Active Directory Modernization Technical data deck

Slides:



Advertisements
Similar presentations
Microsoft Ignite /16/2017 3:28 PM
Advertisements

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Craig Pringle & Derek Moir
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
61% of workers mix personal and work tasks in their devices* * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise.
Azure.
Recording Brief EMS Partner Bootcamp Variables Values Module Title
Dr. Authentication Or, How I Learned To Stop Worrying And Love The Azure MFA
Active Directory Modernization Technical competitive comparison
Implementing and Managing Azure Multi-factor Authentication
The time to address enterprise mobility is now
Deployment Planning Services
Deployment Planning Services
Identity and access management
Azure AD Application Proxy
Deployment Planning Services
Microsoft Azure: The only consistent Hybrid Cloud
Deployment Planning Services
SaaS Application Deep Dive
Modern application lifecycle with DevOps
6/25/ :13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.
Microsoft Virtual Academy
The power of common identity across any cloud
Directory Synchronization in Office 365
Secure Remote Access to on-premises Web Apps using Azure AD
Microsoft Ignite /31/ :08 AM
9/13/2018 4:54 PM BRK How to get Office 365 to the next level with Azure Active Directory Premium Brjann Brekkan Program Manager Lead – Customer.
RMS Architecture EMS Partner Bootcamp TechReady 18 9/17/2018
Azure.
Microsoft Virtual Academy
Enterprise Modernization
Deep Dive into Cloud Identity, Identity Bridging and Cloud Tokens - EWUG.DK - Level Peter Selch Dahl - Sr. IT Architect, Cloud and.
Hybrid Cloud Foundation
Azure Active Directory
Office 365 Identity Management
Microsoft Virtual Academy
11/14/ :30 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Microsoft Virtual Academy
Access and Information Protection Product Overview October 2013
TechEd /24/2018 4:00 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
PCIT-B313 Hybrid Identity
Microsoft Virtual Academy
M7: New Features for Office 365 Identity Management
Microsoft Virtual Academy
Five mistakes to avoid when deploying Enterprise Mobility + Security
Office 365 Identity Management
TechEd /9/2018 1:09 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Office 365 Identity Management
Microsoft Virtual Academy
Microsoft Virtual Academy
Surviving identity management in a hybrid world
Microsoft Virtual Academy
Developing for Windows Azure
System Center Marketing
M6: Advanced Identity Management topics for Office 365
TechEd /6/ :24 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Windows Azure Hybrid Architectures and Patterns
Azure Multi-Factor Authentication (MFA)
Microsoft Virtual Academy
PCIT-B314 BYOD and WS2012R2 Adam Hall
Microsoft Virtual Academy
Day 2, Session 2 Connecting System Center to the Public Cloud
Microsoft Virtual Academy
Microsoft Virtual Academy
Azure AD Simon May Technical Evangelist.
Microsoft Virtual Academy
Presentation transcript:

Active Directory Modernization Technical data deck 10/5/2017 Active Directory Modernization Technical data deck © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Mobility is the updated normal 66% 25% 33% of employees use personal devices for work purposes* of all software will be available on a Software as a Service (SaaS) delivery by 2020** of employees that typically work on employer premises, also frequently work away from their desks*** *CEB The Future of Corporate ITL: 203-2017. 2013. **Forrester Application Adoption Trends: The Rise Of SaaS ***CEB IT Impact Report: Five Key Findings on Driving Employee Productivity Q1 2014.

What's driving change? User Devices Apps Data IT

Empowering enterprise mobility Enable your users People-centric approach Protect your data User Devices Apps Data IT Unify your environment

Empowering enterprise mobility Desktop virtualization Enable your users Protect your data User IT Access & information help protect Hybrid identity Mobile device & application management

The current reality… On-premises Private cloud Managed devices 10/5/2017 The current reality… EC2 On-premises Private cloud Managed devices © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Identity as the control plane Build 2012 10/5/2017 Identity as the control plane Simple connection Self-service Single sign on ••••••••••• Username Other directories Windows Server Active Directory On-premises Cloud SaaS Azure Office 365 Public cloud Microsoft Azure Active Directory

What is Azure Active Directory? A comprehensive identity and access management cloud Solution It combines directory services, advanced identity governance, application access management and a rich standards-based platform for developers It is available in 3 editions: paid, Basic and Premium

