Microsoft System Center 2012 Configuration Manager Overview Wally Mead Senior Program Manager...
-
Upload
taylor-faunce -
Category
Documents
-
view
215 -
download
1
Transcript of Microsoft System Center 2012 Configuration Manager Overview Wally Mead Senior Program Manager...
Microsoft System Center 2012 Configuration Manager Overview
Wally MeadSenior Program ManagerMicrosoft Corporation
Mark FloridaPrincipal Program Manager LeadMicrosoft Corporation
MGT309
2003
20122012
2011
2007
1999 SMS 2.0
1994SMS 1.0
Evolution of Microsoft Client Management
Client Management Infancy (NT Domain)
Groups ModelComprehensive Management
Laptops, Servers,
Enterprise Scale
Consumerization of IT
Management from the
Cloud
I want to connect to people and be productive anywhere, anytime
Security and AccessHow can IT provide access to apps and data while maintaining security?
How can IT support and manage all those devices?
I want to use the device I prefer
Challenges to Enabling Consumerization
Management of diverse devices
Secure, anywhere access to apps & data
Application Experience
Devices User Corporate
Consumer
Infrastructure Considerations
System Center 2012 Configuration Manager
Empower Users
Empower people to be more productive
from almost anywhere on almost
any device.
Simplify Administration
Improve IT effectiveness and efficiency.
Unify Infrastructure
Reduce costs by unifying IT management infrastructure.
Empower Users
Empower people to be more productive from anywhere on
any device.
Application Delivery
Mobile Device Management
Unify Infrastructure
Reduce costs by unifying IT management infrastructure.
Simplify Administration
Improve IT effectiveness and efficiency.
User-centric Application DeliveryAdministrator
Empower
Delivery Evaluation Criteria• User• Device type• Network connection
User/Device Relationships
Primary Devices• MSI• App-VNon-primary Devices• VDI• Presentation Server• Remote Desktop
• Deliver best user experience on each device• Define application once
< >
Windows Embedded
Application “Package”
User-centric Application DeliveryNew Application Model
Keep your apps organized and managed
App-V
Windows Script
CAB
Windows Installer
Empower
General Information
Administrator Properties
End User Metadata The “friendly” information for your users (appears in Catalog)
Is app installed?
Deployment Type
Detection Method
Install Command
Requirement Rules
Dependencies
Supersedence
Command line and options
Can/cannot install app
Apps that must be present
Application version control
< >
User-centric Application DeliveryEnd User Self-service
IT
Empower
Administrators publish software titles to catalog, complete with meta data to enable search• Deliver best user experience
on each device
Users can browse, select and install directly from Catalog• Application model determines
format and policies for deliveryUse
r
Management for all Exchange ActiveSync (EAS) connected devices
• EAS-based policy delivery• Discovery and inventory• Settings policy• Remote Wipe
Empower
7
Mobile Device Management
People-Centric Software Distribution
DEMO
Upcoming Enhancements in SP1
Platform Support:Windows 8Windows 8 tablet (Intel SoC) supportMac OS XLinux and Unix
Operating System Deployment: Windows To Go supportApplication Delivery:
Metro style applicationsDeep link applicationsNetwork cost support
Empower
Linux & UNIX: Supported Operating Systems
• Version 5.3 (Power)• Version 6.1 (Power)• Version 7.1 (Power)
AIX
• Version 11iv2 (PA-RISC/IA64)• Version 11iv3 (PA-RISC/IA64)HP-UX
• Version 4 (x86/x64)• Version 5 (x86/x64)• Version 6 (x86/x64)
Red Hat Enterprise Linux
• Version 9 (SPARC)• Version 10 (SPARC/x86)• Version 11 (SPARC/x86)
Solaris
• Version 9 (x86)• Version 10 SP1 (x86/x64)• Version 11 (x86/x64)
SUSE Linux Enterprise
Server
• Supported OS’s across both: • Configuration Manager• Operations Manager
• Newer versions of operating systems will be supported within 180 days of release
• Old versions will be supported as long as vendor provides support
• Broader Linux distro support being evaluated for future releases
Linux & UNIX: FeaturesHardware Inventory:
16 core classes viewable through Resource Explorer Extensible model – supports custom classes and pluggable providersARP shows all native installed software (e.g. rpm’s or pkg’s)Create collections of Linux/UNIX computers
Software DeploymentUsing the Package and Program modelDeploy/patch software, deploy OS patches and run maintenance scripts that target a collection
Secure and Authenticated communications
Consolidated reports
Metro Style Applications and MAC OS X Software Distribution
DEMO
Unify Infrastructure
Reduce costs by unifying IT management infrastructure.
Reduced Infrastructure Requirements
Unified Management of Virtual Clients
Endpoint Protection
Software Update Management
Compliance & Settings Management
Power Management
Internet-based Client Management
Reduced Infrastructure Requirements Unify
Central Administration Site
• Central primary site administration
• Reporting
Primary Sites
• Client management and settings • Delegated administration
Secondary Sites
• Content routing• Distributions points
Central Administration
Site
Primary Site Primary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
CONNECTION BROKER
Unified Management of Virtual Clients
User-centric application delivery through App-V or Citrix XenApp.
