A. B. Computer Systems Web Store

Windows 10 Enterprise E3

Windows 10 Enterprise E3

Regular price
$84.00
Sale price
$80.40
Quantity must be 1 or more

List Price: $7/user/month. Discounted Price: $6.70/user/month = $80.40/user/year.

Subscription Period: 1 Year

Our Platinum Customers receive additional discounts.

Overview

Windows 10 Enterprise E3 launched in the Cloud Solution Provider (CSP) channel on September 1, 2016. Windows 10 Enterprise E3 in CSP is a new offering that delivers, by subscription, exclusive features reserved for Windows 10 Enterprise edition. This offering is available through the Cloud Solution Provider (CSP) channel via the Partner Center as an online service. Windows 10 Enterprise E3 in CSP provides a flexible, per-user subscription for small- and medium-sized organizations (from one to hundreds of users). To take advantage of this offering, you must have the following:

  • Windows 10 Pro, version 1607 (also known as Windows 10 Anniversary Update) or later installed on the devices to be upgraded
  • Azure Active Directory (Azure AD) available for identity management

Starting with Windows 10, version 1607 (Windows 10 Anniversary Update), you can move from Windows 10 Pro to Windows 10 Enterprise more easily than ever before—no keys and no reboots. After one of your users enters the Azure AD credentials associated with a Windows 10 Enterprise E3 license, the operating system turns from Windows 10 Pro to Windows 10 Enterprise and all the appropriate Windows 10 Enterprise features are unlocked. When a subscription license expires or is transferred to another user, the Windows 10 Enterprise device seamlessly steps back down to Windows 10 Pro.

Features

 

Windows 10 Enterprise edition has a number of features that are unavailable in Windows 10 Pro. These are Windows 10 Enterprise features not found in Windows 10 Pro. Many of these features are security-related, whereas others enable finer-grained device management.

Feature Description

Credential Guard*

This feature uses virtualization-based security to help protect security secrets (for example, NTLM password hashes, Kerberos Ticket Granting Tickets) so that only privileged system software can access them. This helps prevent Pass-the-Hash or Pass-the-Ticket attacks.

Credential Guard has the following features:

  • Hardware-level security.  Credential Guard uses hardware platform security features (such as Secure Boot and virtualization) to help protect derived domain credentials and other secrets.

  • Virtualization-based security.  Windows services that access derived domain credentials and other secrets run in a virtualized, protected environment that is isolated.

  • Improved protection against persistent threats.  Credential Guard works with other technologies (e.g., Device Guard) to help provide further protection against attacks, no matter how persistent.

  • Improved manageability.  Credential Guard can be managed through Group Policy, Windows Management Instrumentation (WMI), or Windows PowerShell.

* Credential Guard requires UEFI 2.3.1 or greater with Trusted Boot; Virtualization Extensions such as Intel VT-x, AMD-V, and SLAT must be enabled; x64 version of Windows; IOMMU, such as Intel VT-d, AMD-Vi; BIOS Lockdown; TPM 2.0 recommended for device health attestation (will use software if TPM 2.0 not present)

Device Guard

This feature is a combination of hardware and software security features that allows only trusted applications to run on a device. Even if an attacker manages to get control of the Windows kernel, he or she will be much less likely to run executable code. Device Guard can use virtualization-based security (VBS) in Windows 10 Enterprise edition to isolate the Code Integrity service from the Windows kernel itself. With VBS, even if malware gains access to the kernel, the effects can be severely limited, because the hypervisor can prevent the malware from executing code.

Device Guard does the following:

  • Helps protect against malware

  • Helps protect the Windows system core from vulnerability and zero-day exploits

  • Allows only trusted apps to run

AppLocker management 

This feature helps IT pros determine which applications and files users can run on a device (also known as “whitelisting”). The applications and files that can be managed include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.

Application Virtualization (App-V)

This feature makes applications available to end users without installing the applications directly on users’ devices. App-V transforms applications into centrally managed services that are never installed and don't conflict with other applications. This feature also helps ensure that applications are kept current with the latest security updates.

User Experience Virtualization (UE-V)

With this feature, you can capture user-customized Windows and application settings and store them on a centrally managed network file share. When users log on, their personalized settings are applied to their work session, regardless of which device or virtual desktop infrastructure (VDI) sessions they log on to.

UE-V provides the ability to do the following:

  • Specify which application and Windows settings synchronize across user devices

  • Deliver the settings anytime and anywhere users work throughout the enterprise

  • Create custom templates for your third-party or line-of-business applications

  • Recover settings after hardware replacement or upgrade, or after re-imaging a virtual machine to its initial state

Managed User Experience

This feature helps customize and lock down a Windows device’s user interface to restrict it to a specific task. For example, you can configure a device for a controlled scenario such as a kiosk or classroom device. The user experience would be automatically reset once a user signs off. You can also restrict access to services including Cortana or the Windows Store, and manage Start layout options, such as:

  • Removing and preventing access to the Shut Down, Restart, Sleep, and Hibernate commands

  • Removing Log Off (the User tile) from the Start menu

  • Removing frequent programs from the Start menu

  • Removing the All Programs list from the Start menu

  • Preventing users from customizing their Start screen

  • Forcing Start menu to be either full-screen size or menu size

  • Preventing changes to Taskbar and Start menu settings

 

Benefits

  • Windows 10 Enterprise edition. Devices currently running Windows 10 Pro, version 1607 can get Windows 10 Enterprise Current Branch (CB) or Current Branch for Business (CBB). This benefit does not include Long Term Service Branch (LTSB).

  • Support from one to hundreds of users. Although the Windows 10 Enterprise E3 in CSP program does not have a limitation on the number of licenses an organization can have, the program is designed for small- and medium-sized organizations.

  • Deploy on up to five devices. For each user covered by the license, you can deploy Windows 10 Enterprise edition on up to five devices.

  • Roll back to Windows 10 Pro at any time. When a user’s subscription expires or is transferred to another user, the Windows 10 Enterprise device reverts seamlessly to Windows 10 Pro edition (after a grace period of up to 90 days).

  • Monthly, per-user pricing model. This makes Windows 10 Enterprise E3 affordable for any organization.

  • Move licenses between users. Licenses can be quickly and easily reallocated from one user to another user, allowing you to optimize your licensing investment against changing needs.