10x Discover all SaaS apps in use within your organization Source: Help Net Security 2014 as many Cloud apps are in use than IT estimates Microsoft Azure Active Directory Cloud App Discovery SaaS app category Number of users Utilization volume Comprehensive reporting

Windows Server Management Marketing 10/5/2017 Your directory on the cloud Centrally managed identities and access Monitor and help protect access to cloud applications Empower users © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Server Management Marketing 10/5/2017 Your directory on the cloud Centrally managed identities and access Monitor and help protect access to cloud applications Empower users © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Server Management Marketing 10/5/2017 Your directory to the cloud Connect and sync on-premises directories with Azure Microsoft Azure Active Directory Azure Active Directory Connect * * Other directories PowerShell LDAP v3 SQL (ODBC) Web Services ( SOAP, JAVA, REST) © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Making hybrid identity simple 10/5/2017 Making hybrid identity simple ADFS Azure Active Directory Connect DirSync Azure Active Directory Sync Forefront Identity Manager (FIM)+Azure Active Directory Connector Sync Engine Azure Active Directory Connect Consolidated deployment assistant for your identity bridge components. All currently available sync engines will be replaced by the Sync engine included in the Connect tool. Assisted deployment of ADFS will be available through Azure Active Directory Connect. ADFS is an optional component for authentication in Hybrid implementation . Password sync can replace ADFS for more scenarios. © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Delivering a seamless user authentication experience 10/5/2017 Delivering a seamless user authentication experience User attributes are synchronized using Identity Synchronization services including a password hash, Authentication is completed against Azure Active Directory Microsoft Azure Identity Synchronization with password (hash) sync Active Directory Identity Synchronization User attributes are synchronized using Identity Synchronization tools, Authentication is passed back through federation and completed against Windows Server Active Directory Microsoft Azure AD FS © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Your directory on the cloud Windows Server Management Marketing 10/5/2017 Your directory on the cloud Connect and Sync on-premises directories with Azure 2400+ pre-integrated popular SaaS apps Microsoft Azure Active Directory SaaS apps Other directories © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Pre-integrated SaaS apps in the application gallery Build 2012 10/5/2017 Pre-integrated SaaS apps in the application gallery 2400+ apps are supported (Oct 2014) © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Your directory on the cloud Windows Server Management Marketing 10/5/2017 Your directory on the cloud Microsoft Azure Other directories Connect and Sync on-premises directories with Azure 2400+ pre-integrated popular SaaS apps SaaS apps Web Apps (Azure Active Directory Application Proxy) Integrated custom apps Easily publish on-prem web apps through Application Proxy + Custom apps through a rich standards-based platform Identities and applications in one place. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

https://app1-contoso.msappproxy.net/ 10/5/2017 1:00 PM Azure Active Directory Application Proxy Microsoft Azure Active Directory A connector that auto connects to the cloud service https://app1-contoso.msappproxy.net/ Application Proxy Multiple connectors can be deployed for redundancy, scale, multiple sites and different resources Connectors are deployed usually on corpnet next to resources Users connect to the cloud service that routes their traffic to the resources through the connectors DMZ Corporate network Connector Connector http://app1 Resource Resource Resource © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Centrally managed identities and access Windows Server Management Marketing 10/5/2017 Centrally managed identities and access SaaS apps Comprehensive identity and access management console Centralized access administration for preintegrated SaaS apps and other Cloud-based apps Secure business processes with advanced access management capabilities IT professional Your cloud apps ready when you are. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Monitor and help protect access to enterprise apps Windows Server Management Marketing 10/5/2017 Monitor and help protect access to enterprise apps Built-in security features Security reporting that tracks inconsistent access patterns, analytics and alerts © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Monitor and help protect access to enterprise apps Windows Server Management Marketing 10/5/2017 Monitor and help protect access to enterprise apps Built-in security features XXXXX Security reporting that tracks inconsistent access patterns, analytics and alerts XXXXX Step up to Multi-Factor Authentication XXXXX © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

What is Azure Multi-Factor Authentication? A stand-alone Azure Identity and Access management service also included in Azure Active Directory Premium Prevents unauthorized access to both on- premises and cloud applications by providing an additional level of authentication Trusted by thousands of enterprises to authenticate employee, customer, and partner access

How it works Mobile apps Phone calls Text messages Build 2012 10/5/2017 How it works Mobile apps Phone calls Text messages ALERT 1 4 5 6 7 6 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Server Active Directory or other LDAP 10/5/2017 1 Users sign in from any device using their existing username/password User 2 Users must also authenticate using their phone or mobile device before access is granted On-premises apps Cloud apps Multi-Factor Authentication Server RADIUS LDAP IIS RDS/VDI .NET, Java, PHP… SAML Microsoft Azure Active Directory Multi-Factor Authentication Server Windows Server Active Directory or other LDAP © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure MFA vs MFA for Office 365 Build 2012 Azure MFA vs MFA for Office 365 10/5/2017 MFA for Office 365/Azure administrators Azure Multi-Factor Authentication Administrators can Enable/Enforce MFA to end users Yes Use Mobile app (online and OTP) as second authentication factor Use Phone call as second authentication factor Use SMS as second authentication factor Application passwords for non-browser clients (e.g. Outlook, Skype for Business) Default Microsoft greetings during authentication phone calls Suspend MFA from known devices Custom greetings during authentication phone calls Fraud alert MFA SDK Security Reports MFA for on-premises applications/ MFA Server One-time bypass Block/Unblock users Customizable caller ID for authentication phone calls Event confirmation Trusted IPs © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Server Management Marketing 10/5/2017 Empower users Company branded, personalized application Access Panel: http://myapps.microsoft.com + Mobile Apps Manage your account © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Server Management Marketing 10/5/2017 Empower users Company branded, personalized application Access Panel: http://myapps.microsoft.com + Mobile Apps Manage your account Self-service Password Reset and delegated group management for cloud users © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Rich standards-based platform for developers 10/5/2017 1:00 PM Rich standards-based platform for developers Custom LOB applications can integrate with Azure Active Directory Sign in to Active Directory-integrated applications with cloud identities Active Directory-integrated applications can access Office 365 and other web APIs Applications can extend Azure Active Directory schema Cross-platform support (iOS, Android, and Windows) Open Standards (SAML, OAuth 2.0, OpenID Connect, Odata 3.0) OAuth2 & OpenID Connect Microsoft Azure Active Directory SAML WS-Federation REST based Graph API SCIM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure Active Directory 12-month investments 10/5/2017 Azure Active Directory 12-month investments Business to Business Business to Consumers Device Registration Administrative Units Conditional Access Azure Active Directory Joined (Windows 10) © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Identity as the control plane Build 2012 10/5/2017 Identity as the control plane Simple connection Self-service Single sign on ••••••••••• Username Other directories Windows Server Active Directory On-premises Cloud SaaS Azure Office 365 Public cloud Microsoft Azure Active Directory

Rich standards-based platform for developers 10/5/2017 1:00 PM Rich standards-based platform for developers Custom LOB applications can integrate with Azure Active Directory Sign in to Active Directory-integrated applications with cloud identities Active Directory-integrated applications can access Office 365 and other web APIs Applications can extend Azure Active Directory schema Cross-platform support (iOS, Android, and Windows) Open Standards (SAML, OAuth 2.0, OpenID Connect, Odata 3.0) OAuth2 & OpenID Connect Microsoft Azure Active Directory SAML WS-Federation REST based Graph API SCIM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Azure is an Open Cloud MS integrated Ecosystem provided Languages, dev tools & app containers Bring your own CMS & apps Dozens of .NET & PHP CMS and Web applications Devices Via HTMl/JS, cross-platform and native Azure Certified + Azure Marketplace •The solution has been vetted for readiness and compatibility with Azure through certification and testing •You (the publisher) will provide customer support •Customers will be able to find your solution in the Azure Marketplace and easily deploy it from the Azure Management Portal © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. DocDB DataStax Databases libcloud jclouds Management Ubuntu SUSE, OpenSUSE, OpenLogic CentOS-based Oracle Linux, CoreOS Operating systems Bring your own

Open source solutions on Azure Open source web apps + Azure AD Java apps & Dev/Test Linux-based apps & Dev/Test Linux lift & shift HANA Dev/Test on Linux Extending DC modernization to Linux PHP and Java/JSP MySQL-backed Peace of mind with MS support From LAMP scale to cloud scale Connected to Azure AD, hooks for Office 365 applications Oracle-supported JDK Optional Eclipse based tools Quickly fire up tens or hundreds of Ubuntu or CentOS Linux VMs IDE-agnostic Can utilize Jenkins RPM and APT fabrics Skill portability and binary compatibility Strong relationship in accounts with Hyper-V InMage makes it easier to lift and shift Great for CPU and RAM intensive workloads License mobility Cloud economics Easy to connect to Java and .NET apps on Azure WS2K3 EOS opportunity Modernize Linux through P2V migrations 1st class management for Linux Prepare workloads for easier lift and shift to Azure

