Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Mastering Windows 365
Mastering Windows 365

Mastering Windows 365: Deploy and Manage Cloud PCs and Windows 365 Link devices, Copilot with Intune, and Intune Suite , Second Edition

Arrow left icon
Profile Icon Christiaan Brinkhoff Profile Icon Sandeep Patnaik Profile Icon Morten Pedholt
Arrow right icon
€17.99 €26.99
eBook Nov 2024 664 pages 2nd Edition
eBook
€17.99 €26.99
Paperback
€33.99
Subscription
Free Trial
Renews at €18.99p/m
Arrow left icon
Profile Icon Christiaan Brinkhoff Profile Icon Sandeep Patnaik Profile Icon Morten Pedholt
Arrow right icon
€17.99 €26.99
eBook Nov 2024 664 pages 2nd Edition
eBook
€17.99 €26.99
Paperback
€33.99
Subscription
Free Trial
Renews at €18.99p/m
eBook
€17.99 €26.99
Paperback
€33.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Mastering Windows 365

Architecture

In this chapter, we will go one level deeper into the technical details of Windows 365. We will go over the architecture specifics as well as the different cloud services Microsoft manages as part of Windows 365. If you are an engineer at heart, this is the chapter for you. You will learn everything about the architecture and background components being used. This will help you with configuring the cloud service, as well as potential optimizations and troubleshooting efforts.

Alongside this, we will also take a deep dive into connectivity, disaster recovery, and delegation. I’m sure you will appreciate the background provided in this chapter once you jump into the more hands-on part of the book!

In this chapter, we will be covering the following subjects:

  • Windows 365 architecture
  • The components that Microsoft manages and the components the customer manages
  • Identity—Entra ID
  • Networking dataflow
  • Co-management
  • ...

Windows 365 architecture

Before explaining the Windows 365 architecture, we want to jump back in time. Originally, Windows 365 was built under the internal project codename Project Deschutes (Self-Managed), and the architecture diagram was called Host-On-Behalf-Of (HOBO).

This type of architecture means that all the components of the virtual machine and Cloud PC services run in a Microsoft-managed subscription and are managed on behalf of the customer.

In the early days of Windows 365, some of the components couldn’t function individually when not part of a single Azure subscription, for example, Azure Virtual Desktop (AVD) service components. All these things are, of course, fixed and running inside Microsoft’s own managed environment.

As you can see in Figure 2.1, Windows 365 uses AVD as a control plane service. The services mentioned in the Windows 365 Service section are developed specifically for Windows 365 as part of the SaaS-based cloud offering...

The components that Microsoft manages and the components the customer manages

Microsoft has done a great job with Windows 365 by simplifying the creation of Cloud PCs for users. Both IT management and the end user experience are very simple to learn about and use. Getting started with deploying Cloud PCs is just a few clicks away and the scalability is very powerful in comparison with AVD. Even though the Windows 365 service is almost a plug-and-play solution, there are a few things you as an organization must manage yourself.

Depending on your domain and network configuration, you can either go full cloud with Entra ID join together with hosted networks or go for Hybrid Entra ID join. The following table helps you understand the level of responsibility per service component:

Figure 2.2: Responsibilities per Windows 365 and AVD service

In the next chapter, we will switch from responsibilities to service components, explaining each of them to ensure you understand...

Identity—Entra ID

Entra ID user identities are used everywhere—from logging in to Microsoft 365 to logging in to Windows OS, and it’s no different in Windows 365. A user needs an identity to get and connect to a Cloud PC. A user identity can be created in one of two places: Entra ID or Active Directory (AD). If a user is created in AD, the identity must be synchronized to Entra ID before the user can be assigned a Cloud PC and login. You will be able to synchronize users with Entra ID Cloud Sync or Microsoft Entra Cloud Sync. We will not go into these two synchronization options in depth, but in general, if you need to synchronize devices from AD to Entra ID, you can’t use Microsoft Entra Cloud Sync as it does not support it. When a user exists in both AD and Entra ID, it is what we define as a hybrid user identity.

When a user is created in Entra ID, we define it as a cloud-only user. A cloud-only user does not have any integration into the traditional...

