SaaSification Overview

SaaSification is the repeatable method for turning a Windows application into a governed, browser-delivered SaaS experience. It works in three stages: first prove the application runs unconstrained, then tighten the policy until it is properly isolated, and finally project just that one application's window through an App Collection. Working in this order separates compatibility problems from isolation problems, so you never have to guess whether a failure is caused by the app or by the policy.

Stage 1 proves the app runs, Stage 2 tightens the policy, Stage 3 projects the single app.

Why this order

Two variables change as you deliver an application: how much the session trusts it (the policy) and how it is presented (a full desktop versus a single projected window). Changing both at once makes failures ambiguous. The methodology deliberately fixes one variable at a time:

The three stages

Stage 1 — Prove It Runs

Publish the app and deliver it as a fulltrust Virtual Desktop. Confirm it fully launches and works before adding any constraints.

Stage 2 — Tighten the Policy

Clone fulltrust and step down toward lowtrust, testing after each change against an isolation checklist.

Stage 3 — App Collection Delivery

Switch delivery to an App Collection that projects only the single app, and handle apps that need launch rules to run standalone.

Tip

For a concrete, follow-along example of the underlying admin steps — creating a user and group, publishing an app, and cloning a policy — see the Guided Walkthrough: Publish Notepad.