1. Windows 7
Overview

2. Windows 7 Builds on Windows Vista Deployment, Testing, and Pilots Today Will Continue to Pay Off
Similar Compatibility:
Most software that runs on Windows Vista will run on Windows 7. Exceptions will be low level code (AV, Firewall, Imaging, etc).
Hardware that runs Windows Vista well will run Windows 7 well.
Few Changes: Focus on quality and reliability improvements
Deep Changes: New models for security, drivers, deployment, and networking

3. Windows 7 for the Enterprise
Make Users Productive Anywhere
Enhance Security & Control
Streamline PC Management
At their desk
In a branch
On the road
Protect data & PCs
Built on Windows Vista foundation
Easy migration
Keep PCs running
Virtualization

4. Remote Access for Mobile Workers Make Users Productive Anywhere
Microsoft Confiential: Preliminary Information: NDA Only
Remote Access for Mobile Workers Make Users Productive Anywhere
Windows 7 Solution
Situation Today
DirectAccess
Office
Home
Office
Home
Difficult for users to access corporate resources from outside the office
Challenging for IT to manage, update, patch mobile PCs while disconnected from company network
New network paradigm enables same experience inside & outside the office
Seamless access to network resources increases productivity of mobile users
Infrastructure investments also make it easy to service mobile PCs and distribute updates and polices

5. AD Group Policy, NAP, software updates
DirectAccess
Support IPv4 via 6to4 transition services or NAT-PT
IPv6 Devices
IPv4 Devices
IT desktop management
DirectAccess provides transparent, secured access to intranet resources without a VPN
Allows desktop management of DirectAccess clients
Native IPv6 with IPSec
AD Group Policy, NAP, software updates
IPv6 Transition Services
Internet
Supports direct connectivity to IPv6- based intranet resources
DirectAccess
Server
Supports variety of remote network protocols
Allows IPSec encryption and authentication
Windows 7 Client

6. Name Resolution: DNS and the NRPT
DirectAccess Connection
Internet Connection
Remote DirectAccess clients utilize smart routing by default
The Name Resolution Policy Table allows this to happen efficiently and securely
Sends name queries to internal DNS servers based on pre-configured DNS namespace

7. NRPT Client side only Requires a leading dot
.ad.contoso.com
2001:db8:b90a:c7d8::178
2001:db8:b90a:c7d8::183
.lab.contoso.com
2001:db8:b90a:c7a8::202
*.sql.contoso.com
2001:db8:b90a:c7e4::801
NRPT
Client side only
Requires a leading dot
Static table that defines which DNS servers the client will use for the listed names
Configurable via GPO at Computer Configuration |Policies|Windows Settings|Name Resolution Policy
Can be viewed with NETSH name show policy

8. Two Factor Authentication (TFA)
Not required; fully supported
Edge based enforcement: a smarter way to enforce TFA
User is assigned a well- known SID when they log on with a smartcard S
User may logon to laptop without TFA
When user accesses corporate resources,
IPsec authorization policy checks for this SID
If SID is not present…

9. Branch Office Network Performance Make Users Productive Anywhere
Microsoft Confiential: Preliminary Information: NDA Only
Branch Office Network Performance Make Users Productive Anywhere
Windows 7 Solution
Situation Today
BranchCache™
Application and data access over WAN is slow in branch offices
Slow connections hurt user productivity
Improving network performance is expensive and difficult to implement
Caches content downloaded from file and Web servers
Users in the branch can quickly open files stored in the cache
Frees up network bandwidth for other uses

10. Distributed Cache Get Get Get Get Main Office Branch Office Data DataID ID
Get
Get
Get
Branch Office
Get
Data

11. Hosted Cache Get Get Get Search Get Search Offer Request Put
Main Office
Get
Data
Data ID ID
Get
Get ID
Get
Search
Search ID
Data
Offer ID
Request ID
Data
Put
Branch Office

12. Hosted cache vs Distributed
Microsoft Confiential: Preliminary Information: NDA Only
Hosted cache vs Distributed
Enterprise
Hosted Cache
Data cached at the host server
Recommended for larger branches
Cache stored centrally: can use existing server in the branch
Cache availability is high
Enables branch-wide caching
Distributed Cache
Distributed Cache
Data cached amongst clients
Recommended for branches without any infrastructure
Easy to deploy: enabled on clients through Group Policy
Cache availability decreases with laptops that go offline

