- One of the best pool-cleaning robots I've tested is $450 off for Prime Day
- Apple's M2 MacBook Air is on sale for $749 for Black Friday
- I replaced my desktop with this MSI laptop for a week, and it surpassed my expectations
- AI networking a focus of HPE’s Juniper deal as Justice Department concerns swirl
- 3 reasons why you need noise-canceling earbuds ahead of the holidays (and which models to buy)
Microsoft Ignite: New Solutions Offer More Security and Productivity from Windows in the Cloud
During Microsoft Ignite, the company announced various ways in which users will be able to get more security and productivity from some of its products. Microsoft is adding more AI tools to Windows, including Copilot on Windows 11, and giving developers more tools to create AI features of their own for Windows. With Microsoft 365 and Azure Virtual Desktop, you can use those Windows AI features on any device, and that gets simpler with new unified clients for Android, iOS, Mac and browsers as well as Windows itself.
Sizing and scaling cloud PCs is also getting easier for overworked IT teams, with AI-powered tools that analyze usage and recommend what size of PC to offer users. Plus, Microsoft is offering improved tools for managing Windows updating and patching.
Jump to:
Windows AI on any device
Microsoft hasn’t been just “the Windows company” for many years, but it wouldn’t mind if you think of it as “the AI company” now. IT pros are focusing on AI and the shift to the cloud, and that’s increasingly integrated, Scott Manchester, vice president of product management, Windows 365 and Azure Virtual Desktop, told TechRepublic ahead of the Microsoft Ignite conference this week.
“We see Windows 365 really at the heart of that: being able to give access to AI to more people and on more devices when you’re accessing windows through the cloud. Customers can be confident in deploying AI within their organisation in a way that’s secure, in a way that empowers all of their employees to work more efficiently, to have more time for creativity and to really adopt this new way of working while still giving them the flexibility to work where they want to work, on different devices, in different ways that suit their needs.”
Running Windows 365 will also be easier for users and the IT teams who support them with a unified Windows App that’s available on Windows, web, Mac and iOS through TestFlight and coming soon to Android.
There is just one app instead of six different connection apps to choose from on Windows and two on most other devices, depending on whether you want Windows 365, Azure Virtual Desktop, Remote Desktop, Remote Desktop Services, Microsoft Dev Box, the RPA automation tool for Power Automate or a remote connection to your own PC at home.
This doesn’t mean missing features from the old clients, like being able to use an iPad as a second screen for Mac users. “We’re not losing any of the rich capabilities in each of those apps; we don’t want to regress anything,” Manchester promised, and said there will be new features and additional scenarios for connections next year.
SEE: Microsoft Copilot Announced for Azure (TechRepublic)
For now, you can see all the cloud PCs and resources you have access to across Windows 365 and Azure Virtual Desktop and pin the PCs and apps you use the most to make them easier to find (Figure A). You also get access to settings, from troubleshooting to setting up drive redirection.
Figure A
The Windows App client also supports new security features like single-sign on and passwordless authentication, including biometrics and FIDO security keys, watermarking, tamper protection and screen capture blocking. If you need more security, you’ll soon be able to join the public preview for using your own encryption keys with Windows 365 Customer Managed Keys, while the Windows 365 Customer Lockbox, which gives organizations the same approval options for working with Microsoft support engineers they already have in Office 365, is already in public preview.
The unified client also means IT teams only have one app to work with if they need to package up custom images for how users connect within the organization.
AI-powered PC sizing
Windows 365 lets you offer a range of PC resources in the cloud, now including 16-core 1 TB PCs or GPUs in preview for more demanding users. That can get expensive if you’re allocating more powerful systems that users really need, or frustrating if they’re not getting the performance they need for work.
“With a physical PC, the mindset is ‘I’m going to fit to the biggest needs users may ever have, so I’m not recycling a machine and buying a new one,’” Manchester pointed out. You have a lot more flexibility in the cloud, but with so many different SKUs grouped under the options of light, medium and heavy users, IT admins have a lot of choices to make. Plus, software and user needs change. “You might install some new software, and suddenly now that machine’s not the right size for that.”
The new Cloud PC size recommender uses machine learning to analyze the performance of cloud PCs over a 28-day period and tells you which systems are undersized, oversized, the right size or underutilised — which means they’re not getting turned on and you can recover the licence for another user. This new recommender will be in public preview soon.
“We’re seeing customers that started with a few thousand cloud PCs moving to tens of thousands of cloud PCs, and when you’re managing them at that scale, these tools give them that power to operate this efficiently.”
As well as a dashboard that shows you which cloud PCs you need to beef up or scale back, you can also get the information through the Microsoft Graph API, which integrates with ITSM tools like ServiceNow, where you can automate this provisioning. Manchester added, “You can take all that data, feed it into ServiceNow and do much more intelligent, multiple-step actions with that data.”
