/
What's New in Windows 10 Management and the Windows Store What's New in Windows 10 Management and the Windows Store

What's New in Windows 10 Management and the Windows Store - PowerPoint Presentation

tatyana-admore
tatyana-admore . @tatyana-admore
Follow
471 views
Uploaded On 2016-07-20

What's New in Windows 10 Management and the Windows Store - PPT Presentation

Michael Niehaus Senior Product Manager mniehausmicrosoftcom BRK3330 Windows offers the management features that businesses need Business needs are evolving Windows 10 offers management choices ID: 412676

store windows apps management windows store management apps business azure active device mdm app directory mobile center update microsoft configuration owned manager

Share:

Link:

Embed:

Download Presentation from below link

Download Presentation The PPT/PDF document "What's New in Windows 10 Management and ..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Slide1
Slide2

What's New in Windows 10 Management and the Windows Store

Michael NiehausSenior Product Managermniehaus@microsoft.com

BRK3330Slide3

Windows offers the management features that businesses need.Slide4

Business needs are evolving. Windows 10 offers

management choices

to meet those needs.Slide5

Evolving Business Needs

Recent Past

9-to-5 Monday

-Friday

employees at work

PCs

on a LAN, connected to domainCorporate supplied and managed devicesOne device ecosystem Extended operating system/servicing lifecycleOn-premises applications and file sharingAccess controls contained within organizationalDeep corporate management controls and policiesMalware as vandalism and criminal activityNetwork perimeter as a viable defense boundaryVertically-integrated devices for task workers

Mobile-first, Device-first24x7x365 blur of work & personal activityLaptops, tablets, phones anywhere (on any network)Corporate and BYOD, business & personal apps/dataHeterogeneous ecosystems (Windows, iOS, Android, Chrome)A faster upgrade cadence; shorter device lifecycleSaaS applications and file sharing servicesAccess controls span organizations, apps, individualsLighter cloud-based management with fewer controlsMalware as espionage and weaponryMust operate under assumed breach of networkDynamically adapting devices for task workersSlide6

Management Choices

Works with existing infrastructureContinued support for Group Policy and WMI

Advanced MDM support

Consistent across PC/phone

1st and 3rd party solutionsSlide7

Management Choices

Available Choices

Identity

Active Directory; Azure Active Directory

Management

Group Policy, System Center Configuration Manager,

3rd party PC management; Intune, 3rd party MDMUpdatesWindows Update; Windows Server Update Services (WSUS); Intune, 3rd party MDMInfrastructureOn-premises or in the cloudOwnershipCorporate-owned, CYOD; BYOD

Organizations may mix and match, depending on their specific scenarioSlide8

Management Choices

Exchange ActiveSync

Basic

Windows Update

BYOD (personal) devices

E-mail access only

Active Directory and/orAzure Active DirectoryMobile Device ManagementLightweightWindows Update/MDMCompany-owned and BYOD devicesInternet-facing or corporate networkActive DirectoryGroup PolicySystem CenterFull ControlWSUSCompany-owned devicesCorporate networkSlide9

Windows Management Features

Windows Client

Windows Management Instrumentation (WMI)

Windows Remote Management (

WinRM

)

Windows UpdateGroup Policy ClientWindows ServerActive DirectoryGroup PolicyWindows Server Update Services (WSUS)ProductsSystem Center Configuration ManagerMicrosoft Desktop Optimization Pack (MDOP)Cloud ServicesAzure Active DirectoryAzure RMSMicrosoft IntuneWindows StoreWindows UpdateMobile Device Management (MDM)PowerShellAppLockerSlide10

Windows 10 Works with Existing Infrastructure

Product

Supports

Windows 10 Management

Supports Windows 10 Deployment

System Center 2012 R2

Configuration ManagerSystem Center 2012Configuration ManagerSystem Center Configuration Manager 2007Windows Server 2012 R2Windows Server 2012Windows Server 2008Microsoft Deployment Toolkit 2013Updates will be required. New OS features may require newer versions for full support.Slide11

Mobile Device Management

BYOD: simple security settings

Device Lockdown

Fully managed corporate device

Phone

Desktop

PhoneDesktopSignificant investments in added functionality for both mobile and desktop devicesSlide12

MDM in Windows 10

One consistent set of MDM capabilities across Mobile, Desktop, and

IoT

Provisioning

Bulk enrollment

Simple bootstrap

Converged protocolAzure AD IntegrationExtended set of policiesClient certificate managementEnterprise Wi-FiVPN managementEmail provisioningMDM PushDevice Update controlKiosk, Start screen, Start menu configuration and controlCurated Windows StoreBusiness Store app deployment; license reclaimEnterprise App managementSimplified LOB app managementWin32 (MSI) app managementApp inventory (LOB/store apps)App allow/deny lists via ApplockerEnterprise data protectionFull device wipe Remote Lock, PIN reset, Ring, & FindEnhanced inventory for compliance decisionsUnenrollment with alertsRemoval of Enterprise configuration (apps, certs, profiles, policies) and Enterprise encrypted data (with EDP)

ENROLLMENTINVENTORYAPPLICATION MANAGEMENTDEVICE CONFIGURATION AND SECURITYREMOTE ASSISTANCE UNENROLLMENTAdditional device inventorySlide13

For More Information

Windows 10 Mobile Device Management (MDM) in Depth

Janani

Vasudevan

Senior

Program Manager, Microsoft

Thursday, May 71:30 PM - 2:45 PMN426Slide14

Identity Choices

Active Directory provides key business

identity

and security capabilities

Azure Active Directory takes this

to

the cloudBoth work togetherWindows 10 fully leverages bothSlide15

Windows 10 Identity

Choices

Organization Owned

Personally Owned (BYOD)

