More than a decade ago, Microsoft introduced Office 365, a software as a service (SaaS) offering, as a natural evolution from the very popular business productivity suite. The suite, or the bundle, consisted of core productivity desktop-based applications such as Outlook, Word, Excel, PowerPoint, OneNote, and Access, including server-based services such as SharePoint, Exchange, and Skype for Business.
It became obvious that productivity encompasses and needs more than just productivity tools. That led to a logical move by Microsoft to include more essential products and services and bring together Windows and Enterprise Mobility + Security (EM+S) to form Microsoft 365.
Microsoft 365 is a name for Microsoft’s cloud-based service, that is, a collection of cloud-based services with common denominators including enhanced user productivity, efficient collaboration, and communication, while keeping data and devices secure wherever they are, whether that be in the office, at home, or on the go.
One of the main benefits of Microsoft 365 is that it allows users to access their files and applications from anywhere on any device. This is made possible through the integration of cloud-based services such as OneDrive, which allows users to store and share files online. This means that users can access their files from a desktop computer, laptop, tablet, or smartphone, as long as they have an internet connection.
Another benefit of Microsoft 365 is the ability to collaborate and communicate with others in real-time. Applications such as SharePoint and Teams allow users to share and co-author documents, as well as participate in virtual meetings and chat with their colleagues. This makes it easy for teams to work together, regardless of their physical location.
In addition to the productivity and collaboration features, Microsoft 365 also includes security and compliance tools to help protect users’ data and ensure compliance with regulatory requirements. For example, it uses machine learning and behavioral analysis to detect and block malicious emails, links, and files, and can also help to identify and respond to security threats in near real-time. Among many features that Microsoft 365 offers is Data Loss Prevention (DLP), which helps to prevent sensitive data from being shared or leaked. DLP is just one of the numerous Microsoft 365 security features; we will take a closer look and learn more about them later in the book.
In terms of compliance, Microsoft 365 includes several features to help organizations meet regulatory requirements. For example, it includes eDiscovery, which allows administrators to search for and export data from email, SharePoint, and Teams to comply with legal and regulatory requests. Additionally, it also includes retention and archiving capabilities, which allow organizations to retain and archive data for compliance purposes.
In general, Microsoft 365 is a comprehensive solution for businesses and individuals looking to increase their productivity, collaboration, and communication while also ensuring the security of their data. With its range of applications and services, it provides users with everything they need to work effectively, whether they are in the office or working remotely.
As a subscription-based service, Microsoft 365 offers subscription plans and bundles tailored for personal use, small businesses, enterprises, schools, educational and governmental users, and more.
While classic Office applications such as Word, Excel, Outlook, and PowerPoint are available as a one-time purchase via Office Home & Business 2021 or Office Home & Student 2021, these do not include some popular capabilities and products such as cloud storage or Microsoft Teams.
Microsoft 365 plans and components
There are four fundamental Microsoft 365 plans groups, each containing two or more Microsoft 365 plans:
- Microsoft 365 For Home plans: These include the following plans:
- Microsoft 365 Family
- Microsoft 365 Personal
- Office Home & Business 2021
- Office Home & Home 2021
- Microsoft 365 For Small and Medium Businesses plans: These include the following plans:
- Microsoft 365 Business Basic
- Microsoft 365 Business Standard
- Microsoft 365 Business Premium
- Microsoft 365 Apps for Business
- Microsoft 365 For Enterprise plans: These include the following plans:
- Microsoft 365 E3
- Microsoft 365 E5
- Microsoft 365 Apps for Enterprise
- Microsoft 365 For Frontline Workers plans: These include the following plans:
- Microsoft 365 F1
- Microsoft 365 F3
- Microsoft 365 F5
Other Microsoft 365 and Office 365 offers include plans specifically suited for governments, education (academic institutions), nonprofit organizations, the US government, and 21Vianet-operated areas (China).
Microsoft 365 is comprised of three components, and each component has its own tier, such as E3, F3, or A3, with different capabilities included:
- Office 365: This includes a cloud-based suite of productivity applications and services, information protection capabilities such as message encryption, rights management, and data loss prevention for files and email messages; compliance capabilities such as mailbox litigation hold and eDiscovery; and data analytics with powerful visualization
- Windows Enterprise: This includes advanced features aimed and designed specifically for larger organizations and enterprises, such as operating system deployment and update control, device and application management capabilities, universal print, Microsoft Defender for Endpoint, and advanced protection against security threats
- EM+S: This is a mobility management and security platform that includes advanced identity and access management, endpoint management, information protection capabilities, and advanced identity-related security enhancements
Microsoft 365 comprises many products and features, such as the web, mobile, and desktop versions of Word, Excel, PowerPoint, and Outlook, advanced security, tools to create personalized documents, cyber threat protection, and access and data control features. Depending on organizational size, Microsoft has gathered and included a variety of products in different product packages, or plans, and we will introduce the most important and most prevalent ones.
Products and features
While products included in Microsoft 365 plans have many features, we have put an emphasis on security and compliance capabilities. That means we deliberately have not included tables and descriptions of all features, with the intention of preserving readability, decluttering the book content, and focusing on security and compliance-related products.
Microsoft 365 for small and medium-sized businesses
Microsoft 365 Business plans are specifically adapted to the needs of small and medium businesses, for up to 300 users. If your organization has a need to license more than 300 users, you need to consider using Microsoft 365 Enterprise licenses.
The following table shows you the security and compliance capabilities and features of Microsoft 365 user subscription suites for small and medium-sized businesses:
|
Microsoft 365 Suites for Small and Medium-Sized Businesses
|
|
|
Basic
|
Standard
|
Premium
|
|
Threat Protection
|
|
Microsoft Defender for Business
|
|
|
•
|
|
Microsoft Defender Exploit Guard
|
|
|
•
|
|
Microsoft Defender Credential Guard
|
|
|
•
|
|
BitLocker and BitLocker To Go
|
|
|
•
|
|
Windows Information Protection
|
|
|
•
|
|
Microsoft Defender for Office 365 Plan 1
|
|
|
•
|
|
Identity and Access Management
|
|
Microsoft Entra ID 1
|
|
|
•
|
|
User provisioning
|
|
|
•
|
|
Cloud user self-service password change
|
•
|
•
|
•
|
|
Cloud user self-service password reset
|
|
•
|
•
|
|
Hybrid user self-service password change/reset with on-premises write-back
|
|
|
•
|
|
Conditional Access
|
|
|
•
|
|
On-premises Active Directory sync for single sign-on (SSO)
|
|
|
•
|
|
Windows Hello for Business
|
|
|
•
|
|
Cloud Access Security Broker
|
|
Microsoft Defender for Cloud Apps Discovery
|
|
|
•
|
|
Information Protection
|
|
Azure Information Protection
|
|
|
Plan 1
|
|
Manual, default, and mandatory sensitivity labeling in Office 365
|
|
|
•
|
|
Manual labeling with the AIP app and plugin
|
|
|
•
|
|
Data Loss Prevention (DLP) for emails and files
|
|
|
•
|
|
Basic Message Encryption
|
|
|
•
|
|
Data Lifecycle Management
|
|
Manual retention labels
|
|
|
•
|
|
Basic org-wide or location-wide retention policies
|
|
|
•
|
|
Teams message retention policies
|
•
|
•
|
•
|
|
eDiscovery and Auditing
|
|
Content Search
|
•
|
•
|
•
|
|
Litigation Hold
|
|
|
•
|
|
Audit (Standard)
|
•
|
•
|
•
|
|
Security and Compliance
|
|
Microsoft 365 Information Protection and Governance
|
+1
|
+1
|
+
|
|
Microsoft 365 E5 Insider Risk Management
|
+
|
+
|
+
|
|
Microsoft 365 E5 eDiscovery and Audit
|
+
|
+
|
+
|
|
Microsoft Defender for Business
|
+
|
+
|
•
|
|
Microsoft Defender for Business servers add-ons for Microsoft Defender for Business
|
+5
|
+5
|
+5
|
|
Microsoft Defender for Identity
|
+
|
+
|
+
|
|
Microsoft Defender for Office 365 Plan 1
|
+
|
+
|
•
|
|
Microsoft Defender for Office 365 Plan 2
|
+
|
+
|
+
|
|
Microsoft Defender for Cloud Apps
|
+
|
+
|
+
|
|
App governance add-on for Microsoft Defender for Cloud Apps
|
+2
|
+2
|
+2
|
|
Microsoft Defender for Endpoint Plan 1
|
+
|
+
|
+
|
|
Microsoft Defender for Endpoint Plan 2
|
+
|
+
|
+
|
|
Premium Assessments add-on for Compliance Manager3
|
+
|
+
|
+
|
|
Microsoft Entra ID 1
|
+
|
+
|
•
|
|
Microsoft Entra ID 2
|
+
|
+
|
+
|
|
Microsoft Intune Plan 1
|
+
|
+
|
•
|
|
Microsoft Intune Plan 2
|
+4
|
+4
|
+
|
|
Microsoft Intune Suite
|
+4
|
+4
|
+
|
|
Microsoft Intune Remote Help
|
+4
|
+4
|
+
|
|
Microsoft Purview Data Loss Prevention (for email and files)
|
+
|
+
|
•
|
|
Exchange Archiving
|
+
|
+
|
•
|
Table 1.1 – Microsoft 365 Suites for small and medium-sized businesses
For the current list of features in Microsoft 365 Business plans, see the following page: https://www.microsoft.com/en/microsoft-365/business/compare-all-microsoft-365-business-products-d?market=af
Here is what the different symbols in the table mean:
Microsoft 365 for Enterprise plans represent a suite of products bundled and tailored specifically for the enterprise market, with some unique capabilities relevant to organizations with a larger employee base.
Microsoft 365 for enterprise
Microsoft 365 for Enterprise suites contain solutions and products designed for and targeted primarily at large organizations, although small businesses or medium-sized businesses can take advantage of these more advanced security, compliance, and productivity solutions as well.
Local and productivity services include content and productivity applications such as Microsoft 365 Apps for Enterprise with enterprise deployment and update options, Exchange Online, SharePoint Online, Skype for Business, Microsoft Teams, and Yammer, including simplified and advanced deployment, management, and servicing options such as Windows Enterprise deployment with an upgrade in place and Autopilot, plus auto-enrollment of Windows PCs and devices.
Security options comprise possibilities that span operating systems, device management, and advanced security services and include identity and access management, information protection, threat protection, and security management products and features such as Microsoft Defender for Office 365, SharePoint and Exchange Online access policies, Azure Information Protection (AIP), Microsoft 365 DLP policies, Microsoft Defender for Endpoint, Windows Hello for Business, Windows Information Protection (WIP), Microsoft Intune, device-based Conditional Access policies, Microsoft Entra ID Privileged Identity Management (PIM), Advanced Threat Analytics (ATA), Microsoft Defender for Identity, and Microsoft Cloud App Security Azure Multi-Factor Authentication.
Note
Microsoft stopped developing WIP from July 2022. WIP will still work on the Windows versions that support it, but it will not get any new features or updates. Future Windows versions will not have WIP. Microsoft suggests that you use Microsoft Purview Information Protection and Microsoft Purview Data Loss Prevention for your data protection needs. Purview makes it easier to set up and offers more advanced capabilities.
When customers and information technology professionals think about Microsoft 365 Enterprise plans, they usually refer to two major plans:
- Microsoft 365 E3
- Microsoft 365 E5
Though there are, of course, more than two Microsoft 365 plans, some that even Microsoft sometimes likes to classify as plans with Enterprise-like features:
- Microsoft 365 F1
- Microsoft 365 F3
- Microsoft 365 F5
For Microsoft 365 Enterprise plans customers, several add-ons are available:
- Identity & Threat Protection
- Information Protection & Governance
- Compliance
- Insider Risk Management
- eDiscovery & Audit
- Security
Companies who want to bring their security posture to a higher level can decide to invest in EM+S suites, which include advanced identity and access management, endpoint management, and information protection products.
Conveniently, the following tables compare Microsoft 365 E3, E5, E5 Security, and E5 Compliance plans along with EM+S E3 and E5 plans and show their characteristics.
The following table shows the comprehensive information protection, data loss prevention, and threat protection capabilities in Microsoft 365, including a list of numerous products carrying the Microsoft Defender name:
|
|
Microsoft 365
|
Enterprise Mobility + Security
|
|
|
E3
|
E5
|
E5 Security1
|
E5 Compliance1
|
E3
|
E5
|
|
Information Protection
|
|
Azure Information Protection Plan 1
|
•
|
|
|
|
•
|
|
|
Azure Information Protection Plan 2
|
|
•
|
|
•
|
|
•
|
|
Manual, default, and mandatory sensitivity labeling in Microsoft 365 apps
|
•
|
•
|
|
|
•
|
•
|
|
Automatic sensitivity labeling in Microsoft 365 apps
|
|
•
|
|
•
|
|
•
|
|
Manual labeling with the AIP app and plugin
|
•
|
•
|
|
|
•
|
•
|
|
Automatic labeling in the AIP plugin
|
|
•
|
|
•
|
|
•
|
|
Default sensitivity labels for SharePoint document libraries
|
|
•
|
|
•
|
|
|
|
Automatic sensitivity labels in Exchange, SharePoint, and OneDrive
|
|
•
|
|
•
|
|
|
|
Sensitivity labels based on machine learning/trainable classifiers/exact data match
|
|
•
|
|
•
|
|
|
|
Sensitivity labels for containers in Microsoft 365
|
•
|
•
|
|
|
|
|
|
Basic message encryption
|
•
|
•
|
|
|
•2
|
•2
|
|
Advanced message encryption
|
|
•
|
|
•
|
|
•2
|
|
Customer Key
|
|
•
|
|
•
|
|
|
|
Personal Data Encryption
|
•
|
•
|
|
|
|
|
|
Data Loss Prevention (DLP)
|
|
DLP for emails and files
|
•
|
•
|
|
|
|
|
|
DLP for Teams chat
|
|
•
|
|
•
|
|
|
|
Endpoint DLP
|
|
•
|
|
•
|
|
|
|
Threat Protection
|
|
Microsoft Defender Antimalware
|
•
|
•
|
|
|
|
|
|
Microsoft Defender Firewall
|
•
|
•
|
|
|
|
|
|
Microsoft Defender Exploit Guard
|
•
|
•
|
|
|
|
|
|
Microsoft Defender Credential Guard
|
•
|
•
|
|
|
|
|
|
BitLocker and BitLocker To Go
|
•
|
•
|
|
|
|
|
|
Microsoft Defender for Endpoint Plan 1
|
•
|
•
|
|
|
|
|
|
Microsoft Defender for Endpoint Plan 2
|
|
•
|
•
|
|
|
|
|
Microsoft Defender for Identity
|
|
•
|
•
|
|
|
•
|
|
Microsoft Defender for Office 365 Plan 2
|
|
•
|
•
|
|
|
|
|
Microsoft Defender Application Guard for Edge
|
•
|
•
|
|
|
|
|
|
Microsoft Defender Application Guard for Office
