Most enterprises have finished evaluating the new operating system and kicked off their migration efforts by now. But unlike previous Windows deployments where organizations had three to four years before the next upgrade cycle was due, Windows 10 (a.k.a. Windows-as-a-Service) churns out two new significant feature upgrades a year. Since its debut, Windows 10 has seen three new versions and another one is just a few months away.
These upgrade cycles are managed through specific servicing options, the so-called Windows Branching. Depending on their requirements and needs, users can be on the Windows Insider Branch (mostly for IT pros who want to get new features as soon as they become available), Current Branch and Current Branch for Business.
Most businesses will choose the Current Branch for Business for the majority of their users as it is published four months after the Current Branch and deemed enterprise-ready. Why is this important to know? Because it adds another layer of complexity to your ongoing Windows 10 deployments.
As you can imagine, the accelerated pace of upgrades and the different branching options make it very difficult to keep your estate afloat and updated.
While most IT pros fear the business disruption and the frequency of updates, application compatibility is a huge concern, and understandably so. The average enterprise will touch more than 1,500 applications during the initial Windows 10 rollout — each of them has to be tested and potentially repackaged and recertified.
While upgrading to the latest Windows Branch will require less testing, packaging, and certification than the initial migration, you will have to run through this process much more frequently than you were ever used to before.
Therefore, IT project managers have to let go of their decade-old, spreadsheet-based migration strategies and implement a more agile and automated process that will allow them to not only keep up with the pace of changes but also manage them efficiently in a business-as-usual mode if desired.
This is not only true for the planning phase but especially for your application discovery, packaging, and testing as these tend to become bottlenecks that can hamper your progress significantly.
Over the last few months, Access IT Automation has developed a unique approach to automating the recertification process so larger organizations can streamline their Windows 10 deployment and Branch management. This capability can be found in Access CAPTURE.
To illustrate how this works, I would like to take you through a typical certification scenario that uses our workflow automation. For argument’s sake, let’s assume we need to test one thousand 64-bit compatible Windows 7 applications and we are in the process of rolling out Windows 10. As you can imagine, the sheer volume is problematic. How do you know how many of your apps need remediation and which ones?
While you can use telemetry data from Microsoft’s Upgrade Readiness tool or collated application compatibility data provided by third-party vendors and made accessible to you through a software catalog such as BDNA Technopedia to gain some insight, you will have to re-test and certify most of your applications again to minimize the risk of major business disruptions caused by faulty software. That’s where Access CAPTURE can help.
The graphic below shows a typical workflow breakdown structure of what this process could look like:
To kick off your recertification process, CAPTURE will leverage its connection to SCCM (or similar) to look up a list of product names and the relevant install command of the product.
CAPTURE will then determine whether the file is an MSI, EXE or App-V 4.x file and if a silent switch has been applied. The tool will also automatically identify the right product owner for each to-be-tested product based on the certification test page.
Now that all required information has been gathered, CAPTURE will install the Windows 7 version of the product on a Windows 10 virtual machine and notify the product owner asking them to test whether or not this application is suitable for Windows 10.
Once the product owner receives the notification, he or she has all the resources needed to start the test right away. Even the most non-technical product owners are now empowered to test their own products and supply CAPTURE with a pass or fail result.
In my experience, about 70% of your application estate will work just fine without any further problems:
If the application passes, the CAPTURE database is updated and the MSI is ready for quality review. Since almost the entire process is automated and requires minimal user interaction, this process can take as little as a few seconds. You can now apply Windows 10 packaging standards or try to virtualize it.
This is also a great time to check whether your applications are suitable for VDI. CAPTURE can test for suitability and automatically create an App-V for you. This then gets resubmitted to the product owner for retesting. If the application will also be virtualized, it will take a little longer as the automatically created App-V file will need to be submitted for testing again.
However, in circa 30% of the cases, your application fails the recertification testing and needs to be reviewed by manual packaging review for some sort of further remediation.
In about 10% of the cases, the vendor will provide a Windows 10-approved version. The remaining 20% of the applications that fail the recertification test are internally developed applications that break because they might not have been compiled against the new version of the .NET Framework that comes out with each new branch or maybe a new Java version has to be injected or code recompiled.
Another reason could be that the file uses old authentification methods. This issue is especially prevalent if you take advantage of the higher security features of Windows 10, such as CredentialGuard.
There is no question about it: Application compatibility testing is one of the biggest hurdles IT project managers have when figuring out how to streamline this process using automation.
CAPTURE enables you to use intelligently automated workflows to eliminate about 70% of your packaging scope — and still be confident that these apps won’t cause any issues down the line.
While probably 30% of your applications will need further remediation and testing, CAPTURE will allow your manual packaging team to glean valuable insights as to why this app failed the certification test. Once the issue is resolved, your team can hop it back into the automated workflow for further testing.