SCCM 2012 Features and Benefits
description
Transcript of SCCM 2012 Features and Benefits
SCCM 2012Features and Benefits
Or: How I learned to stop worrying and love Centralized Administration
System Centre Configuration Manager 2012• Unified Device Management• User Centric Application Delivery• Operating System Deployment• Software Updates• Integrated Endpoint Management• Configuration Compliance• Power Management• Role Based Administration• Software Metering, Asset Intelligence• Other features
2003
20122012
2011
2007
1999 SMS 2.0
1994SMS 1.0
Evolution of Microsoft Client Management
Client Management Infancy (NT Domain) Groups Model Comprehensive
Management
Laptops, Servers,
Enterprise Scale
Consumerization of IT
Management from the
Cloud
Unified Device Management
Me
Mac OS X
Windows PCs(x86/64, Intel SoC),
Windows to GoWindows Embedded
Single AdminConsole
Windows RT, Windows Phone 8
iOS, Android
Linux
System Centre Configuration Manager 2012 R2
Mac SupportSupported Releases: Mac OS X 10.6 (Snow Leopard), Mac OS X 10.7 (Lion), Mac OS X 10.8 (Mountain Lion)
Discovery Discovers Mac OS X system in Active Directory and through network discovery
Hardware/Software Inventory Provides hardware inventory and auditing of computers running Mac OS X, including a list of installed software similar to add/remove programs for Windows systems.
Settings Management Ensures computers running Mac OS X comply with company policies, i.e. patches and installed software
Application DeploymentDistributes required software via app model.
Software Updates ManagementDistributes patches utilizing Software Distribution and Settings management features.
Linux & UNIX SupportSupported Platforms: AIX, HP-UX, Red Hat Enterprise, Solaris, SUSE Enterprise
Hardware InventorySoftware InventorySoftware DeploymentConsolidated reports
User-centric Application DeliveryAdministrator
Delivery Evaluation Criteria• User• Device type• Network connection
User/Device RelationshipsPrimary Devices• MSI• App-VNon-primary Devices• VDI• Presentation Server• Remote Desktop
• Deliver best user experience on each device• Define application once
< >
Windows Embedded
User-centric Application DeliveryEnd User Self-service
Admin
Administrators publish software titles to catalog, complete with meta data to enable search• Deliver best user experience
on each device
Users can browse, select and install directly from Catalog• Application model determines
format and policies for deliveryUse
r
User Centric: End-User Experience“The Right End-User Experience”
Web based ‘Software catalog’Easily search, install or request software
User preferences to control ConfigMgr behaviors:
“My business hours” – used to control when to install softwarePresentation mode – don’t notify when presentingRemote control settings – when allowed, end user can control their experience
Application “Package”
User-centric Application DeliveryNew Application Model
Keep your apps organized and managed
App-V
Windows Script
CAB
Windows Installer
General InformationAdministrator Properties
End User Metadata The “friendly” information for your users (appears in Catalog)
Is app installed?
Deployment TypeDetection Method
Install Command
Requirement Rules
Dependencies
Supersedence
Command line and options
Can/cannot install app
Apps that must be present
Application version control
< >
User-centric Application Delivery cont.Manage applications with built-in mechanisms; not scriptsApplication Management:
Detection method – re-evaluated for presence:Required application – reinstall if missingProhibited application – uninstall if detected
Requirement rules – evaluated at install time to ensure the app only installs in places it can, and shouldDependencies – relationships with other apps that are all evaluated prior to installing anythingSupersedence – relationships with other apps that should be uninstalled prior to installing anythingUpdate an app – Automatic revision management
Client Settings
Application Delivery
End User Experience
DEMO
Operating System DeploymentNo-Touch, Manual or Lite-Touch imaging
Scheduled imaging for after-hoursNo more Sneaker-netOn-the-fly software and updates deployment
Deploy an image then update the software and/or OSStanding Advertisements
Offline Servicing of ImagesSupport for Component Based Servicing compatible updatesUses updates already approved
Full support for Windows 8, 8.1, Server 2012, 2012 R2
Security and ComplianceSoftware Updates
Auto Deployment RulesUse search criteria to identify class of updates to automatically deploy: category, products, language, date revised, article id, bulletin id, etc.Schedule content download and deployment based on sync schedule or define a separate schedule per ruleDeploy updates individually or in groupsUpdates added to an update group automatically deploy to collections targeted with the group
Security and ComplianceEndpoint Protection
Unified Infrastructure• Simplified server
and client deployment• Streamlined updates• Consolidated reporting
Comprehensive Protection Stack• Behavior monitoring• Antimalware• Dynamic Translation• Windows and Firewall
Management
ConfigMgr MP
Security and ComplianceSettings Management (Desired Configuration Management)
Baseline ConfigMgr Agent
WMI XML
Registry IISMSI
Script SQL
SoftwareUpdatesFile
ActiveDirectory
Baseline Configuration Items
Auto RemediateOR
Create Alert (to Service Manager)!