|
|
•
|
•
|
|
|
|
|
Safe Documents
|
|
•
|
•
|
|
|
|
|
Cloud Access Security Broker
|
|
Microsoft Defender for Cloud Apps Discovery
|
•
|
•
|
|
|
•
|
•
|
|
Microsoft Defender for Cloud Apps
|
|
•
|
•
|
•
|
|
•
|
|
Office 365 Cloud App Security
|
|
|
•
|
•
|
|
•
|
Table 1.2 – Microsoft 365 plans Information Protection, DLP and Threat Protection features
This table shows the broad identity and access management, as well as endpoint and application management, capabilities available in Microsoft 365 suites:
|
|
Microsoft 365
|
Enterprise Mobility + Security
|
|
|
E3
|
E5
|
E5 Security1
|
E5 Compliance1
|
E3
|
E5
|
|
Identity and Access Management
|
|
Microsoft Entra ID P1
|
•
|
|
|
|
•
|
|
|
Microsoft Entra ID P2
|
|
•
|
•
|
|
|
•
|
|
User provisioning
|
•
|
•
|
•
|
|
•
|
•
|
|
Cloud user self-service password change
|
•
|
•
|
•
|
|
•
|
•
|
|
Cloud user self-service password reset
|
•
|
•
|
•
|
|
•
|
•
|
|
Hybrid user self-service password change/reset with on-premises write-back
|
•
|
•
|
•
|
|
•
|
•
|
|
Advanced security reports
|
•
|
•
|
•
|
|
•
|
•
|
|
Multifactor authentication
|
•
|
•
|
•
|
|
•
|
•
|
|
Conditional Access
|
•
|
•
|
•
|
|
•
|
•
|
|
Risk-based Conditional Access/Identity Protection
|
|
•
|
•
|
|
|
•
|
|
PIM
|
|
•
|
•
|
|
|
•
|
|
Access reviews
|
|
•
|
•
|
|
|
•
|
|
Entitlement management
|
|
•
|
•
|
|
|
•
|
|
Microsoft 365 Groups
|
•
|
•
|
|
|
|
|
|
On-premises Active Directory sync for SSO
|
•
|
•
|
|
|
•
|
•
|
|
DirectAccess supported
|
•
|
•
|
|
|
|
|
|
Windows Hello for Business
|
•
|
•
|
|
|
|
|
|
Microsoft ATA
|
•
|
•
|
|
|
•
|
•
|
|
Endpoint and Application Management
|
|
Microsoft Intune Plan 1
|
•
|
•
|
|
|
•
|
•
|
|
Mobile Device Management
|
•
|
•
|
|
|
•
|
•
|
|
Mobile Application Management
|
•
|
•
|
|
|
•
|
•
|
|
Windows Autopilot
|
•
|
•
|
|
|
•3
|
•3
|
|
Group Policy support
|
•
|
•
|
|
|
|
|
|
Cloud Policy service for Microsoft 365
|
•
|
•
|
|
|
|
|
|
Shared computer activation for Microsoft 365 apps
|
•
|
•
|
|
|
|
|
|
Endpoint analytics
|
•
|
•
|
|
|
•
|
•
|
|
Cortana management
|
•
|
•
|
|
|
|
|
Table 1.3 – Microsoft 365 plans IAM, and Endpoint and Application Management features
Thorough insider risk management, governance, and records management, together with discovery and auditing features in Microsoft 365 are listed in the following table:
|
|
Microsoft 365
|
Enterprise Mobility + Security
|
|
|
E3
|
E5
|
E5 Security1
|
E5 Compliance1
|
E3
|
E5
|
|
Data Lifecycle Management
|
|
Manual retention labels
|
•
|
•
|
|
|
•
|
•
|
|
Basic org-wide or location-wide retention labels
|
•
|
•
|
|
|
|
|
|
Rule-based automatic retention policies
|
|
•
|
|
|
|
|
|
Machine learning-based retention
|
|
•
|
|
|
|
|
|
Teams message retention policies
|
•
|
•
|
|
|
|
|
|
Records management
|
|
•
|
|
|
|
|
|
eDiscovery and Auditing
|
|
Content search
|
•
|
•
|
|
|
|
|
|
eDiscovery (Standard) (including Hold and Export)
|
•
|
•
|
|
|
|
|
|
Litigation hold
|
•
|
•
|
|
|
|
|
|
eDiscovery (Premium)
|
|
•
|
|
|
|
|
|
Audit (Standard)
|
•
|
•
|
|
|
|
|
|
