This Week in IT – Could Windows on Arm Outperform Apple M2, Teams Milestone, & Windows LAPS GA

  • Podcasts
  • This Week in IT
  • This Week in IT – Could Windows on Arm Outperform Apple M2, Teams Milestone, & Windows LAPS GA

LISTEN ON:

This Week in IT, Snapdragon X Elite takes the lead against Apple’s M2 Max! Meanwhile, Teams skyrockets with 320 Million active users and Microsoft streamlines Defender for Endpoint deployment. Plus, discover how Windows LAPS is supercharging protection with the latest Entra ID and Intune support.

Links and resources

Transcript

This week in IT, Snapdragon X Elite takes the lead against Apple’s M2 Max. Meanwhile, Teams skyrockets to 320 million active users, and Microsoft simplifies Defender for Endpoint deployment. Plus, discover how Windows LAPS is supercharging security with the latest Entra ID and Intune support. So, let’s dive in.

[Music]

So, you might be wondering why I’m talking this week about the Snapdragon X Elite, because we don’t really cover hardware on this channel. But of course, the connection here is to Windows on ARM, because Qualcomm have an exclusive agreement with Microsoft up until the end of 2024 to provide hardware for that solution. Now, of course, Apple released its M1 chips back in November 2020. That seems like almost a lifetime ago. So, I think it would be a little bit of an understatement to say that those devices have been really successful. And of course, they are based on an ARM architecture.

So, the story behind the Snapdragon X Elite is connected to Qualcomm’s acquisition of a company called Nuvia back in January 2021. So, Nuvia was an offshoot of a whole load of Apple engineers that developed the A series of chips for the iPhone. They left Apple for whatever reason, formed their own company, which Qualcomm then bought. What Apple then proceeded to do was to take the technology from those A series chips from the iPhone and basically scale it up. And they designed the M1 chips, and of course now the M2 chips, based around that technology.

Now, Qualcomm’s acquisition of Nuvia has been a long time coming in seeing anything fruitful from that acquisition and from that technology. And the Snapdragon X Elite, which is what Qualcomm announced this week, is the first fruits of that acquisition. And it’s really important because it provides a level of power efficiency and performance that Windows on ARM devices have never seen before.

So, this new chip is based on a 4-nanometer process node, and it has 12 high performance cores. Now, Qualcomm is making a whole load of performance claims about the new chip. And of course, it’s important to understand that this stage, they are just claims, but they’re pretty impressive. And if they turn out to be true, then of course, this is going to be a massive game changer for Windows on ARM. So, some of the things that Qualcomm said in its keynote speech this week. So, they’re saying that single-threaded performance exceeds the Apple M2 Max while using 30% less power. Of course, if that turns out to be true, that is pretty amazing. Single-threaded performance also beats the leading Intel and AMD x86 competitors. Qualcomm also said that the new Snapdragon has 50% better multi-threaded performance compared to the Apple M chips. But they didn’t say at what power cost. So, it could be that they use more power than Apple’s chips to get that kind of performance lead. We’re not sure at this stage. And of course, it’s not just about the CPU. There’s also a story for the GPU and MPU here. So, the Adreno GPU that’s going to be included on this chip can basically support 4.6 teraflops. So, that’s floating point operations. And the Hexagon AI chip, the MPU, which essentially deals with AI and processing for large language models locally, can support models with up to 13 billion parameters, more than any other newer processing unit that Qualcomm has designed in the past. And of course, it’s important to remember that Qualcomm has been a leader in the MPU area. And to top it all off, Nvidia and AMD also announced that they will be getting into this race starting in 2025

when that exclusive agreement between Microsoft and Qualcomm comes to an end for Windows and ARM devices. And they will also be providing their own ARM chips for Windows. So, it’ll be interesting to see how those chips compare with what Qualcomm has announced this week. But why is all of this important? So, Windows and ARM, you know, it’s been around for a long time, but the hardware has always been a little bit disappointing in terms of performance and even power efficiency. And of course, with the release of the Apple M chips in 2020, that really changed the situation in terms of what people expect from a laptop that is powerful so that you can do things like video editing and now, of course, all of this AI stuff, but not have it drain your battery within just a couple of hours. And of course, that’s the biggest selling point really for the Apple devices. And we need to bring that goodness across to Windows. Now, I’ve always maintained that while this is, of course, important for the end-user computing experience, I believe that Microsoft really needs to make Windows and ARM work, not just in terms of competing with the Apple devices, but also in the data center. We need a version of Windows Server. So, it’s important that we get this kind of power efficiency into the data center as well, not just to reduce costs, of course, but also, you know, with the climate situation and all the rest of it, I think it’s really important that we start looking more seriously about how we reduce power consumption and making these things more efficient. You know, you’ve only got to look at the power that’s being used by AI

and just the sheer amount of processing power required to perform even simple operations at this stage. That all needs to change. So, that will come with more efficient hardware, like ARM, of course, and it will also come with optimizing these AI processes and models. We didn’t hear anything really from the big players, Adobe, Blackmagic, all of these big creative suites that, you know, Apple had on board. They were falling over themselves to update their software so that it would natively run on the platform. So, there are a couple of aspects to this. Is existing software that’s coded for x86 going to run well on Windows and ARM? Because there’s going to need to be a transition period.