User profiles

User profiles within Windows 365 are delivered as part of the cloud service, meaning OneDrive, Microsoft 365 settings sync, Enterprise State Roaming, and the high availability of your managed disks delivered with high redundancy, including multiple restore points, are included in all licenses.

Cloud PCs don’t use FSLogix profile containers, as they are designed for non-persistent environments, most likely based on multi-session OSs. In traditional Virtual Desktop Infrastructure (VDI) deployments, all kinds of complex solutions have been used to bring the physical and virtual worlds together. Within Windows 365, we don’t have this challenge as we work with personal profiles and leverage other technology to modernize a user profile while also making personal documents available across all devices.

Networking dataflow

Even though a Cloud PC is quite like a physical PC, the main difference is a Cloud PC is a virtual device that the user connects to over the internet. This brings a whole new layer of network connectivity compared to physical devices. It’s important to understand how a connection from the user’s physical device to the Cloud PC is established. There are also some requirements that must be in place to ensure the best connectivity for the end user. In this section, you will get to know the essentials of network dataflow in the Windows 365 service.

When a user connects to their Cloud PC, they don’t connect like users normally connect in a Remote Desktop Services (RDS) environment. The connection from the user’s physical device to the Cloud PC is established by utilizing what’s called reverse connect transport.

Reverse connect transport uses outbound connectivity from the physical device to the Windows 365 infrastructure that...

Co-management

Co-management is a feature of Microsoft Intune/Configuration Manager that allows IT admins to use both Intune and Configuration Manager concurrently for Windows 10 and Windows 11 management. It combines your existing on-premises Configuration Manager environment with the cloud using Intune and other Microsoft 365 cloud services such as Windows 365. You can choose whether Configuration Manager or Intune is the management authority for the seven different workload groups. These groups are:

  • Compliance policies
  • Windows Update policies
  • Resource access policies
  • Endpoint Protection
  • Device configuration
  • Office Click-to-Run apps
  • Client apps

As part of Endpoint Manager, co-management uses cloud features, including conditional access. You keep some tasks on-premises while running other tasks in the cloud with Intune. Throughout this book, we will focus on purely Intune management. If you want to learn more about Configuration...

Business continuity and disaster recovery

Business Continuity and Disaster Recovery (BCDR) are critical components of any organization’s risk management strategy. Disruptions can occur at any time, whether it’s due to natural disasters, cyber-attacks, or other unexpected events, and without proper planning and preparation, the consequences can be catastrophic. Business continuity is the process of maintaining essential business operations during a disruption, while disaster recovery is the process of restoring critical IT systems and infrastructure after an outage. Both are essential for ensuring that organizations can recover quickly and minimizing the impact of an unexpected event.

As you are aware, BCDR can be a daunting task, particularly when it comes to user desktops. Broadly speaking, the process of business continuity planning involves four key aspects: assessment, planning, capability validation, and communication. Experts from various fields, including...

RBAC roles and delegation

To administrate a Windows 365 environment, you will need administrative permissions. This is where RBAC roles come into play. With RBAC roles, you will be able to manage specific permissions and actions for each IT user that needs to support your Windows 365 solution.

RBAC roles and structure

This might not be the first time you’ve heard about RBAC roles; it’s also a widely used permission system in Microsoft Azure subscriptions and in Entra ID. When looking inside Entra ID RBAC roles, we will find a Windows 365 dedicated role. So, what is the difference between using RBAC roles from Entra ID and from Microsoft Intune?

With RBAC roles in Microsoft Intune, you’ll be able to choose a specific permission/action for every single aspect. An example of this is that you can turn off the resize feature for some specific administrative users but still give them permission to act on other features. By using RBAC roles in Entra ID, you...

Summary

We hope you’re getting warmed up now, as this architecture-focused chapter comes to an end. We explained what services are cloudified, in the Windows 365 architecture section, what services are Microsoft-managed, and what is still your responsibility as a customer. We also took a deep dive into the different connectivity layers and options to optimize your network connectivity from the endpoint to your Cloud PC.

