Demystifying Windows as a Service - wake up! please.

TL;DR; (“too long; didn’t read”)

There are some people who don´t have the time to read the whole text – if you are familiar with the topic the text in bold includes the most important points and is just for you.

Disclaimer: This is a recommendation article for Enterprise Customers to adopt WaaS in the most adequate way to benefit from the changes in a long-term scope. I don´t want to discuss on the WaaS topic in general (though I explained the most obvious arguments for it and as a former software development I am really standing behind this transformational movement) and I also left out the consumer area. The article for "only" the mentioned purpose is just extensive as you can see.

WaaS is a transformational change and WaaS comes with Windows 10. I also want to quote Jeffrey Snover - "The easiest way to fail in a transformational change is to treat it as an incremental change." You should get to know, what WaaS means and how you should prepare for it. You need to spend a of lot time in the preparation phase to be ready to adopt it. The better you have prepared the less you will run into surprises. Take a look at the WaaS Adoption Cycle and validate if you and your company really understand what stands behind WaaS. In most of my engagements I see a big gap.

 

As you can see with this post - there is a huge amount of information regarding WaaS and what you need to know. (and this is even not everything) I only can advice you to take some time and reading this article. There is no deeply and clear structured information how YOU should handle WaaS. But one thing is for sure - you have to prepare for it and consider deep and impacting changes. I am trying  to give the best advices - some work for different customers and some do not. I try to share my current experience with you and would also be glad to receive your opinions regarding this topics. How do you handle it? Have you failed? Do you need assistance? What blocks you?

 

Starting with the Summary for the hotfooted:

  • Understand WaaS and the changed mindset - understand the impact
  • Spread the word --> share the new mindset (the agile model)
  • Go through the WaaS Adoption Cycle with all 4 phases as described previously
  • Communication, Communication, Communication!
    • IT / Infrastructure
    •  Application holder
    •  Management
    •  Client Team
    •  IT Security
    •  Data Privacy Team
  • Automate as many things you can --> DevOps
  • Take a look at the upcoming changes regarding WaaS for Windows Server and evaluate the options LTSC and the Semi-annual Channel
  • Applicaton Compatibility
    • Inventory in adequate manner by having full information lists
    • Create an action plan for Application Compatibility / Incompatibility
    • Involve Application Holders

 

My opinion always is - it is better to work proactively than reactively. If you need to work reactively - it is good to have complete control what the worst outcome could be. This is why the whole preparation regarding WaaS is so important!

 


Introduction

As you probably know my name is David das Neves and I work as Premier Field Engineer for Microsoft Germany. One of my favorite topics is WaaS and I am working on this topic with many enterprise customers in workshops and in the longterm scope. After I have seen the movements regarding WaaS in the Windows Server area I saw a real need for this article. (Server Semi-annual ChannelIn a regular base I just see nearly every customer treating this topic completely wrong. By wrong this often means, that WaaS is just simply ignored and Windows 10 is treaten like Windows 7. For those who find themselves in the last sentence you should read this article with care.

This article is a wake-up call which I do in a regular base in my workshops. WaaS changes everything and the customer himself has to change and prepare wisely to adopt WaaS. Many IT departments understand the timelines and also mostly the technical parts - e.g. how Feature Updates can be deployed and so on. But I created a WaaS Adoption Cycle to demonstrate what is missing and where you need to initiate action. First of all I start with the most simplified explanation of WaaS.

 


 

What does WaaS really mean?

Windows as a Service means that you have predefined timespans which look like this:

This is actually it. Every change and preparation can be simplified to this little information - Windows 10 needs to be upgraded in a more frequent manner. By speaking of more frequently this should be 2 times a year and every new Windows Version comes also with new and modified features. Why did we change this? Well there are dozens of arguments, but I will state the most obvious ones. This is actually nothing new - it is simple agile software development. Agile software development will result into higher quality. (agile software development is a status quo today - the only change here is that Windows is an OS) We will be able to react on customer needs much faster - this also means that security features, which will be a reaction to current threats can be integrated into the OS just in time. Another point (for discussion) is that the migration costs and workload can be integrated into the operating and daily work (if WaaS is handled correctly):

You might find similar slides in the internet. I corrected them slightly. We had big migrations in the past time - coming from Win NT to XP or from Win XP to 7 or probably even from Windows 7 to Win 8.1. Every migration often comes with a migration plan, a project manager, hardware costs by doing a replacement migration and dedicated project costs. With WaaS the target must be to integrate the 2 migrations per year into the operating workload. Just handle WaaS en passant. But here comes the crux - this is only possible, if you adopt WaaS correctly. You see in this slide that I increased the first workload a lot and added a big bunch called "WaaS Prep". This means that you don´t only have to handle a typical migration coming from Win 7/8.1 up to 10 - you have additionally to prepare yourself for WaaS. You need to increase the automation level! DevOps. Another buzzword....

 


 

The Mind Change

But when you are coming from the old release thinking model and moving to the agile development (or better agile deployment) this is a huge change of the mindset.

Let´s take a look at this - this is the old model:

I still see many customers trying to handle Windows 10 and WaaS like this. They might be successful with the first release(s), but at some time they will just get overwhelmed by the increased workload and I saw many customers running into this problems. You need to change your mindset into the agile model:

And this change is a tough one. This is because you are not the only one in the company, who needs to adopt this and is affected. WaaS is affecting everyone - the management who needs to know about the preparation workload and the changed deployment techniques with possible reactive failure approaches regarding application compatibility; the Support Desk who needs to have the most current information about upgrades and roadmaps every time; the user who needs to know what a feature update means and how they should handle it - why the looks may change and that change is an ongoing process [...] and many more.

So - how can you test, if you are on the right way? For this I created a very simplified WaaS Adoption Cycle as mentioned before.

 


 

WaaS Adoption Cycle:

It is easy - we validate the current adoption level of your company regarding WaaS. This cycle in a generalized way looks like this:

This is obvious and actually not something new - it is actually a cycle which you would run through for most of your projects. But here I see the first errors made at many customers. Technicians tend to solve problems as soon they got to know about them. The Client-Admins now read about the coming WaaS model, which is the phase 1. They don´t like it (this is for sure - at least in the beginning - many people don´t like changes and this is a devastating one) and they just skip over to implementation and try to just implement it somehow with SCCM or they postpone this to some time in the future. This is one of the biggest mistakes you actually can make! I will run now through the different phases to show you, what is really standing behind it. The first phase is explanation:

So this is the information which the technical people read in the news and blogs and they got informed by their Technical Account Managers (MSFT). You will speak about the timeline/timeframes and that they are much too short for your company and your processes; about the different branches and that you only want to use CBB (second big error) and how you plan to manage this all - probably with SCCM. This phase is actually the best adopted phase at any customer. But right afterwards they miss the most important step:

The "Awareness" phase is mostly completely ignored. Application Compatibility for example is a complex topic in this whole change and customers are just pushing Windows 10 out and trying to ignore it. You have to show the new complexity and the new mindset of the agile approach throughout your whole company. In addition you have to validate your current processes and evaluate huge procedural changes which will need management involvement. And - communication is a crucial necessity in this whole change. The client team has to speak with the IT-Management and the Server-Team to set up adequate roadmaps to adopt upcoming features in Windows 10 which come along with technological requirements. Doing this phase in a good manner should result into the preparation itself:

You have done a lot of communication in the last phase, which should have resulted in a lot of decisions. These decisions need to be addressed in this phase. How do you want to deploy Windows 10? (getting into this after the adoption cycle) What tools are going to be used? How do your roadmaps look like for technological and procedural changes? Do you have an application list or do you need to extend it? How do you handle application incompatibilities? Do you have an action plan for this? And this all then results into the implementation itself:

And now ask yourself, if you have done all these steps? Think also from different point of views. As a point of view from the IT Client Team you have done the first phase "Explanation" very well and sometimes also a little bit Awareness. But how does the Awareness look like when you change the point of view to Management / Users / Security Team / Application Holder / Data Privacy Team / Workers Council ? For most of my engagements the resulting evaluation will look like this:

How does this look like in your company? Similar?

