How Microsoft is making Windows 11 run faster than Windows 10 on the same hardware.

Windows 11 will be the first version of Windows developed under the leadership of Panos Panay.

In final stages of development, tweaks and bug squashes before the official release in October, Microsoft is introducing Windows 11 as the first version of Windows developed for a hybrid work world. Windows 11 will ship with a major UI design overhaul, new start menu, new modern components (though some legacy components still remain) and what is touted to be a much more developer-friendly App Store,

Faster and More efficient

It’s important to also know that there are is also a heap load of important changes under the hood of Windows 11 too.

Microsoft have provided various technical docs along with a new YouTube video from Microsoft Mechanics which detail these various optimisation and performance improvements which you can watch below.

Windows 11 performance improvements

If you watch the video, you will see the Windows Management team explain why and how Windows 11 feels more responsive and faster than Windows 10 on the same hardware due to “a lot of work in memory management to favour the app windows you have running in the foreground so that they’re prioritised with more CPU and other system resources.”.

Unlike Windows 10, Microsoft have ensured that with Windows 11 foreground optimisation now also applies not only to the focus and running apps but also to the Windows shell and open tabs within Microsoft Edge (made possible though Microsoft Edge’s Sleeping Tabs feature).

Microsoft claim that this results in average Memory efficiency gains of 32% and up to 37% for processor usage, which of course therefore equate to faster performance, better mutki taking and more efficient use of battery (longer life).

Microsoft also explains in the video, they have achieved an “almost instantaneous” resume from sleep experience for most Windows 11 users. Microsoft also claim that Windows Hello is now 30% faster also (not that it was slow before).

A word in updates too..

Finally and probably one of the most noticeable things I have found in testing as part of the Windows Insider Programme is that Windows 11 updates are and will be significantly smaller and faster to install.

With the updated Windows Update, the update components only download the necessary files from Microsoft rather than the whole update making updates on average 40% smaller. Thus reducing network bandwidth and increasing update speed. Which is massively noticeable with updates (in testing) taking well under 5 mins.

Read more..

You can read more on this on the Microsoft Tech community here.

Microsoft kills off MSN and Starts.com again!!

Microsoft has annouced and launched (starting today) Microsoft Start, which is a new(ish)/revamped personalised news service which pulls together personalised and targeted news and information from the Microsoft anews Service (MSN) and from “more than a thousand” other publishers.

“Microsoft Start” (image (C) Microsoft)

Microsoft Start will be available via the web at MicrosoftStart.Com, from the Microsoft Edge “new tab” page, Windows PCs, tablets and mobile devices and will provide a consistent yet personalised feed with news feeds and stories coming from a over a thousand selected publishers, which will be fine tuned as users like or dislike content or content types that appear in their feeds as Microsoft Start learns more about the user.

“Microsoft Start brings new technology to content experiences, including Microsoft’s latest advancements in AI and machine learning, coupled with human moderation, to help people stay up to date with information that is personalized for their interests.”

Liat Ben-Zur | Microsoft CVP

You can read the official annoucement from the Microsoft blog here:

Get started with MicrosoftStart

The Start experience currently looks and feels familiar (I’d almost go as far as saying the same) as the existing MSN service. Users can customise Start by clicking on the “Personalize” button which will allows access to managing interests and tweaking the types of news recommendations the service provides.

Microsoft Start seems to be a combination of a number of different Microsoft services, including Cortana and MSN. For example the Cortana app (as it was) was able to use AI and Machine Learning to determine your interests and display the latest “useful” news and headlines in the feed, as well give you travel time estimates based to meetings based on your location.

Microsoft Start has adaptive “cards” similar in some ways to the old “live tiles” in Windows 8-10 and the widgits in Windows 11 today. These cards provide updates to things like local weather, breaking news, finance, traffic, and sports etc.

The experience on Edge is pretty much no different to the current MSN one and the http://microsoftstart.com url even redirects you to https://www.msn.com but I expect this will change over the next few days as the service rolls out.

Microsoft do say though that Microsoft Start doesn’t replace MSN.com, and the dedicated Microsoft News app for Windows 10 and Windows 11 will continue to exist for the time being.

Why the name change?

You’ve got me on this one….

Microsoft haven’t offically revealed why they have brought in a brand new name for the service. Microsoft News Service (MSN) worked for me (like Apple News, or Sky News or BBC news) it was it was and did…

I’m sure we will find out more at somepoint though… There’s always a reason after all..

Available now…..

Microsoft Start is live now at MicrosoftStart.com, and is live on the Microsoft Edge new tab page (try it), the News and interests taskbar thingy on Windows 10, and also in the Widgets app IN Windows 11.

In the coming days, the Microsoft News app on Android and Apple iOS will be updated and rebranded to Microsoft Start (so don’t confuse it with something else!) .

Microsoft search in Google play store.

Thoughts?

What do you think of the new service?

What do you think of the name change?

“Defender for Endpoints” will now be included for free as part of Microsoft 365 E3/A3

Microsoft Security Logo

Microsoft have announced a more cost effective endpoint protection plan for Microsoft 365 and Windows customers. Named Microsoft Defender for Endpoint P1 this provides comprehensive threat prevention and protection for any endpoints including those running Windows, macOS, Android, and iOS and will be included for free in Microsoft 365 E3/A5 SKUs.

The existing Microsoft Defender for Endpoints SKU will become Defender for Endpoints Plan 2 and is the version currently included in Windows E5 and Microsoft 365 E5.

Microsoft say that this new solution “will make it easier for more security teams across the globe to buy and adopt the best of breed fundamentals of Microsoft Defender for Endpoint” and will provide generation protection, device control, endpoint firewall, network protection, web content filtering, attack surface reduction rules, controlled folder access, device based conditional access, APIs and connectors, and the ability to bring your own custom TI are some of the capabilities of this new plan.

Why now?

The endpoint remains one of the most targeted attack surfaces as new and sophisticated malware and ransomware continue to be prevalent threats and it’s not slowing down. Ransomware in particular continues to persist and evolve, financial damage continues to increase, and the impact is felt across numerous industries.

Over the last year, Microsoft have seen more than a 120% increase in organisations who have encountered some form of ransomware attack as shown in the graphic provided by Microsoft.

thumbnail image 1 captioned Volume of organizations affected by ransomware.
Image from Microsoft Security

Microsoft are keen to ensure they provide “security for all” and this comes just days after a commitment with Biden to invest more than $20billion in security over the next 5 years.

