Microsoft Ignite /16/2017 3:59 PM

Slides:



Advertisements
Similar presentations
Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.
Advertisements

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Client management scenarios in the Windows 8 timeframe Bryan Keller – Lead Program Manager Craig Morris – Senior Program Manager WCL388.
Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.
Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Microsoft Ignite /16/2017 3:59 PM
Management lifecycle summary Mobile Device Management with Windows Intune or 3 rd Party tools Simplified and flexible device enrollment, using.
GREATER THAN EVER. TODAY, RISK OF DATA FALLING IN THE WRONG HANDS IS QUITE OFTEN THIS RISK IS NOT FROM EXTERNAL ATTACKERS. IT COMES FROM WITHIN.
Devices and Deployment Management & Security Identity Cloud.
Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.
Sessions about to start – Get your rig on!. Ash de Zylva.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Full Packaged Product (FPP) OEM – PC Preinstall Volume Licensing.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Wally Mead Senior Program Manager Microsoft Corporation.
Howard A. Carter III Senior Consultant Microsoft Consulting Services
Lack of control for mobile devices Different tools for phone & PC Policy conflict Inconsistent user experience… Granular mobile device mgmt Converged.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
Harris Schneiderman Account Manager Kloud Solutions.
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
1 st Lost Data and Files Recovery Planning Distributed Workforce System Failures Traditional approaches to machine recovery don’t meet the needs.
Lost Data and Files Recovery Planning Distributed Workforce System Failures Traditional approaches to machine recovery don’t meet the needs of.
…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Delivering a Standard Mobile Operating Environment Don Kerr : Business Solutions Marketing – Windows Mobile Rick Anderson : Mobility Solution Sales.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Section 11: Implementing Software Restriction Policies and AppLocker What Is a Software Restriction Policy? Creating a Software Restriction Policy Using.
Module 7 Planning and Deploying Messaging Compliance.
Bizfss File Sync and Sharing Solution, Built on Microsoft Azure, Allows Businesses to Sync, Share, Back Up Using Their Own Cloud Storage MICROSOFT AZURE.
Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Empowering people-centric IT Patrick Rogers May 29, 2014.
Deploying Windows 10 in the Enterprise Introduction and Windows as a Service Michael blogs.technet.com/mniehaus.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
Are cybersecurity threats keeping you up at night? Your people go everywhere with devices, do the apps and data they need go with them? Can you adopt.
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
Configuration Manager and InTune Gemeinsam oder einsam?
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
Michael Niehaus Using the Windows Store for Business: New Capabilities for Managing Apps in the Enterprise WIN335.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
User and Device Management
Craig Pringle & Derek Moir
Windows for the Enterprise Boris Ulík Technology Solutions Professional Microsoft Slovakia.
Windows 8 tablets with Intel Core 64-bit processors Windows 8 tablets with Intel Atom 32-bit processors Windows RT tablets with ARM processors.
The information contained in this document represents the current view of Microsoft Corp on the issues discussed as of the date of publication. Because.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
System Center 2012 Configuration Manager Service Pack 1 Overview.
Tomaž Čebul Principal Consultant Microsoft Bring Your Own Device, kaj pa je to?
The information contained in this document represents the current view of Microsoft Corp on the issues discussed as of the date of publication. Because.
What’s New in Configuration Manager Since RTM How to stay current with the new coolness available Aaron Czechowski Senior Program Manager Microsoft Wally.
Selecting the Management Platform Cloud-based Management Standalone Windows Intune No existing Configuration Manager deployment Simplified policy.
Windows 10 in einem Bio Reservoire
Phase 4: Manage Deployment
Supporting Windows 8.1 Krystle Portocarrero | Training Experts Inc.
Conduct a successful pilot deployment of Microsoft Intune
Cloud-First, Modern Windows Management and Security
Microsoft Ignite /18/2018 8:30 PM BRK2065
Windows 10 & Intune: A Modern Desktop Management Story Joe Crandall.
SVTRAININGS. SVTRAININGS Features of SCCM  Application management  Provides a set of tools and resources that can help you create, manage, deploy, and.
11/23/2018 3:03 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
System Center Marketing
SCCM in hybrid world Predrag Jelesijević Microsoft 7/6/ :17 AM
Microsoft 365 Business Technical Fundamentals Series
Preparing for the Windows 8.1 MCSA
IT Management, Simplified
Microsoft Virtual Academy
Presentation transcript:

Microsoft Ignite 2015 4/16/2017 3:59 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Managing Windows 10: Back to Basics Microsoft Ignite 2015 4/16/2017 3:59 PM BRK2337 Managing Windows 10: Back to Basics Heike Ritter Product Marketing Manager, Microsoft Samesh Singh Architect, Microsoft © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows offers the management features that businesses need. 4/16/2017 Windows offers the management features that businesses need. © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4/16/2017 Business needs are evolving. Windows 10 offers management choices to meet those needs. © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

What needs to be managed Management My Personal Identity My Personal Data My Corporate Data My Corporate Identity My Personal Settings My Corporate Settings My Personal Applications My Corporate Applications Windows 10 Device

Management Options IDENTITY GROUPING Active Directory Microsoft Ignite 2015 4/16/2017 3:59 PM Management Options IDENTITY GROUPING Active Directory Domain join | Workgroup Azure Active Directory Azure AD join MANAGEMENT Group policy New GPOs | AGPM scripting ConfigMgr MDM policies via WMI bridge MDM New configuration | Initial provisioning Exchange Active Sync Powershell | WMI © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Management Features 4/16/2017 Windows Management Features Products System Center Configuration Manager Microsoft Desktop Optimization Pack (MDOP) Cloud Services Azure Active Directory Azure RMS Microsoft Intune Windows Store Windows Update Windows Server Active Directory Group Policy Windows Server Update Services (WSUS) Windows Client Windows Management Instrumentation (WMI) Windows Remote Management (WinRM) Windows Update Group Policy Client Mobile Device Management (MDM) PowerShell AppLocker © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Identity Management My Personal Data My Corporate Data My Personal Settings My Corporate Settings My Personal Applications My Corporate Applications Windows 10 Device

Windows 10 Identity Choices 4/16/2017 Windows 10 Identity Choices Active Directory Azure Active Directory Computer joins AD to establish trust User signs on using AD account Group Policy + System Center Computer joins Azure AD to establish trust User signs on using Azure AD account Intune/MDM Settings roaming Single sign-on to enterprise + cloud-based services © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Common Identity Cloud Identity Synchronized Identity Independent cloud identity Microsoft Azure Active Directory Active Directory Directory Sync and Password Sync Synchronized Identity  Single identity, enabling a same sign-on experience with password hash sync Microsoft Azure Active Directory Federated Identity Active Directory Directory Sync Single federated identity, enabling single sign-on in some scenarios and additional flexibility Microsoft Azure Active Directory Federation

Demo Sign in with Azure Active Directory Microsoft Ignite 2015 4/16/2017 3:59 PM Demo Sign in with Azure Active Directory © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Client Management My Personal Data My Corporate Data Identity My Personal Data My Corporate Data My Corporate Identity My Personal Settings My Corporate Settings My Personal Applications My Corporate Applications Windows 10 Device “Deploying Windows 10: Back to Basics” by Tim Mintner

WMI and WinRM Disk Network Service Process Operating System Microsoft Ignite 2015 4/16/2017 3:59 PM WMI and WinRM Disk Network Service Process Operating System WMI Service WMI Repository (Database) Management Applications Scripts WMI Providers & Managed Objects COM/ DCOM WMI Infrastructure COM/ DCOM WMI Consumers © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

PowerShell Get-help Get-item Start-Service Restart-Computer Microsoft Ignite 2015 4/16/2017 3:59 PM PowerShell Get-help Get-item Start-Service Restart-Computer ipconfig | select-string -pattern 255 get-service get-service | get-member cmdlets Windows Commands & Utilities Objects Object Pipelines © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Querying system information using PowerShell and WMI Microsoft Ignite 2015 4/16/2017 3:59 PM Demo Querying system information using PowerShell and WMI © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Diagnostics & Recovery Toolkit (DaRT) Disk and File Administrative Recovery Disk and File Administrative Recovery Disk Commander Disk Wipe Explorer File Restore Search SFC Scan Crash Analyzer Defender Locksmith Hotfix Uninstall Disk and File Administrative Recovery Disk and File Administrative Recovery Computer Management Registry Editor TCP/IP Config Remote Connection

