Modern BIOS Management from the Cloudfiles.informatandm.com/uploads/2018/10/Modern_BIOS...“Modern...

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Modern BIOS Management from the Cloud

Josué NegrónSr. Solutions Architect

VMware

Brooks PeppinEUS Systems Engineer

VMware

AgendaModern Management ChallengesCloud ArchitectureMicrosoft BIOS & Firmware UpdatesPowerShell Execution & Deploying DriversManaging & Configuring BIOS for DellAutomated OEM UpdatesSensors to Pull in OEM DetailsIntelligence – Reporting & AutomationQ&A

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM3

With Windows 10, Microsoft Enables “Modern Management” of PCs

Integrated MDM Framework

Simplified Device Onboarding

Cloud-based Management

Microsoft’s own IT is moving away from traditional PC management to modern management for Windows 10.*

* Source: Microsoft IT Showcase; Aug 21, 2017; https://www.microsoft.com/itshowcase/Article/Video/708/Windows-10-deployment-tips-and-tricks-from-Microsoft-IT

OOBE doesn’t fit the bill in all customer situations

Most EMMs

Windows 10

Modern Onboarding

Cloud Updates

MDM Configuration

Device Health

Modern Apps

MDM doesn’t support 1000s of OS and firmware settings

Frequency and size of cloud updates is a challenge

Limited features means more siloed security tools

MDM supports limited Win32 app management

Most EMMs Focus on Limited Windows 10 MDM Capabilities

Peer-to-Peer Distribution

Ready-to-workExperience

Always-up-to-date OS updates

Device HealthAttestation

Win32 AppManagement

Standard Baselines& GPOs

Data Protection

Patch Analytics& Automation

Granular Controls

5. Security3. OS Updates 4. Software2. Configuration1. Onboarding

Asset Tracking

Device and OS Lifecycle Management App Management Zero-Trust Security

App Inventory

BitLocker Management

Company App Store &

Imageless Provisioning

Out-of-the-BoxDeployment

MDM Configuration

Intelligent Insights and Rules Engine

BIOS / Firmware

Management

DeliveryOptimization

AutomatedCompliance

Co-exist withPCLM

Workspace ONE Extends MDM to Meet Critical PC Management Needs

PowerShell

Windows OSWiFi VPN Passcode

Firewall Updates

BitLocker

ZIP, EXE, MSI, P2P

Scripting

Microsoft CSPs

Windows Capabilities

Firmware

VMware CSPDirect Win32

WMI Management API

Policy Engine

CSP / GPO

OMA-DM Client Protection AgentManagement Clients

Workspace ONE UEM Console Management Server

WNS AWCM

OEM Updates

Drivers

Understanding the Workspace ONE UEM Solution Stack

You have two options when leveraging Windows Updates for OEM Updates (Firmware, BIOS, Drivers, etc.):

1. WSUS – devices are on network and have access to WSUS. Very granular control over which updates are approved and when they become available however highly mobile users will never get their updates.

2. Windows Update for Business – devices who are on or off the network, must enable delivery optimization to control large downloads over WAN networks. Granular control when not using auto approvals.

Only works for OEMs who publish their updates to Windows Updates. Works well for Surface devices!

OEM Updates via Windows Updates

Live Demo: Windows Updates in a Cloud

Console

Getting Granular with Scripting

You can leverage scripting to modify and update devices. Intune supports PowerShell scripts, while SCCM and Workspace ONE UEM supports custom scripting (e.g. PS1, BAT, etc.)

1. PROS1. Granular and fits every use-case

2. Automated way of updating devices

2. CONS1. Very custom per device model and OEM

2. Time Consuming

Live Demo: Leveraging Custom Scripting

Deploying Drivers

Leverage software deployment to push drivers to devices, however this might not be the most automated way.

• Most EMMs support deploying MSI packages. Intune now supports other files types with the latest announcement at Ignite!

• Workspace ONE UEM supports deploying EXEs, MSIs (MSI, MSP, MST), and custom ZIP packages (PowerShell wrapped deployments).

• SCCM supports all types and has built-in driver management support.

Overall this is a very manual process to keep drivers updated and deployed, works well when only deploying to a single OEM/Model.

Live Demo: Leveraging Software Distribution

to Deploy Drivers

Dell Command | Monitor

Workspace ONE UEM natively integrates with Dell Command | Monitor to provide the ability to:

1. Set or Read BIOS Attributes 1. Set BIOS Password

2. Update BIOS to UEFI

2. Read System Properties via DCIM classes

3. Report on all attributes and take automated actions (e.g. replace worn batteries before users complain)

4. Supports deploying CCTK packages, created using Dell Command | Configure

Admins just have to create a BIOS profile in the console and Dell Command | Monitor must be installed on the devices.

Live Demo: Configuring and

Reading BIOS Attributes

Dell Command | Update

Workspace ONE UEM natively integrates with Dell Command | Update to provide the ability to:

1. Set Scan Intervals, choose which Updates are Approved, how updates are applied (force reboot, etc.)

2. Provides a per-device and consolidated view of all OEM updates on the devices

3. Provides reporting and automation

Admins just have to create an OEM updates profile in the console and Dell Command | Update must be installed on the devices.

OEM Updates

Live Demo: Automatic OEM Updates

Custom Inventory and Scripting• Run scripts and queries in real-time

• Make edits to the scripts in-line

• Admins can collect any device property and report on it in real time

• Inclusion in smart groups for dynamic targeting

• Expand to new query types for Dell BIOS

• Integrate with Intelligence APIs to invoke sensor through automations

• Create a community library on code.vmware.com for pre-defined sensors

Workspace ONE Sensors

• Allow admins to define and configure different sensor queries and target specific devices

• Write or upload scripts in-place within the console.