In the next chapter, we will go into overdrive mode and start explaining how you can implement and manage Cloud PCs yourself. We’re pretty sure that it will be the chapter you enjoy the most!

Questions

At the end of each chapter, there are three questions you can use to evaluate your learning and challenge yourself. The questions for this chapter are as follows:

  1. What is the most important component Windows 365 manages on behalf of the customer that is unique to the service (there is no other solution to do so on the market)?
  2. What network port and protocol are used when using Windows 365?
  3. For which scenarios is RDP Shortpath important?

Further reading

If you want to learn more about the subjects covered in this chapter, you can do so by visiting the following websites:

Join our community on Discord

Join our community’s Discord space for discussions with the authors and other readers:

https://packt.link/SecNet

...
Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Gain hands-on expertise in deploying and managing Windows 365 cloud PCs
  • Explore advanced features like Microsoft Intune, Graph API, and Security Copilot
  • Learn directly from Microsoft experts who helped shape Windows 365 and Azure Virtual Desktop

Description

Windows 365 Cloud PC is a revolutionary Windows Cloud solution that offers users a seamless and secure Windows experience from virtually any device. The goal of this book is to help you understand, deploy, manage, secure, and optimize Windows 365 Cloud PCs, Intune Suite, Copilot+ AI PCs, and the new Windows App effectively. This comprehensive book takes you on an illuminating journey through the evolving landscape of Windows 365 cloud computing, delving into the core concepts, deployment intricacies, management strategies, and advanced capabilities of this cutting-edge technology. Prepare to embark on a tour into the realm of Windows cloud computing and witness the unfolding evolution of Windows as it becomes increasingly fueled by the synergy of Intune, Intune Suite, Windows Cloud, and AI technologies. Authored by visionaries from the Windows 365 product group and a distinguished Microsoft MVP, this book offers invaluable insights into the intricacies of Windows 365 – its functionalities, features, partner add-value solutions, and best practices. With a wealth of experience, these experts are poised to illuminate the path to the next generation of cloud computing, affording you a rare opportunity to grasp this cutting-edge technology from those embedded within the industry

Who is this book for?

This book is for IT administrators, architects, consultants, and CIOs looking to leverage and design Windows 365 cloud PCs effectively and train for the Modern Desktop MD-102 Administrator certification. This book is also for anyone seeking to move their virtualization or Windows endpoints to the cloud with ease. Basic understanding of modern management based on Microsoft Intune and Microsoft 365 is required.

What you will learn

  • Master the deployment and configuration of Windows 365 cloud PCs
  • Use Intune for streamlined cloud PC management and security
  • Automate workflows with Microsoft Graph for improved efficiency
  • Implement robust Microsoft security protocols with Copilot in Intune
  • Optimize performance, diagnose issues, and troubleshoot cloud environments
  • Stay ahead with insights into future innovations in cloud computing
  • Secure your Windows 365 Cloud PC connection efficiently

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 29, 2024
Length: 664 pages
Edition : 2nd
Language : English
ISBN-13 : 9781836206705
Vendor :
Microsoft

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Nov 29, 2024
Length: 664 pages
Edition : 2nd
Language : English
ISBN-13 : 9781836206705
Vendor :
Microsoft

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Table of Contents

14 Chapters
Introduction Chevron down icon Chevron up icon
Architecture Chevron down icon Chevron up icon
Deploying Cloud PCs Chevron down icon Chevron up icon
Managing Cloud PCs Chevron down icon Chevron up icon
Intune Suite: Optimize and Secure Your Cloud PC Deployment Chevron down icon Chevron up icon
Application Management and Delivery to Cloud PCs Chevron down icon Chevron up icon
Managing Cloud PCs with Security Copilot Chevron down icon Chevron up icon
Accessing Cloud PCs Chevron down icon Chevron up icon
Securing Cloud PCs Chevron down icon Chevron up icon
Windows 365 Link Chevron down icon Chevron up icon
Analyzing, Monitoring, and Troubleshooting Cloud PCs Chevron down icon Chevron up icon
Windows 365 Partner Solutions Chevron down icon Chevron up icon
Community Experts Hall of Fame Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.