Presentation is loading. Please wait.

Presentation is loading. Please wait.

News in ConfigMgr EWUG 1610.

Published byArron Flynn Modified over 7 years ago

Similar presentations

Presentation on theme: "News in ConfigMgr EWUG 1610."— Presentation transcript:

1 News in ConfigMgr EWUG 1610

2 Per Larsen Microsoft MVP – Enterprise Mobility
Solution Architect | | m: | f: Co-Organizer - Everything Windows User Group Denmark | Microsoft Partner Technology Solutions Professional (P-TSP) in: | Blog: P

3 News in Config Manager Config Manager as a Service Optimized on Azure
Windows Store for Business Windows Defender Advanced Threat Protection Health Attestation Windows Upgrade Analytics Operations Management Suite (OMS)

4 1511 Deploy, upgrade, and manage Windows 10, including new features Manage Windows as a Service Servicing model for ConfigMgr Current Branch Combined end-user portal 1602 Client online status Support for SQL Server Always On Windows 10 Device Health Attestation reporting Office 365 update management Conditional Access support for PC management 1606 Windows Anniversary Edition support Windows Information Protection Windows Defender Advanced Threat Protection Windows Store for Business integration Windows Hello for Business Content status links in admin console End user portal improvements

5 20,533 total tenants

6 40,497,142 million total clients

7 1511 Deploy, upgrade, and manage Windows 10, including new features Manage Windows as a Service Servicing model for ConfigMgr Current Branch Combined end-user portal 1602 Client online status Support for SQL Server Always On Windows 10 Device Health Attestation reporting Office 365 update management Conditional Access support for PC management 1606 Windows Anniversary Edition support Windows Information Protection Windows Defender Advanced Threat Protection Windows Store for Business integration Windows Hello for Business Content status links in admin console End user portal improvements

8 20,533 total tenants

9 40,497,142 million total clients

10 Configuration Manager
Branch Availability Windows 10 features supported Support Windows Servicing Model supported Current Branch Generally available on 12/8/2015 with updates released periodically throughout the year New features, security updates, and bug fixes Can defer updates for up to 12 months before you must deploy updates to maintain support Windows 10 Current Branch, Current Branch for Business, and Long Term Servicing Branch CB (1602) CB (1606) Fall 2015 2016 Current branch (version 1511) CB (1602) CB (1606) Fall 2015 2016 Long-Term Servicing Branch (LTSB) Generally available on 10/12/ No new features and support for new OS releases. Security fixes only. Only the Windows 10 mgmt. features released up to ConfigMgr version No new Windows features will be supported in the future. 10-year fixed support; different from traditional 5+5. Only up to Windows Server and Windows 10 LTSB (1607). CB/CBB is not supported. New OS releases won’t be supported. Periodic updates every few months CB (1610) CB (17xx) CB (17xx) Reduced features; Ad-hoc security updates only LTSB (1606) LTSB (1606) 2017 2017

11 Is this “Configuration Manager 2016” ?
No. The Configuration Manager release included with System Center 2016 should not be considered as “System Center 2016 Configuration Manager”. The included release is a baseline version of 1606 with two installation options: Configuration Manager (current branch - version 1606) (default) Configuration Manager (LTSB – version 1606)

12 What is removed from LTSB?
Support for the future releases of Windows 10 LTSB and Windows Server Support for Windows 10 CB/CBB The ability to add a Microsoft Intune Subscription, which prevents the use of Hybrid MDM On-premise MDM Windows 10 Servicing Dashboard and Servicing Plans  Asset Intelligence Cloud-based Distribution Point Support for Exchange Online as an Exchange Connector Any pre-release features available in ConfigMgr (current branch)  

13 Optimized on Azure

14 Microsoft Azure Office 365 Windows Upgrade Analytics Windows as a Service Microsoft Intune Windows Store for Business Windows Update for Business Windows Defender Advanced Threat Protection Health Attestation Configuration Manager Operations Management Suite (OMS) Azure Active Directory Microsoft Cloud Services

15 Cloud-based management service
Manage traditional clients that roam on the Internet Without additional infrastructure Without exposing infrastructure to the Internet Easily configured through the Configuration Manager console Key features continue to work on the device when not on the corporate network Settings Software updates Applications Hardware and software inventory Endpoint protection

16 Cloud-based management service architecture
Windows Update Cloud-based management service architecture Firewall DMZ HTTPS Mutual SSL MP AD CA SSL Cert Azure Root Cert Site Server Proxy Connector Point HTTPS Mutual SSL DP SSL Cert HTTPS Root Cert Proxy Service Cloud DP SSL Cert Client Cert Root Cert Root Cert HTTPS Mutual SSL SU P HTTPS Mutual SSL SSL Cert Root Cert Client Cert Root Cert

17 Windows Services Windows Store for Business
Windows Defender Advanced Threat Protection Health Attestation Windows Upgrade Analytics Windows as a Service Windows Update for Business OMS

18 Windows Store for Business
Find, acquire, manage, and distribute apps on Windows 10

19 Windows Store for Business
One place for you To find, acquire, manage, and distribute apps on Windows 10 Designed for organizations Curated for business or for education Apps owned and managed by your organization Volume acquisition and distribution Acquire Store apps and Line-of-Business apps Flexible deployment to meet your needs Easy and familiar for your users Simple discovery and installation of apps Automatic app updates by default

20 App distribution options
Assign app licenses directly to users Option 2 Use a private store page Option 3 Integrate with management tools For organizations and departments that do not want to use app management tools Simple invitation model targeting specific users Users receive an or can go to My Library in Windows Store to install and launch organizational apps Provides users flexibility to choose organization apps to install Admin chooses apps to appear in company tab in the Windows Store; users self-discover For organizations that want to leverage existing app management tools Supports complex management options including dynamic groups, update management, push installation, etc. Users can find and use Windows Store for Business apps pushed to their device(s) or on a company-approved portal

21 MS Story 2/19/2018 1:41 AM Application Distribution via System Center Configuration Manager (CM) and/or Intune Organizational apps acquired Inventory synchronized Policies and distribution Deployed to users Windows Store for Business System Center Configuration Manager and/or Intune Windows 10 Organizations acquire apps in Windows Store for Business Includes internal line-of- business and public Store free and paid apps Paid apps are purchased in bulk during acquisition System Center Configuration Manager and/or Intune connects with Windows Store for Business APIs Apps, metadata and licensing information is synchronized Administrator defines necessary policies and distributions Distribution is performed Apps get deployed to Windows 10 users and policies enforced App updates can happen from the Store or managed with Management Tools © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22

23 Windows Defender Advanced Threat Protection

24 ADVANCED THREAT PROTECTION
WINDOWS DEFENDER ADVANCED THREAT PROTECTION DETECT, INVESTIGATE AND RESPOND TO TARGETED ATTACKS Built in to Windows, cloud powered Behavior-based, breach detection Rich timeline for investigation Unique threat intelligence knowledge base © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION

25 Adding a post-breach mindset to the Windows 10 defense stack
2/19/2018 Adding a post-breach mindset to the Windows 10 defense stack PRE-BREACH POST-BREACH Device protection Device Health attestation  Device Guard Device Control Security policies Device protection Device Health Attestation  Threat resistance SmartScreen AppLocker Device Guard Windows Defender Network/Firewall Identity protection Built-in 2FA Account lockdown Credential Guard Microsoft Passport Windows Hello :) Built-in 2FA Account lockdown Credential Guard Microsoft Passport Windows Hello ;) Identity protection Device protection / Drive encryption Windows Information Protection Conditional access Information protection Information protection Device protection / Drive encryption Enterprise Data Protection Conditional access Threat resistance SmartScreen AppLocker Device Guard Windows Defender Network/Firewall Windows Defender ATP Breach detection investigation & response Breach detection investigation and response Windows Defender Advanced Threat Protection (ATP) © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION

26

27

28 Health Attestation

29 Device Health Attestation
Builds upon existing Windows security technologies: Secure Boot, Measured Boot Early Launch Anti-Malware, TPM Attestation Boot Loaders TPM UEFI Secure Boot Platform Configuration Registers (PCRs) EK Cert OS Loader TPM Boot Log AIK Cert Windows kernel and boot drivers Early launch anti-malware Enables administrators to monitor remotely and make security decisions based on TPM-protected, tamper-resistant, and tamper-evident data

30 TODAY HEALTH IS ASSUMED
2/19/2018 Unknown PC health Important resources OneDrive File servers Network TODAY HEALTH IS ASSUMED 1 Authenticated access request 2 You’re in © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Device Health Attestation enables:
2/19/2018 Device Health Attestation enables: Windows Cloud Attestation and Intune ConfigMgr and Intune TO GATE ACCESS BASED ON DEVICE INTEGRITY AND HEALTH Attestation request 3 Attestation response 4 Important resources OneDrive File servers Network 1 Authenticated access request 2 Prove you are healthy 5 Here is the proof © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 45

33

34 Windows Upgrade Analytics

35 Windows Upgrade Analytics
MS Story 2/19/2018 1:41 AM Windows Upgrade Analytics Allows the enterprise IT to quickly identify and focus on the critical issues impeding upgrades; provides data driven insights to plan and manage the upgrade process end to end Workflow visualization from pilot to deployment Powerful upgrade readiness insights and recommendations about the computers, applications and drivers Risk based approach to app rationalization Microsoft guidance on app and driver compatibility issues Sign up via © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

36 Windows Upgrade Analytics and ConfigMgr

37 Windows as a Service Manage your Windows servicing updates through a dedicated console Sync and distribute update content using peer caching to reduce bandwidth impact

38

39 Operations Management Suite (OMS)
Microsoft Ignite 2016 2/19/2018 1:41 AM Operations Management Suite (OMS) © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

40 Operations Management Suite (OMS)
Synch Collections from ConfigMgr into OMS to replicate ConfiMgr grouping into your OMS environment

41 Thank you

Download ppt "News in ConfigMgr EWUG 1610."

Similar presentations

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
Service Pack 2 System Center Configuration Manager 2007.

Service Pack 2 System Center Configuration Manager 2007.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
Boris Ulík Technology Solutions Professional Microsoft Slovakia Microsoft ® System Center 2012: System Center Endpoint Protection 2012.

Boris Ulík Technology Solutions Professional Microsoft Slovakia Microsoft ® System Center 2012: System Center Endpoint Protection 2012.
Microsoft Virtual Academy

Microsoft Virtual Academy
The time to address enterprise mobility is now

The time to address enterprise mobility is now
Deployment Planning Services

Deployment Planning Services
Deployment Planning Services

Deployment Planning Services
Microsoft Ignite 2016 5/5/2018 3:54 PM BRK3012

Microsoft Ignite /5/2018 3:54 PM BRK3012
Now, let’s implement/trial Windows Defender Advanced Threat Protection

Now, let’s implement/trial Windows Defender Advanced Threat Protection
Deployment Planning Services

Deployment Planning Services
Journey to Microsoft Secure Cloud

Journey to Microsoft Secure Cloud
O365 & AZURE ADDS Mladen Baranek, Miadria

O365 & AZURE ADDS Mladen Baranek, Miadria
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Deployment Planning Services

Deployment Planning Services
SaaS Application Deep Dive

SaaS Application Deep Dive
6/17/2018 5:54 AM OSP322 Getting the best of both worlds, making the most of SharePoint hybrid search solutions Shyam Narayan Microsoft © 2013 Microsoft.

6/17/2018 5:54 AM OSP322 Getting the best of both worlds, making the most of SharePoint hybrid search solutions Shyam Narayan Microsoft © 2013 Microsoft.
Windows 10 and the cloud: Why the future needs hybrid solutions

Windows 10 and the cloud: Why the future needs hybrid solutions
6/25/2018 11:13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.

6/25/ :13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.
Microsoft Virtual Academy

Microsoft Virtual Academy

Similar presentations

Ads by Google