Microsoft claims they already provide best of breed, multi-platform, and multi-cloud security for all organisations across the globe and their integrated suite of security and threat protection and remediation services provides simplified, comprehensive protection that prevents breaches and enables our customers to innovate and grow.

Microsoft say that “as part of that commitment, we’re excited to offer a foundational set of our market leading endpoint security capabilities for Windows, macOS, Android, and iOS at a lower price in a new solution to be named Microsoft Defender for Endpoint Plan 1 (P1) which will also be included in Microsoft 365 E3 for free.

Licensing and Pricing

The great news is that “Plan 1” will be included in Microsoft 365 E3 /A3 at no addition cost and will be a made available as a low cost add-on for other SKUs. Microsoft 365 E5/A5 will continue to include Defender for Endpoint “Plan 2”.

This is currently in public preview, meaning you can sign-up for it for free for 90 days now. After the 90 days is up, you can buy this from your friendly Microsoft CSP or licensing partner. Customers already of Microsoft 365 E3/A5 will get this for free once released for General Availability (within the next 90 days) and will then be able to enable/user the service.

thumbnail image 10 captioned Microsoft Defender for Endpoint P1 capabilities are offered as a standalone license or as part of Microsoft 365 E3.
How to buy Defender for Endpoints Plan 1

Plan and Plan 2 compared

The diagram below shows the extent of the threat protection and remediation services offered by Microsoft Defender for Endpoints.

thumbnail image 2 captioned Microsoft Defender for Endpoint P1 offers attack surface reduction, next generation protection, APIs and integration, and a unfied security experience for client endpoints including Windows, macOS, Android, and iOS.
Microsoft Defender for Endpoint (C) Microsoft.

Plan 1 is aimed at organisations looking for mainly endpoint protection (EPP) where you get best of breed fundamentals in prevention and protection for all your client endpoints. It includes next generation protection, device control, endpoint firewall, network protection, web content filtering, attack surface reduction rules, controlled folder access, device based conditional access, APIs and connectors, and the ability to bring your own custom TI. Finally, it includes access to the Microsoft 365 Defender security experience to view alerts and incidents, security dashboards, device inventory, and perform investigations and manual response actions on next generation protection events.

Plan 2 is aimed at most larger enterprises who need full endpoint detection and response (EDR). This builds on Plan 1 and provides full EDR capabilities to further prevent security breaches, reduce time to remediation, and minimise the scope of attacks with vulnerability management, endpoint detection and response, fully automated remediation, advanced hunting, sandboxing, managed hunting services, and in-depth threat intelligence and analysis about the latest malware campaigns and nation state threats.

The below table offers a comparison of capabilities are offered in Plan 1 versus Plan 2.

thumbnail image 3 captioned Comparison between Microsoft Defender for Endpoint P1 and P2 capabilities.
Image (c) Microsoft.

Getting Started

You can sign up for the preview using the link here, and Microsoft have provided a detailed blog which goes into more detail than have shared above also provide a simple walk-through for admins and sec ops.

You can also read the latest Gartner report which details Industry leading security capabilities.

#Windows365 is here as Microsoft announces Cloud PC at Inspire2021

Windows365 is a new service that will let users access their corporate ‘cloud’ PC from anywhere by streaming a version of Windows 10 (or Windows 11 when released) in a web browser. At initial launch, (2nd August 2021), organisations have two edition options – Windows 365 Business and Windows 365 Enterprise – with multiple Cloud PC configurations in each edition based on performance needs.

Designed for the disparate and agile workforce

Windows 365 allows organisations to equip distributed workforces, temporary and seasonal employees, contractors, and employees who have a need for specialised workloads in a flexible and highly secure manner – regardless of their location or device. Windows 365 will allow organisations to add and remove users with secure managed Cloud PCs according to the changing needs of the business and of the individual user, allowing them to scale for busy periods without the logistical challenges of issuing new hardware. Cloud PCs can be scoped, and scales based on the specification/power that best meets the user need and is paid for on a simple per user per month price.

Built on Azure Virtual Desktop – runs on anything

Windows 365 is built on Azure Virtual Desktop but simplifies the virtualization experience and licensing. Organisations that require greater customization and flexibility can of course still opt for Azure Virtual Desktop to modernize their VDI (Virtual Desktop Infrastructure) in the cloud or use a combination of both. 

Windows 365 offers a consistent Windows experience, across any device/operating system including Windows, Mac, Linux, iOS, or Android. It promises to support all your business apps such as Microsoft 365, Dynamics 365, Power Platform, line of business apps, and more as well as the Office 365 suite.

It provides an instant-on boot experience that enables users to stream all their personalized applications, tools, data, and settings from the cloud across any device and allow them to pick up right where they left off. The state of a user’s Cloud PC remains the same, even when they switch devices.

Feature Support for Windows 365
Windows 365 Device Support (July 2021)

Consistent Device Management

Microsoft Endpoint Manager is used to procure, deploy, and manage Cloud PCs for their organisation, since Windows 365 is consistent with how they manage physical devices with Microsoft End Point Manager. Cloud PCs are managed alongside physical devices and can apply management and security policies to them in the same way as they do on physical devices.  There is extensive monitoring too and IT can change on the fly the specification (processor, RAM, and disk) to adjust the performance of the Cloud PC to make sure the users are getting the best experience. There’s also built-in analytics and performance metrics to look at connection health across network to make sure the Cloud PC users can reach everything they need.

Build on Zero Trust Foundation

Windows 365 is built with a focus on a Zero Trust architecture. It stores information in the cloud, not on the device, and encryption is used everywhere as you’d expect with an Azure service. All managed disks running Cloud PCs are encrypted, stored data is encrypted at rest, and all network traffic to and from the Cloud PCs is also encrypted.

Licensing Information

Unlike other virtualisation services, Windows 365 is priced on a per-user price and are allocated via the Microsoft 365 admin centre portal in the same way as other Microsoft 365 E3/E5 licenses.

Windows 365 will initially come in two flavours – Business and Enterprise, and Microsoft will offer 12 different configurations for both the editions. The Cloud PCs can be configured with a single CPU, 2GB of RAM, and 64GB of storage at the low-end, all the way up to eight CPUs, 32GB of RAM, and 512GB of storage.

A full range of available configuration and example scenarios is available here.