13. Deployment Group Policy to enable clients
Branch Office
Branch Office
Install BranchCache™ feature R2 content servers
Hosted
Cache
Branch Office
IIS
File Server
Optionally, install a hosted cache in your branch.
Group Policy
Management
Main Office

14. Additional configuration options
Enable / disable distributed cache mode
Enable / disable hosted cache mode
Set the cache size
Set the location of the hosted cache
Clear the cache
Create and replicate a shared key for use in a server cluster
And more …
Works in domains and workgroups

15. Monitoring Event logs - Operational logs & Audit logs
Perfmon counters - Client, hosted cache and Content Server
netsh for querying the infrastructure for potential problems
Cache size too small, firewall issues, certificate problems etc
SCOM Management Pack - for rolling all the information up

16. Security of Data at Rest
Clients
Cache only contains content requested by the client
Data in cache ACL’d so that it is only accessible if authorized by the server
If data leakage is a concern, then use BitLocker or EFS
Hosted Cache
Cache contains content requested by all branch clients
Use BitLocker or EFS to encrypt cache as necessary
All data can be purged from the cache using netsh

17. Scale and Performance Scale MSIT pilot in Belgium
Distributed cache scales well to approximately 100 users per branch
WS-Discovery traffic is a key consideration
Results may vary
Highly dependant on content, workload and usage patterns
Hosted Cache scalability is comparable to standard file server workloads
MSIT pilot in Belgium
Approximately 70% reduction in \\products\public related SMB traffic

18. BitLocker - Data Protection Enhance Security & Control
Microsoft : Preliminary Information: NDA Only
BitLocker - Data Protection Enhance Security & Control
Users store increasing volumes of data, including sensitive or data on the removable storage devices
Removable storage devices are easy to lose and, unlike PC, the loss may go unnoticed for a while
Windows 7 Solution
Situation Today
BitLocker To Go™ +
Protect data on internal and removable drives
Mandate the use of encryption with Group Policies
Store recovery information in Active Directory for manageability
Simplify BitLocker setup and configuration of primary hard drive

19. Application Control Enhance Security and Control
Microsoft : Preliminary Information: NDA Only
Application Control Enhance Security and Control
Windows 7 Solution
Situation Today
AppLocker™
Users can install and run unapproved applications
Even standard users can install some types of software
Unauthorized applications may:
Introduce malware
Increase helpdesk calls
Reduce user productivity
Undermine compliance efforts
Eliminate unwanted/unknown applications in your network
Enforce application standardization within your organization
Easily create and manage flexible rules using Group Policy

20. Microsoft : Preliminary Information: NDA Only
AppLockerTM
Technical Details
Simple Rule Structure: Allow, Exception & Deny
Publisher Rules
Product Publisher, Name, Filename & Version
Multiple Policies
Executables, installers, scripts & DLLs
Rule creation tools & wizard
Audit only mode

21. Publisher Rules Rules based upon application digital signatures
Can specify application attributes
Allow for rules that survive application updates
“Allow all versions greater than 12 of the Office Suite to run if it is signed by the software publisher Microsoft.”

22. Simple Rule Structure Allow Deny Exception
Limit execution to “known good” and block everything else
Deny
Deny “known bad” and allow execution of everything else
Exception
Exclude files from allow/deny rule that would normally be included
“Allow all versions greater than 12 of the Office Suite to run if it is signed by the software publisher Microsoft EXCEPT Microsoft Access.”

23. Rule Targeting Per User
Rules can be associated with any user or group
Provides granular control of specific applications
Supports compliance by enforcing who can run specific applications
“Allow users in the Finance Department to run…”

24. Multiple Rule Sets Rule Types
Executable
Installer
Script
DLL
Allows construction of rules beyond executable only solutions
Provides greater flexibility and enhanced protection
“Allow users to install updates for Office as long as it is signed by Microsoft and is for version 12.*”

25. Full Fidelity RemoteApp and Remote Desktop
RemoteApp and Remote Desktop connections
RemoteApp and Remote Desktop icons integrate into the Start menu
Icons refresh and update automatically
Multimedia support and audio input
Experience rich multimedia redirection
Use VoIP applications and speech recognition
True multiple monitor support
Use up to 10 monitors of any size or layout with RemoteApp and Remote Desktop
Applications behave like users expect – e.g. PowerPoint installing them locally
Aero Glass for Remote Desktop Server
Uses have the same new Windows 7 look and feel when using Remote Desktop Server
RemoteApp language bar support
Configure applications that use different language settings than the local language (such as right-to-left languages)

