Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David...

15
Click to edit Master subtitle style Microso ft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison

Transcript of Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David...

Page 1: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Click to edit Master subtitle style

Microsoft Virtual AcademyWindows Intune for IT Pros Jump Start

M05: Windows Intune Policies

David TesarRichard Harrison

Page 2: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

First Half Second Half

(01) Big Picture with Windows Intune

(07) MDM Prerequisites and Cloud-only MDM Setup

(02) Architecture Design Considerations

(08) Cloud-only Software Publishing and Deployment

(03) Extending Identity to Windows Azure Active Directory

(09) Setting Up & Configuring Unified Infrastructure (+ MDM Setup)

(04) Administrator Roles, Users and Groups

(10) Unified MDM Settings and Compliance

(05) Windows Intune Policies(11) Unified MDM Software Deployment

(06) Cloud-only PC Setup (12) End User Enrollment

Windows Intune for IT Pros Jump Start

Page 3: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

• Policy Templates–Mobile Device Security Policy– The Windows Intune Agent Settings Policy–Windows Intune Center Settings Policy–Windows Firewall Policy

• Forcing Policy Refreshes

• Policy Precedence

• Best Practices

Module Overview

Page 4: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Policy Templates

Page 5: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Mobile Device Security Policy

Page 6: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Windows Intune Agent Settings Policy

Page 7: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Installing Windows Intune Endpoint Protection

Is AV installed

?

Start Client Installation

Is MSE, SCEP, FEP

installed?

Install WIEP

Install WIEP, Enable WIEP

Do not install WIEP

Yes

No

1

Disable WIEP

Upgrade to WIEP

Enable WIEP

Is EP Policy

enabled?

Is EP Policy

enabled?

No Yes

No

Yes

Yes

Do not install WIEP

3No

Only on…

4

2

Page 8: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Windows Intune Center Settings

Page 9: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Windows Firewall Settings

Page 10: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

Forcing Policy Refreshes

Page 11: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

• Policy conflicts are resolved through:1. Group hierarchy

2. Timestamps

• Conflicts reported as Policy alerts

• Group Policy settings take precedence

Policy Precedence

Desktops

Head Office

Laptops

Policy 1

Policy 2

Policy 3

Page 12: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

• Create default:– Windows Intune Agent Settings policy…

• before installing the Windows Intune client on computers

• Control the installation of Windows Intune Endpoint Protection

– Mobile Device Security policy…• Set required password settings

• Apply Default policies to All Computers to set your baselines

• Assign more specific policies to lower groups

• Clients check for policy at varying times (depending on the platform) so plan ahead.

Windows Intune Policies Best Practices

Page 13: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

DEMO

Managing Policies

Page 14: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

• Policy Templates–Mobile Device Security Policy– The Windows Intune Agent Settings Policy–Windows Intune Center Settings Policy–Windows Firewall Policy

• Forcing Policy Refreshes

• Policy Precedence

• Best Practices

Module Overview

Page 15: Microsoft Virtual Academy Windows Intune for IT Pros Jump Start M05: Windows Intune Policies David Tesar Richard Harrison.

©2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Office, Azure, System Center, Dynamics and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.