Computer joins AD

to establish trust

User signs on using AD accountGroup Policy + System CenterActive DirectoryComputer registers with AD or Azure AD via Device Registration to establish trust for remote resource accessUser signs in with a Microsoft account, associates an Azure AD accountIntune/MDM

Azure Active DirectoryComputer joins Azure AD to establish trustUser signs on using Azure AD accountIntune/MDMSettings roaming

Single sign-on to enterprise + cloud-based servicesSlide16

Azure Active Directory

Self-service

Single

sign on

•••••••••••

Username

Simple connection

Cloud

SaaS

Azure

Office

365

Intune

Other

Directories

Windows Server

Active Directory

On-premises

Microsoft Azure Active DirectorySlide17

Demo

Azure Active DirectorySlide18

For More Information

Microsoft Azure Active Directory and Windows 10: Better Together for Work or School

Jairo Cadena

Program Manager, Microsoft

Friday, May 8

12:30pm - 1:45pm

S103Slide19

Device Management VisionA “single pane of glass” for managing all of your devices

IT

Administrator

Single admin

console

Windows PCs

(x86/x64, Intel SOC),Windows To Go,Windows EmbeddedOrganization-owned, on-premises

Windows PCs(x86/x64, Intel SOC)

Windows mobile/phone devices

Organization-owned or

personally-owned (BYOD),

internet-connected

iOS /

Android

IntuneSlide20

Demo

Deploying a line-of-business Windows appSlide21

Group Policy

New policies to support Windows 10 features:

Start screen and start menu management

“Project Spartan” settings

Next-Generation Credential PIN settings

Windows app

managementNew in Windows 10Capabilities from Windows 8.1:Policy cachingIPv6 support for printers, VPN, targetingCapabilities from Windows 8:Sign-in optimization for DirectAccess clientsBetter use of larger registry policies (registry.pol)Remote group policy refresh (GPUpdate)More efficient background processingNew from Windows 7Slide22

Microsoft Desktop Optimization

Pack (MDOP)Full support for Windows 10 at general availability, with updates for

:

App-V

UE-V

MBAM

DaRTAGPMSlide23

An App Store That’s Open for Business

Volume purchasingFlexible distribution

License reclaim/re-use

Your company storeSlide24

Windows 8.1 at a Glance

Windows Store

“Company Portal”

Modern apps

Sign in with MSA

Pay with credit card, gift card, PayPal,

Alipay, INICIS, mobile operators (Phone)MDM-drivenSideload line-of-business modern appsLink to apps in the Windows StoreSlide25

One Windows Store

Convergence

WINDOWS

PHONE 8.1

WINDOWS 8.1

WINDOWS 10

Converged developer portal for Windows and Windows PhoneSeparate user and developer capabilitiesFully converged experienceBest features from eachNew capabilitiesXBOXSlide26

Introducing the Business Store

A web site for businesses, schools,

or other organizations

Free to use, easy to sign up

Used by IT administrators, purchasers

Provides key functionality for acquiring,

using, and deploying apps in an organizationIncluding line-of-business appsComplements the Windows Store and existing management solutionsFlexible scenarios for any needSlide27

Windows 10 at a Glance

Windows Store

Modern apps

Sign in with MSA

Pay with credit card, gift card,

PayPal

, Alipay, INICIS, mobile operatorsBusiness Store“Company Portal”Modern appsLeverages Azure Active Directory for administration, some scenariosPrivate organization store for the org’s preferred or LOB appsPay with credit card or PO/invoiceDeploy modern apps offline, in images, and moreModern app license managementSideload line-of-business modern appsDeploy apps from the Windows Store (even when the Store UI is disabled) as well as uploaded LOB apps through Business Store integration using MDMSlide28

Scenarios for any need

Flexible app deployment

Online

, offline, or included

in

images

Through the store, via MDM, or using System CenterLOB apps can be kept privateSupport for any organizationTeacher and classroomSmall businesses and other organizationsLarge enterprisesSimplify via convergenceOne store, one Dev Center, one Business StoreUniversal apps across all device typesReconciled sideloading processesSlide29

Org users do not need Azure AD accounts

Installation files are downloaded and deployed using org’s infrastructure

No

license tracking

Updates installed via Windows

Update

All org users need Azure AD accountsInstallation files managed and deployed by the Windows StoreLicenses tracked by the Windows StoreUpdates installed via Windows UpdateWorking with Store AppsBusiness Store ScenariosOnlineOfflinePrivate StoreMDM / ConfigMgr(deep links)Direct Assignment ImagingMDM / ConfigMgr(sideload)ManualSlide30

Demo

Business StoreSlide31

For More Information

Using the Business Store

with

Windows 10 Devices

Ford McKinstry

Principal Program Manager Lead,

MicrosoftTejas PatelSenior Program Manager, MicrosoftThursday, May 71:30pm - 2:45pmS503Slide32

Key Investment Summary

Business

Store

Allows orgs to acquire apps, manage licenses, download app files

Pay using

standard business methods

, including purchase orders, invoices, and credit cardsPrivate Store inside the Windows StoreFully curated list of apps from within the Windows StoreCan include public apps as well as Line-of-Business appsFull management supportMobile device management (MDM) control (using services such as Intune)Control for agent-based management solutions (such as System Center Configuration Manager)Slide33

Getting Ready for Windows 10

Set up Azure Active DirectoryGet current with System Center Configuration Manager and Windows Server

Consider mobile device needs

Think about scenario-based

management

Work with Windows appsSlide34

Visit

Myignite

at

http://myignite.microsoft.com or download and use the Ignite Mobile App with the QR code above.Please evaluate this sessionYour feedback is important to us!Slide35