26. Virtual Desktop Infrastructure Streamline PC Management
Microsoft : Preliminary Information: NDA Only
Virtual Desktop Infrastructure Streamline PC Management
Windows 7 Solution
Situation Today
Richer Remote Experience
Richer graphics with improved multi-monitor support
Use voice for telephony & applications with microphone support
Improved printing
What is Virtual Desktop Infrastructure?
Do More With VHDs
Maintain VHD: Offline servicing of VHD images with same tools used for WIM
Boot from VHD: Reuse VHD files for deployment to managed desktop PCs
Deploying desktops in virtual machines on server hardware
Centralized management & security
Users can access their desktop and applications wherever they are *
Using Windows for VDI scenarios requires additional VECD license

27. Search in the Enterprise Make Users Productive Anywhere
Microsoft Confiential: Preliminary Information: NDA Only
Search in the Enterprise Make Users Productive Anywhere
Windows 7 Solution
Situation Today
Search Federation
Consistent experience to find data from multiple locations, including SharePoint sites
Users and IT can pre-populate Favorites in Windows Explorer to remote search sites that support OpenSearch protocol
IT can point users to select search sites w/Enterprise Search Scopes   
Current desktop and Enterprise search solutions are good, but not integrated
Users need to take different steps to find data on PC and data on servers
Data sources are hard to discover

28. Windows 7 Manageability
Increased Automation to Reduce Costs
Reduce Help Desk Calls and Keep Users Productive
Flexible Administrative Control
Windows PowerShell 2.0
Integrated Scripting Environment
Windows Troubleshooting Platform
Remoteable Reliability Data
Problem Steps Recorder
Enhanced Group Policy Scenarios
Group Policy Scripting
Group Policy Preferences

29. What is Windows PowerShell?
Console
Interactive commands
Query and configure
Run jobs
Scripting language
Automate everything
Sharable and reusable

30. PowerShell Remoting To use Local and remote computer need:
Windows PowerShell 2.0
Microsoft .NET Framework 2.0 or later
Windows Remote Management 2.0
To configure PowerShell remoting:
start PowerShell as admin
Use enable-psremoting cmdlet
Configures firewall and Winrm Service

31. Windows PowerShell Remoting
Use the ComputerName parameter with select cmdlets
Get-Process –ComputerName Berlin
Run a command on remote computer
Invoke-Command –ComputerName Berlin ` ScriptBlock { HostName}
Open a PowerShell session on remote computer
Enter-PSSession –ComputerName Berlin
[berlin]: PS C:\> HostName
[berlin]: PS C:\> Exit-PSSession

32. Deployment Enhancements
4/20/2017 1:04 PM
Deployment Enhancements
IMAGING
DELIVERY
MIGRATION
Deployment Image Servicing and Management
Add/Remove Drivers and Packages
WIM and VHD Image Management
Windows Deployment Services
Multiple Stream Transfer
Dynamic Driver Provisioning
VHD and WIM Support
User State Migration Tool
Hardlink Migration
Offline File Gather
Improved user file detection
INTEGRATED SOLUTIONS CONTINUE
Microsoft Assessment and Planning
Application Compatibility Toolkit
Microsoft Deployment Toolkit
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33. Windows Optimized Desktop
Core PC Platform
Unique Value with SA+MDOP

34. Windows Optimized Desktop: Windows 7 & MDOP Investment areas
4/20/2017 1:04 PM
Windows Optimized Desktop: Windows 7 & MDOP Investment areas
Make Users Productive Anywhere
Improve Security and Control
Streamline PC Management to Save Costs
Direct Access
BranchCache
Federated Search
Navigation
App-V
MED-V
BitLocker
BitLocker To Go
AppLocker
Security development lifecycle
AIS
PowerShell
Windows Troubleshooting Platform
Deployment Tools
VDI Enhancements
DEM
DART
AGPM
MDOP
Fundamentals
Performance | Reliability | Compatibility
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35. Why my customers need MED-V
Why my customers need MED-V? The challenge of upgrading to a new operating system
First upgrade – then migrate!
Test
Migrate
Upgrade
Test compatibility of all applications with the new OS
Migrate or replace incompatible applications
Upgrade the organization to the new OS

36. Introducing Windows Virtual PC
Primary Audience: Developers / IT
Typical guest OS: Multiple Guest OS
Scenario: Windows XP Compatibility for small businesses with no IT
Cost: None. Virtual Windows XP is included with Windows 7 Pro
Features: Seamless integration, USB device support

