1 / 32

Desktop and Device Management Andy Taylor – Andy.Taylor@microsoft

Desktop and Device Management Andy Taylor – Andy.Taylor@microsoft.com Susan Smith – Susan.Smith@microsoft.com. Agenda. Introduction System Center 2012 Configuration Manager Windows Intune Close. System Center 2012 Configuration Manager. SYSTEM CENTER 2012 CONFIGURATION MANAGER.

tyne
Download Presentation

Desktop and Device Management Andy Taylor – Andy.Taylor@microsoft

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Desktop and Device Management Andy Taylor – Andy.Taylor@microsoft.com Susan Smith – Susan.Smith@microsoft.com

  2. Agenda Introduction System Center 2012 Configuration Manager Windows Intune Close

  3. System Center 2012 Configuration Manager

  4. SYSTEM CENTER 2012 CONFIGURATION MANAGER Empower Users Unify Infrastructure Simplify Administration Empower people to be more productive from almost anywhere on almost any device. Reduce costs by unifying IT management infrastructure. Improve IT effectiveness and efficiency.

  5. NEED FOR NEW APPLICATION MODEL Your end-users are changing – and apps are what they use to do work • Ultra mobility • Lots of devices • New generation with new expectations Your apps are changing • AppV • SaaS • Datacenter hosted (VDI, remote/seamless apps) • Mobile apps/catalogs Traditional Model User Centric Model Management Server

  6. Application Model • Manage applications; not scripts • Application Management: • Detection method – re-evaluated for presence: • Required application – reinstall if missing • Prohibited application – uninstall if detected • Requirement rules – evaluated at install time to ensure the app only installs in places it can, and should • Dependencies – relationships with other apps that are all evaluated prior to installing anything • Supersedence – relationships with other apps that should be uninstalled prior to installing anything • Update an app – Automatic revision management

  7. 7 Mobile Device Management Light Management • EAS-based policy delivery • Discovery and inventory • Settings policy • Remote Wipe NOKIA • Secure over-the-air enrollment • Monitor and remediate out-of-compliance devices • Deploy and remove applications • Inventory • Remote wipe Depth Management • (WinCE 5.0, 6.0; Windows Mobile 6.0, • 6.1, 6.5.x)

  8. DEMO APPLICATION MANAGEMENT

  9. WHAT IS USER DEVICE AFFINITY (UDA)? • Key feature to help move to User Centric Application Deployment • Provides the ability to define a relationship between a user and a device, then leverage this in app deployment • Ensure the application is not installed everywhere the user logs on • Change the “deployment type” based on UDA • Predeploy to systems when the user is not logged in for workgroup and after-hours deployments • Configuration Manager 2012 supports: • Single primary user to primary device • Multiple primary devices per user • Multiple primary users per device < Windows Embedded

  10. APPLICATION CATALOG • Administrators publish software titles to catalog, complete with meta data to enable search • Deliver best user experience on each device IT • Users can browse, select and install directly from Catalog • Application model determines format and policies for delivery User

  11. DEMO INSTALLING SOFTWARE FROM APPLICATION CATALOG

  12. SIMULATE APPLICATION • Goal – build trust in moving to state based dynamic applications • Did I do detection method right? Did I get rules/relationships right? What will my deployment type mix be? • What it does - runs application as required in “rules only” mode • No content download, no execution of deployment type • Results – what would the system have done? • Processes detection method, requirement rules, dependencies and supersedence • Does NOT simulate the install! • Guidance • Run for an app, then delete – these rules are processed ongoing and will impact scale/perf • It’s a REAL piece of policy – so may collide with other inflight policies • Preflight deploy a superseding application – may have impact on user experience and compliance reporting

  13. DEMO SIMULATE APPLICATION DEPLOYMENT

  14. SIMULATE DEPLOYMENT GRAPH

  15. Role-Based Administration • Central management for security • Role-Based Administration lets you map the organizational roles of your administrators to defined security roles: • Removes clutter from the console • Supports “Show me what’s relevant to me” based on my Security Role and Scope

  16. CLIENT STATUS Goal -> Enable Administrators to monitor the activity and status of ConfigMgr client computers in their hierarchy. Following two methods have been used to evaluate the overall status of client computers they are managing • Client Activity: Monitored from the Server:Configure thresholds to determine if a client is active • Client Check: Monitored from the Client:A client evaluation engine is installed with the ConfirMgr client, which periodically evaluates its health and state of dependencies. This engine can also remediate some problems with the client.

