Keeping Current with Windows 10. Jon Anderson Senior Systems Consultant, Now Micro December 5 th, 2018

Similar documents
Windows 10 for enterprise. Pramiti Bhatnagar

Valmennamme kaikista parhaita

Doug Wilson Systems Consultant at Now

GET YOUR HOUSE IN ORDER. Patching and Imaging Creation Strategies

Windows 10. scalable IT services & solutions. October 25, Bruce Ward, VP of Business Strategy. Dan Sharp, Senior Consultant

Microsoft 365 powered device webinar series Microsoft 365 powered device Assessment Kit. Alan Maddison, Architect Amit Bhatia, Architect

Windows 10 Pro for Your Modern Workforce. Jared Bernatt Microsoft Windows

Adnan Cloud Solutions Architect. SAFFA living in Netherlands, work globally. Microsoft Trainer +25y (xrl MSLearning)

M365 Powered Device Proof of Concept

MD-101: Modern Desktop Administrator Part 2

9 Years in Consulting. Broad experience in Microsoft Infrastructure solutions. Specialised in Windows 10 & Surface familly

IoT in Action Intelligent Edge with Windows 10 IoT Enterprise. Jackie Chang Sr. Program Manager Tony Lin Sr. Software Engineer

Deployment Genval November 2018

A tale of Modern Management Part 1

Installing and Configuring Windows 10 (698)

Optimizing IT: Toward Modern Workplace Management With Windows 10

Customer Success with Windows as a Service. John Cable Windows Servicing and Delivery

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools

Co se změnilo ve Windows 10 z pohledu IT administrátora

What s new in System Center Configuration Manager Current Branch? Ievgen Liashov

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools

ASSURANCE CONTINUITY MAINTENANCE REPORT FOR. Microsoft Windows 10 IPsec VPN Client (VPNPP14)

Desktop features placemat

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools

Improve productivity with modernized PCs and Windows 10. Christopher Choong, DTM Field Marketing Manager

: A: Deploying and Managing Windows 10 Using Enterprise Services

Deploying and Managing Windows 10 Using Enterprise Services

Microsoft 365 Business FAQs

Microsoft Windows Exam Objectives

Windows 10 listening tour. What is REALLY on the minds of our customers?

Windows 10 prvi dve leti. Slavko Kukrika, MVP in prijazen fant

Deploying and Managing Windows 10 Using Enterprise Services ( )

20398: Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) and On- Premises Tools

1

Kent Agerlund Enterprise Mobility MVP & Microsoft Regional Director

Microsoft. MS-101 EXAM Microsoft 365 Mobility and Security. m/ Product: Demo File

At Course Completion After completing this course, students will be able to:

BDPA Conference Windows 10

MD-100: Modern Desktop Administrator Part 1

WS011 - Deploying and Managing Windows 10

COURSE OUTLINE: B Deploying and Managing Windows 10 Using Enterprise Services. Course Name. Course Duration Course Structure Course Overview

Modern Management of Windows - Intune & Autopilot

CONDITIONAL ACCESS FROM A TO Z

Mobility Windows 10 Bootcamp

MCSA Windows 10. A Success Guide to Prepare- Microsoft Configuring Windows Devices. edusum.com

Course D:Implementing and Managing Windows 100

Deploying and Managing Windows 10 Using Enterprise Services

WINDOWS 10 ENTERPRISE New Security Features

Deploying and Managing Windows 10 Using Enterprise Services

Course Outline. Deploying and Managing Windows 10 Using Enterprise Services Course B: 5 days Instructor Led

Innovate or die!? Modern IT Workplace Security. Alex Verboon Cyber Security Consultant

B Deploying and Managing Windows 10 Using Enterprise Services. Course Content. Course ID#: W Hours: 35. Course Description:

Upgrading Your Skills to MCSA Windows 8

1 - MANAGING DESKTOPS AND DEVICES IN AN ENTERPRISE ENVIRONMENT (MODULE 1: )

COURSE B: DEPLOYING AND MANAGING WINDOWS 10 USING ENTERPRISE SERVICES

Windows 8 Boot Camp 6439; 5 Days, Instructor-led

Windows 10 Deployment and Security. Crissier Jean-Francois Ageneau

Windows IoT Security. Jackie Chang Sr. Program Manager

Exam /Course C or B Configuring Windows Devices

Pieter Wigleven Windows Technical Specialist

MCSA: Windows 10 Boot Camp

President Interlink Cloud Advisors. Mike Wilson Vice President Interlink Cloud Advisors. Kirk Terrell Consultant Interlink Cloud Advisors

