Upload
latrell-marden
View
225
Download
0
Tags:
Embed Size (px)
Citation preview
Enable “Bring Your Own Device” with SCCM 2012David Caddick [email protected] Solutions Architect, Quest Software
WCL315
Agenda
Extend SCCM to cover Apple iOS devicesWhy it makes senseHow does it workMobile EnterpriseDemo – https://qmx.questworkspace.com/mdmOr - http://bit.ly/Oo62Yx user: Quest\demoanz pwd: P@ssword
Gartner predicts that by 2015, mobile application development projects for smartphones and tablets will outnumber native PC projects by a ratio of 4:1
A report from JPMorgan shows that the iPad is *the* most disruptive technology to date.
Why MDM is rapidly becoming a “must have”
A World of Connected Devices
One User =One Desktop
In 2011 power users owned between 5 and 7 internet connected devices
Source: IDC, 2010-2011Media Tablet Multi-Client Study, February 2011. Note: IDC only surveyed iPad owners for this study.
916M smart connected devices were shipped in 2011
This is forecastedto double to 1.84Bin 2016Source: IDC, "Nearly 1 Billion Smart Connected Devices
Shipped in 2011 with Shipments Expected to Double by 2016, According to IDC," Doc #prUS23398412, March 28, 2012.
Organizations say 34%of their employees are accessing business appson personal devices
69% of employees saythey are accessing business apps on personal devices
Source for both: IDC, “2011 Consumerization of IT Study : Closing the ‘Consumerization Gap’”, July 2011
SCCM is rapidly becoming the defacto standard for Desktop Management, why not simply extend the system to incorporate any other devices?Get control of *ALL* of your Mac’s, iOS and mobile devices
Mac OSX management (Agent or Agent-less)Apple iOS management (Agentless)Over 120+ other cross-platforms availableQMX – also enables Operations Manager integration (QMX can extend both SCCM and SCOM)
Simply extend SCCMto enable BYOD
QMX for SCCM 2012Why it makes sense
The ability to integrate OSX & iOS devices into SCCM simplifies the management of these devices in a predominately Microsoft-based IT organizations.
100% accountability for an entire organization is now possible through Microsoft System Center.
QMX is the only solution providing reporting, software distribution, and device administration natively through System Center Configuration Manager (SCCM) for both OSX and iOS.
QMX is the only solution providing reporting, software distribution, and device administration natively through System Center Configuration Manager (SCCM) for both OSX and iOS.
Leverages the existing SCCM infrastructureA familiar “pane of glass”Reporting, Inventory, Software distribution, and device adminOSX and iOS … and a whole lot more
QMX for SCCM 2012Easy to use
SCCM & QMX – How it works
How SCCM and QMX works
Groups
Groups
Simple Enrolment
Inventory
Reporting
Software Distribution
iPhone iPad Android• Apply applications• Apply policies• Apply restrictions
Provision Exchange PolicyProvision Policies
Provision ApplicationsSecure Mail Gateway
QMX for SCCM 2012Deploy Secure
Settings
http://www.dsd.gov.au/publications/iOS5_Hardening_Guide.pdf
demo
Live demo from RedmondQMX Server in Microsoft Labs
Managing the Mobile Workforce with the iOS Extension
iOS Mobile Device Management: push profiles, applications, run hardware & software inventories; lock, wipe and manage your growing number of Apple iOS mobile devices
System Center Integration
• Configuration Manager direct integration to standard collections, resource explorer and reporting
• Consistent QMX configuration tool UI for Global Infrastructure usability
• Menu driven Utility invocation• Menu driven Security Control• Profile Library container and Web service listing
for self-service distribution
Seamless integration with the Microsoft System Center Configuration Manager console
QMX - Configuration Manager
Network Email Directory File/Print OS Database Application Web Storage
Cisco
3COM
Juniper
GroupWise
Notes
Exchange
NDS
NIS
Active Director
y
Linux
Unix
Sharepoint
Solaris
Apple
Windows
Oracle
DB2
SQL Serve
r
“ERP”
Java
.NET
Apache
Netscape
IIS
EMC
NetApp
McData
System Admin Network Admin
QMX for SCCM 2012Very broad coverage
How does it work for Mac OSX?Agentless or Agent basedAs a service connecting to SCCMAll information is encrypted / each transaction is loggedThe device is instructed to contact the QMX/SCCM Server to process requests/instructionsEnables simple right-click menu to VNC, SSH, Telnet, etc to OSX device as well as all standard SCCM functions.
QMX Mac Edition
Flexibility to Manage Mac OSX – with Agents or Agent-lessly
Seamless integration with the Microsoft System Center Configuration Manager console
QMX – Configuration Manager Features: 120 cross-platforms
• System Discovery – Multiple auto-discovery methods
• Hardware Inventory – Displays system information in the Resource Explorer
• Software Inventory – Captures & Integrates Mac and other non-Windows systems
• Software Distribution – Remote software distribution keeps desktops up to date
• Reporting – Standard Configuration Manager reporting from the SCCM database
• Collections – Installed with Windows collections for heterogeneous management
Mac OSX Management
QMX Mac EditionIf not BYOC – add QAS?
• Tying Apple's Managed Client Solution to Active Directory Group PolicyAuthentication Services delivers Mac preferences and settings from Active Directory Group Policy directly to Apple Computer’s managed client solution. This native integration allows existing Apple applications, such as the System Profiler, to see and display preference settings from Active Directory Group Policy.
• Active Directory Settings Extended to the MacAuthentication Services also extends many powerful Windows identity and access management polices to the Mac environment for: Passwords Account lockout Kerberos User rights assignment Security options
SCCM & QMX – Mobile Enterprise
How to enable BYOD securelyInstead of disabling a host of features on Smartphones in the name of security – shouldn’t we simply protect the Data instead?Ensure Data Protection is enabled for corporate email on a BYODLet users access iCloud for backup – safe in the knowledge that there is no company data being backed up to a private account Isn’t this what BYOD is all about?
QMX Mobile Enterprise
FeaturesAgentless with a simple enrolment process – increase battery lifeDetect Jailbroken devices – but we will assume it is broken anywayAll mail and attachments are held in memory only – *NOT* stored on device or SSD – now there is no need to enforce encryptionWide range of policies as to what can and can’t be done with mail and attachments – disable forwarding, cut & paste, etc.GeoFencing – change the policies based on location
QMX Mobile Enterprise
SCCM & QMX - Review
QMX – Compatible with SCCM & SCOM 2012Support for self service software distribution for OSX – SCCM 2012 (CY 2012)QMX for Mobile Enterprise
Enable detection of Jailbroken devicesProtect email and attachments with an Agentless system
The Entire System Center SuiteOver 400 Extensions in total – growing constantlyAny SNMP device can be added if the MIB is available – less than 4 weeks turnaround
SCCM & QMX: Review
Contact Quest for TrialTrial use for 30 daysHowTo for install and setup guide - http://bit.ly/PakJvn
Use SCCM 2012Manage Exchange and Supports Windows 8 and VDI
Migrating to Windows 7 & 8Use Quest ChangeBASE to accelerate App Migrations
Quest’s vWorkspacecan accelerate Server 2012 RDSH and Windows 8 now
Next Steps:
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the
part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.