 


 

WaaS Deployment Assignment

So - how should you adopt WaaS with what Branches? To demonstrate this I will add the following circle diagram (knowing that the terminology changes its names - but the meaning will keep the same):

 

You should create such a diagram for your company before pushing out any Windows 10 devices. LTSB needs to be considered only, if you really have machines for this kind of usage. As you can see you really should adopt also the Insider Preview version and the Current Branch version. Why? You need to get the information as soon as possible. Information about possible application incompatibilities and other side effects. But also to get to know, what changed and how the user should be informed regarding the changes. (UI changes / technical changes)

 

There is also a big point here:
Thinking of testers - who do you think are the best testers? Yes - people who actually work with the operating system / application. Coming with Windows as a Service you should plan for an automated distribution of the most current Feature Updates to retrieve the most current and most representative information directly from the field itself. Therefore you have to place the Windows Insider Version into your early adopters user groups and the Current Branch into your your production. Do you need to place hundreds of machines there? Yes. But you should plan for intelligent rings. Coming with Windows 10 (Server 2016) you have always the possibility to roll back to the previous version, which will take 30 to 60 minutes. (technical information here) So in the Insider Preview you want to evaluate the coming new features and probably test your most important applications - called Line of Business Applications. You define the upcoming client and set the roadmap for the upcoming technological requirements, which you have to discuss with the Server Team / Management and so on. You will start with small numbers for the deployment of these "testing" deployments. So you will always have the complete control, what the biggest failure rates could look like. Starting with small numbers and increasing them upwards to the mentioned ~10% for the new Windows Version (in CB state). You also should take a look at the applications. You should test every application by deploying the new Windows versions to machines which make up the best cross-section for all applications. The recommendation is too easy. The earlier you test the applications with new Windows versions - the earlier you can react on problems. Therefore the very first deployments in the CB state should consider all applications used in the field. If you encounter any problem you can just roll back the impacted devices to regain usuability and investigate the problems. (and pause the further deployment regarding the issued problems)

 

Sounds easy? Unfortunately it isn´t. The problem is that customers are freaking out when it comes to ITIL and always want ITIL certified people working in their environment - but the reality shows that the most basic recommendations of ITIL are often ignored - because they produce "unnecessary" work.

 


 

Migration and Application Comptability - the complexity raises.

In one of the first sections i mentioned that two different migration parts are coming with Windows 10. The recommendation here is to split the workload and always keep it at simple as possible. Don´t miss something out, but also don´t overengineer this too much.
Speaking of the two parts - one is the simple migration which you have done before coming (for example) from Windows XP and migrating to Windows 7 and the other one is the preparation for WaaS. I will show this with the upcoming slides:

WaaS is something new - and there is no ultimative recommendation out there today. Every customer has to dive into this topic by their own and I will provide some hints/information to avoid the typical problems.

We have experience in this one - this is something we (as a Client Team) know how to handle.

 

This is new and for this we need to prepare.

So - first of all we will take a look into the Pre-WaaS part and show what needs to be done for all the applications (cleaning this up at this current timepoint is a good recommendation):

But what does Inventory really mean? How does good Inventory look like and who should have the possibility to modify information? You should involve the support desks and the Application Holders. Actually you should have a complete Application Lifecycle Management just in place, if you are working on ITIL standards. Do you? To show a very complete example I divided the inventory into 3 sections:

 

Now let´s dive into these three areas:

The first one is plain information regarding the application and the accountability for it. Contact data regarding the application holder is a big important advice here. In many environments these people are even not more existent. But you need to have contact data, if something goes wrong with the application to introduce a good action plan.