Windows 10 Azure AD / EMS

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

Office 365: Modern Workplace

Configuring Windows 10 Devices (697)

Mastering the Move to Modern Management using ConfigMgr

Windows 10 MCSA Bootcamp

Quo vadis? System Center Configuration Manager Full managed desktop. Mobile device management Light managed device policies, inventory,

C: Deploying and Managing Windows 10 Using Enterprise Services. Duration: 5 days; Instructor-led

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Course Outline 20698B

Planning and Administering SharePoint 2016

COURSE 20698A: INSTALLING AND CONFIGURING WINDOWS 10

Use EMS to protect your mobile data and mobile app

Windows 10 Webinar. Onsight

Supporting Windows Vista and Applications in the Enterprise COURSE OVERVIEW PREREQUISITES AUDIENCE OBJECTIVES COURSE OUTLINE. Course No.

MCSA Windows 10. A Success Guide to Prepare- Installing and Configuring Windows 10. edusum.com

Microsoft Deploying and Managing Windows 10 Using Enterprise Services

Windows 10 edition. Find out which. is right for you. Core features. Familar, and better than ever Home Pro Enterprise Education Mobile.

MODERN DESKTOP SECURITY

What s new in Configuration Manager 1702 and beyond. Jörgen Nilsson.

INTEGRATING WITH DELL CLIENT COMMAND SUITE: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Installing and Configuring Windows 10

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

M365 Powered Device Proof of Concept Overview

Managing the Microsoft Windows* Transition in Your Enterprise. October 2013

Microsoft Installing and Configuring Windows 10

MCSE- Windows Server 2012

Exchange 2007 End of Service: Modernize with Office 365. Todd Sweetser Technical Solutions Professional

Enabling and Managing Office 365

Installing and Configuring Windows 10

Course Outline. Installing and Configuring Windows 10 Course 20698A 5 days Instructor Led

Course Outline. Enabling and Managing Office 365 Course 20347A: 5 days Instructor Led

"Charting the Course... MOC C: Deploying and Managing Windows 10 Using Enterprise Services. Course Summary

Microsoft Configuring Windows 8.1

Implementing and Managing Windows 10

Made for the way you work: Big ideas and innovation from Windows 10 and Lenovo

Modern BIOS Management from the Cloud

20698 Installing and Configuring Windows 10. Course Content. Course ID #: W Hours: 35. Course Description: At Course Completion:

Transcription:

Keeping Current with Windows 10 Jon Anderson Senior Systems Consultant, Now Micro December 5 th, 2018

Device Lifecycle Company Hardware Reseller (Dell, HP, Lenovo, and more) OEM (Digital Signage, Kiosks, Appliances) Professional Services (Systems Management, Cloud Solutions, Automation)

Get Involved Join or Start your local user group Participate in forums Technet MyItForum Microsoft Tech Community Etc Get on Twitter Not just for celebrities and presidents Keep a Blog

Introduction Windows as a Service Quality Updates Feature Updates Windows Update for Business SCCM Automated Servicing In-Place Upgrade Task Sequence Agenda

A new way to build, deploy and service Windows Quality Updates A single cumulative update each month with no new features Security fixes, reliability fixes, bug fixes, etc. Supersedes the previous month s update Feature Updates Twice per year with new capabilities New features and innovation APIs and security capabilities Very reliable, with built-in rollback capabilities Simple deployment using in-place upgrade, driven by existing tools Try them out with Insider Preview

Y YY With Windows 7 and 8, servicing choices added complexity and cost, increased fragmentation, and reduced quality What customers are running What we are testing Typical Windows 7 PC: Selectively Patched Windows 7 Test Lab PC: Fully Patched

Quality Updates (QU): Express with QUs Express Update Files Couple challenges: Full Update Delta+Full Update

Update Size to DPs/WSUS Update Size to PC Download Comparison: Full LCU vs. Express vs. New Model Currently Supported Quality Update types Quality Update for 1809 Currently Supported Quality Update types Quality Update for 1809 Express Update Full Update Delta+Full Update Full Update Delta Update Express Update** **Express update size as depicted is the best-case scenario with the assumption that the device stays up-to-date each month.

