SlideShare a Scribd company logo

SCCM Cloud Management Gateway

Download as PPTX, PDF
Anoop Nair
Anoop Nair

This is slightly customised ppt used in BITPro event by Rajul OS. Also the actual PPT is available here https://mms2017.sched.com/event/AUbW/cloud-management-gateway-deep-dive All credits to Aaron ! #BITPro

Technology
1 of 13
CLOUD MANAGEMENT GATEWAY Courtesy: Microsoft Corporation
SCENARIO AD CA Windows Update
INTERNET-BASED CLIENT MANAGEMENT AD CA Windows Update AD CA
 Manage traditional clients that roam on the Internet  Without additional infrastructure  Without exposing infrastructure to the Internet  That is easily configured through the Configuration Manager Console  Key features continue to work on the device when not on the corporate network  Software updates  Hardware and software inventory  Endpoint protection  Client notification  Settings  Applications PLAN TO SIMPLIFY
CLOUD MANAGEMENT GATEWAY AD CA Windows Update
CERTIFICATES  Management certificate  “Credentials” between site and Azure  Any certificate including self-signed  Public cert uploaded to Azure, .pfx with private key imports into site  Web Service (server authentication) certificate  Use public certificate provider (Symantec, Thawte)  Wild card certificate is not supported  Root/Subordinate certificate authority  Used by CMG for full chain validation on client PKI certificates  Client certificate
NETWORK PORTS  NO INBOUND PORTS REQUIRED! Source Port Destination Use Service Connection Point 443 Azure Deploy CMG CMG Connection Point 443 CMG CMG channel for first VM CMG Connection Point 10124-10140 CMG CMG channel for additional VM instances Client 443 CMG Client channel
SCALING CMG East US East Asia
PERFORMANCE CONSIDERATIONS  Any Internet-roaming client in the site will use the CMG  Reduce network latency by locating CMG, CMG Connection Point and Site Server in same geographic region  Client to CMG in Azure is not regional aware  For high availability, at least two VM instances and two CMG Connection Points per site  Scale-out by increasing VM instances, which leverages Azure load balancer in front of CMG  CMG does round-robin communication with multiple CMG Connection Points; creating more on-premises roles will distribute load
BEST PRACTICES AND FAQS  Publish Certificate Revocation List (CRL) to Internet  HTTPS is optional on-prem  Supports Azure US Government (Fairfax)  Unsupported features (as of 1710) • Azure Resource Manager • Client deployment using client push • Automatic site assignment • User policies • Application catalog • Full operating system deployment (OSD) • Configuration Manager console • Remote tools • Reporting website • Wake on LAN • Peer cache • On-premises Mobile Device Management • Mac, Linux, and UNIX clients • Task Sequence
TROUBLESHOOTING  Deployment:  CloudMgr.log  CMGSetup.log  Service health  CMGService.log  SMS_CLOUD_PROXYCONNECTOR.log  Client traffic  CMGHttpHandler.log -> CMGService.Log -> SMS_CLOUD_PROXYCONNECTOR.log
REFERENCES CMG Setup video  https://youtu.be/-awTBMdMHFE Product documentation  https://docs.microsoft.com/en-us/sccm/core/clients/manage/manage-clients-internet Cost estimates  https://docs.microsoft.com/en-us/sccm/core/clients/manage/plan-cloud-management- gateway#cost-of-cloud-management-gateway
QUESTIONS?

Recommended

Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud Services
David J Rosenthal
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft Azure
Pavel Ryabov
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptx
Razith2
 
AWS
AWSAWS
AWS
ARYA TM
 
Vpc (virtual private cloud)
Vpc (virtual private cloud)Vpc (virtual private cloud)
Vpc (virtual private cloud)
RashmiDhanve
 
Microsoft Intune - Global Azure Bootcamp 2018
Microsoft Intune - Global Azure Bootcamp 2018Microsoft Intune - Global Azure Bootcamp 2018
Microsoft Intune - Global Azure Bootcamp 2018
JoTechies
 
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCIWebinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Storage Switzerland
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azure
Mohammad Ilyas Malik
 

Recommended

Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud Services
David J Rosenthal
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft Azure
Pavel Ryabov
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptx
Razith2
 
AWS
AWSAWS
AWS
ARYA TM
 
Vpc (virtual private cloud)
Vpc (virtual private cloud)Vpc (virtual private cloud)
Vpc (virtual private cloud)
RashmiDhanve
 
Microsoft Intune - Global Azure Bootcamp 2018
Microsoft Intune - Global Azure Bootcamp 2018Microsoft Intune - Global Azure Bootcamp 2018
Microsoft Intune - Global Azure Bootcamp 2018
JoTechies
 
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCIWebinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Storage Switzerland
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azure
Mohammad Ilyas Malik
 
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
Simplilearn
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
Aruba, a Hewlett Packard Enterprise company
 
Cloud Management Gateway Architecture (CMG) – Modern device management
Cloud Management Gateway Architecture (CMG) – Modern device management Cloud Management Gateway Architecture (CMG) – Modern device management
Cloud Management Gateway Architecture (CMG) – Modern device management
vimaldas8
 
Azure storage
Azure storageAzure storage
Azure storage
Raju Kumar
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 
Cloud computing
Cloud computingCloud computing
Cloud computing
DebrajKarmakar
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaS
Robert Crane
 
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Web Services
 
Virtualization
VirtualizationVirtualization
Virtualization
Kingston Smiler
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
Jithin Parakka
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - Introduction
Pranav Ainavolu
 
Cloud service providers
Cloud service providersCloud service providers
Cloud service providers
AgnihotriGhosh1
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual network
Lalit Rawat
 
AZ-900 Azure Fundamentals.pdf
AZ-900 Azure Fundamentals.pdfAZ-900 Azure Fundamentals.pdf
AZ-900 Azure Fundamentals.pdf
ssuser5813861
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azure
Charith Suriyakula
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Siddiq Abu Bakkar
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
Dinusha Kumarasiri
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
Kingston Smiler
 
cloud computing Multi cloud
cloud computing Multi cloudcloud computing Multi cloud
cloud computing Multi cloud
Dr.Neeraj Kumar Pandey
 
Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cb
Kenny Buntinx
 
Cloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptxCloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptx
Satyam340172
 

More Related Content

What's hot

What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
Simplilearn
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 

What's hot (20)

What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
 
Cloud Management Gateway Architecture (CMG) – Modern device management
Cloud Management Gateway Architecture (CMG) – Modern device management Cloud Management Gateway Architecture (CMG) – Modern device management
Cloud Management Gateway Architecture (CMG) – Modern device management
 
Azure storage
Azure storageAzure storage
Azure storage
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaS
 
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - Introduction
 
Cloud service providers
Cloud service providersCloud service providers
Cloud service providers
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual network
 
AZ-900 Azure Fundamentals.pdf
AZ-900 Azure Fundamentals.pdfAZ-900 Azure Fundamentals.pdf
AZ-900 Azure Fundamentals.pdf
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azure
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 
cloud computing Multi cloud
cloud computing Multi cloudcloud computing Multi cloud
cloud computing Multi cloud
 

Similar to SCCM Cloud Management Gateway

Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
CA Technologies
 
Brk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azureBrk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azure
Abou CONDE
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
nvirters
 
Developing and deploying windows azure applications
Developing and deploying windows azure applicationsDeveloping and deploying windows azure applications
Developing and deploying windows azure applications
Manish Corriea
 

Similar to SCCM Cloud Management Gateway (20)

Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cb
 
Cloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptxCloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptx
 
SCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsSCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture Decisions
 
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting TipsSCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
 
Citirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise MobilityCitirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise Mobility
 
Service management Dec 11
Service management Dec 11Service management Dec 11
Service management Dec 11
 
Service Management Dec 11
Service Management Dec 11Service Management Dec 11
Service Management Dec 11
 
