Windows 7 Deployment Key Milestones 2012 2013 2014 Client Deployment and Management Tool Windows 7 Deployment Select Tool (3-6 months) Deployment Tool Architecture (1-2 months) Assess Hardware (1-2 months) Test and Remediate Applications (1-18 months) Deploy Infrastructure for Pilot Group (1-3 months) End User Readiness (1-3 months) Hardware Upgrades (1-6 months) Build Task Sequence and Gold Image (2-6 months) Deploy Full Infrastructure (1-6 months) Begin Deployment (3-12 months) Oct 2013 Deployment Completed 6 Month Buffer April 8, 2014 XP End of Support Extended Support Agreement +$200k 3
Challenges to Enabling Consumerization Infrastructure Considerations Management of diverse devices I want to use the device I prefer Devices User How can IT support and Corporate Consumer manage all those devices? Secure, anywhere access to apps & data I want to connect to people and be productive Application Experience anywhere, anytime How can IT provide access to apps and Security data while and Access maintaining security?
System Center 2012 Configuration Manager Empower Users Unify Infrastructure Simplify Administration Empower people to be more productive from almost anywhere on almost any device. Reduce costs by unifying IT management infrastructure. Improve IT effectiveness and efficiency.
Modern GUI Intuitive ribbon interface Global search capability In-console alerts New collection membership rules allow better filtering of members
System Center Configuration Manager Overview Real Time Asset Intelligence Hardware and Software Catalog Source Meter Compliance
Asset Intelligence, Inventory, and Software Metering Consolidated/simplified reporting: Understand software installation profiles Plan for hardware upgrades Identify over or under licensing issues Track custom apps or groups of titles Real-time Application and Hardware Intelligence Asset Intelligence Service Software Metering & License Reports ConfigMgr Inventory Asset Intelligence Catalog
Client Settings Easiest Step to Infrastructure Reduction Stop using primary sites for different Client Settings
Primary Image Types Near Retail Few or no configuration changes or apps Lightly Customized Includes some applications and other configurations Fully Customized Includes applications, driver payloads, configurations
System Center Configuration Manager Overview OS Deployment Standardize/Repeatable PXE Multicast/Standalone/Pre-staged Physical or Virtual Real Time Intelligence
Operating System Deployment CAS Multiple Deployment Method Support Task Sequences Hardlink migration USMT 4.0 WDS PXE Server Image Primary Site DP Role Report Task Sequence Primary Site MP Role PXE initiated deployment Multi-cast deployment to conserve network bandwidth Stand-alone media deployment Pre-staged media deployment
System Center Configuration Manager Overview Security and Compliance Unified infrastructure Antimalware Windows and firewall management SCCM Client monitoring OS Deployment Real Time Intelligence
Security and Compliance Endpoint Protection Unified Infrastructure Simplified server and client deployment Streamlined updates Consolidated reporting Role Based Administration Comprehensive Protection Stack Behavior monitoring Antimalware Dynamic Translation Windows and Firewall Management
System Center Configuration Manager Overview Software Distribution User Centric Application model Dependencies/Prerequisites Software Catalog User Experience Security and Compliance OS Deployment Real Time Intelligence Power Management
User-Centric Application Delivery Administrator Deliver best user experience on each device Define application once < > Delivery Evaluation Criteria User Device type Network connection Custom User/Device Relationships Windows Embedded Primary Devices MSI App-V Non-primary Devices VDI Presentation Server Remote Desktop
User-centric Application Delivery New Application Model Application Package < > General Information Administrator Properties End User Metadata Deployment Type App-V Windows Script Windows Installer CAB Citrix XenApp Detection Method Install Command Requirement Rules Dependencies Supersedence
DEPENDENCIES Other deployment types that must be present in order for the current application deployment type to be installed 1 to N Dependencies This AND this AND this OR this.net Framework either 3.5 or 4.0 and Browser either IE7 or IE8, install IE8 if none present Dependencies are modeled as applications and can also be deployed independently Two dependency uses: Dependency not present, don t install applications Dependency not present, auto install dependent application
ON DEMAND INSTALLATION Process Flow 1 User clicks Install on Catalog item WEB SITE SITE SERVER 2 Web site checks Melissa s install permissions 3 Web site gets Client ID from Agent, hands to server 4 Policy created for Client ID & app, hands to agent 5 Client agent evaluates requirements from policy MELISSA 6 Web site initiates installation 7 Agent completes installation process & status AGENT
Unified Management of Virtual Applications and Clients User-centric application delivery through App-V or Citrix XenApp Single admin experience for managing physical and virtual desktops. Integrates with RDS and XenDesktop Recognizes pooled and personal virtual desktops Randomizes tasks APP-V CONFIGMGR SEQUENCER DP/MP HYPER-V CONNECTION BROKER
User-centric Application Delivery End User Self-service IT Administrators publish software titles to catalog Deliver best user experience on each device User Users can browse, select and install directly from Catalog Application model determines format and policies for delivery
