The Architecture
A comprehensive, 98-page reference design for deploying Windows 365 Cloud PCs in an enterprise environment. This isn’t a whitepaper — it’s the deployment blueprint you adapt to your organization’s requirements.
Authored by Kevin Kaminski (17x Microsoft MVP), this reference architecture reflects real-world deployment experience across enterprise organizations of varying scale and complexity.
Design Principles
The architecture is built on four pillars:
- Cloud-Native Identity — Entra ID (Azure AD) join with no on-premises dependencies
- Automated Provisioning — Windows 365 Provisioning Policies based on user group membership
- Unified Management — Microsoft Intune for configuration, application delivery, and security
- Zero Trust Security — Conditional Access policies and device compliance enforcement
What’s Covered
| Section | Description |
|---|---|
| User Personas | Information Worker persona with technical requirements |
| Cloud & Identity | Entra ID integration, user/device identity, access security |
| Provisioning | Cloud PC specifications, gallery images, automated deployment |
| Management | Intune as the management authority, policy enforcement |
| Security & Access | Device hardening, security baselines, least privilege |
| Monitoring | Built-in reports, Azure Monitor integration |
| Application Management | Modern app delivery, Win32 packaging, Company Portal |
| Servicing | Windows Autopatch, Microsoft 365 Apps updates, Edge servicing |
Baseline Application Stack
The reference design includes a baseline application configuration:
- Microsoft 365 Apps — Word, Excel, PowerPoint, Outlook, Teams
- Microsoft Edge — Enterprise browser with SSO and security policies
- Company Portal — Self-service application store
- Remote Help — Zero Trust IT support solution
- 7-Zip — File compression utility
How to Use It
- Review the PDF to understand the design principles and architecture decisions
- Adapt the reference design to your organization’s specific requirements
- Use the technical recommendations as a foundation for your Windows 365 pilot deployment
Get the Architecture
Free PDF download:
GitHub: github.com/kkaminsk/W365ConceptualReferenceArchitecture
Full-color hardcover:
Interactive companion:
Windows 365 Design Advisor — a ChatGPT companion that provides interactive guidance based on this reference architecture.
License
This work is licensed under Creative Commons Attribution 4.0 International (CC BY 4.0). Free to share and adapt for any purpose, including commercial use, with attribution.