vNext Mobile Device Management Jeffrey Sutherland Principal Lead Program Manager Microsoft Corporation SESSION CODE MGT305 Required Slide Session Objectives and Takeaways Session Objectives ID: 604672
Download Presentation The PPT/PDF document "Microsoft System Center Configuration Ma..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Microsoft System Center Configuration Manager v.Next: Mobile Device Management
Jeffrey SutherlandPrincipal Lead Program ManagerMicrosoft Corporation
SESSION CODE: MGT305
Required SlideSlide2
Session Objectives and Takeaways
Session Objective(s): Understand how mobile device management fits within ConfigMgr
v.NextUnderstand the core features of mobile device management in ConfigMgr v.NextDemonstrate the key mobile device management scenariosKey Takeaways
Mobile device management is becoming a critical part of systems management
ConfigMgr
v.Next
is making significant investments in mobile device management
“Single pane of glass” administration of all device types and form factors
Reaching beyond Microsoft platformsSlide3
Configuration Manager
v.Next
User Centric Client Management
Simplifies and consolidates
the IT infrastructure to provide a new operational cost model
Integrates mobile device management to deliver unified client management
Unified and partitioned view for administrators reduces training costs
Users can connect from anywhere, on any device they
choose
Enables IT to provide a flexible work environment and always think user first
Automatically detects system conditions and configurations to deliver the most appropriate services
EMPOWER
UNIFY
Simplifies compliance remediation
Allow remote access of managed machine
Simplifies and automates software update management
CONTROLSlide4
Why Mobile Device Management?
Smartphones continue to become more important as
a
business tool
For mobile devices, trend is away from platform conformance
Our customers are telling us that a “single pane of glass”
is
important
Consumer purchased, but used for
businessSlide5
MDM 2008 SP1
Windows Phone 6.1
+ devices only
Mobile
VPN access
Rich device management functionality (settings
, remote wipe, over-the-air enrollment…)
ConfigMgr
2007
WinCE 4.2+ and Windows Phone PPC2003
+
Basic
device management
functionality (settings; software deployment)
Single
console for
managing desktops, servers, mobile
... Microsoft Mobile Device ManagementConfigMgr
2007 R3
Single “pane of glass” for managing desktop, servers, mobile... Secure over-the-air enrollment
Deploy applications and configuration policies to users or devicesMonitor and remediate non-compliant devicesSupports WinCE 6.0, WM 6.0/6.1 and WP 6.5 devicesIntroduces support for non-MS mobile platforms
ConfigMgr
v.Next
- Today
-
v.NextSlide6
Mobile Device Management in v.Next
Extend and align mobile device managementIntegration of System Center Mobile Device Manager and ConfigMgr 2007 featuresCommon administration for mobile and non-mobile devices
Introduction of support for additional mobile device platformsEnable user-centric mobile device managementDeploy applications and configuration policies to users or devicesEnable secure, compliant mobile devicesSecure over-the-air enrollment
Monitor and remediate out-of-compliance devices
Application allow/deny and configuration policiesSlide7
Features by Platform
Feature
WM
6.0, CE 6.0
WM 6.1, WP
6.5.x
Nokia Symbian
Other Platforms
Over-the-air
Enrollment
Inventory
Settings Management
Software Distribution
Remote Wipe
More to Come…
Beta 1Slide8
Device Management Topology
Key Server Roles for DMEnrollment Web Proxy PointEnrollment Service Point
Software Catalog roles (optional)Management Point (Device Management enabled)Distribution Point Native mode site required for Mobile Devices (Beta 1)Site can only serve mobile devices in Beta 1Can report to mixed mode Central Administration Site
Beta 2/RTM plans still in planning
Microsoft enterprise CASlide9
Mobile Device Enrollment
Establishes mutual trust between the device and the management server
Windows Phone 6.5.x and WM 6.1 enrolled and provisioned securely over-the-air
Admin (or end user) registers new mobile device and receives
one-time
PIN from Site Server
Admin sends PIN and enrollment instructions to user
User enrolls via Domain Enroll utility on mobile device
WinCE
6.0
and WM
6.0
enrollment performed as in ConfigMgr 2007Slide10
Utility is in-ROM in WM 6.1 and WP 6.5.x
User runs the “Enterprise Activation” wizard on the
device and enters email address and one-time activation PIN
User email address used to auto-discover host
MobileEnroll.domain.com
If host not found, user is prompted for the FQDN of the Enrollment Server
SSL session established with Enrollment
Server
Enrollment On-Device
ExperienceSlide11
v.Next DM Architecture – Enrollment
Primary Site
New Mobile Device for Melissa
Computer Account
Active
Directory
PIN
Public DNS
FQDN
Discovery
Enrollment Service Point
Enrollment Web Proxy
DMZ
Microsoft
CA
Management Point
Distribution Point
User ID & PIN
User ID & PIN
User ID & PIN
Cert request
Cert
request
Cert request
Get Policy
Hi Melissa. Here’s your enrollment PIN.Slide12
v.Next DM Architecture – Enrollment
Primary Site
Computer Account
Active
Directory
Public DNS
FQDN Discovery
Enrollment Service Point
Enrollment Web Proxy
DMZ
Microsoft CA
Management Point
Distribution Point
