- Hello and welcome to
Microsoft Mechanics. Coming up, I'm joined by Scott Manchester to take a first look at Windows 365, your PC in the cloud that
lets you securely stream your personalized Windows experience, including your desktop, your apps, your settings and your content, at any time to all your devices. And for IT, we're going to show you how as a fully managed service, just how easy it is to assign
and configure Cloud PCs using familiar tools like
Microsoft Endpoint Manager. Alright, so Scott, we've
had you on the show now quite a few times over the past few years but, now you're back with
a special announcement. - Yeah Jeremy, it's been a while. Well, I sure am excited
to have Windows 365 finally announced today, and I can't wait to
show it in more detail. - That's right, and you
know given the need to work remotely and securely over the past year, we've seen this huge demand
for cloud-based solutions. So what's the significance
now that we're doing here with Windows 365? - So with Windows 365, we are modernizing the way
that Windows experiences are delivered for anyone
on practically any device. Now it's a premium experience
for both users and IT. It's easy to use and just
as easy for IT to manage. And this, as you mentioned, is a whole new category of
computing we call Cloud PC. Now that said, the best
way for me to explain this is really to show it to you. So for example here, I have my
personal laptop and my iPad, which is a typical combination
for many travelers. So I'll use the browser
first on my Windows laptop and go to windows365.microsoft.com. Now I can see my Cloud
PC along with its specs. Now it actually has a
higher spec than the laptop I'm connecting from. Now there are also a few
other things you can do from this portal, but I'll show you that in a sec. First, let me launch
right into my desktop. So here you can see my personal desktop. It still has my apps, even the ones I was using
from the last time I was here, and my custom desktop background. Everything my IT department
has installed for me is in the Start menu, like Office and Teams, so I'm immediately ready to work. Now, I'll open another
app, in this case Excel and here I'll open this periodic table and let's change nickel into gold. All right, we'll come back to that later. Also, everything you
connect to is super fast, whether you're downloading,
streaming or uploading content from your Cloud PC. Just to put this into context, the average wireless
connection speed in the US is around 27 megabits per second. Which is more than enough for
a full-fidelity experience to access and use Windows 365, but once I'm in my Cloud
PC things get way faster. I've got a speed test running here and in my case you can see here I've got a crazy fast five
millisecond ping time, and my download is almost peaking
at 10 gigabits per second. And look at that upload speed, it's almost coming up to
four gigabits per second. - And I've gotta say, those
are pretty amazing speeds and it really shows you that the device that you're connecting
to your Cloud PC with doesn't need to have a fast connection, and it also means that
your Cloud PC's connection is never going to be the bottleneck when it comes to using online services, accessing things via the browser or uploading or downloading content. - That's right, basically
if you can stream a movie, you have enough bandwidth
for a great experience. Now I'll close this browser
window here on my laptop and I'll pick up exactly
where I left off on my iPad. Now I'm on my iPad, I'm
in the Safari browser. And I could launch here from the browser but also we have native
apps for IOS, Android, Mac and Windows, with Linux on the way. So I'll switch over to the native IOS app connected to my Cloud PC and you'll see it opens exactly
how I left it in Windows. Now here you can see my speed
test results are still there, and in Excel, nickel is still gold. Now in my case, I went
straight from my Windows PC to my iPad. But I could have logged
out on Friday in the US on my laptop, and resumed on
Monday in France from my iPad, and the experience would
have been exactly the same. - Right, and to be clear, just like you have your own physical PC, this is your own persistent
Windows PC in the cloud, so it'll be the same one today or a year from now, as
long as it's still active. - Absolutely, and this really
opens up new possibilities to securely connect to a persistent and always-ready Windows environment with your personalized
desktops, apps, files and even your settings, all delivered from the Microsoft cloud. - Okay, so if this is
running in the cloud, can you still get to
things that are in your local office's network, like shared files or
folders, internet apps, you know, where you might
have to otherwise drive into the office or connect via VPN? - Yeah, you can. We designed Windows 365 from the ground up to fit the hybrid work
experience we've all been living. Now ordinarily, connecting
directly to your work network with a personal device can introduce risk. And because your Cloud PCs
can always be connected to your work network, you don't need to worry
about local or VPN access from a personally owned device. With Windows 365, your Cloud PC experience
is effectively the same as if you were in the office. So this is great for anyone, whether you're a front line worker in a high security environment or an everyday or advanced
user working from home or the corporate office, your favorite spot like
a cafe or even on the go. It doesn't matter where
you're working from, you still have a secure
and premium experience. - Okay, so we've seen now what
your personalized Cloud PC looks like, but let's say
it's my first day on the job and you've given me a Cloud PC, then what does that experience look like? - So let me switch back
over to that end-user portal and show you the guided experience. Now when a user launches the
portal for the first time, they get a welcome and
brief tour of the portal: what to expect and how
to manage their Cloud PC. So let's take a look once I'm logged in. So here again, you can
see your Cloud PC specs and again I can open
directly from the browser, but I can also manage a few settings here. I can restart, rename and
also troubleshoot any issues I might encounter. Coming soon, admins will
optionally be able to set additional optional settings
like reset and resize, so you can do those actions
right from here as well. - Okay, and speaking of our IT admins, who are probably watching right now, what else have you done to
make their lives easier? - Well, for IT this has huge benefits from the management perspective, because you don't need to
worry about the infrastructure to set up and manage
this type of experience. You don't have to learn new
management tools and paradigms. We've built Windows 365 to be consistent with how you manage your
physical devices now, using Microsoft Endpoint Manager or MEM. In fact, I'm in the All
Devices list in MEM now, and you can see your
physical and Cloud PCs appear side-by-side. Now in my case, I just
happen to have a lot of Cloud PCs running. And I can manage apps
and policies from here like any other Windows device. - Okay, so it's a familiar and consistent management experience, just like managing all
your other Windows PCs. But can you walk us through
the steps it would take to deploy a Cloud PC? - Sure. There are really
just two requirements for a user to be assigned a Cloud PC. First, they need a license and second, they need to
be part of an AAD Group that's assigned to a provisioning policy. Let me walk you through that. So you start here in the
Microsoft 365 Admin Center, and assign licenses just like you would from any other Microsoft 365 service. And this step could be done
by your licensing admin. Now I'll click into Active Users and assign one to our
new intern, Adele Vance. Now I'll go ahead and give her a Cloud PC, in this case let's do four
cores and 16 gigs of RAM. And while I'm here, I'll also
set her up with Microsoft 365. Now I have a group for our
interns already assigned to provisioning policy, so for her account, I can
just add Adele to this group. So you can see she's already
in two default groups but now I'll assign a new membership and search for West US, and
there's our intern group. And once I add her, that will kick off the
Cloud PC provisioning and will be ready to use shortly. One of the great things about Windows 365 is that it is offered at a
fixed price per user per month, like any other Microsoft 365 subscription. So you don't need to agonize
over things like tracking, utilization or keeping
idle resources running when people aren't using them. - Got it. So it's more or
less the same user licensing experience that you'd be
used to for Microsoft 365 but what did you have to do
to get that group assignment then to kick off the provisioning process? - So let me show you how we set this up. First in MEM, you can see I
have 26 machines provisioned and three network connections
in three different regions. Now in our case, we have set
up Adele to access her Cloud PC using the West US standard
network connection. In our provisioning policies, I'll click into the one
I assigned to this group, and you can see under image, we are using our Curated
Windows 10 20H2 build from the gallery. But also we could have uploaded and selected our own custom image. Adele is assigned to the West
US interns provisioning policy that contains all of these settings, including the network connection. Now you see the policy name in this case, as a best practice,
matches our group name. And in assignments, you'll see the AAD
Group of West US Interns we added Adele to earlier. - Can you have more than
one group then assigned to a provisioning policy? - Yeah, you can add multiple AAD groups to a provisioning policy. Now if I go back to the Windows 365 tab, we should see all our
existing provisioned Cloud PCs and a new Cloud PC being
provisioned for Adele. And she should have
access to this Cloud PC in about 20 minutes. - So can I localize then the
connection to just the regions or specific networks where that group should probably have access
then for the best experience? - That's right, you can
create network connections in Azure regions that are closest to where your users are physically located for the best performance. Which is great too for
multinational works. - So once everything is up and running, what do we have then to
monitor health and performance? - I know that's something
that's top-of-mind for a lot of people, and this was a huge area of focus for us. So first let's look at