37. How MED-V Relates to Windows XP Mode
Windows Virtual PC (“XP Mode”) Provides the Ease of Use for End Users
A preconfigured virtual Windows XP SP3 (32bit) environment
Easy to install your applications on Windows XP and run from Windows 7 desktop
Well integrated into Windows 7
Designed for small businesses and consumers
MED-V – Application-OS compatibility for the Enterprise
Deploy virtual Windows XP images and customize per user
Provision and define applications and websites to users
Control Virtual PC settings
Maintain and Support endpoints through monitoring and troubleshooting
MED-V will not require PCs to have hardware assisted virtualization (e.g. Intel VT, AMD-V)
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38. MED-V – Deploying Virtual PCs in the Enterprise
MED-V* Centrally Manages Virtual Windows Environments
Deploy – deliver virtual Windows images and customize per user
Provision – define which applications and websites are available
Control – set usage permissions and Virtual PC settings
Maintain and Support - monitor and troubleshoot end points
MED-V will provide a solution for enterprise devices without hardware assisted virtualization (e.g. VT)
Windows Virtual PC Provides the Ease of Use for End Users
Run Windows XP or other Windows environments on Windows 7
Install and launch Windows XP applications from Win7 Desktop

39. Architecture and Features

40. Architecture

41. Software Distribution
MED-V v1 Architecture
Software Distribution

42. Increased Value in Optimized Desktop
Make Users Productive Anywhere
DirectAccess
BranchCache™
Enterprise Search Scopes
Enhance Security and Protect Data
BitLocker & BitLocker To Go
AppLocker
Streamline PC Management
MUI Language Packs
VDI Enhancements (VDI requires VECD license)
Boot from VHD
Subsystem for UNIX
4 Virtual Operating Systems
Network Boot License

43. MED-V v1 Key Capabilities
Deploy and provision
Deploy IT-managed virtual XP environment to end users
Enable customization in heterogeneous desktop environments
Automate first-time virtual PC setup (e.g. initial network setup, computer name, domain join)
Application provisioning based on Microsoft Active-Directory® users/groups
Assign a virtual image and define which applications are available to the user
End users seamlessly use Windows XP applications on their Windows 7 desktop
End users automatically see Websites that require Internet Explorer 6 in the virtual environment
Enable incompatible applications
Centrally define Virtual PC settings (e.g. Adjust virtual PC memory allocation based on available RAM on host)
Centrally monitor endpoint clients
Provide helpdesk tools to diagnose and troubleshoot virtual PCs
Control and Monitor

44. Typical Virtual Image life-cycle
Create a master image
Include common software, security and management tools
Package the image and distribute
Via existing software distribution (e.g. System Center)
Image is customized and joined to domain
Unique name is assigned for identification
Remotely manage as any Windows XP desktop
Install applications
Apply patches and updates

45. MED-V v1 System Requirements
Windows Vista SP1/2 – 32-bit (2GB RAM Recommended)
Windows XP SP2/3 - 32bit (1GB RAM Recommended)
Support for Windows 7 (32bit + 64bit) will be added in Q1 CY2010 via MED-V 1.0 SP1
Client
Microsoft Virtual PC 2007 SP1 (+QFE) MED-V does not require hardware assisted virtualization (e.g. Intel VT, AMD-V)
Guest OS: Windows XP Pro SP2/3, Win2000 SP4
Guest browsers: Internet Explorer 7 or 6 SP2
Virtual machine :
Windows Server 2008 (Standard/Enterprise). (SP1 will add support for Windows Server 2008 R2)
IIS web server for image delivery (Optional)
Optional - SQL Server 2008 (any edition) or SQL Server 2005(SP2 Enterprise ) for reporting
Server
English UI , with support for localized OS: French, German, Italian, Dutch, Spanish, Portuguese (Brazil)
Languages

46. Summary - MED-V Customers Say…
“MED-V will be very beneficial as we upgrade more machines to Windows Vista, and eventually to Windows 7, because we’ll be able to run legacy applications that require a previous operating system in Virtual PC images on the new desktops.”
TUEV Nord (8,000 employees)*
“We found that MED-V really solved our application compatibility problems. It allowed us to deploy the applications, where third party vendors were not providing a supported version. Where we used to have hundreds of images, we were able to move to one [Windows] Vista image, and use MED-V to deploy [legacy] applications on top of that”
Belfast Health and Social Care Trust (22,000 staff)**
“MED-V saves us time in standardizing our desktop across the multiple entities of the Belgacom group… With thousands of users in our environment, MED-V will significantly reduce the time required for testing and migrating the applications we have.”
Belgacom Group
* Microsoft case study,
** Excerpt from EMA Brief: “Introduction to the Benefits of Local Desktop Virtualization” April 2009

