How Workspace 365 helps you move to a Cloud-centric workspace

Posted on by

As we all know, we are moving more and more to a Cloud-centric workspace in this new digital transformation. But there is a big issue with moving to the new way of working. And that is legacy applications. Legacy applications are non-SaaS applications that usually require a connection with a server. In my VLOG about legacy applications, we talk in-depth about the issues facing companies that are moving to modern workspaces. But with Workspace 365, you have all the tools to deliver a Cloud-centric workspace in the web browser with access to Local, SaaS and Legacy applications.

Workspace 365: An adaptive workspace

As you can read in my Introduction to Workspace 365 blog post, Workspace 365 delivers a workspace in a web browser. It delivers a user-centric cloud workspace with uniform access to all applications. From the start pages, it gives the end-user access to Emails, Documents, and Calendar from Office 365. And access to all the company SaaS applications with support for either SAML or password-based single sign-on using Azure, Okta or HelloID. This will make your end-users productive straight away, they don’t have to search and remember all the URLs and credentials for SaaS applications. A nice feature within the workspace is conditional access, this gives you the possibility to make applications available based on a users’ role, location, device, browser and more. That way they will only see applications when they need them.

Workspace 365, when connected to Office 365, will also automatically let end-users access their OneDrive and company Sharepoint and Teams data in one Document App. You can even add legacy file servers or Citrix ShareFile to the Workspace 365 Document App with WebDAV SSL. You can read here how to set this up. So how do we add legacy applications?

Afbeelding met schermafbeelding, parkeren, telefoon Automatisch gegenereerde beschrijving

Legacy Applications in a browser-based workspace

Legacy applications can be split into two categories; One, stand-alone legacy applications like Adobe PDF reader or Photoshop. And two, client-server applications like SAP client or SQL Server Management Studio. For both applications, we need to have a plan in place on how to deploy them to the end-user and how an end-user has access to the application.

Stand-alone legacy applications (local)

For stand-alone legacy applications, you can choose to push the applications to the client endpoint with, for example, Intune. Then with an easy registry tweak (which can also be pushed with Intune), you can easily add a local application to the Workspace 365 portal. This way a user doesn’t have to search their start menu and have uniform access to SaaS and local applications. How to set the correct registry settings can be found here.

Demo (GIF):

Afbeelding met schermafbeelding, monitor, lucht Automatisch gegenereerde beschrijving

Client-server applications

But now the client-server applications. Well, we could just install the clients on the user’s endpoint devices just like stand-alone applications. But then we have an issue with how to get to the server back-end of the client. We could use a VPN but there are security risks with leaving data behind on the endpoint. And VPN only performs well when there is a high-speed internet connection.

A better way to use these applications is making them a remote application. For example, with Microsoft Remote Desktops Services (RDP) or Citrix Virtual Apps. The client application is installed on an RDP server next to the database server so that the data connection is fast and doesn’t require a VPN. And then the image of the application is sent to the end-user. You might think that sending all the screen images of an application uses more bandwidth than just the data, but this isn’t true. With some smart compression, you can use these applications easily on a 3G connection.

This allows you to keep your data in the datacenter and to centrally manage the client application. Workspace 365 has a build-in clientless RDP client. With this, you can start the remote application right in the web-browser without the need of a client. This also means that you present those applications the same uniform way as a local or SaaS application. You can read how to setup clientless RDP in Workspace 365 here.

Demo (GIF):

Afbeelding met schermafbeelding, monitor Automatisch gegenereerde beschrijving

Conclusion: Managed workspaces on any device

I think we will see the following a lot soon: An end-user unpacks a new laptop device they have gotten from their employer. They turn it on for the first time and Microsoft Autopilot will make the device ready. Microsoft Intune will make sure all the legacy local applications are installed together with the full Office 365 suite. After that Intune will generate one shortcut on the end-user desktop named “Start Work Portal”. When they click on this portal it will bring them to Workspace 365 and they find all their local, SaaS and remote applications there in combination with access to data and Office 365. I don’t think you can get an easier end-user experience than this. Furthermore, they are a ‘technology’ independent platform and allow you to create integrations using iFrames or by injecting an HTML-code to e.g. track the usage of the workspace or to implement a support-chat (or chat-bot). Read more about Workspace 365 here.

I hope this was informative. For questions or comments you can always give a reaction in the comment section or contact me: