Agenda
Agenda The New Office overview Rethink productivity possibilities Demo Why Microsoft for productivity Break The New Office architecture Identity management Authentication options Hybrid scenarios Office click-to-run deployment
Hybrid
Our broad and deep array of solutions enables you to use the cloud in your own way, at your own pace.
Office 365 ProPlus: Familiar & full Office user experience Fast deployment & broad management controls Per-user licensing
Deploy Office fast without giving up control
9
Each year customers of Microsoft s cloud productivity services Fly 222 million passengers Many of the world s largest and most recognizable global brands run on Microsoft s cloud productivity services. Build 6 million automobiles in the United States alone Serve 27 billion meals 41of the Interbrand Top 100 Sell Make 16 billion cans of soda 4 billion cups of coffee
Washington Illinois North America Virginia Ireland Netherlands Europe India Asia China Hong Kong California Texas Puerto Rico Africa Singapore Central & South America Australia Microsoft Office 365 Datacenters
Decision Points Stakeholders Customer Questions Answered & Decisions Made Governance Capability & Technical Fit CIO & key stakeholders IT Who in my organization will own key decisions on cloud solutions, and Office 365 specifically? How can I ensure all stakeholder needs are met? What is Office 365? How will these solutions work in my environment? Why, when and how should I transition to Office 365? How do I get ready? Lifecycle Services IT What deployment consulting services do I need? How do I prepare for the migration? How do I migrate? Which support offerings underpin Office 365? Transaction Procurement & Finance How are the contracts structured, and what is the best way to transact? Business Value LOB Groups, CIO, CFO What is the business case for this project? Legal & Compliance Security, Privacy, Data Sovereignty Legal & Procurement CSO, Legal What are the risks and legal / regulatory considerations for my industry and my geography? Is my data secure and private? Where will it be located? How does this solution comply with local regulations?
Agenda The New Office overview Rethink productivity possibilities Demo Why Microsoft for productivity Break The New Office architecture Identity management Authentication options Hybrid scenarios Office click-to-run deployment
Core identity scenarios
Windows Azure Active Directory Authentication platform Directory store
Rich experience with Office Apps Ease of deployment, management and support Lower cost as no additional servers are required On-Premises High availability and reliability as all Identities and Services are managed in the cloud Cloud Identity Ex: alice@contoso.com Windows Azure Active Directory User
Rich experience with Office Apps Directory synchronization between on-premises and online Identities are created and managed on-premises and synchronized to the cloud Single identity and credentials but no single Sign- On for on-premises and office 365 services Password synchronization enables single sign-on at lower cost than federation Reuse existing directory implementation onpremises Cloud Identity Ex: alice@contoso.com Windows Azure Active Directory User Directory Synchronization Password Synchronization AD Non-AD (LDAP) On-Premises Identity Ex: Domain\Alice
Single identity and sign-on for on-premises and office 365 services Identities mastered on-premises with single point of management Directory synchronization to synchronize directory objects into Office 365 Secure Token based authentication Client access control based on IP address with ADFS Strong factor authentication options for additional security with ADFS Federation Windows Azure Active Directory User Directory Synchronization AD Non-AD (LDAP) On-Premises Identity Ex: Domain\Alice
Active Directory AD FS 2.0 Server AD FS 2.0 Server AD FS 2.0 Server Proxy Internal user Enterprise AD FS 2.0 Server Proxy DMZ
Federation and Synchronization options
Federation options Works with AD Works with AD & Non-AD Shibboleth (SAML*) Works with AD & Non-AD Suitable for medium, large enterprises including educational organizations Recommended option for Active Directory (AD) based customers Single sign-on Secure token based authentication Support for web and rich clients Microsoft supported Phonefactor can be used for two factor auth Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Suitable for medium, large enterprises including educational organizations Recommended where customers may use existing non-adfs Identity systems with AD or Non-AD Single sign-on Secure token based authentication Support for web and rich clients Third-party supported Phonefactor can be used for two factor auth Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Verified through works with Office 365 program Works for Office 365 Hybrid Scenarios Suitable for educational organizations j Recommended where customers may use existing non-adfs Identity systems Single sign-on Secure token based authentication Support for web clients and outlook only Microsoft supported for integration only, no shibboleth deployment support Requires on-premises servers & support Works with AD and other directories on-premises
