While all the attention this week is on the end of extended support for Windows 7, the end of that operating system’s era marks the beginning of a new one for the Redmond company. With the release of the first generally available public build of the new Microsoft Edge Chromium based browser, a browser that can be updated on a more regular schedule compared to the Microsoft Edge legacy browser.
When the first stable build of the Microsoft Edge Chromium browser was made available this week, enterprise IT departments and managers will be able to have direct control of all aspects of this version of Edge from initial deployment to routine update management.
Microsoft has updated an extensive collection of documentation to assist enterprise customers in their own roll out and management of this new multi-platform browser. Here is a breakdown of all the Microsoft Edge Chromium documentation from Microsoft and how it can assist IT pros.
Microsoft Edge in the Enterprise
If a specific enterprise prefers to test Microsoft Edge Chromium for a while rather than heading straight to deployment, the most stable option is the Beta Channel, which receives significant updates about every six weeks. It is from this channel that the stable release will be made available moving forward, after the initial public release.
There are two other channels that can be tested, Canary (Daily) and Developer (Weekly), but those should only be deployed to key testers in an organization because they could be less reliable than the Beta Channel.
For any company still depending on Internet Explorer for Line of Business app compatibility, be sure to read up on IE Mode in Microsoft Edge Chromium and how to use Group Policy to configure it. This mode takes advantage of an existing Enterprise Mode Site List to access those sites within a tab in Edge Chromium that emulates IE for compatibility. No longer will users have to move outside of a modern browser to continue their workflow on Internet or Intranet sites.
Deploy and Update Microsoft Edge
At release, the new Microsoft Edge Chromium browser will be available across multiple platforms including Windows (7, 8.1 and 10) and macOS. There are plans for a Linux-based release, but no specific details have been provided by Microsoft on that version.
The tools from Microsoft support the deployment of browser builds from either the Beta or Developer testing channels with options to target even a specific build for end users. Windows deployments can be managed with Configuration Manager and Intune while macOS deployment can also utilize Intune and Jamf. This area of the documentation provides step-by-step instructions on how to prepare enterprise deployments.
Configure Microsoft Edge
After preparing for the deployment of Microsoft Edge Chromium, it is time to configure the browser on both Windows and macOS.
For Windows end points, use group policy to configure Edge for its settings and future build updates and releases. The new browser is also fully compatible with Active Directory policies for configuration and control. On macOS, create a plist to establish the configuration setup, then deploy it using Intune or Jamf. Full details, including Administrative Templates for setting mandatory or recommended policies, are available for both deployment models.
One final configuration step will include setting Microsoft Edge Chromium as the default browser on the enterprise’s managed end points. This is accomplished via Group Policy.
Manage Security and Privacy
Of course, security and privacy are significant considerations when deploying any software and/or services within an organization. According to the company, Microsoft Edge Chromium has multiple native capabilities and additional features to help in this area.
For enterprises using Azure Active Directory, the service’s Conditional Access feature provides the management options to protect company data at all levels. This capability is built into Edge rather than necessitating the installation of a browser extension or other software.
Since browsers are a common attack vector, Application Guard in Edge can isolate untrusted sites and launch them in a separate container to protect device hardware and network connections from malicious software. Application Guard is configured by IT to identify trusted sites, cloud platforms and company networks using group policy.
In addition to Conditional Access and Application Guard, Microsoft released a security baseline and browser-related and update policies to assist administrators in fully configuring Microsoft Edge Chromium.