What’s up, everyone!
A question about Windows 365 that I still get a lot is which edition is the right choice for the customer. I wrote a post back in June 2022 comparing the business edition with the enterprise edition. But I thought it was a good idea to go into more technical details. Because some of those details might actually surprise you.
Let’s divide this post into two parts;
- A quick overview describing the most important differences.
- A technical deep dive looking at all the details.
Let’s get to it!
Which is the right edition for you?
Windows 365 Business
Goal: Simplicity for smaller companies
The business edition is intended for smaller companies. It’s really fast to set up and manage using the information worker portal (https://windows365.microsoft.com) and it requires almost no technical expertise. You’ll need to be aware that it does not support a connection to an existing corporate network and it has a 300 license cap per tenant.
Windows 365 Enterprise
Goal: All the Windows 365 features for … anyone?
The enterprise edition supports a lot more features than the business edition. For instance, there’s no license cap. You can set up a connection to an existing corporate network and you can use Intune to manage the Cloud PC’s.
So does that mean this edition only suits enterprise companies? In my opinion, well no. For instance if your company or customer needs a connection to an existing corporate network, you’ll need to choose the enterprise edition. There could be more requirements that you need to meet in order to set up the Cloud PC. Another thing to be aware of is that a business Cloud PC costs basically the same as an enterprise Cloud PC. Here are some screenshots from the Microsoft site at the time of writing:
So there you go, it really is that easy to choose the right edition for you. But is there anything else you need to be aware of?
In-depth comparison of the editions
Let’s talk about some technical details and compare both editions. I’ll add some tips and tricks as we go along.
Where does the computerobject live? You can choose between Azure AD join only or a hybrid configuration. An advantage of a hybrid configuration is that you can use Group Policies to manage your Cloud PC’s. Azure AD joined only Cloud PC’s can’t use Group Policies. They are managed via Intune. My advice here would be to go for Azure AD join only. This design keeps your set up quick and simple and is easier to manage once it’s set up. Most of the other reasons why you would choose for a hybrid deployment (like an on-premise file share) can now be achieved as well in an Azure AD join only deployment.
If you want more information on how to set up a hybrid azure ad joined Cloud PC, then I recommend you have a look at the excellent post of Niall and Paul here.
Purchasing and licensing
Let’s take a look where you can get the licenses for each edition and have a look at the license limits.
Did you know there is a data cap in place for the business edition and the enterprise edition? (enterprise: if you use a Microsoft Hosted Network) This does not apply if you use an Azure VNet. A good thing to know is that you will not lose connectivity once you hit the outbound limit but Microsoft can limit the bandwidth of that Cloud PC. You can find more information on the cap mentioned in the slide below:
Let’s take a look at the different moving parts and start with the provisioning process. Because the process is different for each edition.
As mentioned before you can manage your enterprise Cloud PC’s with Intune (Azure AD join or Hybrid) or via Group Policies (Hybrid). I would recommend to use Intune as much as possible and only go for GPO’s if there’s no other way.
You can manage your Business Cloud PC’s using the Windows 365 portal or you can connect to Intune if you have Intune licenses. This unlocks a limited set of management options but you won’t get access to the Windows 365 blade for example.
That’s a different story for Enterprise Cloud PC’s. You do get all the features and functions you’d expect as well as the Windows 365 blade with the provisioning policies, image options, user settings etc.
Here’s an overview of the device management options along with monitoring and troubleshooting options;
In the following slide you can see how to manage your Cloud PC. If you’re using enterprise Cloud Pc’s, you can manage them via Intune, third party solutions like Nerdio Manager or via Powershell. Shout out to Stefan Dingemanse and Niels Kok for creating this module!
Universal Print is only supported on the Enterprise edition.
End user capabilities
What management tasks can end users perform? How do you manage their user rights on the Cloud PC?
By default users have standard user rights on the Cloud PC. There are some business cases to be made where users do need local admin rights. In this case I would recommend to use multiple user settings policies and only assign local admin rights to users that need to have those rights. Another thing to consider is that you easily change the user settings. These changes apply pretty fast. Same goes for changing the rights back to standard user rights.
I’ve written a post on security guidelines in the past. Make sure to check it out if you want to learn more on these guidelines. In the following slide you can see what security features each edition supports.
Where can you turn to when everything goes wrong?
That concludes the comparison on the more technical side of the Windows 365 editions.