Directory Synchronization Options PowerShell & Graph API Suitable for Organizations using Active Directory (AD) Provides best experience to most customers using AD Supports Exchange Co-existence scenarios Coupled with ADFS, provides best option for federation and synchronization Supports Password Synchronization with no additional cost Does not require any additional software licenses Suitable for large organizations with certain AD and Non-AD scenarios Complex multi-forest AD scenarios Non-AD synchronization through Microsoft premier deployment support Requires Forefront Identity Manager and additional software licenses Suitable for small/medium size organizations with AD or Non-AD Performance limitations apply with PowerShell and Graph API provisioning PowerShell requires scripting experience PowerShell option can be used where the customer/partner may have wrappers around PowerShell scripts (eg: Self Service Provisioning)
FIM 2010 Office 365 connector supports complex multi-forest topologies Single ADFS deployment to support multiple namespace Federation using ADFS Windows Azure Active Directory AD FIM 2010 AD AD On-Premises Identity Ex: Domain\Alice User
Preferred option for Directory Synchronization with Non-AD Sources Non-AD support with FIM is available through Microsoft-led deployments FIM 2010 Office 365 connector supports complex multi-forest topologies Federation using Non- ADFS STS Windows Azure Active Directory Non-AD (LDAP) Office 365 Connector on FIM On-Premises Identity Ex: Domain\Alice User
Split User Split Workload An organization splitting users within a workload (Exchange or SharePoint) between On-Premises and Online Users on any of the workloads (Exchange, SharePoint or Lync) in the cloud while using other workloads On-Premises
Flexibility On-Premises customization Significant footprint in Remote locations Regulatory reasons Manageability On-Premises 50% of enterprise customers are on the road to cloud
Split User Split Workload Exchange On-Premises Lync On-Premises Exchange Online Exchange Online SharePoint Online Lync Online SharePoint On-Premises Exchange On-Premises SharePoint Online Exchange Online SharePoint Online Lync Online Lync On-Premises SharePoint On-Premises Lync Online Exchange Online SharePoint Online Lync Online
Exchange deployment on your terms Hybrid On-premises
On-premises Office 365 Directory Sync Cloud ADFS (optional) Exchange CAS/MBX Office 365 Active Directory Synchronization Optional Active Directory Federation Services Single sign on Existing Exchange environment Exchange Server 2013 CAS & MBX Free hybrid edition license with paid Exchange Online subscription
Lync Server Lync Hybrid Lync Online Lync Server Single domain & directory Office 365, Lync Online Private cloud / dedicated Users split server / Partner-hosted online multi-tenant
On Premises Coexistence Identity federation and directory synchronization enables access to SharePoint sites, providing a consistent single sign-on experience online and on premises Cloud Service Deployed and maintained on premises with complete control and ownership of hardware, maintenance, resources, and administration + The flexibility of migrating some capabilities to SharePoint Online and accessing both onpremises and online sites with the same domain credentials Microsoft will more securely deliver new features and capabilities to SharePoint Online
Click-to-Run
Office apps are streamed from Office 365 or on premises tools Streaming installation allows Office apps to run almost instantly & features load based on usage Use Office 365 both online and offline Works with existing Office add-ins, customizations, macros and legacy Office file formats Unobtrusive background updates with IT control Support for update testing & push deployment Office side-by-side means that you will not need to uninstall previous versions of Office in order to use the new Office
1. add users to Office 365 tenant 2. download Office Deployment Tool (setup) 3. use setup to download C2R packages 4. customize configuration XML 5. add C2R packages to software distribution infrastructure 6. deploy C2R packages with setup and configuration XML 7. layer on add-ins and customizations Office 365 Service End Users PCs Optional add-ins dependent apps Office files, etc. As applicable
Optimized Software Updates Office looks at what is installed Performs differential comparison to update e 365 14 47 5 8 6 9 Δδ 7 4 Δδ 98 5 Δδ 98 6 23 1 3 2 14 3 Only differentials are applied saves bandwidth 1 8 9 5 6 7 EXE 2 3 4 User is not impacted Click-to-Run
Automatic from Cloud Automatic from Network Rerun setup in software dist