1 / 35

Windows 10 Management Updates: Meeting Evolving Business Needs

Explore the latest features in Windows 10 Management designed to address evolving business needs. Discover management choices, working with existing infrastructure, and advanced MDM support. Learn about Windows Update, Active Directory, Mobile Device Management, and more with this comprehensive guide.

daviesm
Download Presentation

Windows 10 Management Updates: Meeting Evolving Business Needs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. What's New in Windows 10 Management and the Windows Store Michael Niehaus Senior Product Manager mniehaus@microsoft.com BRK3330

  2. Windows offers the management features that businesses need.

  3. Business needs are evolving. Windows 10 offers management choices to meet those needs.

  4. Evolving Business Needs

  5. Management Choices Works with existing infrastructure Continued support for Group Policy and WMI Advanced MDM support Consistent across PC/phone 1st and 3rd party solutions

  6. Management Choices Organizations may mix and match, depending on their specific scenario

  7. Management Choices Basic Lightweight Full Control Exchange ActiveSync Active Directory and/orAzure Active Directory Mobile Device Management Active Directory Group Policy System Center Windows Update Windows Update/MDM WSUS BYOD (personal) devices E-mail access only Company-owned and BYOD devices Internet-facing or corporate network Company-owned devices Corporate network

  8. Windows Management Features Products System Center Configuration ManagerMicrosoft Desktop Optimization Pack (MDOP) Cloud Services Azure Active DirectoryAzure RMSMicrosoft IntuneWindows StoreWindows Update Windows Server Active DirectoryGroup PolicyWindows Server Update Services (WSUS) Windows Client Windows Management Instrumentation (WMI)Windows Remote Management (WinRM)Windows UpdateGroup Policy Client Mobile Device Management (MDM)PowerShellAppLocker

  9. Windows 10 Works with Existing Infrastructure Updates will be required. New OS features may require newer versions for full support.

  10. Mobile Device Management Significant investments in added functionality for both mobile and desktop devices Fully managed corporate device Device Lockdown BYOD: simple security settings Phone Desktop Phone Desktop

  11. MDM in Windows 10 ENROLLMENT • Unenrollment with alerts • Removal of Enterprise configuration (apps, certs, profiles, policies) and Enterprise encrypted data (with EDP) • Provisioning • Bulk enrollment • Simple bootstrap • Converged protocol • Azure AD Integration UNENROLLMENT INVENTORY One consistent set of MDM capabilities across Mobile, Desktop, and IoT • Full device wipe • Remote Lock, PIN reset, Ring, & Find • Enhanced inventory for compliance decisions REMOTE ASSISTANCE • Additional device inventory DEVICE CONFIGURATION AND SECURITY • Extended set of policiesClient certificate management • Enterprise Wi-Fi • VPN management • Email provisioning • MDM Push • Device Update control • Kiosk, Start screen, Start menu configuration and control • Curated Windows Store • Business Storeapp deployment; license reclaim • Enterprise App management • Simplified LOB app management • Win32 (MSI) app management • App inventory (LOB/store apps) • App allow/deny lists via Applocker • Enterprise data protection APPLICATION MANAGEMENT

  12. For More Information Janani Vasudevan Senior Program Manager, Microsoft Thursday, May 7 1:30 PM - 2:45 PM N426 Windows 10 Mobile Device Management (MDM) in Depth

  13. Identity Choices Active Directory provides key business identity and security capabilities Azure Active Directory takes this to the cloud Both work together Windows 10 fully leverages both

  14. Windows 10 Identity Choices Personally Owned (BYOD) Organization Owned Azure Active Directory • Computer joins AD to establish trust • User signs on using AD account • Group Policy + System Center • Computer joins Azure AD to establish trust • User signs on using Azure AD account • Intune/MDM • Settings roaming • Computer registers with AD or Azure AD via Device Registration to establish trust for remote resource access • User signs in with a Microsoft account, associates an Azure AD account • Intune/MDM Active Directory Single sign-on to enterprise + cloud-based services

  15. Azure Active Directory Single sign on Simple connection Self-service Windows Server Active Directory SaaS Other Directories Azure Username ••••••••••• Office 365 Intune On-premises Cloud Microsoft Azure Active Directory

  16. Demo Azure Active Directory

  17. For More Information Jairo Cadena Program Manager, Microsoft Friday, May 8 12:30pm - 1:45pm S103 Microsoft Azure Active Directory and Windows 10: Better Together for Work or School