Is Microsoft going to be really serious about supporting Windows and ARM? Well, they kind of are already. They have versions, I think, of their Office desktop apps. I think Teams, the Teams client, is still in the works for Windows and ARM. I could be wrong about that. Of course, Edge supports ARM. But what about the rest of it? What about all the other software, the end users, whether they’re working in a company, or not rely on? We need those big names to also get behind the software side of this to make sure that this is a success. It’s not just about the hardware. So, what do you think about the new Snapdragon X Elite? Do you think these performance claims are going to live up to reality once testers get these things? Into their hands and can actually run the benchmarks?

Or are Apple too many steps ahead at this stage for Windows and ARM to really ever compete? So, I’d love to know what you think in the comments below. 80% of the people who watched last week’s video weren’t subscribed to the channel. So, if you’d like to see this kind of news roundup every week, then please subscribe to the channel. Help us reach our goal. And don’t forget to hit the bell notification to make sure you don’t miss out on the latest updates. Microsoft released its financial results for 2024, the first quarter, this week. And, well, it was an impressive set of figures. So, they’re up 30 billion on the last quarter. That’s absolutely stunning. But something that caught my eye was that since we got the last set of results in April 2023, Teams has gone up from 300 million users by 20 million users. 320 million users. That’s an incredible growth during that period.

And I wonder how much of it has to do with all of the AI and copilot news and the integration with copilot into the Microsoft 365 suite of services and products. I think it probably has quite a lot to do with it, but we’ll see how that pans out, because it’s going to be pretty expensive to sign up for copilot, $30 a head. So, we’ll see how that works out for Microsoft. One of the complaints that I hear about Microsoft Defender for Endpoint is that it’s not the easiest thing to deploy. Now, Microsoft announced this week that certain changes are going into public preview that’s going to help to make it a bit easier for the network admins to get the Endpoint configurations talking to the various services. So, they’re going to streamline all of the URLs into a single unified domain name.

So, that should make it easier for admins to deal with that story. And also, there’s going to be the option to use a dedicated set or dedicated IP range instead of the URLs. And Defender for Endpoint is going to now support Azure service tags, but I think most importantly, they’re extending the Defender for Endpoint clients analyzer software to make sure that admins will be able to test these new connectivity methods in both pre and post onboarding scenarios. This week, Microsoft announced the general availability of Windows LAPS Intune and Enter ID support. So, this is LAPS version 2 if you want. It’s natively built into Windows. It’s not something that you have to now manually install. And it’s the local administrator password solution. So, the main idea of this is to have a different local administrator password on every endpoint to stop attackers being able to laterally move across your network. You don’t want the same password on every single device for the admin account.

And then to be able to store that password securely in Windows Server Active Directory that was supported with the old versions of LAPS. And now in Azure Active Directory or Microsoft Enter ID as it’s now called. And before LAPS only supported a group policy. It was only something you could do with your Windows Server Active Directory, but now you can do this with Intune. So, of course, this enables you to extend the number of devices where you can get this password rotation and the ability to securely store those passwords in Enter ID. Now, Microsoft has also said that they’re looking to expand this solution in the future with automatic account creation and adjusting time controls for password recovery. Something that Microsoft has only just started talking about this week, and that is that passwordless login is now supported on devices that are joined to Azure Active Directory.

Okay, Microsoft Enter ID. Now, this update actually came with the September security update for Windows 11. Now you’re going to be able to use passwordless login if the device is joined to Microsoft Enter ID. And not only are you going to be able to log into Windows, but that support for passwordless is carried across into the user’s session. So, for instance, if they want to elevate something using user account control, if they want to use passwords in the browser, or I don’t know, use Run as to elevate running a particular process, you can use passwordless authentication now to do those things as well. A couple of bits of Azure security news to finish off this week. Now, the most important is that you should be aware, starting in November, Microsoft is rolling out some auto-configured conditional access policies for your tenants. So you don’t have to configure these things manually anymore. They’re going to be there by default, and there are three new policies that you need to be aware of. So the first is that MFA is going to be enforced for the admin portals.

MFA for per-user MFA users. So this policy covers users with per-user MFA and requires MFA for all cloud apps. And the third policy is that MFA is going to be enabled automatically for high-risk sign-ins. And that’s when re-authentication is required if Microsoft detects that something strange is potentially going on.

So if MFA is not enforced for that user account, MFA will be required anyway in that scenario. The other thing that Microsoft announced this week, and this is Azure role assignment management using conditions, and it’s in public preview at the moment. So sometimes, of course, developers or other people need the ability to be able to assign roles in your Azure subscription. And you can do that by giving them the user access or the owner role, but then that gives them just way too much permission even to assign the owner role itself. So you’d really rather not do that. So Microsoft has designed this new feature to try and help organizations manage access in those scenarios without giving too many privileges. So the new feature gives you the ability to give people the permission to create role assignments but only under specific conditions, such as for specific roles. And there are two ways that you can do it. So the first is making a role assignment that is constrained using conditions, and the second is to use a new built-in role that has built-in conditions.

So if that’s something that you have to deal with on a regular basis, go and check out the public preview. If you found this video useful, I’d really appreciate it if you gave it a like, because it helps us to get the video seen by more people on YouTube and, of course, to grow the channel. I’m going to leave you with a video on the screen that you might find interesting now about a new loop feature that’s coming to Microsoft Teams. And that’s it from me today. Thank you for watching, and I’ll see you next time.