sysctr track: unified device management: it’s all about the experience
DESCRIPTION
by Nico Sienaert This session we will give you a complete overview of the UDM vision that Microsoft has. This vision goes further than the traditional PC & Server Management as we know it today. Discover what building blocks you can use from the Microsoft stack and how you combine them to give the Unified Experience to your users. Do you want to attend a discussion on all these technology blocks like Workplace Join, Work Folders, MFA, RMS, Intune…? •Do you want to learn on how you make this to work? •Do you want to see them in action? •Do you want to know about the competition? •Do you want answers? Sit down and enjoy the UDM ride. It’s all about the ExperienceTRANSCRIPT
![Page 1: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/1.jpg)
Microsoft Unified Device ManagementIt’s all about the experience
Nico Sienaert (@nsienaert)Lead Infrastructure Consultant @ GetronicsV-Technology Solutions Professional @ Microsoft
![Page 2: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/2.jpg)
Session Objectives
![Page 3: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/3.jpg)
Let’s start the UDM ride
It’s all about the experience
![Page 4: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/4.jpg)
Today’s challenges
Devices Apps DataUsers
Identity & Access
Management
Mobile Device Management
Mobile Application
Management
Information Protection
![Page 5: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/5.jpg)
Abrreviations all over the place
![Page 6: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/6.jpg)
Mobile Device Management
Mac OS X
Linux \ Unix
Windows PCs
(x86/64, Intel SoC),
Windows to Go
Windows Embedded
Windows RT,
Windows Phone 8
iOS, Android
![Page 7: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/7.jpg)
Windows Intune Features
![Page 8: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/8.jpg)
Things to come
PC
Ma
na
ge
me
nt
fea
ture
s
MDM Features
June 2012
+Service Pack 1
Early 2013
� iOS & Android
� SW Publishing,
� EAS Integration
� Windows RT &
Window Phone 8
MDM
�Unified
Management
Oct 2011
� Software
deployment
April 2011� Cloud-based
management
� Windows 8
support
� Office 365
interoperability
Early 2013
� Enterprise
Scale
• Single License: Windows Intune + Configuration Manager
• Per User• Up to 5 devices/user
![Page 9: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/9.jpg)
Windows Phone Enterprise FP
![Page 10: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/10.jpg)
Demo: Intune
It’s all about the experience
![Page 11: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/11.jpg)
It’s not only about Intune
![Page 12: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/12.jpg)
Microsoft Remote Access
![Page 13: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/13.jpg)
Trigger VPN• Add-VpnConnectionTriggerApplication [-Name] <string> –ApplicationID <String[]> -PassThru
• Full support in ConfigMgr (via AppModel & VPN Profiles)
• Split Tunneling needs to be enabledset-vpnconnection –Name “VPNName” –Splittunneling $true
• Disconnects after 5 minutes inactivity (default)
• Currently no support for:• Domain Joined Machines• Android• iPhone (Q4)
![Page 14: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/14.jpg)
Demo: Trigger VPN
It’s all about the experience
![Page 15: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/15.jpg)
RDP App for iOS, Android and OSX
![Page 16: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/16.jpg)
Multi Factor AuthenticationAny two or more of the following factors for authentication:
![Page 17: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/17.jpg)
21
![Page 18: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/18.jpg)
Demo: Azure Multi Factor Authentication
It’s all about the experience
![Page 19: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/19.jpg)
MFA in action
![Page 20: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/20.jpg)
Workplace Join
IT can publish access to corporate resources with the Web Application Proxy based on device awareness and the user’s identity.; multi-factor
authentication can be used through Windows Azure Active
Authentication (formerly PhoneFactor)
Users can register BYO devices for single sign-on and access to corporate data with Workplace Join. As part of this, a certificate is installed on the device
Users can enroll devices that configure the device for management with Windows Intune; the user can then use the Company Portal for easy access to corporate applications
As part of the registration process, a new device object is created in Active Directory, establishing a link between the user and their device
Data from Windows Intune is in sync with Configuration Manager, which provides unified management across both on-premises and in the cloud
![Page 21: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/21.jpg)
Demo: Workplace Join
It’s all about the experience
![Page 22: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/22.jpg)
Work Folders
Data management
Quotas
File screens
Reporting
Classification
RMS protection
Device management policy
Limit access to registered devices
File encryption / selective wipe
Require password / device lock
AuthenticationKerberos (Windows Auth)Digest (Windows Auth)ADFS (OAuth)
https://workfolders.contoso.com
![Page 23: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/23.jpg)
Work Folders positioning
![Page 24: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/24.jpg)
Demo: Work Folders
It’s all about the experience
![Page 25: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/25.jpg)
Dynamic Access Control
Classification Access control Auditing
Rights Management Services protection
• Files inherit classification
tags from parent folder
• File owners tag files
manually
• Files are tagged
automatically
• Files are tagged by
applications
• Central access policies are
based on classification
• Access conditions for user
claims, device claims, and
file tags are based on
expressions
• Assistance is available for
denial of access
• Central audit policies can
be applied across multiple
file servers
• Audits for user claims,
device claims, and file tags
are based on expressions
• Audits can be staged to
simulate policy changes in
a real environment
• Automatic Rights
Management Services
(RMS) protection is
available for Microsoft
Office documents
• Protection is in near-real–
time when a file is tagged
• RMS protection extends to
files not created in
Microsoft Office
![Page 26: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/26.jpg)
Demo: Dynamic Access Control
It’s all about the experience
![Page 27: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/27.jpg)
Things to come
Or just arrived ☺
![Page 28: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/28.jpg)
Enterprise Mobility Suite
![Page 29: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/29.jpg)
Azure RMS Architecture
![Page 30: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/30.jpg)
Azure RMS Experience in Office
https://portal.aadrm.com/home/download
![Page 31: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/31.jpg)
Azure Remote App
31
RemoteApp Service
Pre-built template imageAutomatically maintained
Published Apps
Session Host …
Session Host
Session Host
Elastic Runtime
Persistent user data(50GB per user)
Microsoft Account
Azure Active Directory
On-premises Network
Windows Server Active Directory
DirSync
RDP
Identity Options
Authentication
On-premises Network
Azure VPN
Domain Joined
Subject to IT policy via GP, System Center, or other enterprise management tools
Standalone ModelHybrid Model
![Page 32: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/32.jpg)
Azure Active Directory Sync
![Page 33: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/33.jpg)
Abbreviations all over the place
![Page 34: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/34.jpg)
Microsoft’s UDM Building Blocks
![Page 35: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/35.jpg)
Recap
![Page 36: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/36.jpg)
And take home the Lumia 1320
Present your feedback form when you exit the last session & go for the drink
Give Me Feedback
![Page 37: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/37.jpg)
Follow Technet Belgium@technetbelux
Subscribe to the TechNet newsletteraka.ms/benews
Be the first to know
![Page 38: Sysctr Track: Unified Device Management: It’s all about the experience](https://reader031.vdocument.in/reader031/viewer/2022020306/5462d810af79599e2c8b4d1f/html5/thumbnails/38.jpg)
Belgiums’ biggest IT PRO Conference