Cloud Direct Learning Hub

How we help

What we do

Explore

AI agents might’ve started the year as a buzzword, but they’ve quickly become the modus operandi. They’re moving quickly, developing from early personal productivity tools to systems that are accessing data, taking actions, and operating across your Microsoft 365 environment and beyond.

It signals a huge shift in our ways of working, and in turn introduces new challenges for IT teams: how do you safely govern, secure, and scale agents as they become part of everyday work across departments, in teams, and even for individuals?

Microsoft is answering that question with the release of Agent 365 on 1 May. Rather than being another agent-building tool, Agent 365 is designed as a control plane that gives IT and Security leaders visibility and control of agents across their organisations.

With General Availability right around the corner, we’re here to answer what Agent 365 is (and isn’t), why it will matter to your business, and how your technology teams should approach it.

What is Microsoft Agent 365?

Microsoft Agent 365 is the governance and management layer for AI agents, operating within the Microsoft 365 tenant. Rather than creating agents, it makes them observable, governable, and secure once they exist.

As organisations move to adopt agents built through various tools, such as Copilot Studio and in some cases third-party platforms, IT teams face the familiar risks of limited visibility, inconsistent controls, unclear ownership, and mounting audit pressure. Agent 365 closes those gaps.

At its core, Agent 365 gives organisations a single place to discover agents, apply policy, monitor behaviour, and integrate agent activity into existing security and compliance controls. It extends the same core principles IT teams already apply to users, devices and workloads – identity, least privilege, auditing and the rest – to AI agents.

The aim of Agent 365 isn’t to slow innovation. It’s to accelerate safe adoption as agents move beyond pilots and into production.

How is Microsoft Agent 365 different to Copilot, Agent Builder, and Copilot Studio?

So far, where Agent 365 fits in among other Microsoft AI tools has proven to be a common source of confusion. In simple terms:

  • Copilot and Agent Builder help people use agents
  • Copilot Studio and Azure AI Foundry help people build agents
  • Agent 365 helps IT teams govern agents

Agent 365 doesn’t replace Copilot, Copilot Studio or Foundry – it sits above them. You still use those tools to create agents, define workflows, or integrate systems. Agent 365 becomes the layer that ensures those agents are known, approved, and operating within agreed boundaries once deployed.

This distinction matters because agent development and adoption is no longer limited to IT teams. As employees build their own agents and departments deploy automations, governance needs to scale without reverting to manual controls or blocking progress. Agent 365 provides that shared operating layer.

What’s included at GA on 1 May, and what will evolve over time?

Microsoft Agent 365 becomes generally available on 1 May 2026, alongside Microsoft 365 E7. At launch, the emphasis is squarely on visibility, identity and governance, rather than on autonomous execution. You’ll be able to:

  • Discover and catalogue agents operating across the tenant
  • Apply consistent identity and access controls using Microsoft Entra
  • Monitor agent activity through existing admin and security tooling
  • Extend auditing, compliance and data protection policies to agents

But Agent 365 will continue to evolve beyond GA, and Microsoft has been clear that agent maturity will be incremental with additional capabilities emerging as customer patterns stabilise and governance models mature.

For IT teams, the important takeaway is not to wait for “full autonomy” before engaging with Agent 365, but to establish operational visibility and guardrails early, alongside adoption acceleration.

How does Agent 365 manage agent identity, access, and auditing?

One of the most significant aspects of Agent 365 is how it treats agents as first‑class identities within the Microsoft ecosystem. Using Microsoft Entra, agents can be brought into familiar identity and access models, enabling:

  • Clear ownership and lifecycle management
  • Least‑privilege access to data and services
  • Consistent policy enforcement across users and agents
  • Centralised auditing and activity tracking

This approach is critical as agents gain the ability to act on behalf of users or processes. Without an identitydriven model, organisations risk repeating shadow IT problems – this time with AI.

By integrating agent activity into the same security, compliance and monitoring platforms that teams already use, Agent 365 helps reduce fragmentation and operational overheads. This is where Agent 365 becomes a platform enabler, rather than an extra tool.

How is Agent 365 licensed, and who actually needs it?

