Presentation is loading. Please wait.

Presentation is loading. Please wait.

Empowering people-centric IT Mobile Device and Application Management Access and information protection Desktop Virtualization Hybrid Identity.

Published byClinton York Modified over 8 years ago

Similar presentations

Presentation on theme: "Empowering people-centric IT Mobile Device and Application Management Access and information protection Desktop Virtualization Hybrid Identity."— Presentation transcript:

1

2

3 Empowering people-centric IT Mobile Device and Application Management Access and information protection Desktop Virtualization Hybrid Identity

4

5

6 Apps Users Data Devices

7 Enable users Access to company resources consistently across devices Simplified registration and enrollment of devices Synchronized corporate data Unify your environment On-premises and cloud-based management of devices within a single console. Simplified, user-centric application management across devices Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles Protect your data Protect corporate information by selectively wiping apps and data from retired/lost devices A common identity for accessing resources on-premises and in the cloud Identify which mobile devices have been compromised √

8 Empower users Allow users to work the device of their choice and provide consistent access to corporate resources. Users can work from anywhere on their devices with access to their corporate resources. Users can register devices for single sign on, and access to corporate data, with Workplace Join. IT can publish access to resources with the web application proxy based on device awareness and the users identity. IT can provide seamless corporate access. Users can enroll devices for access to the company portal for easy access to corporate applications. IT can publish desktop virtualization resources for access to centralized resources. Firewall

9

10

11

12 OS PlatformManagement AgentEnd User Experience Windows 8.1 PCConfigMgr Agent Or Management Agent (OMA-DM) Software Center/Application Catalog Windows Company Portal app Windows PC (Win8,Win7,Vista,XP) ConfigMgr AgentSoftware Center/Application Catalog Windows RTManagement agent (OMA-DM)Windows Company Portal app Windows Phone 8Management agent (OMA-DM)Windows Phone 8 Company Portal app iOSApple MDM ProtocoliOS Company Portal app AndroidCompany Portal MDM agent (OMA-DM) Android Company Portal app MacConfigMgr AgentLimited self service experience Linux/UnixConfigMgr AgentN/A

13

14 Device object created upon enrollment. Automatic sync of content between Configuration Manager and Intune Web Application Proxy ADFS

15 CategoryWindows 8.1 PC & RT Windows Phone 8/8.1 iOSAndroid VPN Wi-Fi Certificates Password (*) (*) Device restrictions (*) (*) Store access Browsers (*) Content Rating Cloud Sync (*) Encryption (*) Security (*) Roaming (*) Windows Server Work Folders

16 Wi-Fi settings Manage and distribute certificates Root Certificates SCEP Certificates Provision networks Setup certificate based authentication

17 Support for major SSL VPN vendors DNS name-based initiation support for Windows 8.1 and iOS Application ID based initiation support for Windows 8.1 Automatic VPN connection Support for VPN standards like PPTP, L2TP, IKEv2 Cisco, Juniper, Check Point, Microsoft, Dell SonicWALL, F5 Windows RT Support*

18 Sync files and data across devices Full Support for CM and Intune New settings to help provision the work folder discovery settings Self-service portals have links to work folders New feature in Windows 8.1 client and Windows Server 2012 R2

19 Personal Apps and Data Lost or Stolen Company Apps and Data Remote App Centralized Data Enrollment Retired Company Apps and Data Remote App Policies Lost or Stolen Company Apps and Data Remote App Policies Personal Apps and Data Retired Personal Apps and Data IT can provide a secure and familiar solution for users to access sensitive corporate data from anywhere with VDI and RemoteApp technologies. Users can access corporate data regardless of device or location with Work Folders for data sync and desktop virtualization for centralized applications. Selective wipe removes corporate applications, data, certificates/profiles, and policies as supported by each platform Full wipe if supported by each platform Can be executed by IT or by user via Company Portal Sensitive data or applications can be kept off device and accessed via Remote Desktop Services

20

21

22 Windows RT Windows 8 Windows Store Firewall Corporate Applications

23

24

25

26

27 MP DP Windows Azure Distribution Point Microsoft Update Policy Content Firewall Corporate Network

28

29 Central Administration Site Scale Support multiple primary sites Future proofing your hierarchy (SP1) Primary Sites Client assignment (up to 100k) Reduce impact of a primary site failing Political reasons Delegated administration Different client agent settings Language packs DMZ/Internet Facing Untrusted forests (new in R2) Secondary Sites Content fan-out Manage upward flow of WAN traffic Content routing Throttling (now in Distribution Points) Reasons Why Obsolete Reasons Distribution Points Distribute Content Branch Distribution Points

