Helping Teams Collaborate for Higher Client and Staff
Satisfaction
Welcome
System Source & Mind Over Machines:
- Leaders in Baltimore IT since 1980s- System Source since 1981
- Mind over Machines since 1989
- Long-tenured, complementary relationship
System Source & Microsoft:• Microsoft Certified Partner…since 1980’s
• Silver – Learning Solutions
• Train 6,000 students/year
• Our Instructors rate 20% higher than Microsoft National Average Customer Satisfaction Scores.
• Silver – Infrastructure
• 1,000’s of Microsoft implementations
• Small Business to Enterprise
• Non-profit
• Education
System Source & Microsoft:• Microsoft Competencies
• Server Platform• Windows Server 2012 & 2016
• Management and Virtualization• Microsoft Cloud Solutions, Microsoft Private Cloud, Configuration Manager, Windows Server
• Messaging• Exchange Server, Exchange Online, Exchange Online Protection
• Hosting• Exchange Server, SQL Server, Microsoft Server
• Devices & Deployment• Windows 10, Office
• Small Business• Office 365, Windows 10
• Mid-Market Solutions Provider• Microsoft Cloud Solutions, Office 365, Windows Server 2012 & 2016, Windows 10
Agenda• What is Office 365?
• Office 365 Plans and Services
• Identity management
• Azure Active Directory Domain Services
What is Office 365
What is Office 365?• Office 365 is a SaaS solution and is one of several
cloud solutions offered by Microsoft.
• Your connectivity to, and your use of, Office 365 and other Microsoft cloud services are flexible.
o Subscribe to one service only or a suite of services (organization wide or per user)
o Subscription plans offer various levels of features
o Separate or integrate on-premises and cloud identities
o Integrate cloud services with on-premises services (Hybrid)
What is Office 365?
•SharePoint Online
•OneDrive
•Yammer
•Rich client
•Web client
•Apps
•Skype for Business
• IM
• Video chat/conf.
• Desktop sharing
•Exchange Online
•Archiving
•Encryption
•AV / SPAM
filtering
EmailReal-time
Communication
CollaborationOffice
Service Descriptions - https://technet.microsoft.com/en-us/office/dn788955.aspx
Other features:• Groups / Clutter• Document Conversations• Video Portal• Delve, Graph, Mix, Sway• MDM• MFA• And more...
Office 365 Trust Center
Clear messaging with plain English
Details for security experts
Links videos, whitepapers
http://trust.office365.com
Office 365 Plans
Office 365 Plans
• Business Plans – Up to 300 users
• Enterprise Plans
• Standalone Services
• Enterprise Mobility Suite
• Commercial pricing
• Non-Profit pricing
• Educational pricing
Enterprise
Enterprise
Enterprise
Enterprise
Enterprise
Business
Business
Standalone ServicesExample – Exchange Online
Standalone ServicesExample – Exchange Online
Enterprise Mobility Suite + Security
• Azure AD Premium
• Windows Intune
• Azure Information Protection
• Advanced Threat Analytics
• The P2 version of Azure Active Directory contains “new Identity Protection and Privileged Identity Management” capabilities. These new functions help protect against identity theft, and provide additional usage data on admin actions.
• The P2 Version of Azure Information Protection adds automatic classification to your feature list. This means documents can be automatically encrypted, rather than the only available “manual” encryption method in P1.
• Microsoft’s new Cloud App Security can help you discover the cloud apps in use in your network, and control access to those apps. (For instance, it will inform you of which 3rd party services an employee may be using without authorization).
Office 365 and EMS
Identities
Where are your Office 365 Identities?Microsoft Azure Active Directory
• Azure Active Directory (Azure AD) is Microsoft’s multi-tenant cloud based directory and identity management service.
• Azure AD also includes a full suite* of identity management capabilities including:
• Multi-factor authentication
• Device registration
• Self-service password management
• Self-service group management
• Privileged account management
• Role based access control
• Application usage monitoring
• Rich auditing and security monitoring and alerting.
* Subscription level (Free, Basic or Premium) determines features available
Active Directory
Azure
Active Directory
Azure AD Features Every paid subscription to Office 365 comes with a free subscription to Azure Active
Directory.
To activate this subscription and access the Azure management portal directly, you have to complete a one-time registration process.
You can use Azure AD to manage your apps and to create and manage user and group accounts independent of Office 365.
You can purchase Azure AD Basic and/or Premium directly or get the Premium edition as part of the Enterprise Mobility Suite.
Azure AD Features
Azure AD Features
Azure AD Features
Azure AD Features
Azure AD Features
Azure AD as the Central Directory
Identity Management with Office 365
Azure AD Connect
A free tool that can be installed on a domain controller
Cloud identity
Single identity in the cloud Suitable for small organizations with no integration to on-premises directories
Cloud identity with directory synchronization
Single identitysuitable for medium and large organizations without federation*
Identity Management with Office 365Cloud identity with directory synchronization
Single identitysuitable for medium and large organizations without federation*
Azure AD Connect Installation
Password Synchronization – Passwords are stored in Azure AD
Pass-through authentication – Passwords passed to on-premises AD for validation (no passwords in AAD)
ADFS – Will deploy ADFS servers
SSO – Browser login to Azure AD (works with password synchronization or pass-through authentication)
Directory Synchronization – SSO• A computer account named AZUREADSSOACCT is created in the on-
premises Active Directory and the Kerberos decryption key is shared securely with Azure AD.