47. APP-V and Windows 7 Overview
Microsoft Confiential: Preliminary Information: NDA Only
APP-V and Windows 7 Overview

48. App-V for the Enterprise Package, Stream, Manage
App-V for the Enterprise Package, Stream, Manage. Application virtualiization isolates applications to create a conflict free environment with manageability as the cornerstone to successful service delivery.
Application Virtualization Made Easy
Flexible Management
Built-In
Proven. Real Business Results.
No user learning curve. Click to launch any virtual application anywhere
Simplify your next Windows rollout
Easily prepare Virtual Applications and Dependencies for Deployment.
Flexible deployment and streaming options for all business needs.
Readily Accessible Applications for Users, Manageable for IT.
Virtual Application Management in the box.
Mature and Proven
Save Time & Money. Deploy Applications Virtually
Partners ready to move you from Proof of Concept to Production

49. Microsoft Application Virtualization
Application Sequencing – The gateway to Microsoft Application Virtualization
Windows Application CD
Windows Application Installer
Unpackaging
Streaming Server
Linearization
Optimization & Compression
Virtualized Application
MSI Standalone
Microsoft Application Virtualization Sequencer
The admin has the option to stream the virtual application or create an MSI wrapper for Standalone Mode delivery
The Sequencer produces the virtual application package containing the application and its dependencies.
Rapidly packages applications through active watch technology including execution dependencies.

50. Dynamic Application Interaction Dynamic Suite Composition (DSC)
Virtual Environment
Single application with no dependencies still exist
Application known to not conflict may be configured to share the same virtual environment
Mandatory/Optional dependency configuration options
Virtual applications can share common dependencies
Combined Virtual Environment
Independent Virtual Environments
Application Sharing Using DSC
Inter Application Communication
App “A”
App “A”
App “B”
App “B”
Flexible Package Management
Virtualize Middleware once share with many
Administrator controls & configures the virtual application separately
Create a “one to one” scenario for single applications that are dependant on each other
Create a “many to one” scenario where middleware and plug ins components can be reused
Reduces the potential package size
Data
System Services
Configurations

51. Microsoft Application Virtualization Deployment Options
Package, Deploy, Manage. Conflict free applications with manageability as the cornerstone to successful service delivery.
Enabling Key Scenarios
Reduce application conflicts
Reduce application compatibility testing
Remove application related reboots
Dynamic application streaming
Always accessible applications
Configuration Manager 2007 R2
Manage virtual & physical applications from one PC Lifecycle Management solution
Manage, stream and update App-V virtual applications with capabilities in the box
Integrate App-V into existing environments and processes
Configuration Manager + Application Virtualization
Single Management Console
Single Software distribution workflow
No additional infrastructure required
Integrate Virtual applications with automated OS deployment
Full status and reporting of virtual applications
Inventory and updating of virtual applications
User or Machine targeting
Scalable to 100’ s of thousands of devices
Full Infrastructure
Desktop Publishing Service
Dynamic Delivery
Package/Active Upgrade
Requires Active Directory and SQL Server
Standalone Mode
Standalone execution of virtual applications
No server is required
MSI wrapper is the configuration control
Interoperable with SMS/ SCCM & 3rd party ESD
App-V Client, Management Server, Streaming and Sequencing
Server Client
3rd Party PC Lifecycle Solution
Lightweight Infrastructure
Dynamic Delivery
Package/Active Upgrade
No SQL Server required
Allows streaming capability to be added to SMS/SCCM & 3rd party ESD

52. MED-V and App-V are part of the MDOP subscription
Translating software inventory into business intelligence
Enhancing group policy through change management
Dynamically streaming software as a centrally managed service
Proactively managing application and operating system failures
Powerful tools to accelerate desktop repair
Simplifying deployment and management of Virtual PCs
With Software Assurance, customers can run up to 4 virtual OS on each licensed device
And what about the Windows XP license for the Virtual PC?