the network connections. We've built analytics into the service to look at health across your VNETs and domain connections,
as you can see here, to make sure your Cloud PC's
users can reach everything they need to on your
network to be productive. And once you've configured
a network connection, our watchdog service
continually runs diagnostics to ensure connections are
up and running at all times. Now if a diagnostic check
fails, we'll alert you and even give you suggestions
for how to correct the issue. Now we've also built rich,
out-of-the-box reporting and analytics for Cloud PCs. This enables admins to take actions to improve end-user performance and can reduce calls to your help desk. So here's how this works. So I'll go into the new
remoting connection report, and this lists out key performance metrics for connecting to your Cloud PCs and the impact on the user's experience. For example, with Cloud PC sign-in time, we see the total time to
connect to the Cloud PC. And round trip time KPI shows
you the speed and reliability of network connections
from the user locations. So next, if I click into the
resource performance report, I can see whether my CPU
and memory configurations are optimal across my Cloud PC users. And I can drill into device performance for even more details. Well, here I'll select this Cloud PC, and I can see it shows a poor
performance score of only 18. Now the ideal score should be
somewhere around 50 or higher. So I can resolve this by
adding more memory or CPU to this Cloud PC for the user. - So are you able then to
change the Cloud PC specs to match the demand on that device? - Yes, you can. And you know, not all users
will have the same needs and the user might even
start out being fine with the basic level Cloud
PC but then outgrow it. And this ability to upgrade
is new with Cloud PC. To help you know when you
might want to upgrade, we give you the right
visibility and information before a user calls you for support. To resize this Cloud PC, I just need to click on the recommendation and select the right
size for this Cloud PC, and I'll select resize. And I can change it to
have more virtual cores, memory or storage. For example, I could
choose an option here with let's say eight cores and then resize. And once the change is made, the next time the user logs in, it will get this new spec. - Nice, but I really want
to switch gears to security and compliance though. How do we make sure that our Cloud PCs meet our requirements? - Well, like the rest of our
Microsoft cloud services, we've made Windows 365
surface itself compliant in the region and
industries we operate in. And you can find the latest
info on the trust center at microsoft.com/trust. From a security perspective, of course a primary benefit is that, your Cloud PC is
abstracted from the device you're using to access it. So as an admin you have
full control over the data in the Cloud PC and can prevent people from
copying data to their local PC. Now beyond that, Windows 365 follows the
Zero Trust security model. For example, you can use
multi-factor authentication to explicitly verify any login or access attempt to a Cloud PC. And you can pair this with
conditional access policies to assess login risk
instantly for each session. Now we've also designed the
user and admin experiences around the principles of
least privileged access. So for example, you can
delegate specific functions like licensing, device management,
and Cloud PC management using specific roles, so you don't need to be a global admin. You can use the baselines from
Microsoft Defender and Edge just like you would for
your physical devices. And we've built a Windows
365-specific security baseline to help you get started quickly. And of course, Microsoft
Defender for Endpoint also works seamlessly with your Cloud PC. Also, as you would expect, encryption is applied across the board for all data at rest and in transit. - So this makes it a lot easier then to securely deliver Windows experiences to just about any device, and really anyone with a
device management background can add Cloud PCs to
their device landscape. - Right, we took a ton of
input from our early adopters, combined with our experiences from delivering other desktop services to make Windows 365 manageable for both small and large organizations. And you can use your familiar
tools with rich controls. Now everything I've shown you
today is part of our vision to transform the PC experience
so that you can work remotely or in hybrid office environments, securely and from any device. - So the overall experience
then is pretty game changing for both end-users and IT, so congrats to you and the team, but how can the folks
watching try out Windows 365 for themselves? - Well, we'll be launching
Windows 365 in early August, so depending on when you're watching this, it's either super close or
generally available already. Just go to microsoft.com/Windows365
to get started. - Awesome stuff. Thanks so much
for joining us today Scott, and always great to have you on. So, to stay up to date
with the latest news and see the tech in action, be sure to subscribe
to Microsoft Mechanics, and as always thanks so much for watching. (upbeat music)