What it is, how it works, and how to set it up
Windows 365 is your PC in the cloud. Securely stream your personalized Windows experience, including your desktop, apps, settings, and content, at any time to any device. For IT, see how easy it is, as a fully-managed service, to assign and configure Cloud PCs using familiar tools like Microsoft Endpoint Manager.
Given the need to work remotely and securely, there has been a huge demand for cloud based solutions in the past year. Windows 365 modernizes the way Windows experiences are delivered for anyone on any device. It’s a premium experience for both end users and IT. It’s easy to use, and just as easy for IT to manage using familiar tools and processes. Scott Manchester, Partner Director of PM for Windows 365, joins Jeremy Chapman to show how it works and how to set it up.
01:08 — User experience
05:39 — Admin experience: Deployment
09:01 — Monitor health and performance
11:16 — Security and compliance
13:11 — Wrap up
Get started at https://www.microsoft.com/Windows365
Find the latest info on the Trust Center at https://www.microsoft.com/trust
Unfamiliar with Microsoft Mechanics?
We are Microsoft’s official video series for IT. You can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.
- Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries?sub_confirmation=1
- Join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog
- Watch or listen via podcast here: https://microsoftmechanics.libsyn.com/website
Keep getting this insider knowledge, join us on social:
- Follow us on Twitter: https://twitter.com/MSFTMechanics
- Follow us on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/
- Follow us on Facebook: https://facebook.com/microsoftmechanics/
- Hello and welcome to Microsoft Mechanics. Coming up, I’m joined by Scott Manchester to take a first look at Windows 365, your PC in the cloud that lets you securely stream your personalized Windows experience, including your desktop, your apps, your settings and your content, at any time to all your devices. And for IT, we’re gonna show you how as a fully managed service, just how easy it is to assign and configure Cloud PCs using familiar tools like Microsoft Endpoint Manager. Alright, so Scott, we’ve had you on the show now quite a few times over the past few years but, now you’re back with a special announcement.
- Yeah Jeremy, it’s been a while. Well, I sure am excited to have Windows 365 finally announced today, and I can’t wait to show it in more detail.
- That’s right, and you know given the need to work remotely and securely over the past year, we’ve seen this huge demand for cloud-based solutions. So what’s the significance now that we’re doing here with Windows 365?
- So with Windows 365, we are modernizing the way that Windows experiences are delivered for anyone on practically any device. Now it’s a premium experience for both users and IT. It’s easy to use and just as easy for IT to manage. And this, as you mentioned, is a whole new category of computing we call Cloud PC. Now that said, the best way for me to explain this is really to show it to you. So for example here, I have my personal laptop and my iPad, which is a typical combination for many travelers. So I’ll use the browser first on my Windows laptop and go to windows365.microsoft.com. Now I can see my Cloud PC along with its specs. Now it actually has a higher spec than the laptop I’m connecting from. Now there are also a few other things you can do from this portal, but I’ll show you that in a sec. First, let me launch right into my desktop. So here you can see my personal desktop, it still has my apps, even the ones I was using from the last time I was here and my custom desktop background. Everything my IT department has installed for me is in the Start menu, like Office and Teams, so I’m immediately ready to work. Now, I’ll open another app, in this case Excel and here I’ll open this periodic table and let’s change nickel into gold. All right, we’ll come back to that later. Also, everything you connect to is super fast, whether you’re downloading, streaming or uploading content from your Cloud PC. Just to put this into context, the average wireless connection speed in the US is around 27 megabits per second. Which is more than enough for a full-fidelity experience to access and use Windows 365, but once I’m in my Cloud PC things get way faster. I’ve got a speed test running here and in my case you can see here I’ve got a crazy fast five millisecond ping time, and my download is almost peaking at 10 gigabits per second. And look at that upload speed, it’s almost coming up to four gigabits per second.
- And I’ve gotta say, those are pretty amazing speeds and it really shows you that the device that you’re connecting to your Cloud PC with doesn’t need to have a fast connection, and it also means that your Cloud PC’s connection is never gonna be the bottleneck when it comes to using online services, accessing things via the browser or uploading or downloading content.
- That’s right, basically if you can stream a movie, you have enough bandwidth for a great experience. Now I’ll close this browser window here on my laptop and I’ll pick up exactly where I left off on my iPad. Now I’m on my iPad, I’m in the Safari browser. And I could launch here from the browser but also we have native apps for IOS, Android, Mac and Windows, with Linux on the way. So I’ll switch over to the native IOS app connected to my Cloud PC and you’ll see it opens exactly how I left it in Windows. Now here you can see my speed test results are still there, and in Excel, nickel is still gold. Now in my case, I went straight from my Windows PC to my iPad but I could have logged out on Friday in the US on my laptop, and resumed on Monday in France from my iPad, and the experience would have been exactly the same.
- Right, and to be clear, just like you have your own physical PC, this is your own persistent Windows PC in the cloud, so it’ll be the same one today or a year from now, as long as it’s still active.
- Absolutely, and this really opens up new possibilities to securely connect to a persistent and always ready Windows environment with your personalized desktops, apps, files and even your settings, all delivered from the Microsoft cloud.
- Okay, so if this is running in the cloud, can you still get to things that are in your local office’s network, like shared files or folders, internet apps, you know, where you might have to otherwise drive into the office or connect via VPN?
- Yeah, you can. We designed Windows 365 from the ground up to fit the hybrid work experience we’ve all been living. Now ordinarily, connecting directly to your work network with a personal device can introduce risk. And because your Cloud PCs can always be connected to your work network, you don’t need to worry about local or VPN access from a personally owned device. With Windows 365, your Cloud PC experience is effectively the same as if you were in the office. So this is great for anyone, whether you’re a front line worker in a high security environment or an everyday or advanced user working from home or the corporate office, your favorite spot like a cafe or even on the go. It doesn’t matter where you’re working from, you still have a secure and premium experience.
- Okay, so we’ve seen now what your personalized Cloud PC looks like but let’s say it’s my first day on the job and you’ve given me a Cloud PC then what does that experience look like?
- So let me switch back over to that end-user portal and show you the guided experience. Now when a user launches the portal for the first time, they get a welcome and brief tour of the portal, what to expect and how to manage their Cloud PC. So let’s take a look once I’m logged in. So here again, you can see your Cloud PC specs and again I can open directly from the browser, but I can also manage a few settings here. I can restart, rename and also troubleshoot any issues I might encounter. Coming soon, admins will optionally be able to set additional optional settings like reset and resize, so you can do those actions right from here as well.
- Okay, and speaking of our IT admins, who are probably watching right now, what else have you done to make their lives easier?
- Well, for IT this has huge benefits from the management perspective, because you don’t need to worry about the infrastructure to set up and manage this type of experience. You don’t have to learn new management tools and paradigms. We’ve built Windows 365 to be consistent with how you manage your physical devices now, using Microsoft Endpoint Manager or MEM. In fact, I’m in the All Devices list in MEM now, and you can see your physical and Cloud PCs appear side-by-side. Now in my case, I just happen to have a lot of Cloud PCs running. And I can manage apps and policies from here like any other windows device.
- Okay, so it’s a familiar and consistent management experience, just like managing all your other windows PCs but can you walk us through the steps it would take to deploy a Cloud PC?
- Sure. There are really just two requirements for a user to be assigned a Cloud PC. First, they need a license and second, they need to be part of an AAD Group that’s assigned to a provisioning policy. Let me walk you through that. So you start here in the Microsoft 365 Admin Center, and assign licenses just like you would from any other Microsoft 365 service. And this step could be done by your licensing admin. Now I’ll click into Active Users and assign one to our new intern, Adele Vance. Now I’ll go ahead and give her a Cloud PC, in this case let’s do four cores and 16 gigs of RAM. And while I’m here, I’ll also set her up with Microsoft 365. Now I have a group for our interns already assigned to provisioning policy, so for her account, I can just add Adele to this group. So you can see she’s already in two default groups but now I’ll assign a new membership and search for West US, and there’s our intern group. And once I add her, that will kick off the Cloud PC provisioning and will be ready to use shortly. One of the great things about Windows 365 is that it is offered at a fixed price per user per month, like any other Microsoft 365 subscription. So you don’t need to agonize over things like tracking, utilization or keeping idle resources running when people aren’t using them.
- Got it. So it’s more or less the same user licensing experience that you’d be used to for Microsoft 365 but what did you have to do to get that group assignment then to kick off the provisioning process?
- So let me show you how we set this up. First in MEM, you can see I have 26 machines provisioned and three network connections in three different regions. Now in our case, we have set up Adele to access her Cloud PC using the West US standard network connection. In our provisioning policies, I’ll click into the one I assigned to this group, and you can see under image, we are using our Curated Windows 10 20H2 build from the gallery. But also we could have uploaded and selected our own custom image. Adele is assigned to the West US interns provisioning policy that contains all of these settings, including the network connection. Now you see the policy name in this case, as a best practice, matches our group name. And in assignments, you’ll see the AAD Group of West US Interns we added Adele to earlier.
- Can you have more than one group then assigned to a provisioning policy?
