Presentation is loading. Please wait.

Presentation is loading. Please wait.

PCIT-B314 BYOD and WS2012R2 Adam Hall

Similar presentations


Presentation on theme: "PCIT-B314 BYOD and WS2012R2 Adam Hall"— Presentation transcript:

1 PCIT-B314 BYOD and WS2012R2 Adam Hall
5/27/2019 PCIT-B314 BYOD and WS2012R2 Adam Hall Snr Product Manager (Hybrid Identity) © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 New world of working Windows Server 2012 R2

3 How People Spend their Time
5/27/2019 6:48 AM Family Working Sharing Finding Researching Socializing Waiting Leisure Collaborating Activities How People Spend their Time © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 How People Really Spend their Time
5/27/2019 6:48 AM Socializing Waiting Leisure Finding Sharing Family Collaborating Researching Working Moments How People Really Spend their Time © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Devices & Services that Help People Make the Most of any Moment
5/27/2019 6:48 AM Researching Socializing Waiting Leisure Finding Sharing Working Family Collaborating Devices & Services that Help People Make the Most of any Moment © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Embracing the consumerization of IT
Microsoft Azure System Center Embracing the consumerization of IT Windows-based devices that people love Security and management to support flexible workstyles Microsoft Azure Modern application development Best productivity experiences

7 Facing the challenges in keeping users productive while protecting company information

8 Devices Apps Data Users What we want Reality

9 Unify Enable Protect

10 Unify

11 A centralized and consistent corporate identity
5/27/2019 A centralized and consistent corporate identity HR System givenName surname employeeID Samantha Dearing 007 Identity Manager creates a compilation of these attributes with validation and keeps this in sync with all identity realms Active Directory Database givenName surname title employeeID telephone Samantha Dearing 007 Coordinator title Coordinator Active Directory Exchange LDAP telephone Identity attributes are often located in multiple repositories LDAP v3 PowerShell SQL (ODBC) Web Services (SOAP, JAVA, REST) © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Common Identity with Sync and Federation
5/27/2019 *Coming Soon Common Identity with Sync and Federation Synchronization Active Directory Active Directory Identity Sync with password hash sync User attributes are synchronized including the password hash, Authentication can be completed against either Azure or Windows Server Active Directory *Write back of attributes to support cloud first and co-existence Federation Active Directory Active Directory Identity Sync AD FS User attributes are synchronized, Authentication is passed back through federation and completed against Windows Server Active Directory AD FS provides conditional access to resources, Work Place Join for device registration and integrated Multi-Factor Authentication © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 *Direct to cloud identity sync
5/27/2019 *Coming Soon *Direct to cloud identity sync LDAP v3 Web Services (SOAP, JAVA, REST) Active Directory Active Directory Azure Active Directory Sync provides the ability to sync disparate on-premises identity repositories directly to Azure Active Directory PowerShell SQL (ODBC) © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 System Center Marketing
5/27/2019 Identity Federation Organizations can connect to SaaS applications running in Azure, Office 365 and 3rd party providers Enhancements to AD FS include simplified deployment and management SaaS Apps Active Directory Active Directory Web Application Proxy (includes AD FS Proxy) Active Directory Federation Services Published applications Restful OAuth apps Office Forms Based Access Claims & Kerberos web apps Resources in other businesses or identity realms Organizations can federate with partners and other organizations for seamless access to shared resources Active Directory Federation Services Conditional access with multi-factor authentication is provided on a per- application basis, leveraging user identity, device registration & network location © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Azure Active Directory
Windows Server Management Marketing 5/27/2019 Azure Active Directory Easily add custom cloud-based apps. Facilitate developers with identity management. Your Apps LDAP v3 PowerShell SQL (ODBC) Web Services (SOAP, JAVA, REST) SaaS Apps Sync identity or provide federated identity for single sign-on Active Directory Active Directory Choose among hundreds of popular SaaS apps from a pre-populated application gallery. Multi-Factor Authentication Add multi-factor authentication for additional user identity verification Comprehensive cloud based identity and access management combining directory services, identity governance, application access management and a developer’s identity management platform Administrators have access to security reporting that tracks inconsistent access patterns and view users who signed in from unknown sources © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Demo Common identity Adam Hall

17 Enable

18 System Center Marketing
5/27/2019 Helping IT to empower users Users can enroll devices for access to the Company Portal for easy access to corporate applications IT can publish Desktop Virtualization (VDI) for access to centralized resources RDS Gateway VDI Session host Users can work from anywhere on their device with access to their corporate resources. Web Application Proxy Web Apps IT can publish access to resources with the Web Application Proxy based on device awareness and the users identity Files LOB Apps Remote Access Active Directory IT can provide seamless corporate access with DirectAccess and automatic VPN connections. Users can register devices for single sign-on and access to corporate data with Workplace Join © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 System Center Marketing
5/27/2019 Registering and Enrolling Devices Users can enroll devices which configure the device for management with Windows Intune. The user can then use the Company Portal for easy access to corporate applications Data from Windows Intune is sync with Configuration Manager which provides unified management across both on-premises and in the cloud Microsoft Azure Multi-Factor Authentication Active Directory ADFS Users can register BYO devices for single sign-on and access to corporate data with Workplace Join. As part of this, a certificate is installed on the device Web Application Proxy As part of the registration process, a new device object is created in Active Directory, establishing a link between the user and their device IT can publish access to corporate resources with the Web Application Proxy based on device awareness and the users identity. Multi-factor authentication can be used through Azure Multi-Factor Authentication. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 System Center Marketing
5/27/2019 Publish access to resources with the Web Application Proxy AD Integrated Developers can leverage Azure Mobile Services to integrate and enhance their apps Other cloud based apps and identity stores Microsoft Azure Mobile Services Published applications Restful OAuth apps Office Forms Based Access Claims & Kerberos web apps Use conditional access for granular control over how and where the application can be accessed Microsoft Azure Active Directory ADFS Devices Apps & Data Web Application Proxy Reverse proxy pass through e.g. NTLM & Basic based apps Active Directory provides the central repository of user identity as well as the device registration information Users can access corporate applications and data wherever they are Active Directory IT can use the Web Application Proxy to authenticate users and devices with multi-factor authentication © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 System Center Marketing
5/27/2019 Make corporate data available to users with Work Folders Active Directory discoverability provides users Work Folders location IT can configure a File Server to provide Work Folder sync shares for each user to store data that syncs to their devices, including integration with Rights Management IT can selectively wipe the corporate data Active Directory Reverse Proxy Devices Apps & Data File Services Web Application Proxy Domain joined devices Access Policy Users can sync their work data to their devices. Users can register their devices to be able to sync data when IT enforces conditional access IT can publish access directly through a reverse proxy, or conditional access can be enforced via device registration through the Web Application Proxy © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Demo End user experiences
Adam Hall

23 Protect

24 Policy based access to corporate information
System Center Marketing 5/27/2019 Policy based access to corporate information IT can provide a secure and familiar solution for users to access sensitive corporate data from anywhere with VDI and RemoteApp technologies. Centralized Data Desktop Virtualization RDS Gateway Distributed Data Devices LOB Apps Web Apps Session host Files VDI Access Policy Users can access corporate data regardless of device or location with Work Folders for data sync and desktop virtualization for centralized applications. IT can publish resources using the web application proxy and create business- driven access policies with multi-factor authentication based on the content being accessed. IT can audit user access to information based on central audit policies. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Protecting information with multi-factor authentication
System Center Marketing 5/27/2019 Protecting information with multi-factor authentication Microsoft Azure Multi-Factor Authentication 1. Users attempts to login or perform an action that is subject to MFA 2. When the user authenticates, the application or service performs a MFA call 3. The user must respond to the challenge, which can be configured as a txt, a phone call or using a mobile app 4. The response is returned to the app which then allows the user to proceed Devices Apps & Data Application authentication e.g. Active Directory, Radius, LDAP, SQL, Custom apps ADFS User © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 Demo Data protection Adam Hall

27 Unify Enable Protect

28 Related content 5/27/2019 Session Title Timeslot FDN02
Enabling Enterprise Mobility with Windows Intune, Microsoft Azure, and Windows Server Monday, May 12 11:00 AM - 12:00 PM PCIT-B212 Design Considerations for BYOD Tuesday, May 13 10:15 AM - 11:30 AM PCIT-B213 Access Control in BYOD and Directory Integration in a Hybrid Identity Infrastructure Wednesday, May 14 3:15 PM - 4:30 PM PCIT-B310 Empowering Your Users and Protecting Your Corporate Data Monday, May 12 1:15 PM - 2:30 PM PCIT-B313 Hybrid Identity: Extending Active Directory to the Cloud Monday, May 12 4:45 PM - 6:00 PM PCIT-B314 Understanding Microsoft’s BYOD Strategy and an Introduction to New Capabilities in Windows Server 2012 R2 Tuesday, May 13 8:30 AM - 9:45 AM PCIT-B321 Deploying the New RMS for Cloud-Friendly and Cloud-Reluctant Customers Tuesday, May 13 5:00 PM - 6:15 PM PCIT-B322 Deploying and Managing Work Folders Wednesday, May 14 10:15 AM - 11:30 AM PCIT-B324 How to Rapidly Design and Deploy an Active Directory Federation Services Farm: The Do's and the Don'ts Wednesday, May 14 8:30 AM - 9:45 AM PCIT-B326 Providing SaaS Single Sign-on with Microsoft Azure Active Directory Thursday, May 15 10:15 AM - 11:30 AM PCIT-B327 Introducing Web Application Proxy in Windows Server 2012 R2: Enable Work from Anywhere PCIT-B328 Microsoft Identity Manager vNext Overview Wednesday, May 14 5:00 PM - 6:15 PM PCIT-B330 Active Directory + BYOD = Peace of Mind Thursday, May 15 8:30 AM - 9:45 AM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Track resources Web Links Hands on Labs (online) 5/27/2019
Hybrid Identity Access & Information Protection Windows Server 2012 R2 Azure Active Directory Identity Manager Hybrid Identity Whitepaper Hybrid Identity Datasheet Hands on Labs (online) Active Directory Deployment and Management Enhancements Enabling Secure Remote Users with RemoteApp, DirectAccess and DAC    Migrating Active Directory to Windows Server 2012 R2   Implementing a Basic PKI in Windows Server 2012 R2 Windows Server 2012 R2: New Features in AD FS Workplace Join Work Folders AD FS and Claims apps © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 Resources Learning TechNet msdn http://channel9.msdn.com/Events/TechEd
5/27/2019 Resources Sessions on Demand Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals msdn Resources for Developers © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Complete an evaluation and enter to win!
5/27/2019 Complete an evaluation and enter to win! © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 Evaluate this session Scan this QR code to evaluate this session.
5/27/2019 Evaluate this session Scan this QR code to evaluate this session. © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33 5/27/2019 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.


Download ppt "PCIT-B314 BYOD and WS2012R2 Adam Hall"

Similar presentations


Ads by Google