Thanks for joining today's AMA on Windows 365! Below are the questions Christian and our panelists answered live, along with associated timestamps: 

Question – Can I use Cloud PCs from any device - even ones without NPUs? – answered at 7:04.

Question – Regarding Windows 365 for Agents-- can you share more details about what it will provide and how customers can use it?  – answered at 8:02.

Question – How do we manage Cloud PCs with Intune? – answered at 11:10.

Question – Is there anything identifiable with these Cloud PCs that get spun up through Windows 365 for Agents platform? Is there anything identifiable in the device or device SKU?  – answered at 11:56.

Question – Can we have separate policies for Agent Cloud PCs vs. a regular/human used Cloud PCs? – answered at 12:38.

Question – Regarding Keyboard Input Protection for Windows 365 and AVD – can you share more about what we announced at Ignite? What does it provide and what are the physical device requirements? – answered at 14:47.

Question – How would you turn on the Keyboard Input Protection feature? – answered at 17:11.

Question – Regarding Keyboard Input Protection – Will this eventually be moved to W365 settings, currently available via GPO or reg key, is that how customers deploy this at scale today? – answered at 20:05.

Question – For Windows 365, is Keyboard Input Protection managed by policy? Does it turn on immediately, or will it apply next time the user logs on their Cloud PC? – answered at 20:58.

Question – From a risk-management perspective, what should organizations consider before broadly adopting AI agents in Windows 365? – answered at 22:35.

Question – Is there any guidance from a risk management and compliance perspective when it comes to using the AI agents? – answered at 23:36.

Question – What types of logging, oversight, and traceability exist for AI-generated actions on Windows 365 sessions? – answered at 25:22.

Question – Do you have any info in terms of logging, oversight, traceability of agents or actions agents are taking when it comes to Windows 365 for Agent Cloud PCs? – answered at 28:39.

Question – Will there be a central place, in terms of the observability? Or will it be based off of the different tools that leverage the platform of Windows 365 for Agents? – answered at 30:09.

Question – Can you provide a quick update on the improvements made for Cloud Apps as we went to GA at Ignite? – answered at 30:45.

Question – Regarding the Cloud Apps integration with the user experience— are there ways for customers to manage those or do they get created as soon as user logs into the pool? Are there any other manageability options aside from just deletion?  – answered at 33:14

Question – How do you provision Cloud Apps? How do you create this experience for users?  – answered at 34:36.

Question – Do the Cloud Apps have to be built into the image, or can they be deployed separately via Intune? – answered at 35:47.

Question – In terms of managing the OS for the Frontline shared machines— is it regular frontline shared management? – answered at 36:33.

Question – Going back to the DPP that you can do for Frontline in shared mode machines, is this available for enterprise machines and Frontline dedicated machines as well?   – answered at 37:34

Question – How will the licensing structure evolve to accommodate increased reliance on AI-centric features in Windows 365? – answered at 39:23.

Question – Any official documentation available for this features? – answered at

Question – In terms of licensing for AI features, you mentioned that there’s a minimum requirement for the Cloud PCs to have 8 vCPUs and 256 GB’s of storage. Is there an add on that customers need to purchase/assign? Or is it just having a Cloud PC that meets the specs? – answered at 41:12.

• Go to https://aka.ms/AICloudPCsLearn to see our learn docs specific to the AI enabled cloud pcs.

Question – Is there any official documentation available for the new external identities support feature? What's the best way to get started? – answered at 43:29.

• Go to https://aka.ms/ExternalIdentitiesSupport to learn more!

Question – How/where is Cloud Apps user data backed up? If a user is a temp employee, and has a gap in their work timeline, can we restore their apps/data? – answered at 47:07.

Question – When will Cloud PCs use NVMe disks for better I/O? – answered at 51:27.

Question – Is W365 for Agents reimagining RPA (robotic process automation), which breaks so easily with strict processes defined. A Copilot-based agent might fare better when buttons move on the website, but it can also deviate and make wrong decision and i can imagine can require more human checks in the end. Thoughts? – answered at 53:16.

Thanks for joining today's Windows 365 AMA. We're compiling a recap of what was covered today and will share that here soon. 

When will Cloud PCs use NVMe disks for better I/O?

Here are the links to the major recent announcements Christian mentioned at the top of the hour:

• Windows 365 for Agents - http://aka.ms/W365forAgentsIgniteBlog
• AI-enabled Cloud PCs - https://aka.ms/AICloudPCs
• Keyboard Input Protection - https://aka.ms/WCIOProtectionIgnite2025
• Cloud Apps general availability - https://aka.ms/W365CloudApps
• Microsoft Ignite recap - https://aka.ms/WindowsAtIgnite 

Welcome to today's AMA on Windows 365! Let's get started. Post your questions here in the comments.

Here is a pre question.

In Windows 365, enabling printer or drive mapping provides limited control over how these mappings are managed. For example, Citrix allows restricting redirection to the local (non-network) installed default printer from the client. While Windows 365 can use Group Policy\registry to redirect only the default printer, this setting will also include any network printers selected as the default from the client device, which is not be desirable. Similarly, with drive mapping, Citrix offers granular control to redirect only local drives—such as USB connected or internal SSDs from the local client—whereas Windows 365 will redirect all drives from the client, including network drives, into the cloud PC. Competitors also can allow or deny these mappings on IP range and other factors. Is there a way in 365 to limit network printer and drive mappings into the 365 desktops while allowing local printer and local drives from the device to be mapped?  Mapping network printer and drives from the client's device into 365 creates double the traffic by going back and forth from azure to office then back to azure. Thank you