Windows 365 will be officially available on August 2, 2021, and pricing will be announced on the same day, though rumours say we expect pricing to start from ~£25pupm

 

What’s Windows 11 really about then?

Windows 11

Windows 11 is new – in this blog I look into some of the reasons why we have a Windows 11 and not simply another update to Windows 10!

In summary, I think Windows 11 is about three main things which I will discuss below…

  • Taking advantage of the huge surge in demand in hardware. 
  • A new modern and fresh visual UI
  • The ability to considerably secure and protect users (not just corporates either)

Wasn’t Windows 10 supposed to be the last version of Windows?

That’s what we all thought, since when Microsoft released Windows 10, Jerry Nixen (a former senior technical evangelist at Microsoft) had said “Right now we’re releasing Windows 10, and because Windows 10 is the last version of Windows, we’re all still working on Windows 10“. This, however, was never really the official line by “THE MICROSOFT”, and was more of a throwaway comment but one that people seem to have remembered (including me!!). Anyway, there is a Windows 11 coming. Period.

To answer the “why”, during the official announcement of Windows 11,  Panos Panay said that “You have to step back and consider what’s most important for people right now, and so much has changed over the last 18 months. A lot of the time spent over the last 18 months [within Microsoft] was looking at Windows and what it means to be for what’s next [with hybrid work].”

But why Windows 11 and not Windows 10 2022H1?

The PC started to move from fitting into people’s lives to shifting our lives to fit into the PC,” said Panos Panay at the announcement of Windows 11 back in June.

Six years after launch, the vast majority of the Windows world is now (finally) running Windows 10. With the surge (ok, like, everyone) suddenly working from home combined with the increase in security threats from phishing and ransomware also combined with the first significant PC growth spurt in more than a decade, Microsoft clearly saw a big reason (and opportunity) to re-invent Windows in a year which has reportedly seen a 75% year-over-year increase in the time people “spent” in Windows.

Canlays Report - PC Shipments 2020

According to Canlays, “the PC market is expected to remain strong through at least the end of the year and into 2022″ as hybrid working seems set to stay and requires (in most cases) mobile computing which typically have a “refresh” cycle of 3 years (4 at a push). Any Windows upgrade cycle (new version) that Microsoft launch risks causing demand issues (especially with the current silicon shortages), but at the same time, the fact that demand is strong and people are upgrading presents an immediate opportunity.

What’s more important (if you push the marketing and commercial aspect to one side for a moment) is that the devices people are upgrading to, typically support more advanced and modern security standards than the 4 year old devices they are typically replacing!

In short, I think Windows 11 is about three main things

  • A new modern and fresh visual UI 
  • The ability to considerably secure and protect users (not just corporates either)
  • Taking advantage of the on-going demand for PCs/laptops.

 

The new Flashy UI

There is no doubting that the UI in Windows 11 looks different (yet also very familiar). There are a also bunch of new features in the first initial build (with loads more coming in later builds) – you need to bear in mind that there is still at least 5 months of development and refinement to go before Windows 11 is officially launched).

Windows 11 Desktop

Many of the new features have been shaped around the changing ways in which people have learned, worked and played during the pandemic. As an example,

  • Universal mute – a new mute button is now present on the taskbar which essentially mutes every app in Windows 11 except your UC app (by that they mean Microsoft Teams), to prevent those embarrassing microphone moments.
  • Leave my apps where there were mode (ok it’s not officially called that), but Microsoft in Windows 11 finally leaves your apps on the screen you left them when using multiple monitors. In Windows 10, apps are rearranged or moved to single screen when you disconnect or reconnect a monitor. To be honest though – they could have easily (and still could fix this in Windows 10 21H2)

There’s lots more to the UI and reasons why some of the changes (like the centred start menu) are where they are – you can read/watch more about this here

Security, Security, Security

Outside of the cosmetics (which are of course important as it’s what we interface on a daily basis), Microsoft (who by the way invest over $1B in security R&D each year) want to push the market forward to adopt the much needed new security standards. Setting minimum standards around security (rather than just RAM and Processor speed) is of course a good way to this. Again – they didn’t really need a new “version” to do this – after all, Windows 11 is “built” on Windows 10, so with notice and planning they “could” have still achieved the same result in my book, but this way they can continue with Windows 10 (bear in mind that Windows 10 will be supported until at least 2025) but use Windows 11 as the driving force to improve security – something their commercial customers will likely not want to ignore.

Secure from Chip to Cloud with Windows 11

Microsoft have been talking about Security from Chip to Cloud with Surface and Windows 10 for about a year now and given the huge demand for new PCs/Laptops, Microsoft should be able to drive a quicker shift towards better security standards. Microsoft sees hardware as a currently security flaw (in many cases) which is why there will be emphasis and requirement on TPM 2.0 for Windows 11 which has been standard in Microsoft Surface for several generations now but has not been a Windows requirement…..until now!

So what is TPM anyway? TPM stands for Trusted Platform Module and even though this technology has existed in new PCs for some years, its only really Microsoft that have talked about extensively. Since TPM 2.0 will be requirement for Windows 11, we will heard a lot more about it from PC manufacturers with Windows 11 certified hardware.

In a recent security blog post from Microsoft’s director of enterprise and Operating Security, they explain in detail the importance of TPM 2.0, along with some other security benefits of Windows 11.

TPM is a chip that’s integrated into a main motherboard on a PC or Laptop and is designed to helps protect sensitive data, user credentials, and encryption keys as well as protect these devices from malware and ransomware attacks, which are becoming ever more common. This, combined with the ransomware protection features built into Windows 11 (and Windows 10) known as “Controlled folder access” will go along way to further protect users and organisation against cyber crime.

TPM 2.0 is a “critical building block for providing security with Windows Hello and BitLocker to help customers better protect their identities and data,” Microsoft explains in their blog.

In addition to the TPM requirements, Windows 11 also provides new built-in security features including:-

  • Microsoft Azure Attestation, which can enforce Zero Trust policies with supported mobile device management tools like Intune
  • Support for virtualization-based security, hypervisor-protected code integrity,
  • Secure Boot built-in, and hardware-enforce stack protection for supported hardware from both Intel and AMD.

Become a Windows Insider and test Windows 11 today

People always ask me “how you download it or get a dodgy build like the one that leaked a few weeks ago”. Its actually really simple and legal to get Windows 11  – but to do so you (or your organisation) need to be enrolled in the Windows Insider Programme. I’ve been a Windows Insider for 6 years now and it’s been a great journey to be (or at least feel) part of the on-going development of Windows moving forward.