How to get started Available in the 1809 Supported with WSUS and ConfigMgr Supported for OEMs/ODMs Extra reading material https://techcommunity.microsoft.com/t5/windows- IT-Pro-Blog/What-s-next-for-Windows-10-and- Windows-Server-quality-updates/bap/229461#M207

A new way to build, deploy and service Windows Quality Updates A single cumulative update each month with no new features Security fixes, reliability fixes, bug fixes, etc. Supersedes the previous month s update Feature Updates Twice per year with new capabilities New features and innovation APIs and security capabilities Very reliable, with built-in rollback capabilities Simple deployment using in-place upgrade, driven by existing tools Try them out with Insider Preview

NUMBER OF DEVICES Windows Insider Preview Semi-Annual Channel Long Term Servicing Channel Early visibility to new innovation, features and functionality via continuous feature updates IT, developers, selected business owners Information workers General population Benefits from new features, monthly quality updates Specialized systems Key attribute of usage scenario: Feature and Functionality Never Changes, receives monthly quality updates System solution based on SW and HW considerations STAGE

Capabilities Recommended Enterprise use scenario Latest features as they are released Support for new hardware & silicon 1 st party browsing choices Semi-Annual Channel General information worker systems; salesforce, etc. Microsoft Edge, IE 11 Long Term Servicing Channel Special systems: Air Traffic Control; MRI, etc. IE 11 Support for Office Pro Plus Support for Surface hardware Support for Win 32 Office & ability to load universal apps Ongoing security updates for the lifetime of the channel version 10 years of servicing support

Continual improvements: New features twice per year, adding value and improving productivity Windows XP Windows 7 Windows 10 Disruption Improvements Minimized end-user disruption by having less change with each release

151 1 160 7 170 3 170 9 180 3 1809 Windows 10 gets Better with each Release With enhanced security, more tools for IT and end user productivity features Mobile Device Management AAD Join Windows Store for Business Windows Update for Business Mail, Calendar, Photos, Maps, Groove, Skype + Windows Defender Antivirus Windows Hello Microsoft Edge Device Guard Credential Guard BitLocker SmartScreen Windows as a service In-place upgrades Continuum Cortana Windows 10 core Windows Information Protection Windows Hello for Business Windows Analytics Upgrade Readiness App-V, UE-V Hybrid Azure Active Directory Join Windows Ink + Mobile Device Management AAD Join Windows Store for Business Windows Update for Business Mail, Calendar, Photos, Maps, Groove, Skype Windows Defender Antivirus Windows Hello Microsoft Edge Device Guard Credential Guard BitLocker SmartScreen Windows as a service In-place upgrades Continuum Cortana Windows 10 core Windows Autopilot Windows Defender ATP Windows Defender Security Center Express update delivery Hyper-V Windows 10 Subscription Activation Windows Insider Program for Business Paint 3D Cortana at work Night light, mini view + Windows Information Protection Windows Hello for Business Windows Analytics Upgrade Readiness App-V, UE-V Hybrid Azure Active Directory Join Windows Ink Mobile Device Management AAD Join Windows Store for Business Windows Update for Business Mail, Calendar, Photos, Maps, Groove, Skype Windows Defender Antivirus Windows Hello Microsoft Edge Device Guard Credential Guard BitLocker SmartScreen Windows as a service In-place upgrades Continuum Cortana Windows 10 core Windows Defender Exploit Guard, System Guard, Application Guard, Application Control Mobile Device Management Windows Analytics Update Compliance Windows Analytics Device Health Co-management Enterprise search in Windows Continue on PC OneDrive Files On-Demand Narrator Mixed Reality Viewer + Windows Autopilot Windows Defender ATP Windows Defender Security Center Express update delivery Hyper-V Windows 10 Subscription Activation Windows Insider Program for Business Paint 3D Cortana at work Night light, mini view Windows Information Protection Windows Hello for Business Windows Analytics Upgrade Readiness App-V, UE-V Hybrid Azure Active Directory Join Windows Ink Mobile Device Management AAD Join Windows Store for Business Windows Update for Business Mail, Calendar, Photos, Maps, Groove, Skype Windows Defender Antivirus Windows Hello Microsoft Edge Device Guard Credential Guard BitLocker SmartScreen Windows as a service In-place upgrades Continuum Cortana Windows 10 core Windows Analytics Spectre & Meltdown, Delivery Optimization, Application Reliability Logon Health WDATP Automated Remediation Conditional Access based on WDATP device risk Threat Analytics Emergency Outbreak Updates Advanced hunting Cloud Credential Guard Diagnostic data viewer Windows Autopilot enrollment status page Windows 10 Enterprise in S mode Shared Windows Devices Nearby Sharing Dictation Timeline + Windows Defender Exploit Guard, System Guard, Application Guard, Application Control Mobile Device Management Windows Analytics Update Compliance Windows Analytics Device Health Co-management Enterprise search in Windows Continue on PC OneDrive Files On-Demand Narrator Mixed Reality Viewer Windows Autopilot Windows Defender ATP Windows Defender Security Center Express update delivery Hyper-V Windows 10 Subscription Activation Windows Insider Program for Business Paint 3D Cortana at work Night light, mini view Windows Information Protection Windows Hello for Business Windows Analytics Upgrade Readiness App-V, UE-V Hybrid Azure Active Directory Join Windows Ink Mobile Device Management AAD Join Windows Store for Business Windows Update for Business Mail, Calendar, Photos, Maps, Groove, Skype Windows Defender Antivirus Windows Hello Microsoft Edge Device Guard Credential Guard BitLocker SmartScreen Windows as a service In-place upgrades Continuum Cortana Windows 10 core Windows Defender ATP new attack surface area reduction controls Investigation and remediation across Office 365 ATP and Windows Defender ATP Web Authentication in Microsoft Edge Windows Hello with FIDO 2.0 30 months of support for September releases Windows Autopilot Self-deploying mode Windows Autopilot Hybrid Azure AD join S Mode Block Switch Microsoft Edge kiosk mode Desktop Analytics (Preview) Intelligent Pilot Selection and ConfigMgr Integration ReadyforMicrosoft365.com Microsoft Edge experience improvements Accessibility enhancements Access the clipboard across devices + Your Phone Windows Analytics Spectre & Meltdown, Delivery Optimization, Application Reliability Logon Health WDATP Automated Remediation Conditional Access based on WDATP device risk Threat Analytics Emergency Outbreak Updates Advanced hunting Cloud Credential Guard Diagnostic data viewer Windows Autopilot enrollment status page Windows 10 Enterprise in S mode Shared Windows Devices Nearby Sharing Dictation Timeline Windows Defender Exploit Guard, System Guard, Application Guard, Application Control Mobile Device Management Windows Analytics Update Compliance Windows Analytics Device Health Co-management Enterprise search in Windows Continue on PC OneDrive Files On-Demand Narrator Mixed Reality Viewer Windows Autopilot Windows Defender ATP Windows Defender Security Center Express update delivery Hyper-V Windows 10 Subscription Activation Windows Insider Program for Business Paint 3D Cortana at work Night light, mini view Windows Information Protection Windows Hello for Business Windows Analytics Upgrade Readiness App-V, UE-V Hybrid Azure Active Directory Join Windows Ink Mobile Device Management AAD Join Windows Store for Business Windows Update for Business Mail, Calendar, Photos, Maps, Groove, Skype Windows Defender Antivirus Windows Hello Microsoft Edge Device Guard Credential Guard BitLocker SmartScreen Windows as a service In-place upgrades Continuum Cortana Windows 10 core

CAPABILITY Staying Secure with Agile Servicing Attackers take advantage of periods between releases PROTECTION GAP Stay ahead of the attackers with continual software improvements TIME PRODUCT RELEASE THREAT SOPHISTICATION

It s not just Windows

W10 Servicing Timeline (Semi-Annual Channel) 2017 2018 2019 2020 2021 2022 2023 Windows 10 1607 18 months 12 months Windows 10 1703 6 months 18 months 12 months Windows 10 1709 6 months 18 months 12 months Windows 10 1803 6 months 18 months 12 months Windows 10 1809 6 months 18 months 12 months Windows 10 1903 6 months 18 months Windows Insider Program Additional Servicing (ENT/EDU Only) Windows 10 1909 6 months 18 months 12 months

Deploy and Use Plan and Prepare Targeted Pilot Validation IT/Developer Canary Self Select Sample Production *Conceptual illustration only

