X

SOS BLOG

Visit the SOS blog for the latest SOS news and insights from our current SAM and ITAM projects.



05

Windows E3 and E5, why, and how are they licensed?

posted on
Windows E3 and E5, why, and how are they licensed?

Since Windows Vista in 2007, Microsoft has had two main versions of Windows for commercial use, Professional and Enterprise, with Software Assurance (SA) adding further features such as Virtual desktop access and the Desktop optimisation pack.

Recently Microsoft announced what looked like two new versions, Windows 10 E3 and Windows 10 E5.

This is part of a new branding exercise for Microsoft’s commercial offerings so that another premium offering can be added to Windows, Office 365, and Enterprise Mobility Suite. The previous versions of Windows and EMS are renamed as E3, with the introduction of a new top offering called E5.

E3 is the new name for Windows with Software Assurance

With Windows OS, E3 refers to what was previously called Windows 10 Enterprise with SA, so there’s no change for purchases via all volume license programs from Open to Enterprise. With the E3 and E5 names Windows will also now be available via CSP as Software-as-a-Service, with some caveats.

So if E3 is the same, what’s in E5 and do you need it?

E5 adds a new security service called Windows Defender Advanced Threat Protection (ATP). This is a cloud service that takes behavioural data from sensors built into Windows 10 and provides insights, detections and recommended responses. No matter what anti-malware product is installed on a PC, it’s only as good as the known threats it has been designed to block, the ATP service looks at behaviour and reduces the impact of a compromise either of a device itself or a user interaction. 

While this can work with third party anti-malware tools, it can also be used to provide a complete Microsoft security system, effectively allowing replacement of other vendors as designed to integrate with the built-in Windows Defender anti-malware in Windows 10.

 

What are the key features of Windows Defender Advanced Threat Protection (ATP)?

  • Designed to protect physical endpoints, limited use with Virtual desktops
  • Only supports Windows 10 Pro or Enterprise, so E5 is no use until Windows 10 is your primary OS
  • Requires Azure Active Directory as this is how users are assigned to the service
  • Can be used with either built-in Windows Defender, or Third Party Anti-malware (Not both)
  • ATP data stored in either USA or Europe
  • SIEM compatibility:  Splunk or HP ArcSight
  • Configure endpoints via Group policy, SCCM or Intune

How is Windows Enterprise E3 or E5 licensed (except CSP – see below)?

  • Device upgrade license from OEM Pro Operating system of Win 7 or above (XP Pro / Apple or above for some agreements)
  • OR User Subscription, allowing install on unlimited devices, User must have a primary device with OEM Pro OS of Win 7 or above
  • Installation method unchanged, MLK or KMS key
  • Access to virtual desktops
  • Run on USB with Windows to Go
  • Downgrade rights

How is Windows E3 or E5 licensed via CSP?

CSP, which stands for Cloud Solution Provider, is a way of purchasing Windows Enterprise via Software-as-a-Service with monthly billing for SMB customers. While you get the same Windows 10 Enterprise software as on any other licensing agreement, CSP does not provide software assurance benefits, so you get the latest version of Windows Enterprise for installation on a physical device, but no virtual access rights, or rights to run on a USB key via Windows to go.

Key features:

  • User Subscription limited to 5 devices upgrade from Windows 10 Pro only, or 10 Enterprise not under SA
  • Installation via Azure Active Directory only
  • No Virtual desktop rights, Windows to Go rights, or downgrade rights.
  • Current Branch or Current Branch for Business only, no LTSB

Lastly, what about MDOP?

Microsoft Desktop Optimization Pack (MDOP) is a suite of utilities for Microsoft Windows customers who have subscribed to Software Assurance (SA). According to Microsoft MDOP aims at bringing easier manageability and monitoring of enterprise desktops, emergency recovery, desktop virtualization and application virtualization.

Two of the features of MDOP are now built-in to Windows Enterprise as of the August 2016 Anniversary update,  APP-V and UE-V so these are available to E3/E5 customers on all programs. The other components of MDOP (MED-V, AGPM, MBAM and DaRT) remain strictly as benefits for SA subscribers so are not available to CSP customers.

In the rare instances of customers using MDOP to manage Windows Pro installations note that APP-V and UE-V will no longer be supported on Pro installations with the August 2016 anniversary update installed.

 

Hopefully this post has provided some clarification on the differences between the two newly branded versions of Windows 10 for the enterprise and offered some guidance on the licensing options available. If you would like a more specific recommendation for licensing Windows in your organisation, feel free to get in touch.

| Categories: Software Asset Management (SAM), Software Licensing | Tags: microsoft, windows 10, software assurance, SA, software asset management, SAM, Windows 10 E3, Windows 10 E5 | View Count: (55962) | Return

Post a Comment

Email : contact@sossuccess.com

  

"SOS were able to help navigate the complexity of public cloud cost usage and provide valuable optimisation recommendations which translated to cost savings on a monthly spend in cloud. I was impressed with the way the team delved into consumption data and found scenarios in which we could optimise our spend in cloud."

Gehan De Silva, Infrastructure Lead, Silver Chain

"SOS was instrumental in giving us the understanding we needed about our licensing position. We would never have been able to do it and understand it without an impartial observer. SOS helped us look at the business from a granular level, and they provided us with sound licensing and spending decisions based on operational requirements. "

John Hagley, IT Manager, Community Broker Network (CBN)

 


 



Achieve Clarity. Make Savings.

Our software specialists give you the clarity to make data-driven decisions & achieve lower costs, reduced risk and increased security.