I’ve written about what it means to be a Windows Insider before, but you can check out the Real Inside story of Windows 11 here.

Watch to learn more about the key design & security concepts of Windows 11

Windows 11 - secure from chip to cloud:
https://www.microsoft.com/security/blog/2021/06/25/windows-11-enables-security-by-design-from-the-chip-to-the-cloud
 
Meet the Windows 11 Maker(s) story:
https://insider.windows.com/en-us/insidewindows11/video/meet-charles-inspiring-inclusivity
Windows 11 Start - "Centred around you":
https://insider.windows.com/en-us/insidewindows11/video/start-is-centered-around-you
The Windows 11 Design story:
https://insider.windows.com/en-us/insidewindows11/video/new-look-new-feel

New Edge browser extension for Outlook aims to keep you informed while browsing.

The Outlook extension is in beta (due to be released in July) but is available to download now from the Microsoft Edge add-ons store.

New Outlook Edge add in

What does it do?

The Outlook Edge browser extension enables users to read, send, and manage emails and even receive outlook notifications without the need to open a new tab or flip to the app.

The extension is designed to keep users productive while browsing allowing them to:

  • Reading an important email
  • Checking your calendar
  • Adding a task based on what you’re reading on the web
  • Fast look up of a contact’s phone number
  • Referring to info on a webpage while writing an email.

How to get it and set it up

The Outlook extension is in beta but is available to download on the Microsoft Edge add-ons store. You can get it here.

Once downloaded and enabled, an Outlook icon will be added to the Edge address bar. Users will need to sign in with their work or personal account to see their emails, calendar, contacts, and tasks, and more in a pop-up menu while browsing the web.

To use the extension, you of course need to login within your Microsoft or a Microsoft 365 account

Surface Laptop 4 AMD: Hands on review

Every bit a Surface – a premium but light weight workhorse with choice of AMD or Intel chipsets and full working day battery (and fast charge).

On test: Surface Laptop 4 13.5″ AMD Ryzen 5 / 16GB RAM

I have been lucky to have an aluminium Surface Laptop 4 13.5″ with 16Gb and the AMD Ryzen 5 chipset on loan for about 8 weeks, so thought it was about time I wrote my review! Thanks #SurfaceUK for the loan.

SurfaceLaptop 4 13.5″ AMD

Overall feel and use

Microsoft’s latest and ever gorgeous looking Surface Laptop 4 naturally features the latest generation Intel or AMD chipsets, new colours and best of all much improved battery life which lasted a full 8hrs of constant use in my test – which is pretty damn good in my book (or laptop!)

As with previous iterations, it’s hard to spot any visual differences between this and Surface Laptop 3, with it matching the dimensions, weight, port selection and design which still looks beautiful and premium as ever.

As always, the keyboard is great quality, quiet and with great “key travel” making it easy to type. The large trackpad is smooth, responsive and precise but still manages to not get in the way of typing.

Screen is bright, great resolution with it’s standard 3:2 aspect ratio. Sound from the speakers are also clear and crisp and even has surprisingly good bass and mid tones and doesn’t sound at all tinny. Films on Netflix sounded really nice – though of course sound better beamed to a high quality set of speakers or sound bar!

The webcam naturally supports Windows Hello face recognition for logging into Windows in a split second and provides 720p quality webcam (with great light and perfect field of view and microphones are better than most for video calls.

Surface Laptop 4 was whisper quiet in operation – and in my all day use test I really couldn’t hear the fans when they did kick in, which they did a few times as I was working in direct sun with video on and lots of apps.

WiFi, high brightness, video on and headset

Battery Life

Battery life was some way behind the claimed 12± hrs but did last a full 8hrs with constant use – sitting outside in the sun, blue tooth paired headset, Wi-Fi and brightness set to high. My day was spend in back to Teams video calls along with regular dips into Apps such as Word, Excel and PowerPoint. Battery settings were left to their defaults.

My day started at 7.00am and Surface Laptop 4 got me through to just after 3:00pm when it hit 10% and battery saver engaged. I had, in my bag an external USB battery pack (just in case) which then managed to get me about 75% charge in about an hour so I didn’t technically need to finds a mains plug (though without my USB battery pack, my day wouldn’t have finished earlier than planned)!

Inside the device

As you’d expect with the latest version, the internal components of Surface Laptop 4 have been upgraded from Laptop 3. For the first time Microsoft has the AMD’s Ryzen 5 processors available in the 13.5in laptop. The Intel version gets options of 11th-gen Core i5 or i7 chips and graphics has also been significantly improved thanks to the use of the built-in “Xe integrated” graphics.

Conclusion

The Surface Laptop 4 is (as expected) a premium quality, thin and light weight Windows 10 power-notebook from Microsoft.

The device is modern, sleek, is very light yet high quality and feels great to use. Its quick and responsive and definitely attracts that “jealous look” as Surface devices always seems to stand out in a crowd.

One of the other great things (small but important) with Surface over many other OEMs is the lack of any bloat ware. Surface comes with “just Windows 10 installed“, and the standard stock apps (including Office which needs to be activated). This means it runs fast out of box and you don’t spend hrs removing bloatware!!

A great laptop for home or work that won’t disappoint – just wish Microsoft would let me keep it!!

Registration open for ‘virtual’ Microsoft Inspire 2021 partner event.

Microsoft has opened registrations for this years Inspire 2021 virtual conference, which will be held on July 14th and 15th.

Microsoft Inspire is Microsoft’s largest (and global) annual partner event and as usual features several high-profile global execs including CEO Satya Nadella and EVP of Worldwide Commercial Business Judson Althoff.

What might we hear about?

Last year, there was huge news and updates around Azure,  Microsoft Teams, Microsoft Edge as you’d expect with also a focus on new services such as Microsoft Lists, and Power Automate Desktop.

This year we can expect to hear some new enhancements and updates and I expect to see a focus around the recently(ish) announced Microsoft Viva along with more updates around Windows (following the event on the 24th June) and probably some new things none of us are expecting… .

You can register for Microsoft Inspire 2021 on this page with your Microsoft account, Office 365, LinkedIn, or GitHub account.

See you there Microsoft partners…

Windows Virtual Desktop becomes Azure Virtual Desktop

Microsoft announced today that they are rebranding Windows Virtual Desktop (WVD) to Azure Virtual Desktop (AVD).