Ready for Windows Get links to Windows 10 ISV support statements Get usage information for every app version, and use that to target testing http://www.readyforwindows.com We are actively engaged with ISVs, to ensure full support for Windows as a service

Windows Analytics A suite of tools to reduce deployment and support costs Upgrade Readiness Update Compliance Device Health* Plan upgrades by identifying devices that are ready and identify and resolve top app/driver compatibility blockers Ensure update and antimalware compliance with timely reports for all your devices (even those on the road) Reduce support costs by proactively identifying and remediating top end-user impacting issues *Only available with Windows 10 Enterprise edition

Optimizing bandwidth usage Challenges Payload Packaging Diff technology Caching - Shift network traffic to edges Distributed Caching Peer to Peer (DO) Centralized Caching WSUS ConfigMgr DPs Downloaders (BITS, DO) Optimize the Network Networking Layer (LEDBAT)

LEDBAT: Low Extra Delay Background Transport

LEDBAT: How to get started https://blogs.technet.microsoft.com/netwo rking/2016/07/18/announcing-newtransport-advancements-in-theanniversary-update-for-windows-10-andwindows-server-2016/

Updates up to 63% faster by reducing the amount of time your device is offline Downlevel Compat Checks Gather Operations Mount/extract SafeOS Apply NewOS User settings and data migration occurs Run offline sysprep specialize plugins Run offline migration plugins Reboot SafeOS (WinRE) Prepare new boot environment Reboot First Boot OOBE Boot Run sysprep specialize plugins Run remaining provider operations Run migration plugins User settings and data migration Configure/install devices Provisioning migration Reboot Online Offline Moved Online OOBE Login FISA screens (Enterprise) APPX registration Desktop

Progress over Win10 Releases 90 80 Pre 1703, 82.24 mins 70 60 50th Percentile 51.7 mins 50 40 50th Percentile 33.7 mins 30 50th Percentile 30.2 mins 20 10 0 Fastest, 3.05 mins Fastest, 2.44 mins 1703 1709 1803 1809

0xC1900101 0x30018

How to get started & Future Plans https://docs.microsoft.com/enus/windows/deployment/upgrade/setupdiag

Windows Update for Business

Servicing from the cloud Built on top of Windows Update for global scale Implemented through additional policies configurable via Group Policy, Intune (or other MDM services), Configuration Manager Controls for deferring feature updates, quality updates Active Hours to specify when users are likely away Windows Analytics for compliance reporting

Use Microsoft defined folder structure for adding enterprise scripts Scripts in run folder gets migrated every update Preinstall scripts will be synchronously executed before setup starts Precommit scripts will be synchronously executed before setup commits/finalize Post OOBE switch to run scripts after install Here is a sample listing of the files and directories Run (Migrate) C:\Windows\System32\update\run\GUID\preinstall.cmd C:\Windows\System32\update\run\GUID\precommit.cmd C:\Windows\System32\update\run\GUID\failure.cmd C:\Windows\System32\update\run\GUID\reflectdrivers\foo.inf C:\Windows\System32\update\run\GUID\reflectdrivers\foo.sys Run Once (Do not migrate) C:\Windows\System32\update\runonce\GUID\preinstall.cmd C:\Windows\System32\update\runonce\GUID\precommit.cmd C:\Windows\System32\update\runonce\GUID\failure.cmd C:\Windows\System32\update\runonce\GUID\reflectdrivers\bar.inf C:\Windows\System32\update\runonce\GUID\reflectdrivers\bar.sys

Demo

Windows 10 Servicing with SCCM

System Center Configuration Manager Servicing Plans Best support in System Center Configuration Manager Current Branch 1602+ Requires WSUS 4.0 (Windows Server 2012 or above) with KB3095113 Existing versions (2012, 2012 R2), as well as SCCM Current Branch, can still use task sequences to perform Windows 10 upgrades (much easier in SCCM Current Branch)

Windows 10 Servicing with SCCM Windows 10 Servicing Node Automated process Additional network bandwidth management options Reporting In-Place Upgrade Task Sequence Offers the most control over the process Customization Scheduling and deployment Reporting

Demo

Questions? Jon Anderson Senior Systems Consultant, Now Micro December 5 th, 2018

Thank you for attending Keeping Current with Windows 10 Jon Anderson Senior Systems Consultant, Now Micro December 5 th, 2018

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback