How-To

What is Windows 365 and Is It Right for Your Business?

Tom Fenton takes a look at Microsoft's Desktop-as-a-Service (DaaS), which provides desktops that run in the cloud and which are managed and administrated by the cloud provider.

• By Tom Fenton
• 02/15/2023

Make no doubt about it -- Microsoft wants you to run Windows as your desktop OS in all circumstances, whether you are at your home, office or school, and whether your desktop is running locally or in the cloud. And if it is running in the cloud, Microsoft wants you to run it on their public cloud, Azure. To make this possible, Microsoft has two offerings -- Windows 365 (W365) and Azure Virtual Desktop (AVD) -- both of which are geared toward two different consumers. In this article, I will look at W365.

What is DaaS?
Both Microsoft offerings (AVD and W365) are classified as Desktop-as-a-Service (DaaS), a term which refers to desktops that run in the cloud and which are managed and administrated by the cloud provider. By using DaaS, companies effectively change their desktop cost model from a capital expense (CapEx), where the initial cash outlay is a one-time expense, to an operational expense (OpEx), where they are billed on a reoccurring basis. The difference between CapEx vs. OpEx can be thought of in similar ways to buying vs. leasing a car. In many cases, OpEx is often the preferred cost model as it gives companies more flexibility when they need to add new or remove desktops to meet their users' desktop requirements.

Access to the remote (DaaS) desktop is achieved via a client, which can be a dedicated thin client, or by running an application on a user's existing computer. The latter may seem counterintuitive, but it can be done to prevent the co-mingling of personal and business data.

DaaS offerings can also provide additional services such as security and seamless upgrades to the hardware of their desktops. The features provided depends on the DaaS supplier.

Before going in-depth into W365, let's first look at how Microsoft's two DaaS offerings (AVD and W365) differ.

Azure Virtual Desktop (AVD)
Azure AVD offers full desktop and streaming applications to users. It supplies full desktops using two distinct mechanisms: single user or multi-session. Multi-session allows multiple desktops to use a single running instance of the operating system on a single virtual machine (VM) instance. By using multi-session, you can save money as you have a single VM supplying desktops to many different users. Although there does not seem to be a hard limit on the number of users per multi-user desktop, Microsoft has a recommendation of six task-workers for a VM with 8 vCPUs, 16 GB RAM and 32 GB of storage.

AVD provides more access to the management plane and allows VMware Horizon and Citrix connection servers to be used with it. AVD is priced on the resources that are used, whereas W365 has a fixed price. AVD was previously known as Windows Virtual Desktop (WVD), but was rebranded as AVD in June 2021.

AVD gives users the maximum flexibility in deployment and management, whereas W365 sacrifices this for a predictable pricing model and simplicity.

W365
Released in August of 2021, W365 is a newer offering than AVD. It is offered in different versions: Government, Enterprise and Business. I will not be looking at the Government version. Both Enterprise and Business versions offer Basic, Standard or Premium VMs that have 2 vCPU/4GB, 2 vCPU/8GB and 4 vCPU/16GB respectively. Each instance comes with 128GB of SSD storage. These three instance sizes should suit most uses cases, but MS does offer a customizable instance that can have up to 8 vCPU/8 GB, and 64, 128 or 256 GB of SSD storage.

Basic is for task workers who only use one or two low-powered applications. Standard is for users who run multiple applications simultaneously. Premium is for knowledge workers who run applications that require more power and do heavier data processing. Office 365 and Microsoft 365 do not come with W365 and must be purchased separately.

Windows 365 Business is designed to support up to 300 users. It supports chat and audio calls using MS Teams.

Windows 365 Enterprise supports all the features of Business, but also has integration with MS Endpoint Manager for better management and security. It can be integrated with other Microsoft services, including Azure Active Directory (Azure AD) and Microsoft Defender for Endpoint.

Microsoft has designed and stated that W365 Enterprise is for businesses with an unlimited number of users.

You pay a flat fee for either W365 service regardless of the resource usage of the desktops, with some limitations on the outbound network usage of Business desktops.

Let's look at more W365 details.

Windows 365 Operating System -- W365 can either be Win10 or Win11 that has been optimized to run in the cloud and delivered to a remote client. When you set up W365, you choose to deploy either Win10 or 11. W365 cannot be deployed or installed on a local PC; it can only run in Azure.

Licensing the Operating System -- Business comes with the OS license. On their web site Microsoft states "Windows 365 Enterprise users must be licensed for Windows 11 Enterprise or Windows 10 Enterprise, Microsoft Intune, and Azure Active Directory P1. In addition to being available independently, these licenses are included in Microsoft 365 F3, Microsoft 365 E3, Microsoft 365 E5, Microsoft 365 A3, Microsoft 365 A5, Microsoft 365 Business Premium, and Microsoft 365 Education Student Use Benefit subscriptions."

Installing the OS -- The image you use for the desktop can come from the marketplace, or you can custom-build an image. Microsoft has a gallery of Windows Enterprise images that are based on the latest patched OS releases. Some Win365 images with pre-installed Microsoft 365 apps.

Updating the OS -- The OS is updated like a local PC. If you have Enterprise, you can use Microsoft Endpoint Manager (MEM).

User Access -- The instance is accessed via a physical thin client or HTML browser running Windows, macOS, Android, Linux or other OSes that support an HTML browser.

Identity and Authentication -- W365 does not support external identities (that is, users who are managed outside of your Azure AD tenant), but it does support hybrid identities which are created on an on-premises Windows Server Active Directory, then synchronized to Azure AD. W365 supports cloud-only identities, which are users or devices that are created and only exist in Azure AD. Azure AD is entirely different from regular AD and should not be confused with it.

User Data/Profiles -- User data is stored on the desktop VM's virtual disk or by using OneDrive or other file storage/sharing service. The size of the disk is static and cannot be scaled up. FSLogix is not used, and all user profiles are stored locally on the desktop, which makes sense as each VM is assigned and dedicated to an individual user.

Networking -- Accessing the internet from W365 is the same as doing so from a standalone system. With a Business desktop, MS manages the network. With Enterprise desktops, the customer will need to set up and manage the underlying network to the desktops.

Backup -- MS does not have any native way to back up the desktops to a third party; instead, an agent-based backup method should be used.

Monitoring -- Being that access to the hypervisor on which the desktop is running is not supported, you use the same tools that you would for physical PCs. You cannot gain any insight into the underlying hypervisor on which the desktops are running.

Printers/Scanners -- Printing and scanning to local devices is supported via redirection on the Remote Desktop client app.

Who Manages What? -- Microsoft manages all the infrastructure (compute, storage, and networking) while the user or user's company manages the desktop and applications.

Conclusion
W365 is starting to see traction in the marketplace; however, the two different editions (Business and Enterprise) have some marked differences. With Business, you only need to give Microsoft a credit card to get users a W365 desktop. The Enterprise version, on the other hand, requires setting up the networking before deploying desktops, but you have the ability to manage these desktops using Endpoint Manager.

Microsoft made a conscious decision to divide the DaaS marketplace into two different and distinct markets and address each one with a unique offering. In my next article, I will do a hands-on review of W365 Business edition.