In the annoucement, Microsoft also said that a number of new enhancements (some of which have gone into public preview from today) are coming, which are part of the wider and longer term vision and the changing needs of customers. In the annoucement Microsoft said that the COVID19 pandemic has resulted in organisation moving rapidly to Windows Virtual Desktop for “secure, easy to manage, productive personal computing experience with Windows 10 from the cloud”.

Improved Azure AD Support

Azure Virtual Desktop will support the ability for users to domain join their virtual desktops directly to AAD using just their credentials. They are also fully removing the need for organisations to need Windows domain controller allowing Azure AD as the only or primary authoritive directory service.

Azure Virtual Desktop will also add further support for secure sign on and single sign on, bringing support for smart cards and FIDO2 keys

Another feature now out in public preview is the ability to enroll and manage Windows 10 Enterprise multi-sessions virtual machines through Endpoint Manager just like admins would for physical machines. This further improves the process of managing both physical and virtual desktops using the Endpoint Manager admin center.

Enhanced Endpoint Manager support.

Microsoft have said they are also adding support for IT to be able to automatically enroll these virtual machines using Microsoft Endpoint Manager (formerly Intune), bringing a much more “streamlined” deployment and management experience.

Also coming soon (and in public preview from today) is the ability to be able to enroll and manage Windows 10 Enterprise multi-sessions virtual machines through Microsoft Endpoint Manager in the same way that physical devices are managed today. This closes the management gap and streamlines the process of managing both physical and virtual desktops using the same Endpoint Manager experience.

New QuickStart Experience

Microsoft said that new deployment onboarding experience which will be available soon (in preview first naturally). This is designed to help organisations initiate fully automated deployments from the Azure portal using just a simple wizard style process.

New “per user” pricing model

Yes.. As it pricing and license wasn’t complicated enough, there are new pricing options coming for organisation to leverage Azure Virtual Desktop VDI and streamed applications in the form of a true SaaS based model.

To make this simpler, Microsoft have announced a new monthly per-user pricing

This new pricing will launch on January 1st, 2022, and will be $5.50 per user per month for apps, and $10 per user per month for apps plus desktops.

A launch promo will mean organisations will be able to use Azure Virtual Desktop for streaming first-party or third-party applications to external users at no cost from July 14, 2021, to December 31, 2021, after which they will need to keep paying for the underlying Azure infrastructure.

You can read about the pricing options here.

Is Windows 11 about to be unveiled?

Well… we will find out very soon as on 24th June, Microsoft are hosting a dedicated event to talk about the future of Windows. This will be led by CEO Satya Nadella and Chief Product Officer Panos Panay.

Over the past few months there’s been increasing new stories and rumours about the upcoming future and development in #Windows10 along with the official ‘cancellation’ of #Windows10X. The latest Windows Insider preview builds have certainly been teasing apsects of future changes but to date Microsoft haven’t shed any light or let any specific ninja cats out of the bag about the next big changes to the design…but that’s going to change!

Is this Windows 11?

We don’t know yet. But the recent tweet by Panos Panay suggests something is coming and it does look a bit like an 11!

Tweet by Panos Panay

The tweet has a link to register for the event Microsoft are hosting which you register for here.

What are we expecting to hear?

Hard to say… Windows 10 is almost six years old (wow.. same age as my eldest so) yet there are still many inconsistencies across the environment and still many legacy remains of the old Windows 7 and previous builds that still haven’t been replaced or removed.

It seems likley with Panos at the healm of future Windows development and strategy he will want to inject his own mark on to its future just like he did with the huge success and leading edge design around #Surface (yes.. I am a big surface fan I know!)

I do expect this to be another defining moment in the history of Windows as Satya Nadella said this is annoucement will unveil “one of the most significant overhauls to the personal computer operating system this decade

Time, date, registration please.

The Windows 10 event will kick off at 4PM UK time on June 24 and it will be live-streamed. The registration link also let’s you download a calendar link to add it to your outlook.

What are you hoping to see?

Interested in what you are hoping or expecting to hear about… Feel free to leave your comments in the comments section..

Thanks for reading.

Surface Laptop 4 launches with new work from home accessories for business.

SurfaceLaptop4

Today (Tuesday 13th April 2021), Microsoft officially unveiled the 2021 Surface Laptop 4.

Surface Laptop, in my opinion, has always been the best “looking” Surface device since it was first released back in 2017. Not only that but Microsoft say the Surface Laptop has the highest level of customer satisfaction across all its Surface devices. 

Speeds and Feeds

Let’s cut to the basics, Microsoft claim that Surface Laptop 4 is up to 70% faster, has significantly longer battery life (with up to 19 hours of battery life on the 13.5” AMD variant), updated colours, 11th Gen Intel Chipsets and Dolby Atmos Audio. Retains USB C and USB-A.

Surface Laptop 4

Above all this Surface Laptop and updated/new accessories has been designed for the hybrid worker which seems set to be the default for most post COVID-19.

Oh…new Surface Headphones “for Business” too

Along with the launch of Surface Laptop 4, Microsoft also announced new Surface Headphones 2+ for Business which have been designed for Microsoft Teams. In addition, the Surface Headphones 2+ battery is rated to 15 hours of voice use and includes 13 levels of adjustable noise cancellation. Microsoft have also included a USB dongle which has a LED indicator to show when the microphone is muted. 

These ship with a dongle (needed for Teams certification). Pricing is $299. Shipping now.

Oh…and Surface branded Webcam and USB-Speaker. 

Yep – you heard it right.  If you have your own home office and don’t need to rely on headphones or ear pods, then Microsoft has now launched their very own Surface branded Webcam and USB-C Speaker.  Pricing was confirmed at $99.99 and available from June.

Microsoft Teams Speaker

Next up, Microsoft announced the Surface webcam which offers true 1080p video resolution video (which beats the built in 720p camera) and provides a 78-degree field of view, support for HDR, and an integrated privacy shutter.  Cost is $69 and ships in June.

SurfaceWebCam

Both of these are important accessories to ensure calls are crisp and clear when working from home. Many still use cheap headsets or non-Teams certified devices so it’s great to see Microsoft release their own Surface branded accessories for their devices. 

Pre orders available now. 

