Download presentation
1
SCCM 2012 Features and Benefits
Or: How I learned to stop worrying and love Centralized Administration
2
System Centre Configuration Manager 2012
Unified Device Management User Centric Application Delivery Operating System Deployment Software Updates Integrated Endpoint Management Configuration Compliance Power Management Role Based Administration Software Metering, Asset Intelligence Other features
3
Evolution of Microsoft Client Management
2012 2011 2007 2003 1999 SMS 2.0 Proven, Secure, Tested In use at: Yale, Stanford, University of Toronto, McGill, Texas A&M, Carnegie Mellon, Johns Hopkins, Perdue, Berkeley and dozens of other Higher Ed institutions around the world. Also: Police forces, the military, Banks, Engineering firms. 1994 SMS 1.0 Client Management Infancy (NT Domain) Groups Model Laptops, Servers, Enterprise Scale Comprehensive Management Management from the Cloud Consumerization of IT
4
Unified Device Management
System Center Marketing 4/11/2017 Unified Device Management Windows PCs (x86/64, Intel SoC), Windows to Go Windows Embedded System Centre Configuration Manager 2012 R2 Mac OS X Linux Me Single Admin Console Mac Capabilities: Discovery – Discovers Mac OS X system in Active Directory and through network discovery Hardware Inventory – Provides hardware inventory and auditing of computers running Mac OS X, including a list of installed software similar to add/remove programs for Windows systems. Settings Management – Ensures computers running Mac OS X comply with company policies using scripts and preference list management. Application Deployment – Distributes required software via app model. Software Updates Management – Distributes patches utilizing Software Distribution and Settings management features. Linux Capabilities: Hardware Inventory Software Inventory (via Hardware Inventory) Software Distribution Endpoint Protection (Linux Systems) Unified Reporting Maintenance Windows Windows RT, Windows Phone 8 iOS, Android © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
5
TechReady12 4/11/2017 Mac Support Supported Releases: Mac OS X 10.6 (Snow Leopard), Mac OS X 10.7 (Lion), Mac OS X 10.8 (Mountain Lion) Discovery Discovers Mac OS X system in Active Directory and through network discovery Hardware/Software Inventory Provides hardware inventory and auditing of computers running Mac OS X, including a list of installed software similar to add/remove programs for Windows systems. Settings Management Ensures computers running Mac OS X comply with company policies, i.e. patches and installed software Application Deployment Distributes required software via app model. Software Updates Management Distributes patches utilizing Software Distribution and Settings management features. Mac Capabilities: Discovery – Discovers Mac OS X system in Active Directory and through network discovery Hardware Inventory – Provides hardware inventory and auditing of computers running Mac OS X, including a list of installed software similar to add/remove programs for Windows systems. Settings Management – Desired configuration management, check to see if patches are installed, or is software is installed and running Application Deployment – Distributes required software via app model using .cmmac package format via CMAppUtil packaging utility Software Updates Management – Distributes patches utilizing Software Distribution and Settings management features. © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
6
TechReady12 4/11/2017 Linux & UNIX Support Supported Platforms: AIX, HP-UX, Red Hat Enterprise, Solaris, SUSE Enterprise Hardware Inventory Software Inventory Software Deployment Consolidated reports Linux Capabilities: Hardware Inventory Software Inventory (via Hardware Inventory) Software Distribution Endpoint Protection (Linux Systems) Unified Reporting Maintenance Windows © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
7
User-centric Application Delivery Administrator
Deliver best user experience on each device Define application once Delivery Evaluation Criteria User Device type Network connection < > User/Device Relationships Primary Devices MSI App-V Non-primary Devices VDI Presentation Server Remote Desktop Windows Embedded
8
User-centric Application Delivery End User Self-service
Administrators publish software titles to catalog, complete with meta data to enable search Deliver best user experience on each device Admin Users can browse, select and install directly from Catalog Application model determines format and policies for delivery User
9
User Centric: End-User Experience
TechReady12 4/11/2017 User Centric: End-User Experience “The Right End-User Experience” Web based ‘Software catalog’ Easily search, install or request software User preferences to control ConfigMgr behaviors: “My business hours” – used to control when to install software Presentation mode – don’t notify when presenting Remote control settings – when allowed, end user can control their experience © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
10
User-centric Application Delivery New Application Model
General Information Application “Package” Administrator Properties End User Metadata Keep your apps organized and managed < > The “friendly” information for your users (appears in Catalog) Deployment Type Detection Method Install Command Requirement Rules Dependencies Supersedence App-V Is app installed? Windows Script Command line and options Windows Installer Can/cannot install app CAB Apps that must be present Application version control
11
User-centric Application Delivery cont.
TechReady12 4/11/2017 User-centric Application Delivery cont. Manage applications with built-in mechanisms; not scripts Application Management: Detection method – re-evaluated for presence: Required application – reinstall if missing Prohibited application – uninstall if detected Requirement rules – evaluated at install time to ensure the app only installs in places it can, and should Dependencies – relationships with other apps that are all evaluated prior to installing anything Supersedence – relationships with other apps that should be uninstalled prior to installing anything Update an app – Automatic revision management Dependencies: Detect if required applications are present, and optionally install if not detected Supersedence: either run the install command line, or run the uninstall first, then the install Revision: keeps a history of changes to an application and allows for reverting back to the older version © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
12
Client Settings Application Delivery End User Experience
DEMO Client Settings Application Delivery End User Experience Application Delivery End User Experience
13
Operating System Deployment
TechReady12 4/11/2017 Operating System Deployment No-Touch, Manual or Lite-Touch imaging Scheduled imaging for after-hours No more Sneaker-net On-the-fly software and updates deployment Deploy an image then update the software and/or OS Standing Advertisements Offline Servicing of Images Support for Component Based Servicing compatible updates Uses updates already approved Full support for Windows 8, 8.1, Server 2012, 2012 R2 Mac Capabilities: Discovery – Discovers Mac OS X system in Active Directory and through network discovery Hardware Inventory – Provides hardware inventory and auditing of computers running Mac OS X, including a list of installed software similar to add/remove programs for Windows systems. Settings Management – Ensures computers running Mac OS X comply with company policies using scripts and preference list management. Application Deployment – Distributes required software via app model. Software Updates Management – Distributes patches utilizing Software Distribution and Settings management features. Linux Capabilities: Hardware Inventory Software Inventory (via Hardware Inventory) Software Distribution Endpoint Protection (Linux Systems) Unified Reporting Maintenance Windows © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
14
Operating System Deployment
Multiple Deployment Method Support PXE initiated deployment allows client computers to request deployment over the network Multi-cast deployment to conserve network bandwidth Stand-alone media deployment for no network connectivity or low bandwidth Pre-staged media deployment allows you to deploy an operating system to a computer that is not fully provisioned USMT 4.0 UI integration makes it easier transfer files and user settings from one machine to another CAS Image Task Sequence Report WDS PXE Server Primary Site DP Role Primary Site MP Role
15
Security and Compliance Software Updates
TechReady12 4/11/2017 Security and Compliance Software Updates Auto Deployment Rules Use search criteria to identify class of updates to automatically deploy: category, products, language, date revised, article id, bulletin id, etc. Schedule content download and deployment based on sync schedule or define a separate schedule per rule Deploy updates individually or in groups Updates added to an update group automatically deploy to collections targeted with the group © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
16
Security and Compliance Software Updates
Microsoft Update Auto Deployment Faster deployment through search Schedule content download and deployment to avoid reboot during work hours State-based Updates Allows individual or group deployment Updates added to groups auto deploy to targeted collections Optimized for New Content Model Reduce replication and storage Expired updates and content deleted Identifies who needs updates and reports on compliance Downloads updates CAS Primary Site SUP Role/WSUS Primary Site DP Role Primary Site MP Role Distributes updates Assigns policy to scan for update status or to deploy update Reports compliance
17
Security and Compliance Endpoint Protection
TechEd Europe 2010 4/11/2017 Security and Compliance Endpoint Protection Unified Infrastructure Simplified server and client deployment Streamlined updates Consolidated reporting Comprehensive Protection Stack Behavior monitoring Antimalware Dynamic Translation Windows and Firewall Management © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
18
Security and Compliance Settings Management (Desired Configuration Management)
ConfigMgr MP Baseline ConfigMgr Agent Auto Remediate OR Create Alert (to Service Manager) Assignment to collections Baseline drift ! WMI XML Registry IIS MSI Script SQL Software Updates File Active Directory Baseline Configuration Items Improved functionality Pre-built industry standard baseline templates through IT GRC Solution Accelerator Copy settings Trigger console alerts Richer reporting Enhanced versioning and audit tracking Ability to specify versions to be used in baselines Audit tracking includes who changed what
19
Power Management Create and manage power management profiles
Enforce profiles based on usage statistics Different profiles “On Peak”, “Off Peak” Create reports showing usage data and power savings Users can “opt-out” (if we let them)
20
Power Management Week 1: Monitor Enable client management agent
Begin monitoring usage and activity Non-Peak & Peak Week 2: Plan Continue monitoring on usage and activity Begin to develop Power Plan VM awareness (new compared to 2007) Copy power policies (new compared to 2007) Mid-Month: Power Plan has been confirmed Week 3: Apply Power policy Begin applying Power Plan End user opt-out (new compared to 2007) Week 4: Compliance & Analyze Review before and after usage and activity Determine savings in Kwh and Co2 saved
21
Role Based Administration
Map the faculty roles to defined security roles Applications Manager OSD Manager Updates Manager Only “see” the computers and objects they can manage Reduces error, defines span of control for our environment John- IST Central System Administrator Louis-Software Update Manager for France Bob- US & France Security Admin Can see & update “France” desktops Cannot modify security settings on “France” desktops Cannot see “All Systems” or “U.S.” desktops Can see & modify security settings on “France” and “U.S.” desktops Cannot update “France” or “U.S.” desktops Cannot see “All Systems”
22
Asset Intelligence, Inventory, and Software Metering
4/11/2017 5:13 PM Asset Intelligence, Inventory, and Software Metering Track application usage Up to date, detailed inventory of both hardware and software Identify over or under licensing issues Real-time Application and Hardware Intelligence Asset Intelligence Service Software Metering & License Reports ConfigMgr Inventory Asset Intelligence Catalog 22 © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
23
Remote Control What's New in Remote Control
Ability to send Ctrl-Alt-Del keystroke to host device Granular client settings per collection Lock keyboard and Mouse Ability to create Firewall exception rule
24
Exchange Connector Integration
Easy configuration Simply enter exchange server/hosted URL and credentials Inventory Pulls data from Exchange Server Full and fast/delta synchronization Key info: user, deviceID, device type, last contact time Policy Parity with exchange: security, sync, device lockdown Define globally per Exchange Server Wipe Wipe a device from console action
25
Reduced Infrastructure Requirements
Central Administration Site Central primary site administration Reporting Primary Sites Client management and settings Delegated administration Secondary Sites Content routing Distribution points Central Administration Site Primary Site Primary Site Secondary Site Secondary Site
26
Our Infrastructure Primary Site Secondary Sites (As required)
Client management and settings Delegated administration Primary Site Secondary Sites (As required) Content routing Distribution points Client Computers Directly Assigned Report to Primary Site Secondary Site Client Computer
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.