Windows 7 Enterprise – Exclusive features that Windows 7 Professional lacks

Some days ago, Microsoft announced the details of the new Windows 7 SKUs. I was quite surprised when I read about the features that will be made exclusive to the Enterprise edition, some of which are among the most frequently discussed enhancements. As it is likely that most organizations will use Windows 7 Professional, the successor to Windows Vista Business, most admins will never see those popular features. I recently stumbled across Microsoft’s Windows 7 Enterprise page, which has more information, and I can’t help myself from commenting on this issue.

Let’s have a look at each of these Windows 7 Enterprise features.

DirectAccess

I discussed DirectAccess some days ago, and I must admit I wasn’t aware that it would only be made available to Enterprise customers at the time. Remote users can use DirectAccess to securely connect to their corporate network without establishing a VPN connection manually. In my view, this is a feature that would also be of interest to small and mid-sized organizations. Perhaps the fact that DirectAccess requires IPv6 and a PKI makes Microsoft think that it is too demanding for small IT departments.

BranchCache

There is no doubt that this is a typical Enterprise feature, because usually only large organizations have branches. BranchCache stores data from remote file and Web servers on a local Windows Server 2008 R2 machine, or on other Windows 7 PCs. I haven’t tried it yet, but I am planning to do so soon. It is difficult to say whether large organizations will embrace such a feature. I feel that it has come a couple of years too late. Some years ago, most organizations used HTTP proxies to cache web content. Faster and cheaper bandwidths have made these more or less superfluous. However, I guess Microsoft wouldn’t introduce such a feature if Enterprise customers didn’t ask for it.

Enterprise Search Scopes

Windows 7 has a new search interface that allows you to search not only on your desktop, but also through remote content such as Office SharePoint Server 2007. It is a mystery to me what Windows 7 Enterprise search features will have that other Windows editions will not. Microsoft’s marketing text didn’t make this clear to me. Perhaps Windows 7 Professional doesn’t support remote searches? It is also unclear how Enterprise Search Scopes are related to Search Server 2008. Does this mean that I can’t use Search Server 2008 with Windows 7 Professional? I guess not. I will have to wait for more technical information in order to comment further on this feature.

BitLocker & BitLocker to Go

I have already written a lot about these two features. As far as I know, BitLocker for fixed drives isn’t installed on many Vista machines out there. The complicated installation procedure might be one reason. Probably a bigger factor is that it is only available for Windows Vista Enterprise and Ultimate. I don’t know why Microsoft thinks that only Enterprise customers need BitLocker to Go. Flash drive encryption is useful for all Windows users. Anyway, I would recommend that small organizations use TrueCrypt instead, due to its better support for older Windows versions. It is only large corporations that can take advantage of BitLocker’s central management features. However, this can hardly be Microsoft’s stance.

AppLocker

This one surprised me the most. Software Restriction Policies are available for both Vista Enterprise and Business. In a way, AppLocker is the successor to these Software Restriction Policies, although Windows 7 will support both methods. AppLocker is my favorite new Windows 7 security feature. It is a pity that it will only be available for Enterprise PCs. In my opinion, it is the first software restriction tool for Windows that really works. It is not just useful for preventing employees from playing games, but also helps against malware. I suppose vendors of antivirus software would have a hard time selling their products in the corporate sector for today’s prices if every admin had the ability to decide which code gets executed and which not.

Virtual Desktop Infrastructure (VDI) Optimizations

VDI is the next step in server-based computing. Terminal Server solutions have always been mainly attractive to large enterprises. I guess the same will be true of VDI. You need specialists to manage virtual desktops in a server environment, and small organizations usually can’t afford them. Hence VDI is certainly a typical Enterprise feature. I am not sure what the term “optimization” is supposed to mean, with regards to VDI. Is it indicating that particular VDI features will only be available as part of Windows 7 Enterprise or does it mean that Windows 7 Professional won’t support VDI at all? The SKU announcement makes no mention of VDI and the Windows 7 Enterprise pages seem to tell us that the “optimization features” are multi-monitor and microphone support, plus the ability to boot VHD images on physical PCs.

Multilingual User Interface

Vista was the first OS to introduce this great Multilingual User Interface (MUI). In Windows XP, language packs had to be installed on top of the English version. Vista’s MUI architecture separates the binaries from the language resources, which allows you to have multiple languages installed on the same machine. This is primarily needed by international corporations, who need to make use of Windows images in multiple languages. However, many IT pros in non-English speaking countries would probably enjoy this feature, too. I only run English Windows versions on my computers because it is easier to find information on the Web if you are familiar with the English terms. However, it would sometimes be useful if I could just switch to German when I had to explain something to a fellow countryman.

Actually, the MUI support was the only feature that I found interesting in Windows Vista Enterprise. I have no statistical data, but my guess is that most enterprises are using the Business edition of Vista. It seems to me that Microsoft intends to change this with Windows 7, by making some important features only available for the Enterprise edition. Perhaps this is also the reason why they renamed “Business” to “Professional”. This implies somehow that corporate customers should use Windows 7 Enterprise, and professionals who work from home should buy Windows 7 Professional.

These are certainly legitimate moves. More features cost more money. I also understand that Microsoft wants to bind more corporate customers, by enticing them to sign up for volume licensing with important features. However, I would prefer a price model that allows me to decide which features I want to pay for. If I only want AppLocker, why do I also have to pay for BranchCache? Windows has become a very complex operating system. I think it is time to split Windows up into smaller parts.

Subscribe to 4sysops newsletter!

Some bloggers have complained that there are too many Windows editions. In my view the contrary is true. What about offering a Windows 7 security package that contains all of the new security features? Even better would be if you could buy every new feature separately. Not everyone needs BitLocker. Why spend money on it? It would be best to settle the discussion on whether or not Windows is bloated once and for all.