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44 Admin is notified that an extension is available when console is launched Admin goes to Extensions for Intune in console, and enables the extension Extension is activated in ConfigMgr (Extension is downloaded to CAS and then installed on database) Admin restarts console, and console is updated with the extension Admin uses feature delivered by the extension Admin may wish to disable the extension

45

46 Looking back… October 2013 Depth of settings Native Company Portal for iOS and Android App managemen t Certificates, VPN/WiFi profiles January 2014 Standalone MDM Email Profiles/Wip e iOS 7 Data Protection Settings Remote Lock/PIN Reset May 2014 Windows Phone 8.1 Support Samsung KNOX Standard Support Remote to My PC for iOS and Android

47 Managed Corporate-owned Devices Enable IT to bulk enroll devices Device management focused on task-worker scenarios Conditional Access Policy Provide access to email and documents only if device is managed Exchange and OneDrive for Business Managed Mobile Productivity and Data Protection Managed Office Mobile Apps App Wrapper for existing iOS, Android apps Protected web browser Managed PDF, audio, video viewers Q4 Roadmap

48 Bulk Enrollment Support for Apple Device Enrollment Program and Apple Configurator Service account enrollment Configuration Policies Device lockdown through supervisor mode Policies and apps targeted to devices Application install allow/deny list URL allow/deny

49 MOWA Native E-mail Browser LoB for Business LoB

50 Conditional Access Policy Access email and documents only if device is managed Deny access if device falls out of compliance Deploy certificates and Wi-Fi, VPN profiles Configure email profiles across devices Mobile App & Data Protection Contain corporate data to corporate apps and services Push, publish and uninstall apps centrally Provision iOS managed apps and accounts App wrapper for protected internal LoB apps Provide access to internal resources via per-app VPN Protected web browser, PDF, audio, video Selective wipe for managed apps and documents

51

52

53

54

55

56 Enable users Access to company resources consistently across devices Simplified registration and enrollment of devices Synchronized corporate data Unify your environment On-premises and cloud-based management of devices within a single console. Simplified, user-centric application management across devices Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles Protect your data Protect corporate information by selectively wiping apps and data from retired/lost devices A common identity for accessing resources on-premises and in the cloud Identify which mobile devices have been compromised √

57 Hybrid Identity Management Mobile Device Management Data Protection Group management & Self Service Password Reset Security audit reports & MultiFactor Authentication Connection between AD / Azure AD Information protection Connection to on-premises assets Mobile device settings management Mobile app management Selective wipe Enterprise Mobility Suite Enterprise Agreement Prices starting at $4 per user per month* * Limited time EA Level A promo pricing. Requires 250 seat minimum purchase and underlying CAL Suite license (CoreCAL/ECAL/BridgeCAL) EMS will enable customers with:

58 CodeTitleTime PCIT-B215What's New in Microsoft System Center 2012 R2 Configuration Manager InfrastructureMon, May 12 3:00 PM PCIT-B410Microsoft System Center 2012 Configuration Manager: MVP Experts PanelMon, May 12 4:45 PM PCIT-B216Infrastructure Deployment for Mobile Device Management with Microsoft System Center Configuration Manager and Windows Intune Tue, May 13 8:30 AM PCIT-B317Enrollment and Management of Mobile Devices with Microsoft System Center Configuration Manager and Windows Intune Tue, May 13 1:30 PM PCIT-B320Microsoft System Center Configuration Manager Community JewelsTue, May 13 5:00 PM PCIT-B323Application Management with Microsoft System Center Configuration Manager and Windows IntuneWed, May 14 8:30 AM PCIT-B325Protecting Your Corporate Data with Microsoft System Center Configuration Manager and Windows Intune Wed, May 14 10:15 AM PCIT-B340What’s New with OS Deployment in Configuration Manager and the Microsoft Deployment ToolkitWed May 14 5:00 PM PCIT-B336Managing Mac OS X Clients and Linux Servers Using Microsoft System Center Configuration ManagerThu May 15 8:30 AM PCIT-B339How Microsoft IT Manages Their Microsoft System Center Configuration Manager Application Lifecycle with Zero Touch Thu, May 15 10:15 AM PCIT-B333How Microsoft IT Solves BYOD Using Microsoft System Center 2012 R2 Configuration Manager and Windows Intune Thu, May 15 1:00 PM