 

 

 

The biggest announcements from MSFT Ignite 2021

So, it wouldn’t be a Microsoft event (#MSIgnite) without a handful of “wow” demos, updates, and new products announcement both in preview and GA across Teams, the wider Microsoft 365 platform, Azure, Windows 10 and Power Platform, but without doubt the biggest “thing” to happen at Ignite this year was Mcirosoft Mesh.  Anyway, here’s my 

As in previous years), Microsoft have published their “encyclopaedia” if you like, of Ignite (the #BookOfIgnite ) which covers all the announcements in detail along with links to blogs and tech articles.

This post, on the other hand is a summary of my personal “top 3” announcements across each of the core solution areas. Of course, depending on your role, line of business and priorities, and interests, you will have your own favourites so feel free to let me know yours in the comments.

 

Microsoft Mesh

This stole the show from the moment the keynote started and was without question the biggest news of Ignite 2021. Much of the keynote and later sessions were available to watch live AltSpace VR in both Mixed and Virtual Reality. Mesh is Microsoft’s new Mixed Reality Platform which is designed to allow people who are in physically various locations to join collaborative and shared holographic experiences across many kinds of devices.

The business case for Mesh builds upon the success of HoloLens 2 and is designed (and was highlighted) for organisations to let their teams joined shared virtual spaces for collaborative meetings, where everyone will appear as virtual avatars (reminds me of the holograms in the StarWars). Microsoft say that their target audience is both enterprise and commercial customers. Microsoft Mesh can be accessed through an updated version of AltSpace VR, which is Microsoft’s VR platform. Microsoft Mesh will be coming to HoloLens via a dedicated app and solutions built through Mesh by developers will also be able to be tailored/supported to Windows Mixed Reality, PCs, Macs, Smart Phones, and headsets like Oculus.

Microsoft Teams

Teams Ignite Features
Highlight of new Teams Meeting Features

 

Always needing its very own category, my top 3 in this category are:

1. Improvements for Teams Meetings and Live Events.

    • Teams can now be used to create and run fully interactive webinars for up to 1,000 attendees and will also support webinars with up to 20,000 attendees from later this month. This will also be included for any customer with Office 365 E3 and more without any additional licenses or cost.
    • Dynamic View for Teams meetings will be released next month and is all about ensuring more inclusive and natural meetings for remote/hybrid meetings making them more engaging. Dynamic view uses AI to adjust elements of the meeting to allow for display different modes such as charts, chats, etc next to video feeds as well as an overlay of presenter video and presentation space.
    • Improved privacy and security in meetings – with meeting-only meeting controls and end-to-end encryption in one-to-one calls.
    • PowerPoint Live in Teams is available now. The much-requested feature combines slides, notes, and meeting chat in a single view to help make presentations easier for speakers and presenters and to make them more engaging for attendees.

2. Teams Connect

A new channel-sharing feature coming to Teams “later” this calendar year. This will enable users to share channels with anyone, internal or external. Unlike guest access, the shared channel will appear within a user’s primary Teams tenant, alongside other Teams channels meaning that “multiple organisations can share a single channel” that all members can then access from their own Teams environments. Channel sharing seems is great for scenarios where multiple organisations are collaborating on a specific project for example. Guest Access isn’t going anywhere and is still relevant as this is more suited to situations where an external organisation or person needs broad access to data, meetings, and information, beyond just a specific channel. This is currently in “private preview”.

3. Teams Calling Updates

  1. Direct Routing and Survivable Brach Appliances: With the explosion of customers enabling and migrating to PSTN calling in Teams from traditional IP PBXs, the use of Direct Routing grown 8-fold, Microsoft announced several new certified Session Border Controllers (SBC) for Direct Routing, with 6 new SBCs completing certification in just the past 3 months. Additionally, to add resiliency to the most critical locations, Survivable Branch Appliance (SBAs) are now generally available, enabling PSTN calling in the event an outage does not allow the Teams client to directly connect to Microsoft 365 global services.

  2. Operator Connect Conferencing brings an “operator-managed service” that provides “bring your own operator” for conferencing, meaning customers can keep their preferred operator contracts in place as they migrate their PSTN infrastructure to the cloud. This also allows additional geographic dial-in coverage, enhanced support, and reliability with locally agreed technical support and SLAs. This enters private preview from June, with the initial wave of qualified partners, including BT, Deutsche Telekom, Intrado, NTT, Orange Business Services, and Telenor.

  3. New Cloud Calling Plan Countries were also announced, with Microsoft native calling plans coming to 8 new markets from April 2021 including New Zealand, Singapore, Romania, Czech Republic, Hungary, Finland, Norway, and Slovakia, bringing native Microsoft Teams Calling Plans to 26 markets across the globe.

    Teams Calling Countries - April 2021

Identity, Security & Compliance

1. Identity

Focusing on helping organisations deliver on their Zero Trust strategy including, 

    1. Password-less authentication which is now “generally available” for cloud and hybrid environments meaning customers can move towards a truly password-less world leveraging multi-factor authentication and risk based conditional access to provide just in time, assume breach, challenge everything approach to identify and access management without the need for passwords.

    2. Azure AD Conditional Access now uses authentication context to enforce more granular policies based on user actions across the applications they are using or the sensitivity of data they’re trying to access.

    3. Azure AD verifiable credentials will be in public preview later this month. Verifiable credentials allow organisations to confirm information without collecting or storing personal data, improving security and privacy.

2. Security announcements

A wealth of announcements here as well, all of which will further strengthen, Microsoft’s commitment to deliver the absolute best security protection, detection, and response for all clouds and all platforms:

    1. Azure Sentinel now seamlessly integrates with Microsoft 365 Defender with shared incidents, schema, and user experiences to simplify investigations for a totally aligned view and remediation surface.
    2. Endpoint and Office 365 defender capabilities are now also integrated into the Microsoft 365 Defender portal.

    3. New Threat Analytics experience within the Microsoft 365 Defender portal provides a set of reports from expert Microsoft security researchers designed to help customers understand, prevent, and mitigate active threats, like the recent Solorigate / SolarWinds attacks.

    4. The Secure-core services that are now build into Surface devices (and other leading Windows 10 devices) is also coming to Windows Server and Azure edge devices to help minimise risk from firmware vulnerabilities, attacks, and advanced malware in IoT and hybrid cloud environments.

3. Compliance announcements

    1. Co-authoring of Microsoft Information Protection-protected documents will be available in “public preview” from this week. This in my experience the number one blocker of being able to properly deploy organisational wide information protect across SharePoint sites, Teams, and individual documents since currently (well, prior to this announcement) it was not possible to co-author docs that were encrypted which makes most of the power of Modern Office 365 and co-authoring useless. This feature helps significantly close the gap between security and productivity.