53. The usual answers… Q: When will this be made available for Vista?
A: It won’t. BranchCache in only supported with Windows 7 Enterprise, Ultimate & Windows 2008 R2 editions.
Q: What size content is cached?
A: 64 KB and greater.
Q: Is there a peer discovery timeout?
A: 300 ms
Q: What kind of encryption is used?
A: Custom scheme based on AES128.
Q: Does knowledge of the hash ID grant access?
A: No. Access must still be granted by the file server.

54. The usual answers… (cont’d)
Q: Will BranchCache work during WAN outages?
A: No. Clients must be able to contact the content server to get content identifiers.
Q: Can I pre-populate cached files?
A: Sure. Consider using scheduled task , PowerShell Remoting or some other technique. For WSUS & SCCM, consider targeting one client in each remote office before the others.
Q: How doesn’t BC avoid discovery storms?
A: Responses to search requests are staggered. Additionally, if a client detects that many others on the subnet already have a piece of content, it won’t bother caching it too.

55. The usual answers… (last one)
Q: What happens to the local cache if the BranchCache client mode changes?
A: The local cache is unaffected and will still be used by the client:
Hosted clients that become Distributed clients will begin responding to WS-D searches, serving data from the same cache.
Distributed client that become Hosted clients will stop responding to WS-D searchers, but will continue to use the local cache.
Q: How long does data stay in cache?
A: Until NetSH is used to flush the cache or until the cache is full and starts to roll.
Q: Is BranchCache supported on Server Core?
A: Absolutely.

56. RDS & VDI Overview 4/20/2017 1:04 PM
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

57. Remote Desktop Services

58. Remote Desktop Architecture Overview
RD Client
RD Web Access
RD Session Host
RD Connection Broker
RD Virtualization Host
RD Gateway
Active Directory®
Licensing Server

59. Remote Desktop Session Host (RDSH)
RD Session Host Server Farm
(RemoteApp)
RD Session Host Server Farm
(Session-based desktops)
RD Connection Broker
RD Client

60. RD Virtualization Host
App-V for RDS
App-V Management
Server
RD Session Host
RD Virtualization Host
RD Client

61. Remote Desktop Virtualization Host (RDVH)
Personal Virtual Desktops
Pooled Virtual Desktops
RD Connection Broker
Active Directory
RD Client

62. Personal / Pooled Virtual Desktops
Personal Virtual Desktops
One OS image per user
Administrator access, desktop customizable
User state typically part of the image
Personal Virtual Desktops
Personal Virtual Desktops
Shared OS images, identically configured
No administrator access
User state temporary )discarded at session end)
Pooled Virtual Desktops

63. RDS Roles Explained Role Function RemoteApp
Publishes applications with just the application UI, and not a full desktop UI
RD Session Host
Hosts centralized, session-based applications and remote desktops
RD Virtualization Host
Hosts centralized, virtual-machine-based (virtual) desktops on top of Hyper-V for VDI environment
RD Connection Broker
Creates unified administrator experience for session-based and virtual-machine based remote desktops
RD Gateway
Allows connection from clients outside the firewall, using SSL, and proxies those to internal resources
RD Web Access / RemoteApp & Desktop Connections (Windows 7)
RD Web Access provides Web-based connection to resources published by RD Connection Broker. Supports traditional web page, as well as new RemoteApp & Desktop Connections
RD EasyPrint
Simplifies printing to a local printer, and supports legacy and new print drivers without the need to install those on the host

64. RemoteApp Overview
Applications launched from Web Page, RDP files or MSI shortcuts
Programs look like they are running locally
Make programs available via RD Web Access or RemoteApp & Desktop Connection (Windows 7)
Create MSI or RDP files
NEW in R2:
Per-user RemoteApp
filtering
RD Client
RD Session Host / RD Virtualization Host

65. RD Gateway – New Features
Silent session re-authentication
Secure device redirection
Idle & session timeout
Pluggable authentication
Consent signing
RD Session Host
RD Web
Access
User browses to RD Web Access
RDP over HTTP/S established to RD Gateway RDP 3389 to host
RD Virtualization Host
User initiates HTTP/S connection to RD Gateway
RD Client
RD Gateway

66. RDS User Experience Enhancements
Multiple Monitor Support
Enhanced Audio Support
Windows Media Redirection
Windows Aero Glass Support
Enhanced Bitmap Acceleration

67. RD Easy Print Overview Historical Issues Solution ?  TS Easy Print
No Match ?
Close Match 
Bad Match
TS Easy Print