CLOUD OS WEEK People Centric IT Unified Device Management with SCCM + Windows Intune.
-
Upload
gerald-evitt -
Category
Documents
-
view
218 -
download
1
Transcript of CLOUD OS WEEK People Centric IT Unified Device Management with SCCM + Windows Intune.
CLOUD OS WEEK People Centric IT
Unified Device Management with SCCM + Windows Intune
ALL ABOUT YOU!
Raphael Perez, MVP: Enterprise Client Management, MCT
System Center consultant, specialized in SCCM & related technologies (ie. Windows Deployment, automation, patch management, etc)
- Ex-Developer
- SCCM Book Author
- TheDesktopTeam Community leader
http://www.thedesktopteam.com
@dotraphael | http://uk.linkedin.com/in/dotraphael/
AGENDA
The Story so far…
Cloud-only or Unified?
Unified Device Management
Work from Anywhere
Registering and Enrolling Devices
User-centric Application DeliveryAdministration
Protect your DataHelp protect corporate information and manage risk
Demo
Unified Device Management Recap
THE STORY SO FAR…
April 2012
June 2012
September 2012
December 2012
June 2013
• App sideloading for iOS, EAS support
• Selective Wipe
• Granular Device Settings
• Corporate Portal
• Certificate, VPN, Wi-Fi Provisioning
Preview
• Work Folders
• Workplace Join
• Web Application Proxy
Preview
• User-centric application delivery
• MDM via EAS
• Unified management
• MDM for Windows RT, Windows Phone 8, iOS
• Mac OS X support
• RDS and RDP8.0 improvements
• Dynamic Access Control
• DA/RRAS
SP1
THE STORY SO FAR…
2014
• Windows Intune Extensions
• Windows Phone 8.1 Enterprise Features
• Email profile
CLOUD-ONLY OR UNIFIED?
Cloud-based ManagementStandalone Windows Intune
No existing Configuration Manager deploymentSimplified policy controlLess than 7,000 devices and 4,000 usersSimple web-based administration console
Unified Device ManagementSystem Center 2012 R2 Configuration
Manager with Windows IntuneBuild on existing Configuration Manager deploymentFull PC management (OS Deployment, Endpoint Protection, application delivery control, rich reporting)Deep policy control requirementsScale to 100,000 devicesExtensible administration tools (RBA, PowerShellSQL Reporting Services)
UNIFIED DEVICE MANAGEMENT
Governance Full ControlLightweight Control
Windows Phone 8.1
Windows RT 8.1
Windows 8.1
Exchange ActiveSync
OMA-DMMobile Device Management
Active DirectoryGroup Policy
System Center
Allow e-mail access
BYOD-style management
Fully-managed corporate device
UNIFIED DEVICE MANAGEMENT
IT
Mac OS X
Windows PCs(x86/64, Intel SoC),
Windows to GoWindows Embedded
Windows RT, Windows Phone 8
iOS, Android
Single AdminConsole
WORK FROM ANYWHERE
10
IT can publish access to resources with the Web Application Proxy based on device awareness and the users identity
IT can provide seamless corporate access with DirectAccess and automatic VPN connections.
Users can work from anywhere on their device with access to their corporate resources.
Users can register devices for single sign-on and access to corporate data with Workplace Join
Users can enroll devices for access to the Company Portal for easy access to corporate applications
IT can publish Desktop Virtualization (VDI) for access to centralized resources
Remote Access
Web Application Proxy
RD Gateway
Web Apps
Files
LOB Apps
Session host VDI
REGISTERING AND ENROLLING DEVICES
IT can publish access to corporate resources with the Web Application Proxy based on device awareness and the users identity. Multi-factor authentication can be used through Windows Azure Active Authentication.
Users can register BYO devices for single sign-on and access to corporate data with Workplace Join. As part of this, a certificate is installed on the device
Users can enroll devices which configure the device for management with Windows Intune. The user can then use the Company Portal for easy access to corporate applications
As part of the registration process, a new device object is created in Active Directory, establishing a link between the user and their device
Data from Windows Intune is sync with Configuration Manager which provides unified management across both on-premises and in the cloud
Web Application Proxy
ADFS
USER-CENTRIC APPLICATION DELIVERYADMINISTRATION
Delivery Evaluation Criteria
• User• Device type• Network connection
User/Device Relationships
Primary Devices• MSI• App-V• Windows 8 Apps• Windows 8 Apps in the Windows
StoreNon-primary Devices• VDI• Remote Desktop
PROTECT YOUR DATAHELP PROTECT CORPORATE INFORMATION AND MANAGE RISK
Personal Apps and
Data
Lost or Stolen
Company Apps and Data
Remote App
Centralized Data
Enrollment
Retired
Company Apps and Data
Remote App
Policies
Policies
Lost or Stolen
Company Apps and Data
Remote App
Policies
Personal Apps and
Data
Retired
Personal Apps
and Data
DEMO
UNIFIED DEVICE MANAGEMENT RECAP
Unregistered Registered MDM Enrolled Fully Managed
Publish email to users (EAS) Yes Yes Yes Yes
Publish work folders to users Yes Yes Yes Yes
Conditional access based on user, device, location
Block device only Yes Yes Yes
Audit logging and monitoring Yes Yes Yes
Unified Device Management Yes Yes
Unified Application Management Yes Yes
Selective data wipe Yes Yes
Compliance reporting Yes Yes
Group Policy and login scripts Yes
OS deployment and imaging Yes
Configuration management Yes
Patch management Yes
Anti malware management Yes
Full application management Yes
BitLocker management Yes
Raphael Perez, MVP: Enterprise Client Management, MCT
http://www.thedesktopteam.com
@dotraphael | http://uk.linkedin.com/in/dotraphael/
Cloud OS website http://www.microsoft.com/en-us/server-cloud/cloud-os/default.aspx#fbid=h40PL5JDtJG
Find out more about the MVP community https://mvp.microsoft.com/en-US/default.aspx
PLEASE END THE VIDEO WITH:
- Your contact details
- Link to the Cloud OS website http://www.microsoft.com/en-us/server-cloud/cloud-os/default.aspx#fbid=h40PL5JDtJG
- Link to your User Group
- # for Twitter
- Find out more about the MVP community https://mvp.microsoft.com/en-US/default.aspx