    2. Microsoft Azure Purview was announced in more detail. Purview provides new cross-platform support and deeper insight into data classification and protection across structured and un-structured data across on-premises, data bases, Microsoft Cloud and third-party services including Google and AWS – it’s Azure Information Protection on steroids!

    3. Microsoft 365 data loss prevention (DLP) now supports Google Chrome browsers and on-premises file shares and SharePoint Server as well as SharePoint Online and of course Microsoft’s Edge (Chromium based) browser.

    4. Microsoft 365 Insider Risk Management Analytics was released into public preview.

Power Platform

1. Power Automate Desktop was made free!

This is really really big news for any organisation that is looking, using, or intending to use Robotic Process Automation (RPA).  Power Automate Desktop is a an “attended Robotic Process Automation” solution which is a macro recorder on steroids. You can download it now if you want to try it. It will be available first for #WindowsInsiders to try (built into Windows 10), however it will eventually be rolled out to Windows 10 as a core product (most likely as an optional feature). Until now, a per user for month for the tool would cost about £12 a month. Power Automate currently has circa 400 actions to help build flows across different applications and the best part is that it enables you to build your own scripts to automate time consuming repetitive tasks which saves time and money. Microsoft’s goal here is to “democratise the development for everybody with Power Platform” by making no-code/low-code accessible to everyone not just developers.

2. PowerFX (a new low code programming language) was announced.

PowerFx is a low code programming language that is based on the foundation of the Microsoft Power Apps canvas. What’s great is that since Power Fx is based on Microsoft Excel, it will naturally be a great fit for a wide range of people since it will leverage skills, they “many” already know and becomes a common ground for business users and professional developers alike to express logic and solve problems. Microsoft also said they were planning make Power Fx, open source, making the language available for open contribution by the broader community on GitHub.

3. Dynamics 365 now seamlessly integrates with Microsoft Teams

This ensures conversations, calls, meetings, and chat will be available across dynamics 365 – within opportunities, sales, marketing, finance, and operations.

Windows 10

Windows 10 usually gets a backseat at Microsoft Ignite (as it typically focusses on cloud services and new things), but this year, there were some things which resonated.

1. Power Automate Desktop

As discussed above, Power Automate Desktop was announced and will be free for all Windows 10 users including Windows 10 Home and Pro and not just to Enterprise users. You can read more about this above.

2. Windows 10 in Cloud 

Simply put, cloud configuration is a Microsoft-recommended device configuration for Windows 10, cloud-optimised for users with specific workflow needs. IT admins use Microsoft Endpoint Manager to apply a standard, cloud-based, easy-to-manage configuration of Windows 10 to a selected set of new or existing devices. The configuration works on devices running Windows 10 Pro or Windows 10 Enterprise and may be appropriate for workers who only need a limited number of IT-curated and approved applications to meet their targeted workflow needs. User accounts are registered in Azure Active Directory and devices are enrolled for cloud management in Intune, so they are automatically updated with continuous product and security updates.

Microsoft announced that the newly announced Windows 10 in Cloud has now been integrated into Microsoft Endpoint Manager, which will make it even easier to provide a secure device configuration regardless of the type of worker. Microsoft also made a full “Windows 10 in cloud configuration overview and setup guide” available which is designed to help solution integrators, partners, and internal IT teams to apply a uniform, secure and easy-to-manage cloud-based configuration of Windows 10 Professional or Enterprise devices.

3. New version of Windows 10 Perhaps?

Well maybe! During a Fireside chat session at Ignite, Surface and Windows Lead, Panos Panay “teased” of some major updates and design changes coming to Windows. Windows 10 Insider LogoThese were very much hints and teases than any firm commitments but talked a lot about the fact that Microsoft has not “talked about the next generation of Windows for a while” and that he was “so pumped” for it – ending with “it’s going to be a massive year for Windows.”


Written: 05 March 2021

Windows 10 v21H1 available “now” if you want to try it early.

Microsoft last night shared all the details about Windows 10 version 21H1, which is the, the next version / ok update to Windows 10 which will be formerly released at sometime late spring.

As expected, this update is another minor update just like 20H2 was back in October 2020 and this will actually be the first time since Microsoft shifted to a bi-annual release cycle that the “Spring” update for Windows 10 is a just a minor one. This means there won’t be any new major feature additions (as the October 2020 Update was the previous year).

If you are a WindowsInsider in the beta channel, you can get Windows 10 version 21H1 today.

How to download it

To download it, you’ll need to go to Settings > Update & Security > Windows Update and then choose to download and install the 21H1, which is build number 19043.844 (KB4601382). The installation process is quick (my Surface Go took about 15 minutes) and its a similar upgrade path/patch experience from version 2004 to 20H2.

Getting Windows 10 21H1 from Windows Update

What will 21H1 bring?

Windows 10, version 21H1 brings with it a new set of features that are designed to improve security, remote access and quality. “The are focused on the core experiences that customers have told us they’re relying on most right now,” explained John Cable, Vice President, Program Management, Windows Servicing and Delivery.

New features in Windows 10 version 21H1 include multi-camera support for Windows Hello, which allows users of PC/laptop with an integrated camera to use an external camera (hello certified) for authentication and sign-in. This update also brings performance improvements for Windows Defender Application Guard as well as Windows Management Instrumentation (WMI) Group Policy Service (GPSVC) updating, the latter getting support for more remote work scenarios.

There’s also a usual long list of big fixes and minor cosmetic updates as you’d expect.

Windows 10 version 21H1 will be available for non-insiders “later in the first half of this calendar year,” John Cable said , and we should get a final release date in the next week or so.

You can get this today of you are a WindowsInsider in the Beta channel. It is optional.

Windows 10 animated Gif (why not)

Microsoft Edge now alerts you if any of your online passwords are leaked!

Password Dialogue Screen

Let’s face it – all of us re-use our passwords across different systems, and most use one password for pretty much everything they online – and whilst these may be secure (and yes, some sites may enforce MFA – that’s something at least), if just one of these sites/company’s get’s breached – then your password is out there!!!

Microsoft are trying to help prevent this – well, at least make sure you know so you can do something about it quickly…

Whilst anyone running Beta or Dev version of Edge have had this for a while, the latest “stable” update to roll out this week, has introduced / released probably of the most important feature to help users (everyone) understand anywhere where their password may have been breached/compromised – not just on their Office 365 or laptop credentials but across any (and i mean) any web site or SaaS service they use in Edge.