  17. SOFTWARE UPDATES • Auto Deployment Rules • Use filter to identify class of updates to automatically deploy: category, products, language, date revised, article id, bulletin id, etc. • Schedule content download • State-based Update Groups • Deploy updates individually or in groups • Updates added to an update group automatically deploy to collections targeted with the group

  18. SYSTEM CENTER 2012 ENDPOINT PROTECTION Easy to setup and operate the management infrastructure Unified Infrastructure Simplified deployment of antimalware policies Automated deployment of updates using ConfigMgr infrastructure Easy client install and migration Reduce the cost of maintaining secure endpoints with unified management and security infrastructure

  19. SETTINGS AND COMPLIANCE MANAGEMENT ConfigMgrMP Baseline ConfigMgr Agent Auto Remediate OR Create Alert Deploy baselines to collections Baseline drift ! • Improved functionality • Copy settings • Trigger console alerts • Richer reporting • Enhanced versioning and audit tracking • Ability to specify versions to be used in baselines • Audit tracking includes who changed what • Pre-built industry standard baseline templates through IT GRC Solution Accelerator Baseline Configuration Items Active Directory Script WMI XML SQL File Software Updates Registry MSI IIS

  20. REPORTING EXPERIENCES Report Manager (Web) Report Viewer (in-console)

  21. REMOTE CONTROL • What's New in Remote Control • Ability to send Ctrl-Alt-Del keystroke to host device • Able to traverse the all Windows Secure Desktop modes • Winlogon, SAS, UAC, Locked screen, • Granular client settings per collection • Lock keyboard and Mouse • Ability to create Firewall exception rule • Ccmeval monitors and remediates Remote Control Service

  22. Unified Management; On-Premise and from the Cloud Active Directory

  23. Windows Intune WINDOWS INTUNE

  24. MANAGE, SECURE PCS AND DEVICES ANYWHERESimple Web-Based Administration Console and a friendly IW experience • Help protect PCs from malware • Manage updates • Distribute and consume software • Proactive monitoring and alerts • Provide remote assistance • Inventory hardware and software • Monitor & track licenses • Increase insight with reporting • Set security policies

  25. MOBILE CAPABLITIES • Unified experience across all devices • Automatic discovery of mobile devices that access Exchange • Single console to manage computers and mobile devices • User centric views for device inventory • Protect corporate data on mobile device • Deploy Active Sync policies to user groups (password, encryption…) • Define mobile device access rules by device family/model • Remove mobile devices that access Exchange (with option to wipe) • IW empowerment through mobile LOB apps • Hosts & target in-house mobile apps to user groups (e.g. corp app store) • Provide mobile self-service to download mobile apps or contact IT

  26. LOGICAL ARCHITECTURE MICROSOFT CLOUD ON-PREMISE INFRASTRUCTURE IDENTITY CLOUD INFRASTRUCTURE (MSODS) Sync AD user data into the cloud ACTIVE DIRECTORY Sync managed users to Windows Intune Sync mobile devices for managed users Apply EAS policies or remediation tasks Policy/Config ActiveSync EXCHANGE WINDOWS INTUNE EXCHANGE CONNECTOR

  27. POLICY TRACKING • Track compliance against policies • Unified Policy status across PCs and mobile devices • Consistent look and feel for device settings report • Policy status for User groups and individual users • Display # of users who have devices with policy issues • Drill down into users and their devices with issues • Noncompliance action for mobile device • Reports if email access has been allowed or denied to non-compliant devices

  28. APP MANAGEMENT • Publish • The IT administrator uploads in-house apps to Windows Intune • The IT administrator deploys each app, specifying which targeted user groups have access to each app • Consume • Information workers sign in to the Windows Intune company portal using their corporate credentials • In the mobile portal, information workers can do the following: • View a detailed list of available apps • Download an app • Contact IT (in case of a problem) • Track • The IT administrator tracks app adoption, using the aggregated and detailed statistics provided by Windows Intune

  29. DEMO WINDOWS INTUNE

  30. Device Management Key Points User Centric Management Applications that user needs them on the multiple devices they use User empowerment Public and Private cloud Management Windows Intune System Center 2012 Configuration Manager Manage all your devices

  31. Next Steps Download and Evaluate More Resources Microsoft System Center 2012:http://www.microsoft.com/en-us/server-cloud/system-center/default.aspx Windows Intune: Current version - http://www.microsoft.com/en-us/windows/windowsintune/try-and-buy.aspx Try the next version - https://account.manage-beta.microsoft.com/Signup/MainSignUp.aspx?OfferId=1A981431-C1CF-1C28-4936-3F8229EC1411&ali=1 System Center Marketplace: http://systemcenter.pinpoint.microsoft.com Blogs: http://blogs.technet.com/systemcenter http://social.technet.microsoft.com/wiki/contents/articles/7075.system-center-2012-configuration-manager-survival-guide-en-us.aspx

  32. Some information relates to pre-released product which may be substantially modified before it’s commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here

More Related