Agent 365 is licensed per user, rather than per agent or organisation. The license applies to users who benefit from, or rely on, Agent 365 capabilities to govern and manage agents acting on their behalf, and is available:

  • As a standalone add-on, or
  • Included within the Microsoft 365 E7 SKU, alongside E5, Copilot, and Entra Suite

Not all your users will need Agent 365 on day one. For many organisations, adoption will start with IT admins, security teams and power users who are already deploying or overseeing agent use cases.

From a planning perspective, Agent 365 is designed to scale alongside your agent maturity, rather than penalise and inhibit early experimentation.

How should IT teams prepare for Agent 365?

Remember that Agent 365 is a solution to the challenges that IT teams are facing, not a new hurdle to overcome. The risk is ungoverned agents, and Agent 365 is the best possible way to tackle it.

As with onboarding any new tool, preparation is key. Important areas to focus on are:

  • Understanding where agents are already being used (or tested)
  • Aligning agent use with identity, data and security policies
  • Clarifying ownership and approval models
  • Treating agents as part of the broader Copilot and AI operating model

Agent 365 will be most valuable when it is introduced early, before agent sprawl sets in. This is an opportunity to shape how AI is operationalised, and balance innovation with responsibility rather than reacting after the fact. To find out more about how to implement Agent 365, reach out to one of our experts using the form below.

Microsoft has introduced Microsoft 365 E7, a new enterprise licensing tier designed for organisations looking to scale AI securely across the business. It brings together productivity, AI, security, identity and governance into a single licence, aimed at the next phase of Microsoft’s AI strategy.

What does Microsoft E7 include?

  • Microsoft 365 E5 for advanced productivity, security and compliance
  • Microsoft 365 Copilot, embedded across Microsoft apps
  • Microsoft Entra Suite for enhanced identity and access governance
  • Agent 365, providing central oversight and control for AI Agents

Rather than stitching together multiple licences and add‑ons, E7 offers a consolidated platform for organisations moving beyond AI experimentation.

What’s new, and why does it matter?

E7 reflects a shift from using AI as an assistant to operating AI at scale. Microsoft’s focus is increasingly on AI Agents that can take actions, interact with systems and support workflows – all while being governed through identity, security and compliance controls.

Why consider E7 now?

E7 may be worth considering if your organisation is:

  • Planning to scale Copilot beyond small pilots
  • Exploring or deploying AI Agents that take actions
  • Operating in a security‑ or compliance‑driven environment
  • Managing growing complexity across Microsoft licences and add‑ons

For some organisations, E7 can also simplify cost modelling by consolidating multiple capabilities into a single licence.

Is E7 right for your organisation?

Take the quiz below to find out whether or not moving to E7 licensing on Friday 1 May is the best move for your business in just 30 seconds.

What next?

E7 won’t be right for everyone – but for organisations scaling AI securely, it represents a real opportunity in Microsoft licensing. If your results suggest E7 may be relevant, then we’re here to help.

Every year, Microsoft retires a new wave of products as it accelerates its cloud-first and AI-powered roadmap. For IT leaders, these changes can directly impact security, budget planning, operational continuity, and the ability to adopt the latest Microsoft innovations. 

2026, in particular, is a year of major inflection points. Several widely deployed Microsoft platforms move into final support phases or are superseded by modern cloud equivalents. At the same time, Microsoft is combining parts of its security ecosystem. Most notably unifying Sentinel (SIEM) and Defender XDR–led operations under a single operational model. 

This guide highlights the key product changes coming in 2026, so that you can prepare for how these may affect your organisation.  

Why Microsoft End of Life in 2026 Matters for IT Leaders

End of Support isn’t just a date in a spreadsheet. It has real-world implications:

1. An increase in security risk 

Unsupported systems become immediate targets for attackers. No patches, no fixes mean just vulnerabilities waiting to be exploited. In today’s landscape, this is no longer acceptable risk; it is a board level issue. 

2. Blockers to modernisation and AI adoption 

Legacy operating systems and server platforms cannot support Microsoft’s modern technologies such as AI services like Copilot. Staying on outdated systems means you cannot use the capabilities Microsoft is investing in the most. Therefore, limiting the innovation of your organisation. 

3. Rising operational cost and technical debt 

Legacy infrastructure becomes increasingly expensive to maintain, whether due to bolt on security solutions, extended support costs, or complex workarounds needed to keep ageing apps running. 

2026’s Most Impactful End of Support Milestones 

Mark your calendars. These are the product changes you need to know. 