• Define multiple query types of PowerShell and Dell BIOS queries

• Define dynamic membership of devices in smart groups based on the attribute values.

• Choose datatypes for device response so they can be compared to other data

Reporting/Dashboards via Intelligence

Workspace ONE

Intelligence

Aggregate Correlate Insights Automate

INGESTION DECISIONS

APTELIGENT

HORIZON

REPORTS

DASHBOARDS

NOTIFICATIONS

ACTIONS

NETWORK

PARTNERS

Demo: Reporting, Dashboards and

Automation

Demos• https://youtu.be/3OOap0qQOM

• https://vmwarelearningzone.vmware.com/oltpublish/site/cms.do?view=openlearning

Hands-on-Labs• http://labs.hol.vmware.com/HOL

/catalogs/catalog/878

• Beginners: HOL-1857-01-UEM -Getting Started

• Advanced: HOL-1857-02-UEM -Unified Endpoint Management for Windows 10

Sign up to VMware TestDrive: • https://portal.vmtestdrive.com/

TestDrive Getting Started Guide: • https://kb.vmtestdrive.com/hc/en-

us/articles/360001372254-Getting-Started-with-TestDrive

Workspace ONE for Windows 10 Walkthrough Guide:

• https://kb.vmtestdrive.com/hc/en-us/articles/360001152734-Experience-Workspace-ONE-on-Windows-10

POC: Workspace ONE Windows 10 Reviewers Guide:

• https://techzone.vmware.com/resource/reviewers-guide-windows-10-unified-endpoint-management-airwatch

Deployment: Professional Services Use Case Add-on for Windows 10:

• https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/datasheet/vmware-workspace-one-airwatch-service-add-on-use-case-datasheet.pdf

Learn Workspace ONE modern management for Windows 10

Test Drive Workspace ONE on your Windows 10 devices

Get Started on Your POC or Deployment

You’ve got questions, we got answers… hopefully

Modern BIOS Management from the Cloudfiles.informatandm.com/uploads/2018/10/Modern_BIOS...“Modern...

Documents

Transcript of Modern BIOS Management from the Cloudfiles.informatandm.com/uploads/2018/10/Modern_BIOS...“Modern...

New Employee Onboarding Onboarding Basics · NEW EMPLOYEE ONBOARDING: ONBOARDING BASICS The University of Wisconsin-Madison is committed to supporting new employees in their successful

Welcome and Onboarding Packet · 2020-07-07 · 1 IPC Design Welcome and Onboarding Packet Revision 06012020 Dear design professional; The foundation of every modern electronic device

MDM Presentation Copyright © 2010 Page : 1. Agenda MDM Presentation Copyright © 2010 Page : 2 Show some slides about MDM Talk about MDM Answer some questions.

The Guide to Modern Employee Onboarding · An effective onboarding program is the number one factor in increasing productivity, keeping employees engaged and retaining talent in the

Smart Onboarding... · 2017-06-28 · Smart Onboarding ™ smartonboardingcom Smart Onboarding has helped millions o people successuly oin their organiation Smart Onboarding® Automate

SECURE BUSINESS TRANSFORMATION THROUGH MDM · AGENDA 3 1. Need for Mobile Device Management (MDM) 2. MDM Implementation 3. MDM Benefits and Lessons Learned 4. Next Steps with MDM

MDM-AGIDMP SOLUTION FOR IDMP COMPLIANCE - · PDF fileIDMP Eg. SAP MDM, Informatica MDM • Medicinal Product IDs, Pharmaceutical Product IDs are auto-populated with ... MDM-AGIDMP

Onboarding: A Primer to Effective Onboarding

(Version 10.2) Informatica MDM Multidomain Edition Documentation/5/MDM… · (Version 10.2) Informatica MDM Multidomain Edition ... Informatica

MDM for the Modern Data Architecture · Data Lake is the Center of Your MDM Strategy Ingestion of all data available from any source, format, cadence, structure or non-structure ELT

HR Onboarding Solution - Kofax · PDF fileWhat is the HR Onboarding Solution? Effective employee onboarding software can simplify your HR (Human Resources) onboarding process with

Taleo Enterprise Taleo Onboarding Configuration Guide€¦ · Configuration Guide Taleo Onboarding FP11B 5 Onboarding Overview Understanding the Onboarding Process An onboarding process

Essential Guide to Modern Sales Onboarding · 2020-05-12 · Essential Guide to Modern Sales Onboarding | 5 But this doesn’t mean you should abandon traditional training methods.

What you need to know to create an effective modern ... … · technology, how to implement it effectively. What is onboarding? Onboarding is the process where new hires are integrated

Onboarding a New Employeehelp.teamsoftware.com/...Admin-OnBoarding-Process.pdfEmployee Completes Registration, Onboarding Interview and eSigns. Please see link provided to the . Onboarding

EOTSS Intune MDM Support: Microsoft Intune MDM install for ...

Onboarding Program What Is Onboarding?

Onboarding...• Onboarding will follow a successful candidate background investigation • Recruiters will manually initiate onboarding in by moving candidates to an . Onboarding

Onboarding Programme PCB-v3 - Mreža za izgradnju mira · Onboarding Programme. . At our modern training centres we provide accommodation and meals, in addition to your salary. We

MDM 2.0 Scenario: The Convergence of MDM & Data … Data Mgmt Solution ... (brand/architecture/platform) MDM 2.0 scenario: convergence of MDM & data governance