Support for OpenSource in an open cloud Web apps & Azure AD Productive All the benefits of the cloud (autoscale, etc.) without added infrastructure hassles From LAMP scale to cloud scale Microsoft supports the stack & handles security events Easy to extend to Office through Azure Active Directory Open & flexible PHP and Java/JSP supported MySQL-backed - choose from a third-party MySQL provider or rolling your own on Linux Extensible to Azure AD and Office 365 applications Fully maintained open source SDK for Java and PHP Support for OpenSource in an open cloud Linux support Easy deployment of MySQL clusters on Linux Ability to run middleware and other specialized backend on Linux VMs Connected to Azure Web Sites through Virtual Networks

Enterprise Mobility Suite EMS Overview 10/5/2017 Enterprise Mobility Suite Hybrid identity Microsoft Azure Active Directory Premium security reports, and audit reports, multi-factor authentication Self-service password reset and group management Connection between Active Directory and Azure Active Directory Mobile device management Windows Intune Mobile device settings management Mobile application management Selective wipe Access & information help protect Microsoft Azure Rights Management service Information help protect Connection to on-premises assets Bring your own key © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, Surface and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Next steps Find a partner with the Devices & Deployment & Access & Identity competency Set up trial Hybrid Identity Mobile Device Management Request an Enterprise Mobility proof-of-concept Take advantage of the Enterprise Agreement special offer—a limited discount on the updated Enterprise Mobility Suite Use your Deployment Planning Services Software Assurance benefits To find out more about our solutions, visit the Enterprise Mobility Management website

10/5/2017 1:00 PM © 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure Active Directory editions + Office 365 IAM feature comparison Build 2012 10/5/2017 Azure Active Directory editions + Office 365 IAM feature comparison Azure Active Directory Free Azure Active Directory Basic Azure Active Directory Premium Office 365 apps only Common features Directory as a Service 500,000 object limit No object limit No object limit for Office 365 user accounts User/Group Management (add/update/delete) Yes SSO to pre-integrated SAAS Applications /Custom Apps 10 apps per user No limit User-Based access management/provisioning Self-Service Password Change for cloud users Connect (Sync engine that extends on-premises directories to Azure Active Directory) * Security Reports/Audit 3 basic reports Advanced security reports Premium+ Basic features Group-based access management/provisioning Self-Service Password Reset for cloud users Company Branding (Logon Pages/Access Panel customization) Application Proxy Service Level Agreement (SLA) Premium features Self-Service Group Management Self-Service Password Reset/Change with on-premises write-back Advanced Usage Reporting Multi-Factor Authentication (Cloud and On-premises (MFA Server)) Limited cloud only for Office 365 Apps MIM CAL + MIM Server Administrative Units (in Preview) Cloud App Discovery (in Preview) Conditional Access : MFA per application (in Preview) Automated password roll-over (in Preview) Connect health (in preview) * Connect is currently in public preview and Azure Active Directory Sync is used. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

AD Modernization—hybrid cloud scenarios Build 2012 10/5/2017 AD Modernization—hybrid cloud scenarios Enterprise Mobility Suite Hybrid Identity Management Mobile Device Security& Management Mobile Application Management Strong Authentication & Access based Information Protection Microsoft Azure Active Directory Consumer identity providers Active Directory PCs and devices Microsoft apps Third-party clouds/hosting ISV/CSV apps Custom LOB apps Encrypted synchronization Microsoft Azure AD ADFS / SAML .NET, Java, PHP, … Built-in SDK for integration Strong multi Factor Authentication Real Time Fraud Alert Reporting, Logging & Auditing Enables compliance with National Institute of Standards and Technology (NIST) 800-63 Level 3, HIPAA, PCI DSS, and other regulatory requirements Microsoft Azure Multi-Factor Authentication Active Directory Multi-Factor Authentication Server Cloud Apps Corporate devices On-premises applications BYOD/Personal devices Microsoft Azure AD © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Other products mentioned that are not trademarks include: PowerShell.