User ID & PIN
User ID & PIN
User ID & PIN
Cert request
Cert
request
Cert request
Get Policy
Software Catalog Web Site Point
Software Catalog Web Service Point
New Mobile Device
New Mobile Device
New Mobile Device
PIN
PIN
PINSlide13
Enrollment and InventoryJeffrey Sutherland
Principal Lead Program ManagerMicrosoft Corporation
DEMOSlide14
Device Settings Management
Fully integrated experience with non-Mobile settings managementSupports monitoring and enforcement Standard Settings Groups with simplified UI
Supports admin-defined settings via mobile registry or OMA-URIEvaluation is done on the server and remediate commands sent to clientSlide15
v.Next DM Architecture - Settings
Primary Site
Active
Directory
Public DNS
Enrollment Service Point
Enrollment Web Proxy
DMZ
Microsoft CA
Management Point
Distribution Point
Get policy
Assign
Baseline
Get policy
Baseline
Get current configuration
Assess Compliance
Apply settings
Generate remediation commands
Report compliance
Report complianceSlide16
Settings ManagementJeffrey Sutherland
Principal Lead Program ManagerMicrosoft Corporation
DEMOSlide17
New Features for Software Distribution v.Next
Application ModelIncorporates all supported software types (MSI, Script, App-V, Mobile CAB)
Greatly improved dependency handlingInstallation requirement rulesUser Device AffinityUnified deployment processUnified monitoring experience
End user experience
Software Catalog
Software Center
Content management
State based distribution point groups
Single instance content storeSlide18
Get content
v.Next DM Architecture
–
Software Distribution
Primary Site
DMZ
Management Point
Distribution Point
Get policy
New Application
Get policy
Distribute content to DPs
MSI
Windows
Phone
Deploy Application
Report install status
Report install status
Install AppSlide19
Software DistributionJeffrey Sutherland
Principal Lead Program ManagerMicrosoft Corporation
DEMOSlide20
Summary
Reviewed why mobile device management is important and how it fits within ConfigMgr v.NextReviewed the scenarios and features for mobile device management in
ConfigMgr v.NextIllustrated how the tasks you do today for non-mobile will be fully integrated when you add mobile device supportSlide21
Related Sessions this week:
Hands on Labs
MGT21-HOL | Introduction to Microsoft System Center Configuration Manager
v.Next
MGT01-HOL
| Advanced Software Distribution in Microsoft System Center Configuration Manager
v.Next
MGT05-HOL | Basic Software Distribution in Microsoft System Center Configuration Manager
v.NextMGT06-HOL | Deploying a Microsoft System Center Configuration Manager v.Next HierarchyMGT07-HOL | Deploying Microsoft System Center Configuration Manager
v.NextMGT08-HOL | Deploying Microsoft System Center Configuration Manager v.Next Device
ManagementMGT10-HOL | Deploying Windows 7 with Microsoft System Center Configuration Manager 2007MGT11-HOL | Generating Asset Intelligence Data with Microsoft System Center Configuration Manager 2007MGT15-HOL | Implementing Microsoft System Center Configuration Manager v.Next Role-Based Access ControlMGT16-HOL | Implementing Desired Configuration Management in Microsoft System Center Configuration Manager v.NextMGT18-HOL | Implementing Software Updates in Microsoft System Center Configuration Manager v.NextMGT23-HOL | Maintaining Healthy Clients in Microsoft System Center Configuration Manager
v.NextMGT24-HOL | Migrating from Microsoft System Center Configuration Manager 2007 to Configuration Manager v.NextSlide22
Related Sessions this week:
Interactive Sessions and Booth
Booth – Come talk to the experts…….
TLC-24
Microsoft
System Center Configuration ManagerSlide23
Related Resources
Blogs
System
Center Nexus Team Blog
–
link
OS Deployment Team blog -
link
Configuration Manager Product Team Blog – linkTwitter #
sysctrConfiguration Manager v.Next Beta 1 -
LinkConfiguration Manager R3 beta downloadConfiguration Manager SP2 downloadConfigMgr Product Homepage – linkConfiguration Manager TechNet Documentation Library- linkWindows MDOP Product Pages –
linkWindows Server 2008 R2 Branch Cache overview – linkBranch Cache ConfigMgr Deployment Guidance – linkSlide24
Management Track Resources
Don’t forget to visit the Management TLC area (Red Section) to see product demos and speak with experts about the System Center solutionsYou can also find the latest information about the System Center products at the following links
System Center Site – http://www.microsoft.com/systemcenter/ System Center Community –http://www.microsoft.com/systemcenter/en/us/community.aspx TechNet Home Page –
http://technet.microsoft.com/en-us/systemcenter/
TechNet Community –
http://technet.microsoft.com/en-us/systemcenter/cc511266.aspx
Slide25
Resources
Required Slide
www.microsoft.com/teched
Sessions On-Demand & Community
Microsoft Certification & Training Resources
Resources for IT Professionals
Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet
http://microsoft.com/msdn
LearningSlide26
Complete an evaluation on
CommNet
and
enter to win!
Required SlideSlide27
Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st
http://northamerica.msteched.com/registration
You can also register at the
North
America 2011
kiosk
located at
registrationJoin us in Atlanta next year Slide28
©
2010 Microsoft
Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Slide29
Required Slide