.
Windows 365 Business is for smaller organizations, up to 300 users, who want a simple way to buy, deploy, and manage Cloud PCs.
Figure 1.2: Windows 365 Business admin portal
Windows 365 Enterprise is for organizations that want to manage their Cloud PCs with Microsoft Intune and take advantage of integrations with other Microsoft services, such as Entra ID and Microsoft Defender for Endpoint.
Figure 1.3: Windows 365 dashboard in Microsoft Intune
Below, you can see the Windows 365 Enterprise and Frontline IT admin experience in Microsoft Intune:
Figure 1.4: Windows 365 Enterprise and Frontline Dashboard in Microsoft Intune
In the following table, we compare the Windows 365 Business and Windows 365 Enterprise products in more detail:
|
Functions |
Windows 365 Business |
Windows 365 Enterprise |
|
Domain join |
Entra ID Join without Azure Virtual Network (VNet) support. |
Entra ID Join without VNet support. Entra ID Join with VNet support. Hybrid Entra ID with VNet support. |
|
Purchase channel support |
Microsoft 365 Admin Center or the Entra ID portal. |
Microsoft 365 admin center or the Entra ID portal. |
|
License portal |
No licensing pre-requirements to buy and deploy Windows 365 Business. Other features (like device management) can be used if users are licensed for Microsoft Intune. |
Each user must be licensed for Windows 10 or 11 Enterprise (when available), Microsoft Microsoft Intune, and Entra ID P1. |
|
Networking costs |
Outbound data/month is based on the RAM of the Cloud PC:
Data bandwidth may be restricted when these levels are exceeded. |
When providing a network, networking goes through the customer’s Azure VNet and isn’t included in the license. Azure bandwidth pricing applies to these network usage costs. If you use a Microsoft-hosted network, the same charges (as described in Windows 365 Business’s networking charges) apply. |
|
Seat limit |
300 seats per tenant. |
No limits. |
|
Provisioning |
Provisioning is simplified and uses default configurations. Cloud PCs are automatically provisioned with a standard image after a Cloud PC license is assigned. |
Provisioning is configurable and customizable to the needs of the organization.Administrators select the network, configure user permissions (local admin or not), and assign the policy to an Entra ID group. Cloud PCs are then provisioned by using standard gallery images or custom images (admin choice). |
|
Policy management |
Not supported. |
Group Policy Objects (GPOs) and Intune MDM are supported. |
|
Monitoring |
Not supported. |
Endpoint Analytics reporting and monitoring, service health, and operational health alerts. |
|
Universal Print |
Universal Print. |
Universal Print. |
|
End user management |
Users can restart, reset, rename, and troubleshoot their Cloud PCs on the Windows 365 homepage. |
Users can restart, rename, and troubleshoot their Cloud PCs on the Windows 365 homepage. |
|
Conditional Access |
Conditional Access policies can be deployed only by using Entra ID with an Entra ID P1 license. |
Conditional Access policies can be deployed by using the Microsoft Intune admin center or Entra ID. |
|
Security baselines |
Not supported. |
Dedicated Security Baselines can be edited and deployed by using Microsoft Intune. |
|
Microsoft Defender for Endpoint |
Supported if the customer separately has the requisite E5 license. |
Integration with Defender for Endpoint. If the customer has an E5 license, all Cloud PCs will respond to Defender for Endpoint policies and show up in MDE dashboards. |
Table 1.2: Windows 365 Business and Windows 365 Enterprise differences
Windows 365 Frontline Dedicated
Windows 365 Frontline Dedicated is a compelling new offering that provides customers with shift workers the adaptability to allocate Cloud PCs to up to three users, with the acquisition of a single Windows 365 license. Regarding the feature stack, Microsoft’s aim is to achieve a degree of product equivalence across all Windows 365 offerings. If you’re transitioning from a multi-session or server OS to Windows 365, this is an option worth exploring.
Here are some important details to remember about Frontline Dedicated:
- Dedicated Cloud PC access is only available during a user’s shift.
- You can provision up to three Cloud PCs per license, but only one connection can be made per license at a time.
- It maintains a concurrency buffer that allows your users to stay productive when oversubscription scenarios are active.
- It provides a personalized, full Windows experience.
- You can deploy and manage it in Microsoft Intune.
Now, let’s explain the latest new offering—Windows 365 Frontline Shared.
Windows 365 Frontline Shared
Frontline Shared is Microsoft’s latest addition next to Windows 365 Frontline Dedicated. This offering is built for employees who need brief access to complete tasks without much overhead on the IT administrator to manage and maintain the Cloud PC. The other important detail to mention is the non-personalized configuration, meaning that users’ data, profile settings, etc. are flushed during reboot. If you are transitioning from non-persistent virtual desktops, this is the offer to explore for your business!
Frontline Shared offers:
- Cloud PC access configured for specialized task use.
- Enable a group of employees access to a single shared Cloud PC in seconds.
- Shared, non-personalized experience across a collection of shared Cloud PCs with one active session at a time.
- Deploy and manage in Microsoft Intune.
You will learn more about this in the Implementing and Managing Cloud PCs section of the book.
Windows 365 for Government
Governments can use some of Microsoft’s cloud services, such as Microsoft Office and Microsoft Azure, as they comply with special certifications that are required for governments to use them. Now, Microsoft has ensured that Windows 365 also meets the required certifications.
This allows governments to extend their Windows devices into the Cloud with the newest functionality and technology, on top of the newest Windows version, 11, installed on powerful and secure Cloud PCs.
Windows 365 for Government gives federal governments the opportunity to support the hybrid world we live in today by creating Cloud PCs, just like any other organization. This is currently restricted to governments in the United States (US); however, governments outside the United States can apply for approval to use the service.
Windows 365 for Government is provided in two categories: Government Community Cloud (GCC) and Government Community Cloud High (GCC High). These are the two available government solutions that Microsoft can offer to the US government.
GCC comes with support for FedRAMP High, DFARS, and DISA Level 2 Security Requirements, and complies with CJIS and IRS 1075.
GCC High supports FedRAMP High, ITAR, and DFARS.
All of these are security and compliance certifications that a provider needs to have to fulfill the structure and standardization requirements that governments have.
For governments to get started with Windows 365, they must do so by contacting Microsoft directly or an approved partner.
Figure 1.5: Benefits of using Windows 365
