What's new in Windows 11 IoT Enterprise, version 21H2
Windows 11 IoT Enterprise, version 21H2 is the next evolution of Windows for IoT and it's build on the same foundation as Windows 10. Investments you have in tools for update and device management are carried forward. Many of the same applications and tools that you used in Windows 10 IoT Enterprise can be use in Windows 11 IoT Enterprise. Many of the same security settings and policies can also be applied to Windows 11 IoT Enterprise devices.
Windows 11 IoT Enterprise follows the Modern Lifecycle Policy.
Release Version | Build | Start Date | End of Servicing |
---|---|---|---|
Windows 11 IoT Enterprise, version 21H2 | 22000 | 2021-10-04 | 2024-10-08 |
For more information, see Windows 11 IoT Enterprise support lifecycle.
For information about hardware requirements, see Minimum Hardware Requirements for Windows IoT Enterprise.
Availability
Windows 11 IoT Enterprise, version 21H2 is available for Windows IoT Enterprise device makers through an authorized Windows IoT Distributor Information for building new devices. Windows IoT Enterprise is intended for fixed purpose devices with specific allowances and restrictions in the license agreement. For more information, see Licensing and Usage or contact an authorized Windows IoT Distributor Information for more guidance.
Windows 11, version 21H2 is also available to users with devices running Windows 10 IoT Enterprise, version 20H2 or later who are interested in the latest features and are ready to install this release on their device if the hardware satisfies the minimum requirements.
If you would like to install the new release, open your Windows Update settings (Settings > Update & Security > Windows Update) and select Check for updates. Eligible devices can also be offered the option to choose to upgrade to Windows 11. If the update appears, you can select Download and install to get started. Once the download is complete and the feature update is ready to install, we’ll notify you so that you can pick a convenient time to finish the installation and reboot your device, ensuring that the update doesn't disrupt your activities.
Windows 11 IoT Enterprise will be delivered as an upgrade to eligible devices running Windows 10 IoT Enterprise, beginning on October 5, 2021.
For administrators managing devices on behalf of their organization, Windows 11 IoT Enterprise is available through the same, familiar channels that you use today for Windows 10 IoT Enterprise feature updates. You'll be able to use existing deployment and management tools, such as Windows Update for Business, and Microsoft Endpoint Manager. For more information, see Plan for Windows 11.
For devices that aren't managed by an organization, the Windows 11 upgrade is offered to eligible Windows 10 devices through Windows Update using Microsoft's intelligent rollout process to ensure a smooth upgrade experience.
For more information about device eligibility, see Windows 11 requirements and Getting ready for the Windows 11 upgrade.
Licensing
The licensing requirements for Windows 11 IoT Enterprise devices are identical to what is required for Windows 10 IoT Enterprise devices.
Windows 11 IoT Enterprise is available as an annual release. Contact your Windows IoT Distributor for more information.
Compatibility
Most accessories and associated drivers that work with Windows 10 IoT Enterprise are expected to work with Windows 11 IoT Enterprise. Check with your accessory manufacturer for specific details.
As mentioned, Windows 11 IoT Enterprise preserves the application compatibility promise made with Windows operating systems, and doesn't require changes to existing support processes or tooling to sustain the currency of applications and devices.
Familiar processes
Windows 11 IoT Enterprise is built on the same foundation as Windows 10 IoT Enterprise. Typically, you can use the same tools and solutions you use today to deploy, manage, and secure your Windows 11 IoT Enterprise device. Your current management tools and processes will also work to manage monthly quality updates for both Windows 10 IoT Enterprise and Windows 11 IoT Enterprise devices.
Tip
Please see Prepare for Windows 11 for more details on infrastructure and tools nuanced differences in regards to on-premises solutions (WSUS) or Cloud-based solutions.
Servicing
Like Windows 10 IoT Enterprise, Windows 11 IoT Enterprise receives monthly quality updates. For more information about servicing related announcements, see Windows release health hub and Servicing and support.
New Features and Functionality Updates
With every new operating system, comes exciting new features and capabilities - Windows 11 IoT Enterprise is no different.
Note
Multi-app kiosk mode is not available for Windows 11 IoT Enterprise, version 21H2. However, multi-app kiosk has been re-introduced for Windows 11 IoT Enterprise, version 22H2 with the May 24, 2023 - Windows configuration update.
For more information, see Multi-app kiosk mode now available in Windows 11!.
Security and scanning
The security and privacy features in Windows 11 are similar to Windows 10. Security for your devices starts with the hardware, and includes OS security, application security, and user & identity security. There are features available in the Windows OS to help in these areas. This section describes some of these features. For a more comprehensive view, including zero trust, see Windows security.