- Yeah, you can add multiple AAD groups to a provisioning policy. Now if I go back to the Windows 365 tab, we should see all our existing provisioned Cloud PCs and a new Cloud PC being provisioned for Adele. And she should have access to this Cloud PC in about 20 minutes.
- So can I localize then the connection to just the regions or specific networks where that group should probably have access then for the best experience?
- That’s right, you can create network connections in Azure regions that are closest to where your users are physically located for the best performance. Which is great too for multinational works.
- So once everything is up and running, what do we have then to monitor health and performance?
- I know that’s something that’s top-of-mind for a lot of people and this was a huge area of focus for us. So first let’s look at the network connections. We’ve built analytics into the service to look at health across your VNETs and domain connections as you can see here. To make sure Cloud PC’s users can reach everything they need to on your network to be productive. And once you’ve configured a network connection, our watchdog service continually runs diagnostics to ensure connections are up and running at all times. Now if a diagnostic check fails, we’ll alert you and even give you suggestions for how to correct the issue. Now we’ve also built rich out-of-the-box reporting and analytics for Cloud PCs. This enables admins to take actions to improve end-user performance and can reduce calls to your help desk. So here’s how this works. So I’ll go into the new remoting connection report, and this lists out key performance metrics for connecting to your Cloud PCs and the impact on the user’s experience. For example with Cloud PC sign-in time, we see the total time to connect to the Cloud PC. And round trip time KPI shows you the speed and reliability of network connections from the user locations. So next, if I click into the resource performance report, I can see whether my CPU and memory configurations are optimal across my Cloud PC users. And I can drill into device performance for even more details. Well, here I’ll select this Cloud PC, and I can see it shows a poor performance score of only 18. Now the ideal score should be somewhere around 50 or higher. So I can resolve this by adding more memory or CPU to this Cloud PC for the user.
- So are you able then to change the Cloud PC specs to match the demand on that device?
- Yes, you can. And you know, not all users will have the same needs and the user might even start out being fine with the basic level Cloud PC but then outgrow it. And this ability to upgrade is new with Cloud PC, to help you know when you might want to upgrade, we give you the right visibility and information before a user calls you for support. To resize this Cloud PC, I just need to click on the recommendation and select the right size for this Cloud PC and I’ll select resize. And I can change it to have more virtual cores, memory or storage. For example, I could choose an option here with let’s say eight cores and then resize. And once the change is made, the next time the user logs in, it will get this new spec.
- Nice, but I really wanna switch gears to security and compliance though. How do we make sure that our Cloud PCs meet our requirements?
- Well, like the rest of our Microsoft cloud services, we’ve made Windows 365 surface itself compliant in the region and industries we operate in. And you can find the latest info on the trust center at microsoft.com/trust. From a security perspective, of course the primary benefit is that, your Cloud PC is abstracted from the device you’re using to access it. So as an admin you have full control over the data in the Cloud PC and can prevent people from copying data to their local PC. Now beyond that, Windows 365 follows the Zero Trust security model. For example, you can use multi-factor authentication to explicitly verify any login or access attempt to a Cloud PC. And you can pair this with conditional access policies to assess login risk instantly for each session. Now we’ve also designed the user and admin experiences around the principles of least privileged access. So for example, you can delegate specific functions like licensing, device management, and Cloud PC management using specific roles, so you don’t need to be a global admin. You can use the baselines from Microsoft Defender and Edge just like you would for your physical devices. And we’ve built a Windows 365-specific security baseline to help you get started quickly. And of course, Microsoft Defender for Endpoint also works seamlessly with your Cloud PC. Also, as you would expect, encryption is applied across the board for all data at rest and in transit.
- So this makes it a lot easier than to securely deliver Windows experiences to just about any device, and really anyone with a device management background can add Cloud PCs to their device landscape.
- Right, we took a ton of input from our early adopters, combined with our experiences from delivering other desktop services to make Windows 365 manageable for both small and large organizations. And you can use your familiar tools with rich controls. Now everything I’ve shown you today is part of our vision to transform the PC experience so that you can work remotely or in hybrid office environments securely and from any device.
- So the overall experience then is pretty game changing for both end-users and IT, so congrats to you and the team but how can the folks watching try out Windows 365 for themselves?
- Well, we’ll be launching Windows 365 in early August, so depending on when you’re watching this, it’s either super close or generally available already. Just go to microsoft.com/windows365 to get started.
- Awesome stuff. Thanks so much for joining us today Scott, and always great to have you on. So, to stay up to date with the latest news and see the tech in action, be sure to subscribe to Microsoft Mechanics and as always thanks so much for watching.