Applications Management My Personal Data My Corporate Data My Personal Identity My Personal Data My Corporate Data My Corporate Identity My Personal Settings My Corporate Settings My Personal Applications My Corporate Applications Windows 10 Device “Preparing for Windows 10 Deployment: Application Compatibility and Planning” by Michael Niehaus

Business store Flexible app deployment Support for any organization 4/16/2017 Business store Flexible app deployment Online, offline, or included in images Through the store, via MDM, or using System Center LOB apps can be kept private Support for any organization Teacher and classroom Small businesses and other organizations Large enterprises Simplify via convergence One store, one Dev Center, one Business Store Portal Universal apps across all device types Reconciled sideloading processes © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Business Store Portal Scenarios 4/16/2017 Business Store Portal Scenarios Online Offline All org users need Azure AD accounts Installation files managed and deployed by the Windows Store Licenses tracked by the Windows Store Updates installed via Windows Update Org users do not need Azure AD accounts Installation files are downloaded and deployed using org’s infrastructure No license tracking Updates installed via Windows Update Private Store MDM / ConfigMgr (deep links) Direct Assignment Imaging MDM / ConfigMgr (sideload) Manual © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

App-V App-V Client System Center 2012 Configuration Manager App-V Microsoft Ignite 2015 4/16/2017 3:59 PM App-V App-V Client System Center 2012 Configuration Manager App-V Streaming Infrastructure Sequencing Application installer © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Sequencing and streaming a desktop app using App-V

User Settings Management My Personal Data My Corporate Data Identity My Personal Data My Corporate Data My Corporate Identity My Personal Settings My Corporate Settings My Personal Applications My Corporate Applications Windows 10 Device “Better Dynamic Application Delivery Through App-V and UE-V” by Aaron Ruckman

User Profile %userprofile% Application Generated Content User Generated Content Machine Dependent Roaming User Profiles Offline Files User Experience Virtualization Machine Independent Folder Redirection AppData Local Low Local Roaming NTUSER.DAT

Local Settings Package Microsoft Ignite 2015 4/16/2017 3:59 PM UE-V Windows Instance 1. App Settings 2. Agent Hook 1 4 3. Settings Package Sync 2 3 Registry 4. Settings Apply/Collect Network File Server Local Files Local Settings Package Remote Settings Package Agent Settings Location Template UE-V Service © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

UE-V GPOs Templates Setting store UE-V Agent

Demo Roaming app settings with UE-V

User Data Management My Personal Data My Corporate Data My Personal Identity My Personal Data My Corporate Data My Corporate Identity My Personal Settings My Corporate Settings My Personal Applications My Corporate Applications Windows 10 Device

Information protection journey 4/16/2017 Information protection journey DEVICE PROTECTION BitLocker enhancements in Windows 8.1 InstantGo 3rd party adoption Protect data when device is lost or stolen © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

MBAM Client Portals Web Services SQL DBs Compliance GPO Microsoft Ignite 2015 4/16/2017 3:59 PM MBAM Client Portals Web Services SQL DBs Compliance GPO HelpDesk Portal Admin Web Service Compliance and Audit SSRS MBAM Client and BitLocker Self Service Portal Self Service Web Service Recovery Reporting Web Site Recovery Web Service Reporting Web Service “Improving Data Protection and Security Compliance with BitLocker and MBAM” by Lance Crandall © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Information protection journey 4/16/2017 Information protection journey DEVICE PROTECTION DATA PROTECTION THE GAP BitLocker enhancements in Windows 8.1 InstantGo 3rd party adoption Protect data when ….. Rights Management Services (RMS) Office Information Rights Management (IRM) Azure AD, Azure Rights Management in 2013 3rd party solutions Accidental/intentional data leakage © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

IN A CLOUD & MOBILE WORLD DATA PROTECTON IN A CLOUD & MOBILE WORLD REQUIRES Protection everywhere (at rest, in transit, across devices, storage location...everywhere) Enable wipe and other management fundamentals Supported by all the apps you use, fully integrated experience

Enterprise Data Protection Protects data at rest, and wherever it rests or may roam to Seamless integration into the platform, No mode switching and use any app Corporate vs personal data identifiable wherever it rests on the device Prevents unauthorized apps from accessing business data IT has fully control of keys and data IT can remote wipe data on demand Common experience across all Windows devices Cross platform support “Protecting your data with containers without boxing yourself in” by Yogesh Mehta

Enterprise Data Protection: Provisioning 4/16/2017 Enterprise Data Protection: Provisioning User enrolls with enterprise MDM or domain join User 1 MDM or SCCM provisions policy and encryption keys 2 Policies: Enterprise allowed apps Network policies App restriction policy © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Protecting corporate data with EDP

Enterprise Management My Personal Identity My Personal Data My Corporate Data My Corporate Identity My Personal Settings My Corporate Settings My Personal Applications My Corporate Applications Windows 10 Device

Group Policy Security Access / Connectivity Desktop OS / Application Proxy Settings Block Downloads /Installs Registry Settings Security Updates Block Control Panel Microsoft Passport PIN Access / Connectivity Identity Access Rights VPN Settings DNS Settings Wireless Settings Roaming Profiles Desktop OS / Application Win32 app mgmt Disable Screensavers Lock Background Printer Settings Drive Mapping Start screen Start Menu UApp Mgmt Internet Explorer Settings Block Websites Block IE Updates Company Logo on IE Clearing Cache Security Settings Firewall Settings Spartan browser Power Management Hibernation Settings

Advanced Group Policy Management (AGPM) Fully integrated into the GPMC Offline Editing Delegation of Administration GPO Change Management Group Policy Preferences GPO Deployment process GPO Settings Report and Comparisons GPO Disaster Recovery PowerShell Cmdlets to allow routine AGPM tasks to be automated and executed from the console View controlled GPOs, Control, Check In, Check Out, Undo Check Out, Delete from AGPM, Deploy

Microsoft Ignite 2015 4/16/2017 3:59 PM AppLocker Rules based on file attributes (publisher name (derived from the digital signature), product name, file name, and file version Rules based on the file path and hash Rule assigned to a security group or an individual user Exceptions to rules Audit-only mode to deploy the policy and understand its impact before enforcing it Windows PowerShell cmdlets for AppLocker © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Configuring AppLocker Microsoft Ignite 2015 4/16/2017 3:59 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

System Center Configuration Manager Asset Management & Support Application Management Device Management Operating System Deployment Out of Band Management Point Remote Control Inventory Enterprise Device Management Mobile Device Management Application Catalog Web Service Point Application Catalog Website Point Asset Intelligence Synchronization Point Software Update Point State Migration Point PXE Boot Microsoft Intune Connector Endpoint Protection Point Software Update Point System Health Validation Point Internet-Based Client Management Certificate Registration Point Enrollment Management Distribution Fallback Status Role Based Administration Reporting Services Database

Exchange ActiveSync Disable desktop ActiveSync Disable removable storage Disable camera Disable SMS text messaging Disable Wi-Fi   Disable Bluetooth Disable IrDA Allow internet sharing from device Allow desktop sharing from device Disable POP3   /IMAP4   email Allow consumer email Allow browser Allow unsigned applications Allow unsigned CABs Application allow list Application block list Require signed S/MIME messages Require encrypted S/MIME messages Require signed S/MIME algorithm Require encrypted S/MIME algorithm Allow S/MIME encrypted algorithm negotiation Allow S/MIME SoftCerts Device encryption Minimum number of complex characters Configure message formats (HTML or plain text) Include past email items (duration) Email body truncation size HTML email body truncation size Include past calendar items (duration) Require manual sync when roaming

Mobile Device Management 4/16/2017 Mobile Device Management Significant investments in added functionality for both mobile and desktop devices Fully managed corporate device Phone Desktop Device Lockdown Phone Desktop BYOD: simple security settings Windows 8.1 Windows 10 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

APPLICATION MANAGEMENT DEVICE CONFIGURATION AND SECURITY MDM in Windows 10 Un-enrollment in two phases & alerts Removal of Enterprise configuration (apps, certs, profiles, policies) and Enterprise encrypted data (with EDP) ENROLLMENT INVENTORY APPLICATION MANAGEMENT DEVICE CONFIGURATION AND SECURITY REMOTE ASSISTANCE UNENROLLMENT Provisioning Bulk enrollment Simple bootstrap Converged protocol Azure AD Integration One consistent set of MDM capabilities across Mobile, Desktop, and Embedded products Full device wipe Remote Lock, PIN reset, Ring, Find Enhanced inventory for compliance decisions Additional device inventory Curated Windows Store Business Store Portal app deployment; License reclaim/re-use Enterprise App management Simplified LOB app management Win32 app management App inventory (MDM/store apps) App allow/deny lists through Applocker Enterprise data protection Greatly extended set of policies (Parity with Windows Phone 8.1) Context based policies Client certificates – Direct install (PFX) Enterprise Wi-Fi VPN management Email provisioning MDM Push when user not logged in Device Update control Kiosk Mode, Start screen / Start menu configuration and control “Windows 10 Mobile Device Management in Depth” by Janani Vasudevan

Microsoft Intune User Mobile device management Mobile application management PC management IT Intune helps organizations provide their employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure.

Demo Enrolling a Windows device in Microsoft Intune Microsoft Ignite 2015 4/16/2017 3:59 PM Demo Enrolling a Windows device in Microsoft Intune © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Quality-Based Releases Time Enterprise-ready Current Branch for Business Long Term Servicing Branch Current Branch Hundreds of millions Broad External Flights Several million Limited External 100’s of thousands Broad Internal Validation 10’s of Engineering Builds # Users “Getting Ready for Windows 10: Servicing Windows Client and Server in a managed Environment Today”

Windows as a Service Long Term Servicing Branch Mission–critical ready Current Branch for Business Up to date with the latest innovation Receive security updates regularly; no new features Similar to what you have today with Windows 7 SP1/Windows 8.1 Your mission critical environments are supported with no change in functionality for duration of mainstream and extended support (5+5 years) You control deployment of patches using WSUS You are able to use in-place upgrade to move from one LTSB to another Update your devices frequently with latest features New enterprise deployment option for Windows 10 Your devices can take advantage of the latest innovation on an ongoing basis Features are released first to tech enthusiasts and Windows Insiders and validated prior to getting installed on your business devices You have several months to plan and test the updates You choose how you want the devices to be updated: Via Windows Update - reducing your management costs Via WSUS using traditional mechanics

Management Choices Available Choices Identity Management Updates 4/16/2017 Management Choices Available Choices Identity Active Directory; Azure Active Directory Management Group Policy, System Center Configuration Manager, 3rd party PC management; Intune, 3rd party MDM Updates Windows Update; Windows Server Update Services (WSUS); Intune, 3rd party MDM Infrastructure On-premises or in the cloud Ownership Corporate-owned, CYOD; BYOD Organizations may mix and match, depending on their specific scenario © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Management Choices Basic Lightweight Full Control Exchange ActiveSync 4/16/2017 Management Choices Exchange ActiveSync Basic Windows Update BYOD (personal) devices E-mail access only Active Directory and/or Azure Active Directory Mobile Device Management Lightweight Windows Update/MDM Company-owned and BYOD devices Internet-facing or corporate network Active Directory Group Policy System Center Full Control WSUS Company-owned devices Corporate network © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows 10 Works with Existing Infrastructure 4/16/2017 Windows 10 Works with Existing Infrastructure Product Supports Windows 10 Management Supports Windows 10 Deployment System Center 2012 R2 Configuration Manager System Center 2012 Configuration Manager System Center Configuration Manager 2007 Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 Microsoft Deployment Toolkit 2013 Updates will be required. New OS features may require newer versions for full support. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Please evaluate this session 4/16/2017 3:59 PM Please evaluate this session Your feedback is important to us! Visit Myignite at http://myignite.microsoft.com or download and use the Ignite Mobile App with the QR code above. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4/16/2017 3:59 PM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.