At one point in my career I was the IS Director of a small (that is, about 3500 installed computers) Microsoft Enterprise customer, so I have some sense of what you are saying.
In general, large business replace desktops and laptops on a 3-5 year cycle, laptops more quickly than desktops, for obvious reasons. The CPU support specifications seem to correlate with that cycle but also seem to be pushing the cycle (the Core 7000 series (not supported) was incorporated in mainstream business computers in 2017-2018, the 8000 series (supported) was incorporated in 2018-2019). The former is roughly five years, the latter roughly three years.
I am not surprised that Windows 11 will not support older hardware (the computing environment has changed a lot in the last few years, particularly in the security area), but I was surprised at the 8th generation cutoff. I would have expected that the cutoff would have been tied to a 5-year cutoff, or 2016-2017 (that is to say 7th generation Core, for example), not 2018-2019.
My guess is that Microsoft is going to back off to at least the 2016-2017 generation of CPU's before Windows 11 is released, although it might not. The reason it might not is that the Enterprise customer base is a slow-adopter base (there are enormous costs involved in implementing a new OS), and I would be surprised if Enterprise customers adopted Windows 11 in quantity before 2023 at the earliest. Testing and pilot installations, to be sure, but company-wide cutover, probably not. That would bring the release and replacement cycles more or less in sync.
Depending on consumer reaction (blowback, to be more accurate) Microsoft might back off more. As you note ("... the MS team does add further support on older systems by around the time of release or a bit thereafter ...") Microsoft has a history of expanding eligibility upon release.
The thing that gives me pause is this statement:
While we recommend that all PCs meet the full hardware requirements for Windows 11, we are allowing some limited exceptions as we apply these new restrictions. All Windows Insiders who have already been installing builds from the Dev Channel on their PCs up through June 24, 2021 will be allowed to continue installing Windows 11 Insider Preview builds even if their PC does not meet the minimum hardware requirements. Insiders with PCs already in the Dev Channel have been installing and giving feedback on builds with Windows 11 features since last year. Our way of saying thanks is to go ahead and give them the opportunity to see everything come together. ... Once Windows 11 is generally available, these PCs will be opted out of flighting and will not be able to receive future Windows 11 Insider Preview builds. These PCs must clean install back to Windows 10 with the media (ISOs) that we provide and can then join the Release Preview Channel to preview Windows 10 updates.
That suggests that Microsoft might not follow past practice in the case of Windows 11.
You are right about that, and I did not sufficiently qualify my statement with "if" in the second post, as I did in the first. I should have done so.
However, I won't be surprised to see "Secure Boot Enabled" become a requirement for Windows 11 installation within the next few years.
Here's why: Microsoft has required both TPM and Secure Boot be installed on Windows-Certified computers for quite a number of years. Microsoft did not, however, require that either be installed on a computer in order to install Windows 10. What has changed is not the requirement that Windows-Certified computers have TPM and Secure Boot installed, but that but that Windows 11 itself will not install without both existing. That's a significant change, and the change suggests to me that Microsoft is on the cusp of requiring that both TPM and Secure Boot be enabled in order to run Windows 11. When that will happen I don't know, but I am reasonably sure that it will happen. Microsoft has been pushing closer and closer for years now, and it seems to me that Microsoft will pull the trigger sooner or later. To me, it seems to be the logical outcome of Microsoft's thrust to ensure that TPM and Secure Boot become industry standards. Why would Microsoft put all that time and effort into TPM and Secure Boot if Microsoft had no plans to make those components central to Windows security?
I could easily be wrong about that (it could be that Microsoft is requiring TPM and Secure Boot be present simply to cut out the chaff of older computers -- that's what Microsoft seems to be doing by cutting out older processors -- and cutting development/maintenance costs as a result), but I don't think so.