Introducing Password Monitor in Edge

Microsoft have released a new feature called Password Monitor (which is included in Edge build 88 and later), which notifies users if any of their saved passwords have been found in a third-party breach.

Edge Password Monitor Graphic

This is done by using password hash comparison (so Microsoft doesn’t actually learn or store passwords anywhere), so users can be assured that neither Microsoft nor any other party can learn the user’s passwords while they are being monitored for breach.

When you turn on Password Monitor, Edge  starts periodically (you can force it too) checking the passwords you’ve saved in the browser against a huuuuuuge database of known leaked passwords that are stored in the cloud. If any of your passwords match those in the database, they’ll appear on the Password Monitor page in Microsoft Edge Settings. and you also get a pop-up notification if new ones are found. What this is basically telling you is that “any passwords listed there are no longer safe to use” and you should change them immediately – pretty damn useful advice for anyone!
 

Why this so important

Each year, hundreds of millions of usernames and passwords are exposed online when websites or apps become the target of data leaks and as i mentioned at the start, whilst the public are regularly cautioned against reusing the same username and password combination for more than one online account, it’s a common practice, which leaves them vulnerable on multiple sites when even one passwords gets leaked. Even if your password is complex – it only takes one site to be leaked and your password and username is out there – its like leaving the front door of your house wide-open.

Leaked usernames and passwords often end up for sale on the online black market, commonly referred to as the Dark Web. Hackers use automated scripts to try different stolen username and password combinations to hijack people’s accounts. If one of your accounts is taken over, you can be the victim of fraudulent transactions, identity theft, illegal fund transfers, or other illegal activities and bear in mind many of these sites allow you to save or store payment information, address information, family information on them – perfect for an identity theft!

Password Monitor helps protect your online accounts in Microsoft Edge by informing you when any of your passwords have been compromised, so you can update them. Changing passwords immediately is the best way to prevent your account from being hijacked.

Enabling Password Monitor

This new feature is not enabled by default. In order to active this, you need to carry out these simple steps

  1. Sign in to Microsoft Edge using your Microsoft account or your work or school account.
  2. Navigate to Settings and more > Settings > Profiles > Passwords.
  3. Turn on Show alerts when passwords are found in an online leak.
  4. Any unsafe passwords will then be displayed on the Password Monitor page.

Screenshot of settings in Edge

If you are signed in and syncing your passwords, Password Monitor is automatically enabled in your browsers – auto enablement

When you first enable Password Monitor for the first time, all your passwords will be checked to see if any of them have been compromised. If any of your passwords match those in the list of known leaked passwords, a notification appears:

 

This notification appears only once each time a new password is found to be unsafe. Microsoft give you two options at this point:  – view the details or dismiss the notification – its ok you can come back to them later. 

 

Responding to notifications

If Edge informs you that a user / password combination has been breached / therefore is no longer safe, can go here to learn more :

Settings and more > Settings > Profiles > Passwords > Password Monitor.

Here you will see a list of all the unsafe passwords Microsoft has found, and then for each account listed on the page you can be redirected to that site to allow you to update and change your password.  If an entry in the list of compromised passwords is no longer relevant (you may have deleted your account for example), you can click ignore – remember though, if just one site is breached and you use that account elsewhere – change it!

Microsoft have provided a nice Q&A and support page for this here: Password Monitor support page.

 

Read More about how Password Monitor works

Password Monitor will be made available to Edge users on a rolling basis so it will not be immediately visible to everyone.

You can read more about how this works and why is such a vital step forward for privacy, security and control of your online life here: Password Monitor: Safeguarding passwords in Microsoft Edge – Microsoft Research

Say Hello to the SurfacePro 7+

Surface Promo

Microsoft today have announced some subtle but important updates to their Surface family which I wanted to share with you quickly.

As always, I welcome any comments and thoughts – are you a fan or always on Surface range? What’s your thoughts on Hub 2S?

Surface Pro 7+ (not the “Pro 8”) Launched

The Surface Pro 5 shipped with an LTE variant which was and remained popular but neither the Pro 6 nor Pro 7 included an LTE variant which was extremely frustrating for organisations that wanted always on Surface Devices. Until now the only way to that was to move to the ARM based Surface Pro X or the baby Surface Go LTE...until now that is!

Announcing -the Surface Pro 7+ (yes, not sure why it’s not the Pro 8)

Image of Surface Pro 7+
Image of the Surface Pro 7 plus (courtesy Microsoft)

 

The Pro 7+ includes the following key updates to last year’s Surface Pro 7:

  • 11th Gen Processor options
    • Dual-core 11th Gen Intel® Core™ i3-1115G4 Processor (Wi-Fi)
    • Quad-core 11th Gen Intel® Core™ i5-1135G7 Processor (Wi-Fi or Wi-Fi AND LTE)
    • Quad-core 11th Gen Intel® Core™ i7-1165G7 Processor (Wi-Fi)
  • Same form factor as Pro 7
  • 2.1x faster than the Pro 7 (10th Gen) 
  • Optional LTE Support on select models
  • Battery is bigger and longer with 4.5x better than the Pro 5 LTE
  • Now includes removable SSD – like the Surface ProX

 

Surface Hub 2S 85”

The latest news here is that shipping of the latest giant 85″ Surface Hub has started shipping with US, UK and other shipping this month (existing orders) and EU following in early Feb followed by other regions such as Asia-Pac / India etc by March 2021.

Surface Hub 2S 85"

Surface Hub2S 85″ (courtesy Microsoft)

Microsoft spent a bit of time focusing on the huge achievements they have made here, not just on getting the device ready, but getting it ready for shipment and fulfilment globally – which given the pressures on manufacturing due to COVID-19 and Microsoft’s previous “challenges” in getting Surface Hub v1 into market this was well called out!

For those not familiar, Hub 2 S 85″ is a beast but a thing of beauty. If builds on the gorgeous look and familiar Surface family feel but also provides a nice upgrade to the (now 5-year-old) Surface Hub V1 84″. It’s still heavy at 85kgs but won’t require 4 of the “world’s strongest man contestants” at least to move into position and wall mount it. There’s also of course the familiar Steelcase wall mounts and roam stands available.

You can see the full spec’s in the image below

Surface Hub 2S 85" Specs