Friday Notebook, March 22: FSLogix freed; Windows Virtual Desktop preview; Apple and SAML

Also: iOS 12.2; Horizon 7.8; Intune updates; Blue Cedar funding; speaking events; and much more!

This is our weekly log of desktop virtualization, enterprise mobility, and end user computing news.

Our blog posts

Jo: Citrix Cloud identity features are still up in the air. We appreciate Citrix’s move towards identity, but there’s still a lot of manual work to do in many cases, which erodes some Citrix Cloud benefits.

Kyle: Device attestation: Another option for securing BYOD, contractor, and partner mobile devices. This provides a middle-ground option for companies to determine the trustworthiness of users’ devices.

Jack: Here are all the enterprise features in the Android Q beta. Android Enterprise is incrementing on a strong platform, which has been evolving for almost five years now.

Kyle: ‘VDI’ for the masses: Recapping Google Stadia and Microsoft xCloud game streaming news. The announcements left me with questions, but I’m still excited to learn more about both!

Industry news

Windows Virtual Desktop is now in public preview. What’s new? For one, FSLogix isn’t going to be restricted to WVD, and instead just about everyone will be able to use it. (See below). GA will be in the second half of 2019. Samsung (specifically around DeX) is listed as a partner for the first time. Lastly, several sources (but not Microsoft directly) have told me that customers will be allowed to use Windows 10 Multi-User outside of WVD, as long as it’s still on Azure. However, I haven’t confirmed this. If true, it reverses some of what Microsoft told me back in September.

Microsoft is going to let pretty much anyone that is already licensed to do any form of desktop virtualization use the full FSLogix Suite. Microsoft’s Scott Manchester, the manager of RDS, tweeted: “Who will be entitled to #FSLogix? Anyone with an RDS-CAL, RDS-SAL, VDA, or WVD entitlement. Use the full suite for on-prem or in the cloud.” Also, he noted that Software Assurance is not required for on-premises usage. Back when Microsoft bought FSLogix, one of the biggest questions was how they would take it to market. I was a bit pessimistic, assuming they would restrict it to get people to come to Azure, but I’m very happy that I was wrong, and that they’re spreading it out to the world, essentially for free. As Cláudio put it, this is essentially UPD 2.0. This is huge news in the profile management space, and we’re working on a full deep dive for Monday.

Apple School Manager now supports federated authentication via SAML. Specifically, customers can federate Managed Apple IDs in ASM to Microsoft Azure AD. There’s no word yet regarding other SAML IDPs, or Apple Business Manager, but I’m sure we’ll hear more at WWDC in June. Either way, it’s great to finally see Apple make something work with SAML. The ultimate hope is that macOS user accounts could speak SAML (in the meantime, we have tools like Jamf Connect), and that all of the various administrator accounts that you need for Apple services in the enterprise could speak SAML, as well.

iOS 12.2 is probably going to arrive sometime next week, and with that, BYOD (or non DEP) MDM enrollment is going to require another manual step. We’ve known about this for a few months, but it’s part of a bigger issue: For years, it’s been clear that Apple needs to improve the BYOD experience.

What’s new in VMware Horizon 7.8. It’s a long list, with updates covering the management console, scaling limits, RDSH management, the Horizon Agents, all the clients, User Environment Manager, and Unified Access Gateway.

VMware announced a new module for their mobile app SDK: the Workspace ONE SDK privacy module. It displays things like app permissions, company privacy policies, and an opt-in screen for sharing app diagnostics.

What’s new in SCCM and Microsoft Intune for Spring 2019. Among other things, Edge for iOS and Android are getting Intune app protection policies (i.e., app-level MAM), with no more need for the Intune Managed Browser. Also, support for Android Enterprise fully managed devices is now in preview.

Blue Cedar, which does mobile app management and networking, just raised a $17 million B round. While I haven’t written about them in a little while, they’ve been busy tapping into extended enterprise use cases, and I have call scheduled with CEO John Aisien. Watch out for more soon.

Microsoft announced Defender ATP (Advanced Threat Protection) for Mac, now in preview. Plus they’re working on Defender Application Guard extensions for Chrome and Firefox.

PolicyPak announced another edition, Feature Manager for Windows. Here’s our previous look at PolicyPak.

BlackBerry is establishing a U.S. subsidiary so it can do more with the U.S. government. I was kind of surprised to learn that they hadn’t done this before, considering their long-time role in government customers.

More notes and reads

Noah Wasmer is now at Atlassian, and it even got covered by Business Insider. Noah has always been a visionary (check out this video of him describing Project Horizon to Brian back in 2010), so I’ll be curious to see what he does there.

Research, via ITC-R: Should you use an ad blocker in a VDI context?

Did you miss the Android Enterprise Summit? All the presentation decks are available online. No specific news, but some good overviews if you need to get up to speed on AE.

Johan van Amersfoort: How to build an F1 simulator game in a VDI.

Upcoming appearances

I’m happy to announce two upcoming speaking appearances.

During the week of Google Cloud Next, I’ll be appearing at an event hosted by Lookout. They’re hosting a panel discussion on April 9, called “Work Without Walls: The Price of Productivity in a Post-Perimeter World.” More information and how to attend here.

On May 2, Login VSI is hosting another VDI Performance Summit. It will be online this time, so anyone can attend. I’ll be giving the closing keynote, called “The Future of VDI in a World of Workspaces.” More information and registration here.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.