Microsoft Managed Desktops: The road to success?

 
Working with and along Microsoft for the past 20+ years I have seen a lot of growth and change within that organization. In fact, I almost joined Microsoft but then decided that my views on enterprise deployments were quite as widely shared internally at Microsoft as I had hoped.
 
Early on in my career I had decided that I was going to get “a lot” of experience in different organizations. I deliberately chose working across many companies rather than working my way through one organization. The reason was simple, I wanted to see how IT was done – differently, and across different environments. One natural consequence of delivering over 40 application packaging projects in a few short years, was that deployment patterns quickly emerged.
 
One of the patterns emerging from Microsoft today is what appears to be a strategic shift in thinking about their service offerings. Microsoft has worked hard over the past two decades to help with deployments and ongoing system management. Microsoft SMS Server (which was nicknamed “Server Multiplication System”) was a great start but was a complex solution for a complex problem of managing desktops, servers and applications. SCCM was just a really complex solution. Around the same time as these products were developed and offered by Microsoft, one of the Microsoft key strategic imperatives was to move all enterprises to Active Directory.
 
Remember Novell Bindery Services? I do and fondly so, but I am now also a big fan of Azure Active Directory. Which brings me to my next key metric for success within Microsoft, Azure. Specifically, Azure consumption. In the past few years, two keys areas that Microsoft focused on was Office 365 and Azure consumption. I think that things have moved on a little.
 
There has been a slew of recent updates and product releases from Microsoft which support the same strategic initiative: increase and support deployments. Rather than simple consumption of Azure VM’s or server time, the focus is on getting customers (preferably large enterprise customers) to move to Azure. Azure as a systems platform, not just a resource.
 
The programs that I include in this “get them onboard the Microsoft Azure bus” strategy are:
 
  • Microsoft End-point Manager and Intune
  • Microsoft Auto-patch
  • Microsoft Test Base
  • Microsoft Managed Desktop
 

Microsoft Endpoint Manager

Microsoft Endpoint Manager is the simple Azure based answer to managing large numbers of complex servers that manage large numbers of complex desktops and other servers. The selling point is obvious here.
 
Using Microsoft’s internal infrastructure, support and engineering teams to help monitor and improve Microsoft management processes is a natural extension of decades of development. And this progress is very well detailed in the following diagram for Microsoft Endpoint Manager for the Enterprise.
 

 
We see a very clear progression from on-premise, fully local systems, to a hybrid environment of mixing local system management with simplified deployment products (aka Intune) to a complete migration of IT systems to the cloud. To the Microsoft cloud.
 

Microsoft Autopatch

The next piece of the puzzle is what I call a “baby product” in Microsoft – Microsoft Auto-Patch. These smaller projects are generally a collection of utilities or services in earlier times would be call a toolkit. Some examples include the Microsoft Deployment Toolkit (the progenitor to the thoroughly wonderful PowerShell Deployment Tool kit – Thank you Sean ) and the Application Compatibility Toolkit
 
Microsoft Auto-patch is like these other, earlier toolkit projects from Microsoft, but this time instead of a toolkit, we have a Microsoft Service. The service is simple and is described by Microsoft as,
 
” Windows Autopatch is a cloud service that automates Windows, Microsoft 365 Apps for enterprise, Microsoft Edge, and Microsoft Teams updates to improve security and productivity across your organization.”
 
Microsoft Autopatch is a simple set of features and functionality (with strict entry requirements, limited reporting and basic functionality) that performs a necessary IT function. The one challenge facing all IT administrators today – making absolutely, bloody certain that each and every system is updated. All of the time. It’s early days for Autopatch, and we will see many new features released that help IT administrators keep their systems updated.
 

Microsoft Test Base

Following from several successful, smaller Microsoft efforts there was one product that has not thrived – Microsoft Test Base. This is a relatively simple Azure based service (formerly called Update Staging Lab). This was one of the early Microsoft attempts to move their offerings from a local lab environment, to the Azure platform.
 
Microsoft has helpfully offered the following diagram on how the Test Base service works

 
My feeling is that the service is straight forward, but a little bare bones. It would have been nice to have some meta-data from the testing process and even a management console to manage multiple tests, result history and some comparison reports. I am sure that these feature will appear shortly, but just not in this service offering.
 

Microsoft Managed Desktop

Getting back on track, or more appropriately “Back on the bus”, the next logical step is for Microsoft to offer a managed desktop experience. Microsoft describes the Microsoft Managed Desktop as:
 
“a (Azure) service that optimizes and automates the Windows Enterprise experience for IT pros and end users alike through orchestration of hardware and software along with security monitoring, service, insights, and consultation by Microsoft engineers. “
 
Microsoft provided an amazingly descriptive slide as part of last years partner program, that details the main functions of IT, what is covered by Microsoft and what could be provided by “trusted” partners.
 

 
If you are MMD curious, then you can find out more from this Microsoft blog posting, and given that MMD is a subscription service Microsoft has published some pricing. There is also some great instructional videos and how to animated videos found here:
 
  • This introductory video helps visualize a modern workplace where devices are secure, modern, and managed by Microsoft.
  • This animation can get anyone excited about what a fantastic device experience should look like.
  • This ‘Day In The Life’ animation offers a glimpse of how Microsoft Managed Desktop empowers IT pros to add value to core business objectives
  • This on-demand video from Microsoft ignite details the journey to MMD
 
The journey to a full-stack, managed desktop (and server environment) does not stop with MMD, as Microsoft is now delivering a cloud-pc with Windows 365, and individually managed Azure based virtual desktops with Azure Virtual Desktops (AVD) .
 
I feel that the challenges Microsoft will face in delivering on this full-stack, Microsoft managed environment will be on-boarding clients. Some of these “onboarding” hurdles we have already seen include:
 
  • Managing client technical debt
  • Application prerequisites and dependencies
  • Application Packaging
  • Patch testing and ongoing application management
Getting clients on board, and keeping them up to date and will be an interesting ride. Let’s see where Microsoft takes us on this journey.
 
 

 

Leave a Comment

Your email address will not be published.

Related Posts

Patch Tuesday

Patch Tuesday Includes 6 Windows Zero-Day Flaws; Patch Now!

Microsoft this month released a significant update that fixes 68 reported vulnerabilities, including a record six zero-days affecting the Windows platform.

Read More
Assurance Dashboard

Assurance Security Dashboard November 2022

Here is our Assurance Security dashboard that shows the risk associated with this month’s Patch Tuesday updates.

Read More
Patch Tuesday

November Testing Guidelines

Each month the Readiness team analyses the patches applied to Windows, Microsoft Office and related technology/development platforms. We look at each update, the individual changes and the potential impact on enterprise environments. We hope that these testing scenarios offer some structured guidance on how to best deploy Windows updates to your environment.

Read More