Friday Notebook, July 5 & 12: Windows Servicing; Microsoft partner licensing; passwordless logins

Also: Teradici; Identiverse; Google Safe Browsing; Boxer; SysTrack 9; Citrix Cloud FAS; Menlo Security; Android Project Mainline; Fuchsia; and more!

This is our weekly log of desktop virtualization, enterprise mobility, and end user computing news.

Our blog posts

Rachel Berry: Teradici unveiled “PCoIP Ultra.” How is it different from PCoIP and where does it fit in the market? Teradici have evolved a lot in the last few years, but as in the past, they have an emphasis on high-end use cases. Now they’re bringing in support for H.264, and NVIDIA hardware encoding, too.

Jack: In a reversal, Microsoft will allow Office 365 ProPlus on Server 2019. A delightful surprise to go along with the official availability of FSlogix as a Microsoft product.

Jack: What I learned about identity management at Identiverse 2019. There’s still a lot of work to do to bring mobility and identity together for conditional access.

Kyle: Google Safe Browsing can differ between desktop and mobile. Why? Google continues to address security issues, but their blacklist service, Google Safe Browsing, doesn’t provide equal protection for desktop and mobile.

Jon Towles: VMware Boxer’s new FastSync tech could usher in a better third-party email experience. Jon Towles explains how VMware Boxer uses key escrow to solve this long-time problem in a thoughtful and secure way.

Jack: Lakeside SysTrack 9 asks the question: How is automation changing your helpdesk? Lakeside is building on their analytics and AI strategy with more reactive and proactive monitoring and healing capabilities in Lakeside SysTrack 9, which is new and GA today.

Jo Harder: A technical introduction to Citrix Cloud Federated Authentication Service. Citrix just released Cloud-Enabled Federated Authentication Service (FAS) in Tech Preview. Jo Harder delves into federation to help you determine if and how this new feature may benefit you.

Industry news

We haven’t covered Menlo Security before, but a press release touting their $75 million Round D landed in my inbox. Menlo Security does web and email security by remotely executing webpages on a server, and then displaying them on the endpoint by using what they call “adaptive clientless rendering.” In other words, it’s very much like other remote browsing solutions we’ve been talking about (and a fan of) for years. We’re going to get a briefing to see how they stack up.

Citrix detailed a bunch of product updates: Here’s what’s new in Endpoint Management (it takes a LOT of work to keep up with all the features users expect in an email app); what’s new in Workspace; new Bot Management capabilities in ADC; and updated Android support guidance. Plus their next goal is to reach 1 billion(!) users via local app integration.

VMware also outlined their EUC product updates: What’s new in User Environment Manager 9.8 and App Volumes 2.17; what’s new in Horizon Cloud; what’s new with Horizon 7.9 and Client 5.1; and UAG 3.6

There was some talk last week about Windows Servicing, and it looks more and more like the H2 releases (the ones that get 30 months of support) will essentially be service pack updates to the H1 releases, which actually have all the new features. Here’s Microsoft’s blog post, which mentions that they “will deliver the 19H2 release in a new way to devices running Windows 10, version 1903, leveraging servicing technology like that used for the monthly quality updates[...]” So this essentially means one version a year. To me, this makes sense, plus it just happens to align with the iOS, macOS, and Android world. (Apple’s lifecycles for macOS are a bit fuzzy, but they generally patch the previous two years’ versions.)

As Mary Jo Foley wrote, Microsoft is revoking internal use licensing rights for partners. This is already causing consternation, and Microsoft’s partner conference is next week, so we’ll hear plenty more about it. 

Microsoft’s passwordless Azure AD option is going into public preview. What this means is that users will be able to sign in with just the Microsoft Authenticator app, a FIDO2 key, or Windows Hello, instead of being asked for a password first. This is good news, but we’re even more excited for the next step—not having a password at all, which is in their roadmap. 

On a related note, Microsoft is testing  a “Make your device passwordless” setting in a Windows 10 20H1 test build. (Via ZDNet.) Any Microsoft accounts on the device will just use Windows Hello biometrics or PIN, or a hardware security key.

Apple is apparently testing Face ID and Touch ID authentication for in iOS and macOS betas (via 9to5Mac). This is something that would be possible with WebAuthN and FIDO, but I haven’t heard whether or not this is what they’re actually doing.

More reads and notes

In Android Q, Project Mainline will make even more core system components updatable via the Play Store. (Via Ars Technica.) These include lower-level components that will now be distributed in the new APEX file type, as opposed to an APK.

We’ve been hearing about the Fuchsia operating system for years—now you can read the developer documentation at

Here’s Jason Bayton with updates on the Huawei ban and Android Enterprise. Of course, Huawei phones aren’t in the U.S., but they’re common enterprise devices in the rest of the world, and whatever happens with this ban could affect customers. Customers will simply have to evaluate alternate OEMs.

NFC provisioning for Android Enterprise is on its way out, but there’s still QR code provisioning, via Arsen Bandurian.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.