Download presentation
Presentation is loading. Please wait.
Published byWidyawati Rachman Modified over 6 years ago
1
Access and Information Protection Product Overview October 2013
2
System Center Marketing
11/23/2018 Today’s challenges The explosion of devices is eroding the standards-based approach to corporate IT. Devices Users expect to be able to work in any location and have access to all their work resources. Users Deploying and managing applications across platforms is difficult. Apps Data Users need to be productive while maintaining compliance and reducing risk. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
3
System Center Marketing
11/23/2018 People-centric IT Users Devices Apps Data Enable users Allow users to work on the devices of their choice and provide consistent access to corporate resources. Hybrid Identity Deliver a unified application and device management on- premises and in the cloud. Protect your data Help protect corporate information and manage risk. Management. Access. Protection. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
4
System Center Marketing
11/23/2018 Enable users Challenges Solutions Users want to use the device of their choice and have access to both their personal and work-related applications, data, and resources. Users want an easy way to be able to access their corporate applications from anywhere. IT departments want to empower users to work this way, but they also need to control access to sensitive information and remain in compliance with regulatory policies. Users can register their devices, which makes them known to IT, who can then use device authentication as part of providing access to corporate resources. Users can enroll their devices, which provides them with the company portal for consistent access to applications and data, and to manage their devices. IT can publish access to corporate resources with conditional access based on the user’s identity, the device they are using, and their location. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
5
Helping IT to enable users
System Center Marketing 11/23/2018 Helping IT to enable users Users can enroll devices for access to the Company Portal for easy access to corporate applications IT can publish Desktop Virtualization (VDI) for access to centralized resources RD Gateway Session host VDI Users can work from anywhere on their device with access to their corporate resources. IT can publish access to resources with the Web Application Proxy based on device awareness and the users identity Web Application Proxy Web Apps Files LOB Apps Remote Access IT can provide seamless corporate access with DirectAccess and automatic VPN connections. Active Directory Users can register devices for single sign-on and access to corporate data with Workplace Join © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
6
Publish access to resources with the Web Application Proxy
System Center Marketing 11/23/2018 Publish access to resources with the Web Application Proxy AD Integrated Developers can leverage Windows Azure Mobile Services to integrate and enhance their apps Other cloud based apps and identity stores Mobile Services Published applications Restful OAuth apps Office Forms Based Access Claims & Kerberos web apps Use conditional access for granular control over how and where the application can be accessed Active Directory AD FS Devices Apps & Data Web Application Proxy Reverse proxy pass through e.g. NTLM & Basic based apps Users can access corporate applications and data wherever they are Active Directory provides the central repository of user identity as well as the device registration information Active Directory IT can use the Web Application Proxy to pre-authenticate users and devices with multi-factor authentication through integration with AD FS © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
7
System Center Marketing
11/23/2018 Make corporate data available to users with Work Folders Active Directory discoverability provides users Work Folders location IT can selectively wipe the corporate data from managed devices (Windows 8.1, Windows Phone 8, iOS, Android) IT can configure a File Server to provide Work Folder sync shares for each user to store data that syncs to their devices, including integration with Rights Management Active Directory Devices Apps & Data Reverse Proxy File Services Web Application Proxy AD FS Domain joined devices Users can sync their work data to their devices. Users can register their devices to be able to sync data when IT enforces conditional access IT can publish access directly through a reverse proxy (such as the Web Application Proxy, or conditional access can be enforced through integration with AD FS © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
8
Effective working with Remote Access
System Center Marketing 11/23/2018 Effective working with Remote Access An automatic VPN connection provides automated starting of the VPN when a user launches an application that requires access to corporate resources. Web Apps Session host LOB Apps Files VDI Cannot originate admin connection from intranet VPN Traditional VPNs are user- initiated and provide on- demand connectivity to corporate resources. Firewall Can originate admin connection from intranet With DirectAccess, a users PC is automatically connected whenever an Internet connection is present. DirectAccess Connection to intranet is always active © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9
System Center Marketing
11/23/2018 Hybrid Identity Challenges Solutions Providing users with a common identity when they are accessing resources that are located both on- premises in a corporate environment, and in cloud- based platforms. Managing multiple identities and keeping the information in sync across environments is a drain on IT resources. Users have a single sign-on experience when accessing all resources, regardless of location. Users and IT can leverage their common identity for access to external resources through federation. IT can consistently manage identities across on- premises and cloud-based identity domains. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
10
Active Directory for the cloud
11/23/2018 Active Directory for the cloud Leverage cloud platforms to run Windows Server Active Directory and Active Directory Federation Services to reduce infrastructure on-premises. Infrastructure Services Files LOB Apps Web Apps Developers can integrate applications for single sign-on across on-premises and cloud- based applications. Manage Active Directory using Windows PowerShell, use the improved deployment experience and leverage the Active Directory Administrative Center for centralized management Active Directory Activate clients running Office on at least Windows 8 or Windows Server automatically using existing Active Directory infrastructure. Run Active Directory at scale with support for virtualization and rapid deployment through domain controller cloning. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
11
Managing cloud identities
11/23/2018 Managing cloud identities 3rd party services Apps in Azure Developers can build applications that leverage the common identity model Active Directory Web Apps LOB Apps Files Users get access through accounts in Windows Azure Active Directory to Windows Azure, Office 365 and non-Microsoft applications DirSync Active Directory ADFS Users are more productive by having a single sign-on to all their resources IT can use Active Directory Federation Services to connect with Windows Azure for a consistent cloud based identity. IT can provide users with a common identity across on-premises or cloud- based services leveraging Windows Server Active Directory and Windows Azure Active Directory © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
12
Delivering a seamless user authentication experience
11/23/2018 Delivering a seamless user authentication experience Cloud Authentication Multi-Factor Authentication can be configured through Windows Azure Active Directory Active Directory DirSync with password hash sync User attributes are synchronized using DirSync including the password hash, Authentication is completed against Windows Azure Active Directory DirSync Federated Authentication with Single Sign-On Active Directory Active Directory AD FS User attributes are synchronized using DirSync, Authentication is passed back through federation and completed against Windows Server Active Directory AD FS provides conditional access to resources, Work Place Join for device registration and integrated Multi-Factor Authentication © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
13
Windows Server Management Marketing
11/23/2018 Windows Azure Active Directory More than a directory in the cloud Choose among hundreds of popular SaaS apps from a pre-populated application gallery. 3rd party services Sync identity with DirSync or provide SSO with AD FS Active Directory Active Directory Web Apps LOB Apps Multi-Factor Authentication Add multi-factor authentication for additional user identity verification Easily add custom cloud-based apps. Facilitate developers with identity management. Comprehensive identity and access management with a common identity across on-premises and in the cloud © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
14
System Center Marketing
11/23/2018 Protect your data √ Challenges Solutions As users bring their own devices in to use for work, they will also want to access sensitive information and have access to this information locally on the device. A significant amount of corporate data can only be found locally on user devices. IT needs to be able to secure, classify, and protect data based on the content it contains, not just where it resides, including maintaining regulatory compliance. Users can work on the device of their choice and be able to access all their resources, regardless of location or device. IT can enforce a set of central access and audit polices, and be able to protect sensitive information based on the content of the documents. IT can centrally audit and report on information access. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
15
Policy based access to corporate information
System Center Marketing 11/23/2018 Policy based access to corporate information IT can provide a secure and familiar solution for users to access sensitive corporate data from anywhere with VDI and RemoteApp technologies. Centralized Data Desktop Virtualization RD Gateway Distributed Data Devices LOB Apps Web Apps Session host Files VDI Users can access corporate data regardless of device or location with Work Folders for data sync and desktop virtualization for centralized applications. Access Policy IT can publish resources using the Web Application Proxy and create business-driven access policies with multi-factor authentication based on the content being accessed. IT can audit user access to information based on central audit policies. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
16
Protecting information with multi-factor authentication
System Center Marketing 11/23/2018 Protecting information with multi-factor authentication Multi-Factor Authentication 1. Users attempts to login or perform an action that is subject to MFA 2. When the user authenticates, the application or service performs a MFA call 3. The user must respond to the challenge, which can be configured as a txt, a phone call or using a mobile app 4. The response is returned to the app which then allows the user to proceed Application authentication e.g. Active Directory, Radius, LDAP, SQL, Custom apps ADFS 5. IT can configure the type and frequency of the MFA that the user must respond to User 16 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
17
Protect data with Dynamic Access Control
System Center Marketing 11/23/2018 Protect data with Dynamic Access Control File Services Active Directory Automatically identify and classify data based on content. Classification applies as files are created or modified. File classification, access policies and automated Rights Management works against client distributed data through Work Folders. Centrally manage access control and audit polices from Windows Server Active Directory. Integration with Active Directory Rights Management Services provides automated encryption of documents. Central access and audit policies can be applied across multiple file servers, with near real-time classification and processing of new and modified documents. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
18
Recap: Access and Information Protection
System Center Marketing 11/23/2018 Recap: Access and Information Protection √ Enable users Hybrid Identity Common identity to access resources on-premises and in the cloud Protect your data Centralize corporate information for compliance and data protection Policy-based access control to applications and data Simplified registration and enrollment for BYO devices Automatically connect to internal resources when needed Access to company resources is consistent across devices © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
19
For More Information System Center 2012 R2 Configuration Manager
us/evalcenter/hh aspx?wt.mc_id=TEC_105_1_33 Windows Intune buy Windows Server 2012 R2 server/windows-server-2012-r2.aspx information-protection.aspx management.aspx More Resources:
20
© 2013 Microsoft Corporation. All rights reserved
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.