Audit (Premium)
|
|
•
|
|
|
|
|
|
Insider Risk Management
|
|
Microsoft Purview Insider Risk Management
|
|
•
|
|
|
|
|
|
Communication Compliance
|
|
•
|
|
|
|
|
|
Information Barriers
|
|
•
|
|
|
|
|
|
Customer Lockbox
|
|
•
|
|
|
|
|
|
Privileged access management
|
|
•
|
|
|
|
|
Table 1.4 – Microsoft 365 plans DLM, eDiscovery, and IRM features
Here is what the different symbols in the table mean:
- • = Included in the plan
- 1 - Requires Microsoft 365 E3 (or Office 365 E3 and EM+S E3)
- 2 - Does not include an Exchange email service
- 3 – Does not include a Windows license
Along with product and feature placement into suites and plans, it is important to know that if you have already purchased a plan license, there is a possibility to acquire a license for a product or a feature as a separate license. That way, flexible options exist to tailor and adjust licensing options and product licensing tightly to your company’s requirements and needs. Additionally, licensing is available as a monthly subscription, as well as a yearly commitment, enabling you to save additional costs.
Microsoft 365 add-ons
Microsoft 365 plans include additional options as add-ons, where this table displays add-on subscriptions for E3 and E5 plans:
|
Microsoft 365 Add-On Subscriptions
|
|
|
E3
|
E5
|
|
Microsoft 365 E5 Security
|
+
|
•
|
|
Microsoft 365 E5 Compliance
|
+
|
•
|
|
Microsoft 365 E5 Information Protection and Governance
|
+
|
•
|
|
Microsoft 365 E5 Insider Risk Management
|
+
|
•
|
|
Forensic evidence add-on for Insider Risk Management
|
N/A
|
•
|
|
Microsoft 365 E5 eDiscovery and Audit
|
+
|
•
|
|
Microsoft Defender for Identity
|
+
|
•
|
|
Microsoft Defender for Office 365 Plan 1
|
+
|
•
|
|
Microsoft Defender for Office 365 Plan 2
|
+
|
•
|
|
Microsoft Defender for Cloud Apps
|
+
|
•
|
|
App governance add-on for Microsoft Defender for Cloud Apps
|
+1
|
+
|
|
Microsoft Defender for Endpoint Plan 1
|
•
|
•
|
|
Microsoft Defender for Endpoint Plan 2
|
+
|
•
|
|
Microsoft Defender Vulnerability Management
|
+2
|
+
|
|
Premium Assessments add-on for Compliance Manager3
|
+
|
+
|
|
Priva Privacy Risk Management
|
+
|
+
|
|
Priva Subject Rights Requests
|
+
|
+
|
|
Compliance Program for Microsoft Cloud
|
+
|
+
|
|
Microsoft Purview Data Loss Prevention (for email and files)
|
•
|
•
|
|
Exchange Archiving
|
•
|
•
|
|
Microsoft Entra ID P1
|
•
|
•
|
|
Microsoft Entra ID P2
|
+
|
•
|
|
Microsoft Intune Plan 1
|
•
|
•
|
|
Microsoft Intune Plan 2
|
+
|
+
|
|
Microsoft Intune Suite
|
+
|
+
|
|
Microsoft Intune Remote Help
|
+
|
+
|
|
10-year audit log retention
|
N/A
|
+
|
Table 1.5 – Add ons for Microsoft 365 E3 and E5 plans
Here is what the different symbols in the table mean:
Microsoft has provided flexible licensing options and plans tailored to a variety of business, academic, and not-for-profit users, as well as individual licensing options. However, you should always check the current plans, products, features, characteristics, and prices whenever considering purchasing licenses for plans and products.