Single admin experience for managing physical and virtual desktops. Integrates with RDS and XenDesktop. • Recognizes pooled and personal virtual
desktops • Randomizes tasks
Unify
HYPER-V
CONFIGMGRDP/MP
APP-VSEQUENCER
Security and ComplianceEndpoint Protection
Unified Infrastructure
• Simplified server and client deployment
• Streamlined updates• Consolidated reporting
Comprehensive Protection Stack• Behavior monitoring• Antimalware• Dynamic Translation• Windows and Firewall
Management
Unify
Security and ComplianceSoftware Update
CAS
Primary SiteMP Role
Primary SiteDP Role
Assigns policy to scan for update status or to deploy update
Distributes updates Reports
compliance
Microsoft Update
Primary SiteSUP Role/WSUS
Unify
Identifies who needs updates and reports on complianceDownloads
updates
Auto Deployment• Faster deployment through search• Schedule content download and
deployment to avoid reboot during work hours
State-based Updates• Allows individual
or group deployment• Updates added to groups auto
deploy to targeted collections
Optimized for New Content Model• Reduce replication and storage• Expired updates and content
deleted
ConfigMgr MP
Security and ComplianceSettings Management
Baseline ConfigMgr Agent
WMI XML
Registry IISMSI
Script SQL
SoftwareUpdates
File
ActiveDirectory
Baseline Configuration Items
Auto RemediateOR
Create Alert (to Service Manager)
!
Unify
Improved functionality• Copy settings• Trigger console alerts• Richer reporting
Enhanced versioning and audit tracking• Ability to specify versions to be used in baselines• Audit tracking includes who changed what
Pre-built industry standard baseline templates through IT GRC Solution Accelerator
Assignment to collections
Baseline drift
Week 1: Monitor•Enable client management agent•Begin monitoring usage and activity
Power Management
Non-Peak & Peak
Week 2: Plan•Continue monitoring on usage and activity•Begin to develop Power Plan•VM awareness (new compared to 2007)•Copy power policies (new compared to 2007)Mid-Month:•Power Plan has been confirmed
Week 3: Apply Power policy•Begin applying Power Plan•End user opt-out (new compared to 2007)
Week 4: Compliance & Analyze•Review before and after usage and activity•Determine savings in Kwh and Co2 saved
Unify
Internet-based Client Management
PR1
MP DP
MP
DP
Non PKI enabled site system
PKI enabled site system
Unify
Intranet Internet Reduced Complexity• Single Primary site can manage both
Intranet clients (over HTTP) and Internet clients (over HTTPS)
Flexibility• Primary sites can be configured to either
support only HTTPS roles or both HTTP and HTTPS site roles
Reliability• Intelligent client behavior enables client to
communicate using the most secure option available
• Tighter security enforcement by only allowing clients with Enterprise-issued certificates to communicate with the ConfigMgr roles
Settings Management
DEMO
Upcoming Enhancements in SP1
Flexible hierarchy management:Ability to add a new Central Administration SiteMigration between ConfigMgr 2012 hierarchies
Hierarchy easier to control:When: Schedule replication for a given linkWhat: SQL Server distributed viewsHow much: Compression for SQL Server data
Setting Management: User Profile and Data Management
Client Side CachingRoaming User ProfilesFolder Redirection
Unify
Flexible Hierarchy Management
Primary Site
Houston Primary Site10,000 Clients
Central Administration Site
What’s new in SP1
Scenario 1: Hierarchy Expansion Must be a
new installation
Scenario 2:Merger
Primary Site
Miami Primary Site5,000 Clients
Migration
Simplify Administration
Improve IT effectiveness and efficiency.
Modern GUI
Role-based Administration
Operating System Deployment
Asset Intelligence
Client Health
Remote Control
Modern GUI Simplify
• Intuitive ribbon interface• In-console alerts• Global search capability• New collection membership
rules allow better filtering of members
Role Based Administration
Functionality ConfigMgr 2007 ConfigMgr 2012
What types of objects can I see and what can I do to them?
Class rights Security roles
Which instances can I see and interact with?
Object instance permissions
Security scopes
Which resources can I interact with?