System Center Configuration Manager Overview Security and Compliance Software Distribution SW and HW Updates Auto deployment State based OS Deployment Real Time Intelligence
Software Updates Identify required updates to deploy Based on category, products, language, date revised, article id, bulletin id, and other criteria Define distribution schedule Peak/non-peak work hours State-based Reporting and Updates Deploy to individual or group deployment Auto Deployment Updates added to groups auto deploy to targeted collections Faster deployment through search Schedule content download and deployment to avoid reboot during work hours Optimized for New Content Model Reduce replication and storage Expired updates and content deleted
CONTENT DISTRIBUTION Distribution Point Groups Automatic distribution of content Can be linked to Collections for workflow optimization Distribute Content Wizard Send multiple packages to multiple distribution points or groups at once Detect Application dependencies and add them to the distribution Select a task sequence and distribute all related content
Internet-based Client Management Intranet Internet Reduced Complexity Single Primary site can manage both Intranet clients (over HTTP) and Internet clients (over HTTPS) PR1 MP DP Non PKI enabled site system PKI enabled site system MP DP Flexibility Primary sites can be configured to either support only HTTPS roles or both HTTP and HTTPS site roles Reliability Intelligent client behavior enables client to communicate using the most secure option available Tighter security enforcement by only allowing clients with Enterprise-issued certificates to communicate with the ConfigMgr roles
System Center Configuration Manager Overview Security and Compliance Software Distribution SW and HW Updates Settings management Manage drift Auto remediation Industry standard baseline Audit changes OS Deployment Real Time Intelligence
Security and Compliance Settings Management ConfigMgr MP Baseline ConfigMgr Agent Assignment to collections Baseline drift! Auto Remediate OR Create Alert (to Service Manager) Baseline Configuration Items Active Directory Script WMI XML SQL File Software Updates Registry MSI IIS Improved functionality Copy settings Trigger console alerts Richer reporting Enhanced versioning and audit tracking Ability to specify versions to be used in baselines Audit tracking includes who changed what Pre-built industry standard baseline templates through IT GRC Solution Accelerator
System Center Configuration Manager Overview Security and Compliance Software Distribution SW and HW Updates Settings management OS Deployment Real Time Intelligence Mobile Device Management EAS-based policy delivery Discovery and inventory Settings policy Remote Wipe
Integrated Versus Consolidated Versus Comprehensive Integrated Consolidated Comprehensive with Manage mobile devices via Exchange ActiveSync in the Exchange System Manager Surface ActiveSync controls within System Centre Configuration Manager Provide precision management for a multitude of mobile devices
Mobile Device Management Management for all Exchange ActiveSync (EAS) connected devices EAS-based policy delivery Discovery and inventory Settings policy Remote Wipe 7
System Center Configuration Manager Overview Security and Compliance Software Distribution SW and HW Updates Mobile Device Management OS Deployment Settings management Real Time Intelligence Out of Band Management, Remote Control Role based administration CTRL-ALT-Delete Admin or User-based control
Map the organizational roles of your administrators to defined security roles Security organization role Geography Meg- WW Central System Administrator Reduces error, defines span of control for organization Functionality What types of objects can I see and what can I do to them? Which instances can I see and interact with? Which resources can I interact with? ConfigMgr 2007 Class rights Object instance permissions Site specific resource permissions ConfigMgr 2012 Security roles Security scopes Collection limiting Louis-Software Update Manager for France Can see & update France desktops Cannot modify security settings on France desktops Cannot see All Systems or U.S. desktops Bob- US & France Security Admin Can see & modify security settings on France and U.S. desktops Cannot update France or U.S. desktops Cannot see All Systems
System Center Configuration Manager Overview Security and Compliance Software Distribution SW and HW Updates Mobile Device Management OS Deployment Settings management Real Time Intelligence Out of Band Management, Remote Control Power Management Monitor Plan Apply Analyze
Power Management Phase 1: Monitor Enable agent Monitor usage and activity Phase 2: Plan Develop power plan for peak & non-peak hours Non-Peak & Peak Phase 3: Apply Power Policy Apply Power Plan Phase 4: Compliance & Analyze Review before and after usage and activity Determine savings
NEW IN 2012: EXCLUDE VMS Identify if machine is a guest VM Automatically exclude guest VMs from power policy Reports will continue to show total # of machines in collection In addition reports will show new entry called total # of physical machines which will be used in calculations
System Center 2012 Configuration Manager Empower Users Unify Infrastructure Simplify Administration Empower people to be more productive from almost anywhere on almost any device. Reduce costs by unifying IT management infrastructure. Improve IT effectiveness and efficiency.
Next Breakout Session Begins at 3:15