  18. Device Management VisionA “single pane of glass” for managing all of your devices Windows PCs (x86/x64, Intel SOC), Windows To Go, Windows Embedded Organization-owned, on-premises Single admin console Windows PCs (x86/x64, Intel SOC) Windows mobile/phone devices Organization-owned or personally-owned (BYOD), internet-connected iOS / Android IT Administrator Intune

  19. Demo Deploying a line-of-business Windows app

  20. Group Policy New in Windows 10 New from Windows 7 New policies to support Windows 10 features: • Start screen and start menu management • “Project Spartan” settings • Next-Generation Credential PIN settings • Windows app management Capabilities from Windows 8.1: • Policy caching • IPv6 support for printers, VPN, targeting Capabilities from Windows 8: • Sign-in optimization for DirectAccess clients • Better use of larger registry policies (registry.pol) • Remote group policy refresh (GPUpdate) • More efficient background processing

  21. Microsoft Desktop Optimization Pack (MDOP) Full support for Windows 10 at general availability, with updates for: App-V UE-V MBAM DaRT AGPM

  22. An App Store That’s Open for Business Volume purchasing Flexible distribution License reclaim/re-use Your company store

  23. Windows 8.1 at a Glance “Company Portal” Windows Store • Modern apps • Sign in with MSA • Pay with credit card, gift card, PayPal, Alipay, INICIS, mobile operators (Phone) • MDM-driven • Sideload line-of-business modern apps • Link to apps in the Windows Store

  24. One Windows StoreConvergence WINDOWS 8.1 WINDOWS 10 WINDOWSPHONE 8.1 XBOX • Converged developer portal for Windows and Windows Phone • Separate user and developer capabilities • Fully converged experience • Best features from each • New capabilities

  25. Introducing the Business Store A web site for businesses, schools, or other organizations Free to use, easy to sign up Used by IT administrators, purchasers Provides key functionality for acquiring, using, and deploying apps in an organization Including line-of-business apps Complements the Windows Store and existing management solutions Flexible scenarios for any need

  26. Windows 10 at a Glance Windows Store Business Store “Company Portal” • Modern apps • Sign in with MSA • Pay with credit card, gift card, PayPal, Alipay, INICIS, mobile operators • Modern apps • Leverages Azure Active Directory for administration, some scenarios • Private organization store for the org’s preferred or LOB apps • Pay with credit card or PO/invoice • Deploy modern apps offline, in images, and more • Modern app license management • Sideload line-of-business modern apps • Deploy apps from the Windows Store (even when the Store UI is disabled) as well as uploaded LOB apps through Business Store integration using MDM

  27. Scenarios for any need • Flexible app deployment • Online, offline, or included in images • Through the store, via MDM, or using System Center • LOB apps can be kept private • Support for any organization • Teacher and classroom • Small businesses and other organizations • Large enterprises • Simplify via convergence • One store, one Dev Center, one Business Store • Universal apps across all device types • Reconciled sideloadingprocesses

  28. Working with Store AppsBusiness Store Scenarios Offline Online • All org users need Azure AD accounts • Installation files managed and deployed by the Windows Store • Licenses tracked by the Windows Store • Updates installed via Windows Update • Org users do not need Azure AD accounts • Installation files are downloaded and deployed using org’s infrastructure • No license tracking • Updates installed via Windows Update Private Store MDM / ConfigMgr(deep links) Direct Assignment Imaging MDM / ConfigMgr(sideload) Manual

  29. Demo Business Store

  30. For More Information Ford McKinstry Principal Program Manager Lead, Microsoft Tejas Patel Senior Program Manager, Microsoft Thursday, May 7 1:30pm - 2:45pm S503 Using the Business Store with Windows 10 Devices

  31. Key Investment Summary Business Store Allows orgs to acquire apps, manage licenses, download app files Pay using standard business methods, including purchase orders, invoices, and credit cards Private Store inside the Windows Store Fully curated list of apps from within the Windows Store Can include public apps as well as Line-of-Business apps Full management support Mobile device management (MDM) control (using services such as Intune) Control for agent-based management solutions (such as System Center Configuration Manager)

  32. Getting Ready for Windows 10 Set up Azure Active Directory Get current with System Center Configuration Manager and Windows Server Consider mobile device needs Think about scenario-based management Work with Windows apps

  33. Please evaluate this session Your feedback is important to us! VisitMyigniteathttp://myignite.microsoft.comor download and use the Ignite Mobile Appwith the QR code above.

More Related