Improved functionality• Copy settings• Trigger console alerts• Richer reporting
Enhanced versioning and audit tracking• Ability to specify versions to be used in baselines• Audit tracking includes who changed what
Pre-built industry standard baseline templates through IT GRC Solution Accelerator
Assignment to collections Baseline drift
Power Management• Create and manage power management
profiles• Enforce profiles based on usage statistics
• Different profiles “On Peak”, “Off Peak”• Create reports showing usage data and
power savings• Users can “opt-out” (if we let them)
Week 1: Monitor•Enable client management agent•Begin monitoring usage and activity
Power Management
Non-Peak & Peak
Week 2: Plan•Continue monitoring on usage and activity•Begin to develop Power Plan•VM awareness (new compared to 2007)•Copy power policies (new compared to 2007)Mid-Month:•Power Plan has been confirmed
Week 3: Apply Power policy•Begin applying Power Plan•End user opt-out (new compared to 2007)
Week 4: Compliance & Analyze•Review before and after usage and activity•Determine savings in Kwh and Co2 saved
Role Based Administration
John- IST Central System Administrator
Louis-Software Update Manager for France
Bob- US & France Security Admin
• Can see & update “France” desktops
• Cannot modify security settings on “France” desktops
• Cannot see “All Systems” or “U.S.” desktops
• Can see & modify security settings on “France” and “U.S.” desktops
• Cannot update “France” or “U.S.” desktops
• Cannot see “All Systems”
Map the faculty roles to defined security roles
• Applications Manager• OSD Manager• Updates Manager• Only “see” the computers and objects
they can manage
Reduces error, defines span of control for our environment
Asset Intelligence, Inventory, and Software Metering
Software Metering & License Reports Asset Intelligence Service
Asset Intelligence Catalog
Real-time Applicationand Hardware Intelligence
• Track application usage• Up to date, detailed inventory of both
hardware and software• Identify over or under licensing issues
ConfigMgr Inventory
Remote Control• What's New in Remote
Control• Ability to send Ctrl-Alt-Del
keystroke to host device• Granular client settings per
collection• Lock keyboard and Mouse• Ability to create Firewall
exception rule
Exchange Connector Integration• Easy configuration
• Simply enter exchange server/hosted URL and credentials• Inventory
• Pulls data from Exchange Server• Full and fast/delta synchronization• Key info: user, deviceID, device type, last contact time
• Policy• Parity with exchange: security, sync, device lockdown• Define globally per Exchange Server
• Wipe• Wipe a device from console action
Reduced Infrastructure RequirementsCentral Administration Site• Central primary site
administration • Reporting
Primary Sites• Client management and settings • Delegated administration
Secondary Sites• Content routing• Distribution points
Central Administration
Site
Primary Site Primary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Our Infrastructure
Primary Site• Client management and settings • Delegated administration
Secondary Sites (As required)• Content routing• Distribution points
Primary Site
Secondary Site
Client Computer
Client Computer
Client Computers• Directly Assigned• Report to Primary Site