Sccm 2012 overview - chris_estonina
-
Upload
microsoft-singapore -
Category
Technology
-
view
6.271 -
download
5
description
Transcript of Sccm 2012 overview - chris_estonina
What is in SCCM 2012?
classic and App-V Applications
IT Asset Intelligence Software Update
Management Software Metering
Support for the Mobile Workforce
What is in SCCM 2012?
Settings Management (aka DCM)
Network Access Protection
Power Management
OS Deployment
Antivirus*
Selfservice Portal
Remote Control
Configuration Manager 2012:
• Still committed and focused on System Management scenarios
• Embrace User Centric scenarios:
• Moving to a state based design, for apps, deployments, content on DPs.
• Full application lifecycle model. Install, Revision Mgt, Supersedence and Uninstall
• Understand and intelligently target the relationships between user systems
• Management solution tailored for applications
Configuration Manager 2007:
• Optimized for Systems Management scenarios
• Challenging to manage users:
• Forced to translate a user to a device
• Explicit: run a specific program on a specific device
• Software Distribution is a glorified script execution.
Application Installation
Application Revision
Application Retirement) Application Supersedence
Application Uninstall
Eliminate Application-to-Application Compatibility issues
App-V applies to your custom applications as well…
Run different versions of Java together…
Office 2000 and 2007 running together…
Peter as „ConfigMgr Admin‟ has rights to entire console
Peter assigns Application Deployment role to Meg
Meg is responsible for deploying software
Meg has a limited view
CENTRAL SITE
Desktop management
solution
BRANCH SITE
BRANCH SITE
BRANCH SITE
CENTRAL SITE
Security management
solution
BRANCH SITE
BRANCH SITE
BRANCH SITE
Applications, OS and application patches, Asset Inventory, etc
Security solutions such as Anti-Virus, Desktop Firewall, NAP, Host Intrusion Prevention, etc
Riga Stradins University
“The integration of management and security makes our IT organization more agile. We‟re more efficient in the way that we use our personnel. We‟ve increased the number of people available to respond to security incidents by 20% with no increase in headcount.”
Management Security +
Security personnel have access to desktop configuration data
Health status and protection status in a single interface, with consolidated reporting
Incident response (identify / patch / remediate) is more targeted
One server infrastructure to maintain
A single mechanism to deploy software updates to clients
Central policy implementation for security and management
One set of training for administrators
A single license to purchase (Core CAL)
IMPROVED PROTECTION LOWER COSTS
One infrastructure for desktop management and protection
Slovenia Telecom
“The integration of Forefront Endpoint Protection with System Center Configuration Manager lets us break down the silos within our organization and increase efficiency.”
FEP is now part of Core CAL
Anti-Spyware
Desktop Firewall
Host Intrusion Prevention (HIPS)
Network Access Control (NAC)
Hard Disk Encryption (new)
Virtual Private Network (VPN)
Windows 7 Built-in Features
Windows Defender
Windows Firewall
User Access Protection (UAC)
Network Access Protection
BitLocker* and BitLocker to Go*
DirectAccess*
Typically, your end point security solution alone will consume 500~600MB of disk space
Most of these features are already part of Windows 7. Windows 7 is secure by default. You basically need only one security agent – Anti-Virus . FEP is now part of Core CAL. *Windows Enterprise feature
Network Access Protection
• Ensure compliance upon access
• Access remediation enforcement
Network Security • Policy based networking • Multi-Home Firewall Profiles • DNSSec Support • Multiple Active Firewalls • Internet Protocol security (IPSec)
improvements
DirectAccess
• Security enhanced, seamless, always on connection to corporate network
• Improved management of remote users • Consistent security for all access
scenarios
BitLocker • BitLocker encryption for local
HDD • BitLocker To Go for USB • Group Policy enforcement
AppLocker • Application “with listing” control • Enables application standardization
User Account Control • Streamlined UAC • Standard user can do even more
Internet Explore 8 Help protect users against: • Social engineering, privacy,
Browser based, and Web server exploits
Right Management Services • Policy based, collaboration and
document level rights management
Encrypting File System • User-based file and folder encryption
*Comparison to Enterprise Version
Unified compliance-settings management across servers, desktops laptops, and mobile devices
Simplify administrator experience Browse gold system when creating configuration items
Simplified Baseline creation experience
Deployment of Baselines User and Device targeting of Baselines
Define compliance SLAs for Baseline deployments and generate Alerts
Monitoring Baseline deployment compliance status
Automatic remediation (aka DCM “set”)
CI revisioning and change control
Offline Servicing of Images Support for Component Based Servicing compatible updates
Uses updates already approved
Boot Media Updates Hierarchy wide boot media – no longer need one per site
Unattended boot media mode – no longer need to press “next”
Use pre-execution hooks to automatically select a task sequence – no longer see many optional task sequences
USMT 4.0 - UI integration and support for hard-link, offline and shadow copy features
IS BACK!
https://connect.microsoft.com/ConfigurationManagervnext
http://www.microsoft.com/sccm