 

This sections is about importance. You have to validate the importance of the applications to know what LoB Applications are and when you should test them.

 

And this is the complete new information. You need to think about when to test the applications and how to handle errors and problems. (manual error handling is a bad thing)

With this informaton in petto you may create Servicing Plans (described below) and set up new processes:

By using Decentralized Testing and involving Application Holders you will delegate/spread the workload. But keep in mind that such models only can work, if you set up the right communication levels. (Feedback)

Additionally you may want to evolve actions plans - when an error occurs this workflow is automatically triggered. The best would even be, if automated emails and information articles would be created after such an occurrence:

This all are some of the current approaches how you could handle it and prepare for it. My opinion always is - it is better to work proactively than reactively. If you need to work reactively - it is good to have complete control what the worst outcome could be. This is why the whole preparation regarding WaaS is so important!

 


 

Deployment Technology

After having this you should think about how to adopt WaaS technically. Many of my customers are running SCCM and pushing the first upgrades with Upgrade TaskSequences - which is totally ok. But think of the changes coming with ESD and delta ESD and the resulting reduction of network load by reducing the load for one image to a half. (~ 3,8GB --> ~1,9 GB) For this you should prepare to use the Servicing Plans. Set up correctly you never have to recreate your Servicing Plans for different branches and you can easily adjust them. (more information here and here)

A neat way to do this is by creating the Servicing Plans with Powershell. I like the following implementation very much and wanted show you this one:

You just enter all the data into an Excel file and run the script which automatically creates all the rings.

This implementation from Kaido Järvemets can be found here.

 

Additionally to this you should also think about a caching technology. Our recommendation is that you use at least one caching technology - Branch Cache (BITS), Delivery Optimization - Peering, Peer Cache (SCCM), Third Party Tools

 

Take also a closer look at Upgrade Readiness (former Upgrade Analytics) which is the perfect tool to adopt WaaS and Application Compatibility by using telemetry and OMS. If you don´t  have any policital discussions on sending the telemetry data at the basic level this solution will help you a lot!

 


 

Procedural Changes

You should also think about procedural changes - how can you improve your change requests. How can processes be optimized/automated? Automatically sent emails? Action plans regarding different timeframes / on different events? To demonstrate you this I show you one of my simplified slides - you should create such an action plan for your company with the affected "User Groups":

This all will keep work in progress for the next few Feature Updates (Upgrades) and grow within time. Think every time of the very simple recommendation: The more you automate - the less you have to do manually.

This changes are affecting all the areas regarding ITSM and ITIL.

 


 

Knowledge Management

This topic is very often totally underestimated. But this topic will become one of the most important ones in the future. How can you share information or make information gatherable for every group and user? How can you share the information between teams to enforce decisions? What technology is used? Sharepoint / OneNote / Internal KM / Third Party Tools / Feedback Hub

One recommendation from our side is to use Webinars/Skype Sessions for Users. These sessions are personal because one person is speaking live and reaching out n Users. You can also set up informational webinars monthly to reach out to all the users. Keep also in mind that a recorded webinar may not be accepted from the users, because it is not more personal then. This are things which your company needs to test and validate.

A personal recommendation is to test OneNote for sharing technical information - for example over all the teams like Client Team / Server Team / Support Desk. You can work in parallel on the information and get the updates asap. Also the search engine of OneNote nearly beats everything out there.

Additionally take also a look at the Toast notifications - you probably could even push them with Powershell.

 


 

WaaS for Windows Server

You may have read the changes coming for Windows Server:

The Windows Server release model is offering a new option in order to align with similar release and servicing models for Windows 10 and Office 365 ProPlus. If you've been working with Windows 10 or Office 365 ProPlus, these improvements might already be familiar to you.

