All the way back on June 29, Ed Bott at ZDNet compiled a table of features that appear only in Windows 7 Professional and Ultimate (and by extension, also in Enterprise as well). Since early August, a lot of us have been installing the RTM version like mad and have learned more about which of those features that really matter. Here’s my own short list of same, that enterprise admins may want to consider, especially when pondering which OS to order, install, or allow on traveling notebooks — especially for those “gray area” machines that might be described as “purchased by the end user primarily for personal use, but upon which they may occasionally do real work, including e-mail and possible remote access.”
Pay attention: it’s the remote access that turns out to make many of the most important differences.
Of the 14 features only available on either (or all) of these higher-end Windows 7 versions, my experience has been that the following items are most likely to make a real difference, either to the users who work on such machines, or the IT professionals who must occasionally (or regularly) do likewise:
- Encrypting file system: matters for those organization or users too cheap to spring for an add-on encryption product (also addresses the final BitLocker item at the end of this list as well, in most cases). Some kind of encryption is absolutely essential on any machine upon which sensitive, confidential, or potentially “compliance-busting” data (HIPAA, SoX, PCI, and so forth) will reside.
- Windows XP mode: matters when users will want to run legacy applications that won’t work on Windows 7, but do work on Windows XP. Of obvious relevance when organizations use legacy apps that users may want to run on their machines for work purposes.
- Backup to network: Doesn’t sound like a big convenience, but beats the pants off having to provide and/or manage plug-in external USB drives when big storage or backup servers are readily available.
- Offline files: new improvements to this capability which manages synchronization between local and network copies of files, especially those that support policies about which ones sync and which ones don’t, may be appealing or convenient for IT professionals (but probably not to end users).
- Join Windows Domain: Absolutely, positively essential for most corporate or organizational networks. If users want to get any work done on the business network, they must first log in. If they can’t interact with AD, no dice.
- Remote Desktop Host: A huge convenience for IT professionals who might need to poke around on, or manage end-user machines remotely. Unless your help desk/IT staff have some kind of analogous third-party toolset (GoToMyPC, Remote Control Pro, numerous versions of VNC, and so on–see this list at Wikipedia for more candidates) this could be pretty important.
- AppLocker: requires Group Policy support (and hence by extension, AD/Windows Domain support). In the unlikely (but conceivable) event that you want to control which apps an end-user can run on a personal, quasi-business machine, this is an invaluable tool. I don’t see this happening on most end-user machines, however, because of the intrusiveness factor. But if security or official policy mandates such control before machines are allowed on internal networks, it might still happen anyway. In that case, this can indeed be a useful feature.
- BitLocker drive encryption: Basic, built-in “whole drive” encryption. Same observation as for EFS earlier: if the company (or user) is too cheap to spring for commercial 3rd-party add-ons, this could prove a must-have. Otherwise, not.
In my own personal experience of late, RDC (that is Remote Desktop Host) and Windows XP Mode have proved to be the biggest inducements for me to install and run Windows 7 Professional on production or test machines. RDC because it lets me jump over the network to do stuff on such machines; and Windows XP Mode not just because of its legacy app and dll support, but also because it provides a quick, easy way to let PC’s run custom-built virtual machines configured just the way I want ‘em. And BTW, backup to network is really, really handy if your network includes any kind of Windows server with sufficient storage space for backups.