Managing fleets of Windows PCs isn’t easy, especially with Windows 7 rapidly approaching end of life. How do you ensure that your users are running devices that are secure and up to date, and that they have the latest and best drivers?

SEE: Comparison chart: Enterprise collaboration tools (TechRepublic Premium)

If you’re using System Center or Microsoft 365, you’ve got access to Windows Analytics, which helps you understand your devices in more detail. With Windows Analytics you can use three different tools: Device Health, Update Compliance, and Upgrade Readiness.

Device Health helps identify devices that show unexpected failures, giving you pointers to drivers that may be causing problems. Similarly Update Compliance checks that they’re running the most current set of updates, while supporting Windows 10 update deferrals. Updates can be handled by the Upgrade Readiness tooling, which helps you plan and manage operating system upgrades.

Like many of Microsoft’s recent systems management releases it’s a cloud service, running in Azure and licensed as part of Microsoft 365 or as part of its Software Assurance program. There are options for using it with Windows 10 Enterprise and Education subscriptions.

Here comes Desktop Analytics

Microsoft is replacing Windows Analytics with a newer, more powerful Desktop Analytics solution that’s currently available in preview. Designed to integrate with either System Center Configuration Manager or with Intune, Desktop Analytics is a cloud-based solution that helps to automate update processes, using machine learning built on top of lessons from over 800 million devices that provide telemetry to Microsoft.

Desktop Analytics builds an inventory of all the apps currently in use in your organisation, which can then be used to query Microsoft’s application compatibility service to determine if there are any issues with new Windows releases. It’s an approach that compares with the way Microsoft is using its Security Graph. By using anonymised data from across the millions of Windows PCs, Microsoft can identify application versions and combinations that have been known to cause problems with upgrades.

You can then use that information to work on upgrading applications and drivers so that Windows upgrades will complete successfully — even if that requires updating or upgrading hardware. Microsoft’s big-data approach to analytics allows it to not only identify those potential blockers, but to suggest fixes derived from its analysis of successful upgrades.

You can take a ‘big bang’ approach to upgrades, but it’s better to run pilot programmes with smaller groups of users. These help you identify issues in advance, especially if an upgrade process includes updates to productivity tools as well as the underlying operating system. One of the more useful features in Desktop Analytics is the ability to use its analysis of your device fleet to identify a pool of devices that will allow you to test your entire set of applications and drivers on the fewest PCs. That way you can run your tests once before finalising your upgrade process.

Who can use Desktop Analytics?

To use Desktop Analytics, you need an Azure subscription and an appropriate Microsoft 365 or Windows subscription, with a connection to Azure Active Directory. On premises, you need to be running an up-to-date copy of System Center Configuration Manager, with its agent deployed to all the devices you’re planning to update.

If you have the right licences for your users, then you don’t need to pay extra for Desktop Analytics. Things get a little more complex with its use of Azure Log Analytics, which treats its data as zero-rated. In practice, that means it won’t cost any more than any existing subscriptions, and if you’re using the free tier, Desktop Analytics data won’t be capped — and more importantly, won’t count against your cap for any other apps that are using it. The only difference between using a free and a paid Azure Log Analytics subscription is retention: the free plan will only store 309 days’ data.

Getting started with Desktop Analytics

Setting up Desktop Analytics is easy enough. It’s accessed from the Microsoft 365 Device Management portal, and once you’re signed in you can automate the process of adding the appropriate permissions to your systems administration team in Azure AD. Desktop Analytics will then set up its Azure workspace, which requires you to choose which Azure region it uses. Finally, connect the cloud Desktop Analytics service to your on-premises Configuration Manager. This links it to your Azure workspace, with Azure AD credentials and endpoints. With that in place, you next set your organisation ID and the level of diagnostic data you’re using, which should be Enhanced (Limited) or higher.

SEE: 20 pro tips to make Windows 10 work the way you want (free PDF)

You can now set a collection to hold data from your devices and set up synchronisation with Desktop Analytics. This sets a policy on your devices to send diagnostic data hourly, ready for use in the service. It’ll take some time for the policy to deploy fully, and for Desktop Analytics to process and display your data.

Running a Windows upgrade

With everything in place you can now build and test out deployment plans, choosing group of devices and the version of Windows you want to deploy. Desktop Analytics will help you build sets of readiness rules, based on how drivers are delivered and whether installed applications are at a level that’s considered noteworthy and need additional testing. As part of the process it gives you guidance on how to reduce risks to your applications.

Once a plan has been built, you can automatically build a pilot group for the initial deployment via Configuration Manager, using it to build and deliver upgrade packages as well as handling activation. With everything in place you can start your upgrade; Desktop Analytics will help you track your overall device health, as well as the progress of your deployment tasks.

It’s important to note that Desktop Analytics is intended to manage in-place upgrades. You won’t be able to use it with devices that run Windows 10’s Long Term Servicing Channel release, as this updates every 2 to 3 years, and is intended to be used on special-purpose devices that only run one or two pieces of software. One final note of warning: you can’t use it to manage more complex upgrade scenarios — a switch from 32- to 64-bit Windows which requires a complete re-image of your devices, for example.