• Two Kerberos service principal names (SPNs) are created to represent the cloud URLs that are used during authentication between the client and Azure AD.
• SSO Process – Browser login
• Azure AD challenges the client, via a 401 Unauthorized response, to provide a Kerberos ticket.
• The client requests a ticket from Active Directory for Azure AD.
• Active Directory locates the machine account and returns a Kerberos ticket to the client encrypted with the machine account's secret.
• The client sends the Kerberos ticket it acquired from Active Directory to Azure AD.
• Azure AD decrypts the Kerberos ticket.
Directory Synchronization Considerations• Install on a Windows 2008 R2 / 2012 R2 server• Configure OUs to synchronize• Optional – Configure attribute filtering
Directory Synchronization Considerations
• Microsoft requires an Exchange server on-premises to manage Exchange attributes
• Password synchronization requires password changes to occur in Active Directory (unless a Premium Azure AD license is purchased)
• Account management is done on-premises for most settings
Identity Management with Office 365
Cloud identity
Single identity in the cloud Suitable for small organizations with no integration to on-premises directories
Cloud identity with directory synchronization
Single identitysuitable for medium and large organizations without federation*
Federated identity
Single federated identity and credentials suitable for medium and large organizations
Federation
• Directory Federation redirects all authentication to the on-premises AD
• Fault tolerant designs are necessary because if your ADFS servers are unreachable, there will be no access to your Office 365 resources
• Federated domains can be unfederated if needed
Data Storage
Data Storage Locations
• SharePoint• Team sites for document storage and sharing
• OneDrive• Personal cloud storage
• Azure VMs• Using the PaaS / IaaS services of Azure
• SaaS Applications• SSO integration with 2000+ SaaS applications
SharePoint• Team Sites – Calendars, document
libraries, site/library/file level security, document versioning, workflows, blogs, videos, browser based apps and more.
• Purpose communications hub
OneDrive• Personal storage
• Documents can be shared
• Is based on SharePoint
OneDrive Management
Azure AD Domain Services• A standalone, managed domain,
independent of your on-premises AD.
• Resources located on VMs “joined” to the managed domain can be accessed with Azure AD accounts.• AAD accounts can be synchronized with AD
• Windows 10 systems joined to Azure AD are not a part of the managed domain
SSO with SaaS Apps• Prebuilt integration with over
2500 apps
• Can add custom apps
• Uses Azure AD as the central authentication directory
Summary
• Office 365 can be purchased in suites or as individual services. • Note – Your subscription can have a variety of licenses so available
services are tuned to user’s needs.
• Office 365 accounts are stored in Azure AD
• Azure AD has four levels of features: Free, Basic, P1 and P2.
Summary
• Accounts in Azure AD can be “cloud” accounts or synchronized with your on-premises AD.
• Directory synchronization can be configured for:• Password synchronization
• Pass-through authentication
• SSO
• Federation redirects authentication to your on-premises ADFS servers
Summary
• Data can be stored in SharePoint or OneDrive (Office 365), or in integrated SaaS applications, or on your VMs in the Azure platform
• Access to your VMs can be through a VPN or through Azure AD Domain Services
Questions?
Dustin Sitton
And they all wish they had come to Mind Over Machines first.
Since 1989, the business systems we’ve built, fixed, restored and upgraded
have turned around failing businesses, saved millions, opened new markets,
powered growth, and catapulted companies from obscurity to industry
dominance. APPLICATION DEVELOPMENT | CRM | BI/DATA | SHAREPOINT | IT ASSESSMENTS | HEALTHCARE IT
We’ve rescued so many
clients who came to us
with horror stories about
software consultants who
had let them down.
Skype for Business Collaboration Tools by Vaddio
Michael Koehler – System Source
Elevate the Huddle Room Experience
Pre Announce Product Training for Vaddio Partners
January 5, 2017
Pete Tao
Sr. Director, Product Management
56
Vaddio Designs, Develops and Manufactures Professional Audio Video Solutions
for Live Production, Lecture Capture and Collaboration Applications
A Milestone AV Technologies Brand
57
Camera Extensions
Maximum distance,
Maximum convenience.
AV Bridges
Bring USB to traditional AV
Room Environments.
USB Collaboration Solutions
Collaborate. Anywhere.
Vaddio offers a full range of products to tailor AV solutions
to your specific application and environment.
Controllers & Switchers
Powerful control and
automation, anywhere.
ProfessionalCameras
Enterprise-class cameras for any environment.