“We’re also looking really carefully at what tools we can build to remove IT drudgery,” added Melissa Grant, senior director of product marketing for Windows 365. “More automation — more ability to evaluate the efficiency of their environment, and then do more proactive remediations or automatic remediations or adjustments.”
Because Windows 365 is already integrated with Intune, IT admins can use this new Cloud PC sizing tool alongside existing endpoint analytics like user productivity scores and the reports on network latency and PC performance.
New network troubleshooting tools that reduce IT work
There is also a new network troubleshooting tool built into the Windows App clients, so users can try and solve problems themselves.
“When employees moved into their home offices, IT admins inherited ownership and support of all their networking, internet connectivity — their ISPs, their connection and their routers within their house. Everything now has an impact on their ability to be productive to the work environment. When everybody started working from home, that overhead was added to IT departments, so we’ve created a whole series of self-help tools,” Manchester said.
“The network troubleshooter will validate that the router is set up, that I’ve got the right bandwidth (I need); it will even go hit the endpoints that it needs to see if it made a successful connection. And it’ll tell the user ‘Hey, go reset your router’ or ‘You don’t have Wi-Fi’ and likely cut down about 80% of the support calls that you normally have to take.”
Fine control for personal desktops on Azure Virtual Desktop
Windows 365 gives you virtual PCs as a service; if you want a lot more control, perhaps because your organization already has experience in virtual desktop infrastructure, Microsoft offers Azure Virtual Desktop. “If organizations are moving from VDI to cloud VDI, they have that in-house expertise, perhaps because they had very specific use cases needing very specific remote apps or network configurations reaching data centres or even Azure edge zones in very rural areas of the world,” Manchester explained.
He added, “You can create any type of configuration in any of our data centres, with any combination of compute and storage. You can create configurations within AVD that support remote apps, remote desktops, Windows client-based instances, Windows server-based instances and even personal desktop instances.” Instead of allocating Windows VMs from a pool, you can assign specific VMs to individual users as a personal desktop, but scaling that has been complex. “When you’re scaling a pool of generic images, you’re just looking at the collective usage across the entire organisation. But when it’s about upscaling your machine or Melissa’s machine or my machine, we have very specific usage patterns.”
Azure Virtual Desktop Personal Desktop Autoscale, now generally available, can automatically start the session host virtual machines and then deallocate or hibernate them when users log off. Personal desktops are typically used for demanding workloads, Grant pointed out, specifically “developers or high-capacity computing workers who need that very fine tuned environment.” Now IT can support those productivity needs without paying for cloud resources they don’t need to have running.
You can also deploy MSIX-installed apps on session hosts in Azure Virtual Desktop without needing to interrupt users; this is a better user experience and means fewer gold images to create. MSIX app attach is in public preview.
Whether you’re managing physical PCs or PCs in the cloud, Windows Autopatch is proving very popular for automating updates to Windows PCs, Microsoft 365 apps, Teams and the Edge browser, and for deploying driver and firmware updates. “It took off in a way that I don’t even think we were expecting in our wildest dreams,” Grant told us. “When it’s simple, when everyone stays up to date, they are able to run a more secure environment.”
Grant noted, “We’re taking the next step by consolidating the Windows Update for Business deployment service into Autopatch.”
Having automated updates is great, until someone gets updated at the wrong time and can’t complete a crucial project. So, as part of the unification, Autopatch will be getting granular controls for firmware and driver updates (currently in private preview) and what Microsoft calls a “self-serve model” to give IT teams more control.
“This allows the IT admin to design the right patching list structure and timeframe for all of their employees and to do that in a way that they can time it to be non-disruptive,” Grant explained.
“We know that if an update or patch comes in, and you’re in the middle of something, you don’t want to stop. You might ignore it, you might postpone it — and postponing an update even for a couple of hours can put you at risk. The IT admin can look at the usage patterns of all employees and find the right time to apply this, and then nobody has to be disrupted in their work, but IT doesn’t have to go and manually apply different time schedules for every different employee,” Grant said.
Microsoft plans to have Autopatch support, updating non-Microsoft applications. That’s a common customer request, Grant said, and the applications supported will be based on what customers want to update.
All of these new options are intended to make life easier for overworked IT teams, Manchester added. “If I can automate a lot of the stuff that’s occupying the time of your IT department and give them back that time, they can focus that time on lowering COGS (cost of goods sold) and making the employees more productive, which is really what IT is intended to be — a way of reducing costs, increasing productivity and increasing profits and margins. Today, IT admins are completely overwhelmed with nation-state attacks, (criminal) gang attacks, ransomware and keeping the tools and processes that they have today just up and running. So this is about giving them back that time to focus on things that are more forward looking.”