59 SessionTitleTimeslot FDN02Enabling Enterprise Mobility with Windows Intune, Microsoft Azure, and Windows ServerMonday, May 12 11:00 AM - 12:00 PM PCIT-B212Design Considerations for BYODTuesday, May 13 10:15 AM - 11:30 AM PCIT-B213Access Control in BYOD and Directory Integration in a Hybrid Identity InfrastructureWednesday, May 14 3:15 PM - 4:30 PM PCIT-B310Empowering Your Users and Protecting Your Corporate DataMonday, May 12 1:15 PM - 2:30 PM PCIT-B313Hybrid Identity: Extending Active Directory to the CloudMonday, May 12 4:45 PM - 6:00 PM PCIT-B314Understanding Microsoft’s BYOD Strategy and an Introduction to New Capabilities in Windows Server 2012 R2 Tuesday, May 13 8:30 AM - 9:45 AM PCIT-B321Deploying the New RMS for Cloud-Friendly and Cloud-Reluctant CustomersTuesday, May 13 5:00 PM - 6:15 PM PCIT-B322Deploying and Managing Work FoldersWednesday, May 14 10:15 AM - 11:30 AM PCIT-B324How to Rapidly Design and Deploy an Active Directory Federation Services Farm: The Do's and the Don'ts Wednesday, May 14 8:30 AM - 9:45 AM PCIT-B326Providing SaaS Single Sign-on with Microsoft Azure Active DirectoryThursday, May 15 10:15 AM - 11:30 AM PCIT-B327Introducing Web Application Proxy in Windows Server 2012 R2: Enable Work from Anywhere Wednesday, May 14 3:15 PM - 4:30 PM PCIT-B328Microsoft Identity Manager vNext OverviewWednesday, May 14 5:00 PM - 6:15 PM PCIT-B330Active Directory + BYOD = Peace of MindThursday, May 15 8:30 AM - 9:45 AM

60 CodeTitleTime PCIT-IL200Introduction to Microsoft System Center 2012 R2 Configuration ManagerMon, May 12 3:00 PM Wed, May 14 5:00 PM PCIT-IL201Upgrading from Configuration Manager 2012 SP1 to Microsoft System Center 2012 R2 Configuration ManagerThu, May 15 10:15 AM PCIT-IL300Deploying Windows 8.1 to Bare Metal ClientsWed, May 14 1:30 PM Thu, May 15 1:00 PM PCIT-IL305Basic Software Distribution with Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 5:00 PM Wed, May 14 3:15 PM PCIT-IL306Implementing Endpoint Protection in Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 10:15 AM Thu, May 15 8:30 AM PCIT-IL307Managing Microsoft Software Updates in Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 1:30 PM Wed, May 14 8:30 AM PCIT-IL308Migrating from Configuration Manager 2007 to Microsoft System Center 2012 R2 Configuration ManagerWed, May 14 10:15 AM

61 CodeTitle PCIT-H302Deploying a Microsoft System Center 2012 R2 Configuration Manager Hierarchy PCIT-H303Deploying Microsoft System Center 2012 R2 Configuration Manager PCIT-H304Deploying Windows 8.1 to Bare Metal Clients PCIT-H309Implementing App-V 5.0 in Microsoft System Center 2012 R2 Configuration Manager PCIT-H310Implementing Endpoint Protection in Microsoft System Center 2012 R2 Configuration Manager PCIT-H311Implementing Linux Clients in Microsoft System Center 2012 R2 Configuration Manager PCIT-H312Implementing Role-Based Administration in Microsoft System Center 2012 R2 Configuration Manager PCIT-H314Managing Clients with Microsoft System Center 2012 R2 Configuration Manager PCIT-H315Managing Content in Microsoft System Center 2012 R2 Configuration Manager PCIT-H316Managing Software Updates in Microsoft System Center 2012 R2 Configuration Manager

62 www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

63

64

65

Download ppt "Empowering people-centric IT Mobile Device and Application Management Access and information protection Desktop Virtualization Hybrid Identity."

Similar presentations

User and Device Management Tomáš „Kanty“ Kantůrek

User and Device Management Tomáš „Kanty“ Kantůrek
People Centric IT Unified Device Management with SCCM + Windows Intune

People Centric IT Unified Device Management with SCCM + Windows Intune
Identity Manager vNext

Identity Manager vNext
Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.

Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.
Meraki Mobile Device Management

Meraki Mobile Device Management
Plan Build Custom Image (Drivers, Apps, Updates) New Hardware In-Place (Refresh) WipeReimage New Windows Version or Major Image Revision.

Plan Build Custom Image (Drivers, Apps, Updates) New Hardware In-Place (Refresh) WipeReimage New Windows Version or Major Image Revision.
SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.

SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Microsoft Ignite /16/2017 3:59 PM

Microsoft Ignite /16/2017 3:59 PM
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.

What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.
Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.

Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.

Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.
Overview of Azure Active Directory for app access Integration with third party SaaS apps User provisioning and federation.

Overview of Azure Active Directory for app access Integration with third party SaaS apps User provisioning and federation.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Primary Site User Discovery Network Share Enrollment Point Enrollment Proxy Point Microsoft CA Management Point Distribution Point Domain username.

Primary Site User Discovery Network Share Enrollment Point Enrollment Proxy Point Microsoft CA Management Point Distribution Point Domain username.

Similar presentations

Ads by Google