Microsoft 365 and Office 365 service descriptions
For an up-to-date and very detailed overview of Microsoft 365 and Office 365 service descriptions, please visit the official Microsoft page at https://learn.microsoft.com/en-us/office365/servicedescriptions/office-365-service-descriptions-technet-library.
Microsoft 365 licensing
Microsoft 365 is licensed on a User Subscription License (USL) principle, where each user that accesses Microsoft 365 services and/or software requires a license or a USL. If you meet the prerequisites for a plan, you can use any combination of Microsoft 365 plans.
Licensing Program is the name of a channel through which you can purchase Microsoft 365 licenses, and there are several Licensing Programs where you can obtain a license. One way is through Microsoft Volume Licensing (VL) where several options are available for commercial customers:
- Enterprise Agreement (EA)
- Enterprise Agreement Subscription (EAS)
- Microsoft Products and Services Agreement (MPSA): This is for commercial and government customers
Additional channels, for customers with cloud-only deployments, Microsoft 365 is also available via the following services:
- Cloud Solution Provider (CSP) program
- Microsoft Online Subscription Program (MOSP/Web Direct)
Microsoft 365 F1/F3 and E3/E5 are available through the Enterprise Enrollment or Enterprise Subscription Enrollment as a full user subscription license. Microsoft 365 E3/E5 is also available as an add-on license, or a “From SA” USL. (SA stands for Software Assurance)
Here is the comparison table for different licensing options:
|
License
|
Who the license is for
|
Can be ordered
|
|
Microsoft 365 Full USL
|
New Enterprise Agreement/Enterprise Agreement subscription customers
Existing Enterprise Agreement/Enterprise Agreement subscription customers who are in one of two positions:
Customers who are not currently licensed
Customers who want to license net new users
|
Mid-term
Anniversary
Renewal
|
|
Microsoft 365 Add-on
|
Existing Enterprise Agreement/Enterprise Agreement subscription customers who are in one of the following positions:
Customers who are currently paying for Licenses and Software Assurance (L+SA)
Customers who want to license some or all existing users for the enterprise platform
Customers who want to maintain on-premises use rights
|
Mid-term
Anniversary
Renewal
|
|
Microsoft 365 “From SA”
US
|
Existing Enterprise Agreement/Enterprise Agreement subscription customers who are in one of the following positions:
Customers who have fully paid licenses
Customers who are currently paying for Software Assurance only
Customers who want to license existing users
|
Anniversary
Renewal (recommended)
|
Table 1.6 - Comparing different licensing options
Microsoft 365 users are entitled to on-premises rights to Productivity Servers and Office Professional Plus when purchasing through EA/EAS enrollment, but not when purchasing through Microsoft Customer Agreement or Web Direct, on the following terms:
- While it is not a license entitlement, users have a right to install and use server and client software for the duration of the subscription; that is, they have the rights to access any licensed on-premises servers.
- Users have the rights to install the server software on on-premises servers. Downgrade rights are included.
- Rights to install Exchange Server, SharePoint Server, Skype for Business Server.
- On-premises rights do not include Software Assurance benefits and are not license rights.
The Productivity Server right includes the following features:
- Unlimited server installs
- Access rights are granted exclusively to Microsoft 365 Enterprise users
- Customer-dedicated hardware server deployments only
- No rights to deploy in multi-tenant cloud scenarios
Office Professional Plus includes the following features:
- One copy for local installation per duration of Microsoft 365 subscription
- The rights to Full User Subscription License (FUSL) users, up to a 1:1 ratio of “From SA” USLs purchased Downgrade rights are included for Office Professional Plus software
- No rights to deploy clients on servers with RDS
Note
Microsoft 365 E3 and E5 USL license a user for access to Windows Server but do not include a license for the Windows Server product itself.
After reviewing licensing and product options for a variety of Microsoft 365 plans, products, and features, we are now ready to explore products in Microsoft 365 related to security, protection, and governance.
Free Chapter
