Modern Desktops Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

4 hours 24 minutes
Video Transcription
Hello on. Welcome to this Microsoft 365 Fundamentals Video training course. My name is Chris Tomiko, and I am taking you through this entire course in this video. We're going to be talking about modern desktops. We're now into modern Two were discussing
everything to do with collaboration. We're gonna be looking at how modern desktops fit into that criteria.
So let's get started. So in this video, we're going to be learning a few things. So first off, we're going to be looking at how to plan a deployment of Windows 10 on Microsoft 365 APS or if you've come from the era I was in. That's a k A office.
We're also gonna be looking at the deployment options for Windows 10 and the Microsoft 365 APS as well.
We're also going to be checking out the update model for Windows on before Microsoft 365 APS. We're gonna understand how to keep them up today. Make sure they have the latest patches. Let's get started. So we'll get started with benefits here.
Eso the benefits of it. So there's obviously there's massive security concerns when it comes to modern desktops. we want to make sure that things are secure. You know, we don't want to be looking toe, you know, have to deal with other if if if you're watching this if you were around during the Windows XP era.
But as much as everyone has this
kind of glassy eyed veneer over how good Windows XP waas, the number of bugs and security patches that were required were astronomical and in fact, very recently in the last few years, certainly here in the UK, the NHS, our National health Service,
actually had a huge issue where
they were still using Windows XP and they were hit by a ransomware attack. So very, very big security concerns. There s oh, it's just something to keep in mind. That's the benefit of having a modern desktop is because the rollouts are actually bigger and better handled effectively.
Then we have windows. Hello. So we're talking about the security here Now we have covered this in previous videos, but effectively windows. Hello is
localised hashing on particular machines. So if you had, for example, a pin number enabled on your shouldn't say pin number, I should say pin a personal identification number if you have a pin enabled on your computer.
If someone were to know your pin, they still wouldn't be able to use your account outside of that computer because that pin is enabled only on the local device that you set it to. Ideally, you should have different pins or different styles of windows. Hello in integrity in and checks on each device.
That way, if someone were to see the pin that you typed, they couldn't go off on another side of the world.
Onda log in with that pin to do fraudulent things with your account. So that's Windows. Hello, and that's one of the benefits of the modern desktop.
Then we have Fido to authentication. Now Fido to is a project. It's a joint effort between what's known as the Fado Alliance. That's F ideo on the World Wide Web consortium, and their goal is to basically create a strong authentication method for the Web.
And at its core, Fight 02 consists off the W three C, which is the World Wide Web consortium.
So w three C
on Duthie. Fido Alliance, as I mentioned, would put those on the screen there.
All right, on basically part of the W three C is something called Web orthe, then put that up there as well added in brackets, this is this is part off the W. Three c
all right, and it's the Web orphan standard using from the Fighter Alliance what's known as the Sea Tap C T A P,
and that stands for the client to authenticator Protocol
now taken together were both in and see tap specify a standard authentication protocol on. Basically, this protocol consists off a user controlled what we call a cryptographic authenticator. In any other terminology, it basically means something like a hardware security key or even a smartphone
Onda, where both in relying party, which is basically a server of Fido to server. Basically, when you log in, you need to use a cryptographic authenticator i e. Your smartphone. If you have the software on your smartphone on, it will come up with a pin or the screen that says
someone is trying to log into your account is this year, and you can hit yes or no where you can type up in
that kind of thing. This is basically fight oh, to authentication, and it's a massive, massive thing. Now I've put the link up on the screen there. You can't she see the fighter Alliance Dog website? We're gonna flick across to it right now. I'm actually gonna show you how many people are actually involved in it. So here we are.
This is the Fido to website taken. Try my mouse. There.
You can see these are the board level members. So we're talking about some big companies. Apple is in their arm. American Express, Amazon. We're talking some big names. Facebook. If you've ever logged in using your Facebook account or using Google or Amazon to connect to another website, you've used Fido to
You can see Google is there was Well,
um, some very big names. Intel, the Novo Microsoft themselves. Obviously, because here we are with the monks off 365 fundamentals, MasterCard
pay, pal. There's loads of them on. These mean that you can log in using your authentication credentials that's stored on someone else's server to access a different program. So if you have a Facebook account, you might be able to sign up for an account with a business that's using fight 02 on. Did you don't have to stay
typing on your details. You can just log in with your Facebook account
on Facebook will allow this business to use their servers to authenticate you, and that's what the Fight 02 alliances. And that's one of the benefits of a modern desktop, because Microsoft actually uses that within the Windows 10 environment.
So let me close that down will go back to this. The presentation hit. All right, so moving on from there,
it also gives the benefits. There's benefits off the one desktop with how users get their work done. We've already discussed things like cortana and timelines. So Cortana was the AI system on timeline was that thing where you could have multiple desktops
open and each one could have a different set of windows open within it?
Onda conflict between the two of them and you could also roll back. If you remember, there was like a scroll bar down the right hand side of the screen, and you could actually scroll through what you have been doing for the past month and pull up data that you had done from previous days and weeks and months even.
All right, so Those are the two major features of a modern desktop as well.
Then obviously we have feature updates now feature updates is the new buzzword for service pack effectively? That's what Microsoft mean by it. So in most recent one is the 2004 feature update for Windows 10
and the number just specifies the year on the month off the release of the feature update. So 2004 is the year 2020. On day 04 is the month. So we're looking at April, and that's basically how it works. The one before was 1909 so September 2019. And that's effectively how it works.
But each one
adds new features. You don't have to have these features. They are completely optional to appoint after a certain amount of time. I think it's about 18 months. Microsoft will basically say that the oldest feature pack will come out of service and they force you to move to the next version. But you have about a year and 1/2 to decide
on then, obviously the updates themselves. We've discussed this so the any update themselves come out multiple times a year. If you ever heard of patch Tuesday. Microsoft Love This term, its's become kind of their mascot for patches. I believe it's the second Tuesday of the month. Every month,
Microsoft will release
patches for their Windows environments on this is where they come in, so
updates multiple times a year and obviously feature updates at least twice a year as well. Now the old model was once every 2 to 3 years on effectively. Sometimes you might not see if you have Windows XP, you know. Then the next version of Windows might come out in three years or so, and you have the features in the new version of Windows.
No anymore. With Windows 10
we've had Windows 10 now for about five years, coming on six on. I don't see it going away anytime soon. In fact, I reckon Windows 10 might be the last air quotes version of Windows that is released, and they just module arise and updated constantly. Eso service packs used to come out every year or two, and then new versions of windows followed. After that.
The benefits of this is that it's easier to deploy because it is modular. It's much, much easier to deploy. It has systems that allow you to deploy data quicker with less bandwidth usage on your networks as well on because of this way that it works. It's also easier to maintain, and we will actually explain
in further slides and videos how that works.
All right, so let's look at planning a desktop deployment. First off, we need to assess compatibility. So almost all applications written in the last 10 years will probably work in Windows 10
because Windows 10 has backwards compatibility through several iterations of Windows operating systems on
Aziz. Well as that. Almost all Adan's on visual basic for applications Mac Rose. So any macro you might have used in previous versions of office or any add ins as well. Generally, I say, generally I'm air quoting again. You obviously can't see it, but generally will work in
the modern desktop environment within with Windows 10 so worth knowing. Certainly
there are some tools that Microsoft give to help out with this. The biggest one is the Windows Upgrade Readiness Tool. Now, this is actually the full tour recommended by Microsoft, and it will basically go onto your network and tell you whether or No. All the computers on your domain on your you know, your environment, your workgroup. If you do run a work group,
whether or not they're ready to receive
Windows 10 and move up effectively
a swell as that we do have the readiness toolkit for office Adan's and VB A. This is to check Mac Rose as we've discussed. So the way it would work is basically
please link these together, shall we? So this one would link to this one on this one would link to this one. That's effectively, what we're doing here. All right, so those are the tools you would need to check each of those items
as well. We have the desktop APP assure This is where you get Microsoft involved. So desktop app assure means that you can get a Microsoft engineer toe work with you as if you were the system admin, of course, for the network to see if
all the APS that you were going to move from, say, Windows seven or Windows
to Windows 10 would work and they would help you to figure out workarounds if there were problems or how to get legacy applications working that kind of thing. So that's where Microsoft would actually step in and offer their resource is.
So obviously, after assessing the compatibility, we need to look assessing the network. So Microsoft have a really cool feature now that they use in Windows 10 called Binary Delta. Compression on this basically means that the when you're patching a file in the old days, if you have to change even one bit in a file,
you have to change the whole file
that the old file was out of date. The new facts come in now.
Not such a big issue with bandwidth these days, however.
In the old days when we had 56 K modems and 33 K modem is the things that back. If you have to up the 20 make file, then to make one little one kilobyte change, for example, you couldn't just change the
bits of the binary parts off the file. You have to actually delete the file and overwrite it with the brand new file,
so you have to replace 20 makes two updates and code in one kilobyte worth of changes.
Not so anymore. Binary Delta compression means that the the application, the engine that runs the updates will actually check for the difference between old and new files and only update the binary pieces that actually have changed. And therefore, the updates are way, way smaller. We're talking hundreds of times smaller
andan. Obviously, if you've ever used Microsoft in the past, you may have known if you've been assist admin for some time off branch cash. Branch cash is effectively the proxy server that you would run in a branch department of your business. So if you have an offsite branch somewhere, maybe smaller network, you would run a branch cash,
they would receive all the updates so they'd have maybe,
um, you know, if you have one server, for example, that's draw on the screen here,
one server here. Andi, there's the server there, so it receives the updates. All the updates come down from the network.
There we go. I forgot how to spell updates for a second. Eso you come down and then from there you're passing out. Rather than have your computer's actually connect out onto the Internet on, then pick up all the updates themselves, which could cause a massive, massive bandwidth hog what you're doing instead is
cutting off this line here,
and you're actually downloading directly to the server and the server then feeds out the data to each of these machines. So these machines never actually need to go online to get their updates. The branch cash deals with it for them.
And then we have delivery optimization, which, in other words, means other computers. Eso going back to our computers here if we install another computer on this one is out of date. But these ones here, let's say they are running 2004 on these ones here.
This one comes online and it's running something old, Let's say 1903 Right for the version of Windows 10 instead of going online to get the updates, it will look first, other computers on the network. And if you've ever used peer to peer clients like, for example, bit torrent, then this is what would happen. The system would basically connect the two together and go right.
Send me some of the files that you might have the I need,
and then if you can't find anything on the network, then it would go off and get it from the update environment that Microsoft create so very handy feature tohave.
All right, let's move on to deployment options.
Windows Autopilot is the 1st 1 here. This is operate operating system based Windows Autopilot on effectively. What Windows autopilot does is it allows you to
automatically When you purchase a new device, you can have
the device sent directly to your staff members so they might not even be in the office. Let's say they're a sales person moving around the country. You can have it delivered to their home on when they log in, and they open up their markets of 365 credentials and log into the computer windows. Autopilot will recognize their credentials,
connect them to the environment that is in the cloud
under Microsoft 365 and then configure the machine directly as if it had been sat in front of you as a system administrator on. You could then configure it, get everything ready and then deliver it out to the customer. To the staff member, it's much, much quicker this way. It just means that you need to make sure that the autopilot section off Microsoft 365
is ready to go
effectively you would upload your images, upload your app, changes policies everything on. Then you would tell it that when a certain domain that logs in, let's say, you know Microsoft's famous con toes oh dot com. If you have Chris at Canto, so dot com, it would recognise Contos oh dot com and then go Oh, you're part of this business.
Let me send you all of this information to configure your operating system.
Really smart system.
Then we have the Microsoft deployment. Talk it again for operating systems. You may have come across this in the past, but effectively here. What we're looking at is the ability to actually deploy out images to machines a little bit old fashioned nowadays, certainly,
but still very much in use, certainly until everyone goes into like or if they do into a cloud only environment effectively with autopilot.
All right, then, for the APP site,
we have the office deployment tools, and I've put marks off 365 APS in there. However, you may also recognise that as office,
so this allows you to download office, usually from office dot com.
Get the files you need, store them on a local network share and then have everyone connect to that share. So if you have a share here, I'll just put a no in there for office,
all your other machines on the network.
If each person let's say you had I don't move 500 machines. If each person was two, then log into office dot com and hit install. You'd have 500 machines using your bandwidth to download the same version of office. What you could do instead is log into office dot com, hit onto the server
and download
from office dot com, a version of office that suits the company. So you could say, I don't want excel. I do want word I don't want power point. I do want access as an example. You would then push
that version toe all of these machines that you can see. So it just allows you to have a little bit more control over what's going on across your network without then having all of these machines here, this giant section, or go off online and destroy your bandwidth. And when it could be used for something better, that's effectively what we're talking about
moving on. We have in tune and configuration manager, this is covers both. You can do the operating system and Microsoft 365 from here on. Basically, what it means is that from there, you would effectively have the ability to,
um, either create a hybrid environment or a cloud only environment. Andi have it controlled directly by the policies in that environment.
All right.
Okay. So what I'm gonna do is I'm going to stop the video here because it is going to rattle on for a little bit longer. Andi, join me back for the second half of this, we're gonna be carrying on talking about the modern desktop. And I will explain to you Windows 10 and how it deals with provisioning and subscription activation
and also upgrading Windows 10 as well.
I will carry on from there, so join me in part two shortly
Up Next
Microsoft 365 Fundamentals [MS-900]

Microsoft 365 Fundamentals is a course designed to help both those looking for more information at a foundational level on the Microsoft 365 platform and service, as well as those looking to take the exam itself.

Instructed By