Feature | Description |
---|---|
Windows Security app | Windows Security app is built into the OS. This app is an easy-to-use interface, and combines commonly used security features. For example, your get access to virus & threat protection, firewall & network protection, account protection, and more. For more information, see the Windows Security app. |
Security baselines | Security baselines include security settings that already configured, and ready to be deployed to your devices. If you don't know where to start, or it's too time consuming to go through all the settings, then you should look at Security Baselines. For more information, see Windows security baselines. |
Microsoft Defender Antivirus | Microsoft Defender Antivirus is built into Windows, and helps protect devices using next-generation security. When used with Microsoft Defender for Endpoint, your organization gets strong endpoint protection, and advanced endpoint protection & response. If you use Intune to manage devices, then you can create policies based on threat levels in Microsoft Defender for Endpoint. For more information, see: - Microsoft Defender Antivirus - Microsoft Defender for Endpoint - Enforce compliance for Microsoft Defender for Endpoint |
Application Security | The Application Security features help prevent unwanted or malicious code from running, isolate untrusted websites & untrusted Office files, protect against phishing or malware websites, and more. For more information, see Windows application security. |
Use your same apps, and new apps, improved
Feature | Description |
---|---|
App Compatibility | Your Windows 10 apps also work on Windows 11. App Assure is also available if there are some issues. You can continue to use MSIX packages for your UWP, Win32, WPF, and WinForm desktop application files. Continue to use Windows Package Manager to install Windows apps. You can create Azure virtual desktops that run Windows 11. Use Azure Virtual desktop with MSIX app attach to virtualize desktops and apps. For more information on these features, see Overview of apps on Windows devices. Using an MDM provider, like Intune, you can create policies that also manage some app settings. For a list of settings, see App Store in Intune. Your apps compiled for x64 processors now work on ARM64 processors via emulation. For more information, see ARM64EC. |
Windows Terminal app | This app is included with the OS. On previous Windows versions, it's a separate download in the Microsoft Store. For more information, see What is Windows Terminal?. This app combines Windows PowerShell, a command prompt, and Azure Cloud Shell all within the same terminal window. You don't need to open separate apps to use these command-line applications. It has tabs. And when you open a new tab, you can choose your command-line application. |
Microsoft Edge | The Microsoft Edge browser is included with the OS, and is the default browser. Internet Explorer (IE) isn't available in Windows 11. In Microsoft Edge, you can use IE Mode if a website needs Internet Explorer. Open Microsoft Edge, and enter edge://settings/defaultBrowser in the URL. To save system resources, Microsoft Edge uses sleeping tabs. Users can configure these settings, and more, in edge://settings/system . Using Group Policy or an MDM provider, such as Intune, you can configure some Microsoft Edge settings. For more information, see Microsoft Edge - Policies and Configure Microsoft Edge policy settings. |
Deployment and servicing
Feature | Description |
---|---|
Installation | The same methods you use to install Windows 10 Iot Enterprise can also be used to install Windows 11 IoT Enterprise. For example, you can deploy Windows to your devices using Microsoft Deployment Toolkit (MDT), Configuration Manager, and more. Windows 11 IoT Enterprise is delivered as an upgrade to eligible devices running Windows 10 IoT Enterprise. For more information on getting started, see Windows client deployment resources and documentation and Plan for Windows 11. For more information on the end-user experience, see Ways to install Windows 11. |
Microsoft Intune | Microsoft Intune is a mobile application management (MAM) and mobile device management (MDM) provider. It helps manage devices, and manage apps on devices in your organization. You configure policies, and then deploy these policies to users and groups. You can create and deploy policies that install apps, configure device features, enforce PIN requirements, block compromised devices, and more. If you use Group Policy to manage your Windows 10 devices, then you can also use Group Policy to manage Windows 11 devices. In Intune, there are administrative templates and the settings catalog that include many of the same policies. Group Policy analytics analyze your on-premises group policy objects. |
Windows Updates and Delivery optimization | Windows Updates and Delivery optimization helps manage updates, and manage features on your devices. Starting with Windows 11, the OS feature updates are installed annually. For more information on servicing channels, and what they are, see Servicing channels. Like Windows 10, Windows 11 receives monthly quality updates. You have options to install updates on your Windows devices, including Intune, Group Policy, Windows Server Update Services (WSUS), and more. For more information, see Assign devices to servicing channels. Some updates are large, and use bandwidth. Delivery optimization helps reduce bandwidth consumption. It shares the work of downloading the update packages with multiple devices in your deployment. Windows 11 updates are smaller, as they only pull down source files that are different. You can create policies that configure delivery optimization settings. For example, set the maximum upload and download bandwidth, set caching sizes, and more. For more information, see Delivery Optimization for Windows updates. For more information on the end-user experience, see: - Installation & updates - Manage updates in Windows |