Site specific resource permissions
Collection limiting
Simplify
Meg- WW Central System Administrator
Louis-Software Update Manager for France
Bob- US & France Security Admin
• Can see & update “France” desktops
• Cannot modify security settings on “France” desktops
• Cannot see “All Systems” or “U.S.” desktops
• Can see & modify security settings on “France” and “U.S.” desktops
• Cannot update “France” or “U.S.” desktops
• Cannot see “All Systems”
Map the organizational roles of your administrators to defined security roles
• Security organization role• Geography
Reduces error, defines span of control for the organization
Role Based Administration
DEMO
CAS
Primary SiteMP Role
Primary Site
DP Role
ImageTask
Sequence
Report
WDS PXE Server
Simplify
Multiple Deployment Method Support• PXE initiated deployment allows
client computers to request deployment over the network
• Multi-cast deployment to conserve network bandwidth
• Stand-alone media deployment for no network connectivity or low bandwidth
• Pre-staged media deployment allows you to deploy an operating system to a computer that is not fully provisioned
USMT 4.0 UI integration makes it easier transfer files and user settings from one machine to another
Operating System Deployment
BitLocker changes:TPM and PINUsed Space BitLocker
Prestage media now supports additional content types:
Before: WIMNow: WIM, Applications, Drivers, Package/Programs
What’s new in SP1Operating System Deployment
Client Activity and Health Simplify
• In-console view of client health• Threshold-based console alerts• Heartbeat DDRs• HW/SW inventory and status• Remediation (same as Setting
Mgmt)
Asset Intelligence, Inventory, and Software Metering
Software Metering & License Reports Asset Intelligence Service
Asset Intelligence Catalog
Real-time Applicationand Hardware Intelligence
Consolidated/simplified reporting that allows you to • Understand software installation profiles• Plan for hardware upgrades• Identify over or under licensing issues• Track custom apps or groups of titles
ConfigMgr Inventory
Simplify
Remote Control
What's New in Remote Control
Ability to send Ctrl-Alt-Del keystroke to host deviceGranular client settings per collectionLock keyboard and MouseAbility to create Firewall exception ruleCcmeval monitors and remediates Remote Control Service
Simplify
PowerShell
PowerShell ProviderCmdlets:
Scope: Tasks exposed in the Administration ConsoleHow:
Suitable experience for administrator (not the SDK)Align with PowerShell general conventions
What’s new in SP1
Migration From Configmgr 2007 To 2012
Assist with Migration of Objects
Assist with Migration of Clients
Minimize WAN impact
Maximize Re-usability of x64 Server Hardware
Assist with Flattening of Hierarchy
Built-in Migration Feature
Migration Job Types:Object Migration (Collections, software distribution packages, boundaries, metering rules etc.)Collection based Migration (Select a collection and migrate associated objects)
Content functionality:Re-use of existing ConfigMgr 2007 content (Distribution Point sharing)Distribution Point upgrade
Import of ConfigMgr 2007 inventory MOF files
Prepare For Configuration Manager 2012
Flatten hierarchy where possiblePlan for Windows Server 2008, SQL 2008, and 64-bitStart implementing BranchCache™ with Configuration Manager 2007 SP2Move from web reporting to SQL Reporting ServicesAvoid mixing user and devices in collection definitionsUse UNC (\\server\myapp\myapp.msi) in package source path instead of local path (d:\myapp)
SummaryEm
pow
er
Unify
Sim
plif
y Role-based Administration
Internet-based Client Management
Power Management
Software Update Management
Reduced Infrastructure Requirements
Mobile Device Management
Application Delivery
Compliance & Settings Management
Endpoint Protection
Unified Management of Virtual Clients
Operating System Deployment
Asset Intelligence, Client Health, and Inventory
End user platform support
Application Delivery 2007 R3
Device Centric
MDM licensing
2012
User Centric
Integrated
Windows and EAS
New
Improved
Integrated
Auto Remediation
Improved
New
2012 SP1
Metro style
Windows 8,Mac,Linux
Flexible hierarchies
Real-time actions
User Profile and Data
Improved
Improved
Related Content
Breakout SessionsMGT310 | Microsoft System Center 2012 Endpoint Protection OverviewMGT311 | Microsoft System Center 2012 Configuration Manager Deployment and Infrastructure Technical OverviewMGT312 | Deep Application Management with Microsoft System Center 2012 Configuration ManagerMGT313 | Microsoft System Center 2012 Configuration Manager: Plan, Deploy, and Migrate from Configuration Manager 2007 to 2012MGT318 | Patch and Settings Management in Microsoft System Center 2012 Configuration ManagerWCL388 | Client Management Scenarios in the Windows 8 Timeframe
Related Content
Hands-on Labs:MGT23-HOL | Deploying Windows 7 to Bare Metal Systems with Microsoft System Center 2012 Configuration ManagerMGT24-HOL | Implementing Endpoint Protection 2012 in Microsoft System Center 2012 Configuration ManagerMGT12-HOL | Compliance and Settings Management in Microsoft System Center 2012 Configuration ManagerMGT25-HOL | Deep Dive: Microsoft System Center 2012 Configuration Manager SQL Replication LabsMGT21-HOL | Basic Software Distribution in Microsoft System Center 2012 Configuration ManagerMGT16-HOL | Migrating from Microsoft System Center Configuration Manager 2007 to System Center 2012 Configuration ManagerMGT14-HOL | Implementing Role Based Administration in Microsoft System Center 2012 Configuration ManagerMGT15-HOL | Deploying a Microsoft System Center 2012 Configuration Manager HierarchyMGT11-HOL | Introduction to Microsoft System Center 2012 Configuration Manager
Resources
Connect. Share. Discuss.
http://northamerica.msteched.com
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Resources for Developers
http://microsoft.com/msdn
Complete an evaluation on CommNet and enter to win!
MS Tag
Scan the Tagto evaluate thissession now onmyTechEd Mobile
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.