Windows 8.1 in the Enterprise

It has been a busy few weeks finishing off a project then heading down for a team meeting with a couple of days to recover from the traveling in between. I feel as though this is mostly old news to most of you now however still worthy of a post!

First of all, I want to add that I have been using Windows 8 for a long time now. I have to admit I really like it, yes it would be better running on a touch device but it works very well on my laptop. Let’s start with the cosmetic features which will no doubt please a lot of people.

Cosmetics

  • Start button – Yes guys, the start button is back, however all is does is the same as pressing the Windows key now, which is take you to the modern UI start menu.
  • Boot to desktop – Configuration options added to enable you to boot to the desktop rather than the modern UI start menu.
  • Side by side – For example, when viewing photos you can load them up side by side with another application such as the photo editor.

Mobility

  • VPN – Support for a wider range of clients, also the ability to have an application trigger VPN connections.
  • Broadband tethering – Turn your Windows 8.1 mobile broadband-enabled PC or tablet into a personal Wi-Fi hotspot, allowing other devices to connect and access the internet.
  • Auto-triggered VPN – When you select an app or resource that needs access through the inbox VPN – like a company’s intranet site – Windows 8.1 will automatically prompt you to sign in with one click. This feature will be available with Microsoft and third-party inbox VPN clients.

BYOD Enhancements

  • Workplace Join – A Windows 8 PC was either domain joined or not. If it was a member of the domain, the user could access corporate resources (if permissioned) and IT could control the PC through group policy and other mechanisms. This feature allows a middle ground between all or nothing access, allowing a user to work on the device of their choice and still have access to corporate resources. With Workplace Join, IT administrators now have the ability to offer finer-grained control to corporate resources. If a user registers their device, IT can grant some access while still enforcing some governance parameters on the device to ensure the security of corporate assets.
  • Work Folders Work Folders allows a user to sync data to their device from their user folder located in the corporation’s data center. Files created locally will sync back to the file server in the corporate environment. This syncing is natively integrated into the file system. Note, this all happens outside the firewall client sync support. Previously, Windows 8 devices needed to be domain joined (or required domain credentials) for access to file shares. Syncing could be done with 3rd party folder replication apps. With Work Folders, Users can keep local copies of their work files on their devices, with automatic synchronization to your data center, and for access from other devices. IT can enforce Dynamic Access Control policies on the Work Folder Sync Share (including automated Rights Management) and require Workplace Join to be in place.
  • Open MDM- While many organizations have investments with System Center and will continue to leverage these investments we also know that many organizations want to manage certain classes of devices, like tablets and BYOD devices, as mobile devices. With Windows 8.1, you can use an OMA-DM API agent to allow management of Windows 8.1 devices with mobile device management products, like Mobile Iron or Air Watch .
  • NFC tap-to-pair printing – Tap your Windows 8.1 device against an NFC-enabled printer and you’re all set to print without hunting on your network for the correct printer. You also don’t need to buy new printers to take advantage of this; you can simply put an NFC tag on your existing printers to enable this functionality.
  • Wi-Fi Direct printing – Connect to Wi-Fi Direct printers without adding additional drivers or software on your Windows 8.1 device, forming a peer-to-peer network between your device and any Wi-Fi enabled printer.
  • Native Miracast wireless display – Present your work wirelessly with no connection cords or dongles needed; just pair with project to a Miracast-enabled projector through Bluetooth or NFC and Miracast will use Wi-Fi to let you project wire-free.
  • Mobile Device Management – When a user enrolls their device, they are joining the device to the Windows Intune management service. They get access to the Company Portal which provides a consistent experience for access to their applications, data and to manage their own devices. This allows a deeper management experience with existing tools like Windows Intune. IT administrators now have more comprehensive policy management for Windows RT devices, and can manage Windows 8.1 PCs as mobile devices without having to deploy a full management client.
  • Web Application Proxy – The Web Application Proxy is a new role service in the Windows Server Remote Access role. It provides the ability to publish access to corporate resources, and enforce multi-factor authentication as well as apply conditional access policies to verify both the user’s identity and the device they are using resources, and enforce multi-factor authentication as well as verify the device being used before access is granted.
  • RDS Enhancements – Enhanced VDI in Server 2012 R2 which delivers improvements in Management, Value, and User Experience. Session Shadowing allows Admins to view and remotely control active user sessions in an RDSH server. Disk dedupe and storage tiering allow for lower cost storage options. User experience for RemoteApps, network connectivity and multiple display support has been improved. Administrators can now easily support users with session desktops to provide helpdesk style support. Administrators now have even more flexible storage options to support a VDI environment without expensive SAN investments. End users will find RemoteApp behavior is more like local apps, and the experience in low-bandwidth is better, with faster reconnects and improved compression, and support for multiple monitors.

Summary

There you have it, some cosmetic changes to keep people happy (sure they will find something else) and also a lot coming for enterprise customers in the BYOD space as well. With this announcement came some changes for System Center 2012 R2. Stay tuned for a post on the changes coming to ConfigMgr 2012 R2 as well.

Advertisements

Tags: , , , , , ,

About Martyn

Martyn is one of the Senior Cloud Architects and DevOps Team Leader at one of the worlds leading Cloud Transformation Specialists Inframon. Martyn is responsible for the architecture of some of the largest Azure deployments in EMEA and is a advisor to a many businesses on their strategies. Martyn is a regular speaker at Microsoft events and community events on Azure and DevOps, giving his insight to a growing number of audiences.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: