Presentation is loading. Please wait.

Presentation is loading. Please wait.

Empowering people-centric IT Mobile Device Management Access and information protection Desktop Virtualization Hybrid Identity.

Published byWinfred Hunter Modified over 9 years ago

Similar presentations

Presentation on theme: "Empowering people-centric IT Mobile Device Management Access and information protection Desktop Virtualization Hybrid Identity."— Presentation transcript:

1

2

3 Empowering people-centric IT Mobile Device Management Access and information protection Desktop Virtualization Hybrid Identity

4

5 Apps Users Data Devices

6

7 Mobile Device Management Unify your environment On-premises and cloud-based management of devices within a single console. Simplified, user-centric application management across devices Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles Enable users Access to company resources consistently across devices Simplified registration and enrollment of devices Synchronized corporate data Protect your data Protect corporate information by selectively wiping apps and data from retired/lost devices A common identity for accessing resources on-premises and in the cloud Identify which mobile devices have been compromised √

8

9 IT can publish access to corporate resources with the Web Application Proxy based on device awareness and the user’s identity.; multi-factor authentication can be used through Windows Azure Active Authentication (formerly PhoneFactor) Users can register BYO devices for single sign-on and access to corporate data with Workplace Join. As part of this, a certificate is installed on the device Users can enroll devices that configure the device for management with Windows Intune; the user can then use the Company Portal for easy access to corporate applications As part of the registration process, a new device object is created in Active Directory, establishing a link between the user and their device Data from Windows Intune is in sync with Configuration Manager, which provides unified management across both on-premises and in the cloud

10

11

12 How to ensure successful enrollment: Admin must configure mobile device management in the ConfigMgr console Admin must enable enrollment for specific device types Admin must allocate an Intune license to the user and must enable Active Directory user discovery User must enroll one device at a time and have less than 20 mobile devices in the system Windows Phone 8 Only: WP8 code signing certificate must be configured properly iOS only: Apple Push Notification Service certificate is must be configured and not expired. iOS 5.0+ is required

13

14 * Windows and Windows Phone allow inventory of MDM provisioned apps only Global condition to differentiate app installs on corporate versus personal App Management Personal devices – Inventory of applications installed by ConfigMgr/Intune only Corporate devices – Complete inventory of all applications on the device* App inventory By default, user-enrolled devices are “Personal” Admin can specify corporate- owned devices Personal vs. Corporate Owned Devices

15

16

17 CategoryWin 8.1 PC & RTWP8.1 (New!)iOSAndroid VPN Wi-Fi Certificates Email Password Device restrictions Store access Browsers Content Rating Cloud Synch Encryption Security Roaming Windows Server Work Folders * Note: Table applicable to direct MDM and not EAS

18 Resource Access Configuration 18 Platforms Windows 8.1 Windows 8.1 RT iOS Android Windows Phone 8.1 (New!) Benefits End users get access to company resources with no manual steps for them Features* Configure VPN profiles Support for Windows 8.1 Automatic VPN Wi-Fi protocol and authentication settings Email account profiles Management and distribution of certificates

19 DNS name-based initiation support for Windows 8.1 and iOS Application ID based initiation support for Windows 8.1 Automatic VPN connection Support for VPN standards SSL VPNs from Cisco, Juniper, Check Point, Microsoft, Dell SonicWALL, F5 Subset of vendors have Windows VPN plug-in PPTP,L2TP, IKEv2

20 Manage and distribute certificates Deploy trusted root certificates Support for Simple Certificate Enrollment Protocol (SCEP) Manage Wi-Fi protocol and authentication settings Provision Wi-Fi networks that device can auto connect Specify certificate to be used for Wi-Fi connection

21

22 1.Install NDES role a)Install PKI client auth certificate 2.Add Certificate Registration Point site system role a)Specify root CA cert for client auth cert from 1a. b)Self-signed server auth cert is created 3.Install Policy Module on NDES a)Specify client auth cert from 1a. b)Specify server auth cert from 2b.

23

24

25 Manage Exchange ActiveSync accounts NEW in January ‘14 release! Configure account settings and security restrictions Enable certificate authentication Support for iOS and Windows Phone 8.1 Delivered as Configuration Manager Extension for Windows Intune

26 Admin is notified that an extension is available when console is launched Admin goes to Extensions for Intune in console, and enables the extension Extension is activated in ConfigMgr (Extension enables on all site system, then console updates are avail) Admin restarts console, and console is updated with the extension Admin uses feature delivered by the extension Admin may wish to disable the extension

27

28

29 Mobile Device Management Review Unify your environment On-premises and cloud-based management of devices within a single console. Simplified, user-centric application management across devices Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles Enable users Access to company resources consistently across devices Simplified registration and enrollment of devices Synchronized corporate data Protect your data Protect corporate information by selectively wiping apps and data from retired/lost devices A common identity for accessing resources on-premises and in the cloud Identify which mobile devices have been compromised √

30 Hybrid Identity Management Mobile Device Management Data Protection Group management & Self Service Password Reset Security audit reports & MultiFactor Authentication Connection between AD / Azure AD Information protection Connection to on-premises assets Mobile device settings management Mobile app management Selective wipe Enterprise Mobility Suite Enterprise Agreement Prices starting at $4 per user per month* * Limited time EA Level A promo pricing. Requires 250 seat minimum purchase and underlying CAL Suite license (CoreCAL/ECAL/BridgeCAL) EMS will enable customers with:

31 SessionTitleTimeslot FDN02Enabling Enterprise Mobility with Windows Intune, Microsoft Azure, and Windows ServerMonday, May 12 11:00 AM - 12:00 PM PCIT-B212Design Considerations for BYODTuesday, May 13 10:15 AM - 11:30 AM PCIT-B213Access Control in BYOD and Directory Integration in a Hybrid Identity InfrastructureWednesday, May 14 3:15 PM - 4:30 PM PCIT-B310Empowering Your Users and Protecting Your Corporate DataMonday, May 12 1:15 PM - 2:30 PM PCIT-B313Hybrid Identity: Extending Active Directory to the CloudMonday, May 12 4:45 PM - 6:00 PM PCIT-B314Understanding Microsoft’s BYOD Strategy and an Introduction to New Capabilities in Windows Server 2012 R2 Tuesday, May 13 8:30 AM - 9:45 AM PCIT-B321Deploying the New RMS for Cloud-Friendly and Cloud-Reluctant CustomersTuesday, May 13 5:00 PM - 6:15 PM PCIT-B322Deploying and Managing Work FoldersWednesday, May 14 10:15 AM - 11:30 AM PCIT-B324How to Rapidly Design and Deploy an Active Directory Federation Services Farm: The Do's and the Don'ts Wednesday, May 14 8:30 AM - 9:45 AM PCIT-B326Providing SaaS Single Sign-on with Microsoft Azure Active DirectoryThursday, May 15 10:15 AM - 11:30 AM PCIT-B327Introducing Web Application Proxy in Windows Server 2012 R2: Enable Work from Anywhere Wednesday, May 14 3:15 PM - 4:30 PM PCIT-B328Microsoft Identity Manager vNext OverviewWednesday, May 14 5:00 PM - 6:15 PM PCIT-B330Active Directory + BYOD = Peace of MindThursday, May 15 8:30 AM - 9:45 AM

32 CodeTitleTime FDN02Enabling Enterprise Mobility with Windows Intune, Microsoft Azure, and Windows ServerMon, May 12 11:00 AM PCIT-B311What's New in Enterprise Management with Microsoft System Center Configuration Manager and Windows IntuneMon, May 12 1:15 PM PCIT-B215What's New in Microsoft System Center 2012 R2 Configuration Manager InfrastructureMon, May 12 3:00 PM PCIT-B410Microsoft System Center 2012 Configuration Manager: MVP Experts PanelMon, May 12 4:45 PM PCIT-B216Infrastructure Deployment for Mobile Device Management with Microsoft System Center Configuration Manager and Windows Intune Tue, May 13 8:30 AM PCIT-B317Enrollment and Management of Mobile Devices with Microsoft System Center Configuration Manager and Windows IntuneTue, May 13 1:30 PM PCIT-B320Microsoft System Center Configuration Manager Community JewelsTue, May 13 5:00 PM PCIT-B323Application Management with Microsoft System Center Configuration Manager and Windows IntuneWed, May 14 8:30 AM PCIT-B325Protecting Your Corporate Data with Microsoft System Center Configuration Manager and Windows IntuneWed, May 14 10:15 AM PCIT-B340What’s New with OS Deployment in Configuration Manager and the Microsoft Deployment ToolkitWed May 14 5:00 PM PCIT-B336Managing Mac OS X Clients and Linux Servers Using Microsoft System Center Configuration ManagerThu May 15 8:30 AM PCIT-B339How Microsoft IT Manages Their Microsoft System Center Configuration Manager Application Lifecycle with Zero TouchThu, May 15 10:15 AM PCIT-B333How Microsoft IT Solves BYOD Using Microsoft System Center 2012 R2 Configuration Manager and Windows IntuneThu, May 15 1:00 PM

33 CodeTitleTime PCIT-IL200Introduction to Microsoft System Center 2012 R2 Configuration ManagerMon, May 12 3:00 PM Wed, May 14 5:00 PM PCIT-IL201Upgrading from Configuration Manager 2012 SP1 to Microsoft System Center 2012 R2 Configuration ManagerThu, May 15 10:15 AM PCIT-IL300Deploying Windows 8.1 to Bare Metal ClientsWed, May 14 1:30 PM Thu, May 15 1:00 PM PCIT-IL305Basic Software Distribution with Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 5:00 PM Wed, May 14 3:15 PM PCIT-IL306Implementing Endpoint Protection in Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 10:15 AM Thu, May 15 8:30 AM PCIT-IL307Managing Microsoft Software Updates in Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 1:30 PM Wed, May 14 8:30 AM PCIT-IL308Migrating from Configuration Manager 2007 to Microsoft System Center 2012 R2 Configuration ManagerWed, May 14 10:15 AM

34 CodeTitle PCIT-H302Deploying a Microsoft System Center 2012 R2 Configuration Manager Hierarchy PCIT-H303Deploying Microsoft System Center 2012 R2 Configuration Manager PCIT-H304Deploying Windows 8.1 to Bare Metal Clients PCIT-H309Implementing App-V 5.0 in Microsoft System Center 2012 R2 Configuration Manager PCIT-H310Implementing Endpoint Protection in Microsoft System Center 2012 R2 Configuration Manager PCIT-H311Implementing Linux Clients in Microsoft System Center 2012 R2 Configuration Manager PCIT-H312Implementing Role-Based Administration in Microsoft System Center 2012 R2 Configuration Manager PCIT-H314Managing Clients with Microsoft System Center 2012 R2 Configuration Manager PCIT-H315Managing Content in Microsoft System Center 2012 R2 Configuration Manager PCIT-H316Managing Software Updates in Microsoft System Center 2012 R2 Configuration Manager

35 www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

36

37

38

Download ppt "Empowering people-centric IT Mobile Device Management Access and information protection Desktop Virtualization Hybrid Identity."

Similar presentations

People Centric IT Unified Device Management with SCCM + Windows Intune

People Centric IT Unified Device Management with SCCM + Windows Intune
Identity Manager vNext

Identity Manager vNext
Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.

Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.
Managing and Securing Devices using Exchange, System Center, and Intune LAWRENCE NOVAK MICHAEL INDENCE DMVMUG Reston, VA

Managing and Securing Devices using Exchange, System Center, and Intune LAWRENCE NOVAK MICHAEL INDENCE DMVMUG Reston, VA
Meraki Mobile Device Management

Meraki Mobile Device Management
Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.

Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.
SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.

SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.
Microsoft Ignite /16/2017 3:59 PM

Microsoft Ignite /16/2017 3:59 PM
Management lifecycle summary Mobile Device Management with Windows Intune or 3 rd Party tools Simplified and flexible device enrollment, using.

Management lifecycle summary Mobile Device Management with Windows Intune or 3 rd Party tools Simplified and flexible device enrollment, using.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.

What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.
Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.

Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.

Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.
Overview of Azure Active Directory for app access Integration with third party SaaS apps User provisioning and federation.

Overview of Azure Active Directory for app access Integration with third party SaaS apps User provisioning and federation.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Primary Site User Discovery Network Share Enrollment Point Enrollment Proxy Point Microsoft CA Management Point Distribution Point Domain username.

Primary Site User Discovery Network Share Enrollment Point Enrollment Proxy Point Microsoft CA Management Point Distribution Point Domain username.

Similar presentations

Ads by Google