There will be two primary release channels available to Windows Server customers, the Long-term Servicing Channel (LTSC), and the new Semi-annual Channel.

The Semi-annual Channel will be available to volume-licensed customers with Software Assurance, as well as via the Azure Marketplace or other cloud/hosting service providers and loyalty programs such as MSDN. (Azure Hybrid Use Benefit)

As explained the model for Windows 10 - the Server model is completely similar and will need the same considerations. (and even more)

 


 

Feedback

Coming with Windows 10 1703 Windows Insider for Business is introduced. The earlier you test the new builds - the earlier you can address any problems and also validate the new features and speak with the infrastructure teams in case of depending technologies / OS etc. like Server 2016 / ADFS 2016 / AD schema 2016 / PKI with NDES etc.

And now you can just add an organizational account as insider preview account:

  1. Navigate to insider.windows.com and go to Get Started.
  2. Sign-in with you desired account.
  3. Enroll your device --> Settings

One of the benefits of submitting feedback using your AAD account is the addition of a page to the Feedback Hub for your organization.

Simply click the My Company page in the feedback hub to see and upvote all feedback submitted by other Insiders in your organization. By this you could set up a testing and feedback environment out of the box.

 


Windows Server previews coming soon to the Windows Insiders Program.  

While Windows Server has always evolved to meet the changing needs of our customers, the next phase truly depends on you. This new model provides more opportunity than ever before for you to influence the direction of Windows Server. We are looking forward to your feedback and partnership as we deliver the next generation of OS technology to support the applications and infrastructure innovation you need!

Becoming a part of the Windows Insider program will give you the opportunity to test pre-release code, provide feedback, and really influence how we develop our products. You can also join the discussion on the new Windows Server Tech Community, where you can ask questions and share ideas with other customers and experts, including Microsoft engineers and MVPs.

You can read more on this new more frequent release cadence as well as details on how to sign up for the Windows Insiders program at a new article published on our website: Windows Server Semi-annual Channel Overview.

 


 

Summary

If you have come this far I am really proud of you.

Let´s recap again what the most important points are:

  • Understand WaaS and the changed mindset - understand the impact
  • Spread the word --> share the new mindset (the agile model)
  • Go through the WaaS Adoption Cycle with all 4 phases as described previously
  • Communication, Communication, Communication!
    • IT / Infrastructure
    •  Application holder
    •  Management
    •  Client Team
    •  IT Security
    •  Data Privacy Team
  • Automate as many things you can --> DevOps
  • Take a look at the upcoming changes regarding WaaS for Windows Server and evaluate the options LTSC and the Semi-annual Channel
  • Applicaton Compatibility
    • Inventory in adequate manner by having full information lists
    • Create an action plan for Application Compatibility / Incompatibility
    • Involve Application Holders

 

My opinion always is - it is better to work proactively than reactively. If you need to work reactively - it is good to have complete control what the worst outcome could be. This is why the whole preparation regarding WaaS is so important!

 

This all is a huge change and a big chance to make the first steps into digital transformation by pushing the transformation itself with Windows 10 and Windows Server 2016. I only can recommend you to do this now, because Windows 10 is going to be the "last" Windows version and afterwards the new Windows Versions will be pushed out two times a year. The Security topics become more and more important and this all plays together by the ongoing change.  

 

I hope this was helpful and I cleared up WaaS a little bit and demonstrated hopefully also the importance of this topic! Leave any feedback or questions -

David das Neves

Premier Field Engineer, EMEA, Germany
Windows Client, PowerShell, Security

 

 


 

Configure Delivery Optimization for Windows 10 updates Configure BranchCache for Windows 10 updates Manage updates using Windows Update for Business Manage Windows 10 updates using Windows Server Update Services (WSUS) Manage Windows 10 updates using System Center Configuration Manager Windows Insider for Business Get started with Upgrade Readiness Server Semi-annual Channel Delivering continuous innovation with Windows Server