58
Vaddio’s USB Collaboration SolutionsConnecting USB to the Conference Room
AV Bridge™ Solutions EasyUSB™ Audio ClearSHOT 10 USB Cameras
AV Bridge
MATRIX PROAV Bridge
ConferenceClearSHOT 10 USB
Mixer/Amp MicPODs
AudioBRIDGE
PRO MIC I/O
Sound Bar
AV Bridge
Introducing
The Next Generation USB Conferencing System
Vaddio ConferenceSHOT™ AV
60
Huddle Room Small Conference Room Medium Conference Room
Simple Plug-n-Play. Versatile for Integrated AV Rooms.
ConferenceSHOT™ AVThe First Enterprise Class USB PTZ Camera
with Integrated Audio
61
Powerful• USB 3.0 Media device
• HD PTZ Camera with 10X Optical Zoom and 74°FOV
• Up to 2 high-fidelity microphones with independent AEC and gain control
• 10W Loudspeaker for full-bodied audio
Vaddio ConferenceSHOT™ AV
Simple• Single USB connection for access to all leading UC soft clients (Skype for
Business, WebEx, Google and others)
• Plug and play simplicity using standard drivers and no external software
• Easy installation and all cables included necessary for UC connectivity with
product bundles for various target applications
Enterprise Class• IP enabled with web services for remote management, monitoring and upgrades
• Simultaneous 1080p/60 video streaming via IP and USB
• Configuration versatility for turn-key deployment and/or AV integration
62
ConferenceSHOT ™ AV Innovation
ClearSHOT 10 USB• Enterprise-Class PTZ Camera
• IP Management/Monitoring
• USB3.0 Video Connectivity
EasyUSB Mixer/Amp• 2 EasyMIC MicPOD ports
• Speaker output
• USB2.0 Audio connectivity
EasyUSB Sound Bar• Matched speaker for
Mixer/Amp
+
EasyUSB MicPODs• Ceiling or Table
• Independent echo cancellation
and equalization
• Plug and play installation with
Cat5 cables
+ +
Powerful. Simple. Enterprise Class.
ClearSHOT 10 USB Performance
• 1080p/60 performance
• 10x optical Zoom, 74°FOV, PTZ
• IP connected: web-server control and H.264 video
streaming
Integrated Speaker (optional)
• Optimized for local room audio
• Integrated mount for easy
installation
• Standard AV connections for room
integration
Tabletop or Ceiling Microphones
• Up to 2 EasyMIC MicPODs
• Dynamic echo cancellation and
gain control
• Full room coverage with 360° per
microphone
• Can use 3rd-party mics with
EasyUSB Pro Mic I/O
USB 3.0 Plug and Play
• USB 3.0, Type B – cable
extension to conference table
• BYOD: Connect for room camera
and audio
• Plug and Play with major VCaaS
providers (UVC, UAC HID
supported)
Network Connected
• 10/100/1000 Ethernet
• PoE+ power
• Telnet, Rest API protocol
64
ConferenceSHOT™ AV Bundles
Huddle• $2495 MSRP
• ConferenceSHOT Speaker
• 1 Table MicPOD
Group• $2995 MSRP
• ConferenceSHOT Speaker
• 2 Table MicPODsIntegrator 1• $2795 MSRP
• ConferenceSHOT Speaker
• 1 Ceiling MicPOD
Integrator 2• $3295 MSRP
• ConferenceSHOT Speaker
• 2 Ceiling MicPODs
EasyMIC Table MicPOD
$549
EasyMIC Ceiling MicPOD
$595
HDMI Audio Inserter
$149
ConferenceSHOT Speaker
$395
Basic• $2195 MSRP
• Speaker: Monitor
• 1 Table MicPOD
$
Room Size / Complexity
ConferenceSHOT AV• $1995 MSRP
• Camera unit with integrated
audio
65
ConferenceSHOT ™ Product Family
Huddle• $2495 MSRP
• ConferenceSHOT Speaker
• 1 Table MicPOD
Group• $2995 MSRP
• ConferenceSHOT Speaker
• 2 Table MicPODsIntegrator 1• $2795 MSRP
• ConferenceSHOT Speaker
• 1 Ceiling MicPOD
Integrator 2• $3295 MSRP
• ConferenceSHOT
Speaker
• 2 Ceiling MicPODs
$
Room Size / Complexity
Basic• $2195 MSRP
• Speaker: Monitor
• 1 Table MicPOD
• $1795 MSRP
ConferenceSHOT 10
ConferenceSHOT AV
ConferenceSHOT AV
• $1995 MSRP
• Camera unit with
integrated audio
66
ConferenceSHOT™ Announce and Availability
• ConferenceSHOT AV is now available for order and shipping*
• ConferenceSHOT 10 new pricing is effective January 1, 2017
• Pricing, ordering and invoices are available when logged into
your account on www.milestone.com
• ConferenceSHOT AV will be announced January 17, 2017
*HDMI Injector shipping February 2017
Elevate the Huddle Room ExperienceVaddio ConferenceSHOT AV
67
Powerful
Vaddio ConferenceSHOT™ AV
Simple
Enterprise Class
Questions?
Thank You
ConferenceSHOT™ Recognized by Zoom
Evaluations & Door PrizesLearning Center Offer
Lunch
THANK YOU!