MVP Cloud OS Week Online

CLOUD OS WEEK
 People Centric IT
Unified Device Management with SCCM + Windows Intune
ALL ABOUT YOU!
Raphael Perez, MVP: Enterprise Client Management, MCT
System Center consultant, specialized in SCCM & related technologies (ie. Windows
Deployment, automation, patch management, etc)
- Ex-Developer
- SCCM Book Author
- TheDesktopTeam Community leader
http://www.thedesktopteam.com
@dotraphael | http://uk.linkedin.com/in/dotraphael/
[email protected]
AGENDA
 The Story so far…
 Cloud-only or Unified?
 Unified Device Management
 Work from Anywhere
 Registering and Enrolling Devices
 User-centric Application Delivery
Administration
 Protect your Data
Help protect corporate information and manage risk
 Demo
 Unified Device Management Recap
THE STORY SO FAR…
THE STORY SO FAR…
CLOUD-ONLY OR UNIFIED?
Cloud-based Management
Standalone Windows Intune
No existing Configuration Manager deployment
Simplified policy control
Less than 7,000 devices and 4,000 users
Simple web-based administration console
Unified Device Management
System Center 2012 R2 Configuration Manager with
Windows Intune
Build on existing Configuration Manager deployment
Full PC management (OS Deployment, Endpoint Protection,
application delivery control, rich reporting)
Deep policy control requirements
Scale to 100,000 devices
Extensible administration tools (RBA, PowerShell
SQL Reporting Services)
UNIFIED DEVICE MANAGEMENT
Governance
Lightweight Control
Exchange
ActiveSync
OMA-DM
Mobile Device
Management
Full Control
Windows Phone 8.1
Windows RT 8.1
Windows 8.1
Allow e-mail access
BYOD-style
management
Fully-managed
corporate device
UNIFIED DEVICE MANAGEMENT
Windows PCs
(x86/64, Intel SoC),
Windows to Go
Windows Embedded
Mac OS X
Windows RT,
Windows Phone 8
iOS, Android
WORK FROM ANYWHERE
Users can enroll devices for
access to the Company Portal
for easy access to corporate
applications
IT can publish Desktop
Virtualization (VDI) for
access to centralized
resources
Users can work from
anywhere on their
device with access to
their corporate
resources.
IT can publish access to
resources with the Web
Application Proxy based
on device awareness and
the users identity
Users can register
devices for single signon and access to
corporate data with
Workplace Join
IT can provide seamless
corporate access with
DirectAccess and
automatic VPN
connections.
REGISTERING AND ENROLLING DEVICES
Users can enroll devices which configure
the device for management with Windows
Intune. The user can then use the
Company Portal for easy access to
corporate applications
Users can register BYO
devices for single sign-on
and access to corporate data
with Workplace Join. As part
of this, a certificate is
installed on the device
IT can publish access to corporate resources with the
Web Application Proxy based on device awareness
and the users identity. Multi-factor authentication
can be used through Windows Azure Active
Authentication.
Data from Windows Intune is sync
with Configuration Manager which
provides unified management
across both on-premises and in the
cloud
As part of the registration process,
a new device object is created in
Active Directory, establishing a link
between the user and their device
USER-CENTRIC APPLICATION DELIVERY
ADMINISTRATION
Delivery Evaluation Criteria
• User
• Device type
• Network connection
User/Device Relationships
Primary Devices
• MSI
• App-V
• Windows 8 Apps
• Windows 8 Apps in the Windows Store
Non-primary Devices
• VDI
• Remote Desktop
PROTECT YOUR DATA
HELP PROTECT CORPORATE INFORMATION
AND MANAGE RISK
Lost or Stolen
LostRetired
or Stolen
Enrollment
Retired
Personal
Apps and
Data
Personal Apps
and Data
Company Apps
and Data
Remote App
Company Apps
and Data
Centralized
Data
Remote App
Policies
Policies
DEMO
UNIFIED DEVICE MANAGEMENT RECAP
Unregistered
Registered
MDM Enrolled
Fully Managed
Publish email to users (EAS)
Yes
Yes
Yes
Yes
Publish work folders to users
Yes
Yes
Yes
Yes
Block device only
Yes
Yes
Yes
Yes
Yes
Yes
Unified Device Management
Yes
Yes
Unified Application Management
Yes
Yes
Selective data wipe
Yes
Yes
Compliance reporting
Yes
Yes
Conditional access based on user, device, location
Audit logging and monitoring
Group Policy and login scripts
Yes
OS deployment and imaging
Yes
Configuration management
Yes
Patch management
Yes
Anti malware management
Yes
Full application management
Yes
BitLocker management
Yes
Raphael Perez, MVP: Enterprise Client Management, MCT
http://www.thedesktopteam.com
@dotraphael | http://uk.linkedin.com/in/dotraphael/
[email protected]
Cloud OS website http://www.microsoft.com/en-us/server-cloud/cloudos/default.aspx#fbid=h40PL5JDtJG
Find out more about the MVP community https://mvp.microsoft.com/enUS/default.aspx
PLEASE END THE VIDEO WITH:
- Your contact details
- Link to the Cloud OS website http://www.microsoft.com/en-us/servercloud/cloud-os/default.aspx#fbid=h40PL5JDtJG
- Link to your User Group
- # for Twitter
- Find out more about the MVP community https://mvp.microsoft.com/enUS/default.aspx