Windows 10 

Deadline: 2026 marks the end of Year 1 ESU 

While the primary Windows 10 end of support (EOS) date landed in 2025, many organisations will rely on Extended Security Updates (ESUs) through 2026. Crucially, 2026 is Year 1 of ESU, which is the lowest cost year before fees escalate significantly. 

Remaining on Windows 10 means organisations shoulder increasing risk and cost. It also limits access to new capabilities delivered only on Windows 11, including Copilot and Intune management features. 

For IT leaders, 2026 is the final window to: 

  • Complete fleet migration to Windows 11 
  • Retire non-compliant hardware 
  • Evaluate Windows 365 for legacy application continuity 
  • Refresh endpoint standards and Zero Trust policy enforcement 

Windows Server 2016 

Deadline: EOS 12 January 2027. 2026 is the final full year to migrate 

Windows Server 2016 moves into its last full year of support in 2026, ahead of its hard EOS on January 12, 2027. Despite its age, it remains heavily deployed across midmarket and enterprise environments, often underpinning identity, file services, and key business applications. 

Outdated servers introduce material risk into the environment. Particularly when used for Domain Controllers or critical application workloads. As a result, 2026 becomes the decisive year for planning and executing migrations. 

Recommended priorities include: 

  • Assessing which workloads can be rehosted or modernised in Azure 
  • Upgrading or redesigning domain controller architecture 
  • Planning dependency remediation for older line of business apps  

SQL Server 2016 

Deadline: EOL on July 14, 2026 

SQL Server 2016 remains common across operational reporting systems, ERP backends, and custom applications. Its hard deadline of 14 July 2026 means organisations must accelerate planning now, particularly where refactoring or cloud migration is required. 

Migrating from SQL 2016 opens the door to: 

  • Azure SQL Managed Instance 
  • Azure SQL Database PaaS 
  • SQL Server 2022 (for on-prem regulatory or isolation requirements) 
  • A more modern data platform aligned to Azure, Fabric, and AI initiatives 

SharePoint Server 2016 

Deadline: EOL on July 14, 2026 

On premises SharePoint is still widely used in organisations with complex intranet structures, document retention requirements, or customised workflows. These organisations face rising operational risk if they are not quick to react. 

Migrating to Microsoft 365 brings significant benefits. Including more secure collaboration, modern intranet capabilities via Viva Connections, Power Platform based workflow automation, and reduced infrastructure overhead. 

Office LTSC 2021 

Deadline: EOL on October 13, 2026 

This is important for organisations that deliberately avoided cloud subscriptions. Office LTSC 2021 was often purchased as the “safe”, perpetual alternative to Microsoft 365. But its end of support on 13 October 2026 forces a strategic decision: 

  • Move to Microsoft 365 Apps for Enterprise 
  • Or accept major compatibility, security, and integration limitations 

More importantly, Office LTSC will not benefit from the rapid innovation cycle. Meaning your organisation will miss out on the latest AI and collaboration offerings that are central to Microsoft’s ecosystem. 

Security Modernisation: Sentinel to Defender Portal Consolidation 

This isn’t a product retirement, but it is a major operational shift. 

New sunset date: 31 March 2027 

Microsoft has extended the retirement date of the classic Log Analytics based Sentinel portal in favour of the unified Defender security portal, from 1 July 2026 to 31 March 2027. This allows customers to additional time to seamlessly migrate.  

This change means: 

  • Investigation, hunting, and response become Defender centric 
  • Sentinel continues as a SIEM, but its UI moves into Defender 
  • SOC teams must retrain on new workflows 
  • Tooling consolidation may reduce duplicated platforms 

This aligns with Microsoft’s broader strategy: unified SIEM and XDR experiences under Defender, reducing complexity and improving correlation across identity, endpoint, network, and cloud workloads. 

Conclusion: 2026 Is the Year to Reduce Risk and Remove Roadblocks 

The Microsoft products hitting end of support, or undergoing major strategic repositioning in 2026 represent some of the most widely deployed technologies in corporate IT. 

Addressing them means reducing security risk, unlocking AI capabilities, and freeing your organisation from legacy technical debt. 

Acting on these changes in 2026 will set the foundation for a more innovative future for your organisation.  

Not sure where to begin? Reach out to one of our experts using the form below. Tell us the technology you are concerned about and we will be in touch to discuss a solution right for you.