Net Services
Net ServicesNet Services
Net Services
 
Expandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibridaExpandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibrida
 
Azure Cloud Application Development Workshop - UGIdotNET
Azure Cloud Application Development Workshop - UGIdotNETAzure Cloud Application Development Workshop - UGIdotNET
Azure Cloud Application Development Workshop - UGIdotNET
 
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
 
Brk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azureBrk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azure
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
 
SCCM on Microsoft Azure
SCCM on Microsoft AzureSCCM on Microsoft Azure
SCCM on Microsoft Azure
 
Azure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSOAzure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSO
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
 
Developing and deploying windows azure applications
Developing and deploying windows azure applicationsDeveloping and deploying windows azure applications
Developing and deploying windows azure applications
 
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerWMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
 
AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
 

More from Anoop Nair

Bangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCMBangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCM
Anoop Nair
 

More from Anoop Nair (10)

End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via Intune
 
Disaster Recovery using Azure Services
Disaster Recovery using Azure ServicesDisaster Recovery using Azure Services
Disaster Recovery using Azure Services
 
Modern Device Management Intune Policies vs Group Policies
Modern Device Management Intune Policies vs Group PoliciesModern Device Management Intune Policies vs Group Policies
Modern Device Management Intune Policies vs Group Policies
 
Azure Automation by Deepak Dhami
Azure Automation by Deepak DhamiAzure Automation by Deepak Dhami
Azure Automation by Deepak Dhami
 
Design & Secure Your Cloud Infrastructure
Design & Secure Your Cloud Infrastructure Design & Secure Your Cloud Infrastructure
Design & Secure Your Cloud Infrastructure
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
SCCM ConfigMgr Intune Architecture Decision Maker
SCCM ConfigMgr Intune Architecture Decision MakerSCCM ConfigMgr Intune Architecture Decision Maker
SCCM ConfigMgr Intune Architecture Decision Maker
 
How to start Learning Microsoft Intune
How to start Learning Microsoft IntuneHow to start Learning Microsoft Intune
How to start Learning Microsoft Intune
 
Windows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group EventWindows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group Event
 
Bangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCMBangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCM
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

SCCM Cloud Management Gateway

  • 1. CLOUD MANAGEMENT GATEWAY Courtesy: Microsoft Corporation
  • 3. INTERNET-BASED CLIENT MANAGEMENT AD CA Windows Update AD CA
  • 4.  Manage traditional clients that roam on the Internet  Without additional infrastructure  Without exposing infrastructure to the Internet  That is easily configured through the Configuration Manager Console  Key features continue to work on the device when not on the corporate network  Software updates  Hardware and software inventory  Endpoint protection  Client notification  Settings  Applications PLAN TO SIMPLIFY
  • 5. CLOUD MANAGEMENT GATEWAY AD CA Windows Update
  • 6. CERTIFICATES  Management certificate  “Credentials” between site and Azure  Any certificate including self-signed  Public cert uploaded to Azure, .pfx with private key imports into site  Web Service (server authentication) certificate  Use public certificate provider (Symantec, Thawte)  Wild card certificate is not supported  Root/Subordinate certificate authority  Used by CMG for full chain validation on client PKI certificates  Client certificate
  • 7. NETWORK PORTS  NO INBOUND PORTS REQUIRED! Source Port Destination Use Service Connection Point 443 Azure Deploy CMG CMG Connection Point 443 CMG CMG channel for first VM CMG Connection Point 10124-10140 CMG CMG channel for additional VM instances Client 443 CMG Client channel
  • 9. PERFORMANCE CONSIDERATIONS  Any Internet-roaming client in the site will use the CMG  Reduce network latency by locating CMG, CMG Connection Point and Site Server in same geographic region  Client to CMG in Azure is not regional aware  For high availability, at least two VM instances and two CMG Connection Points per site  Scale-out by increasing VM instances, which leverages Azure load balancer in front of CMG  CMG does round-robin communication with multiple CMG Connection Points; creating more on-premises roles will distribute load
  • 10. BEST PRACTICES AND FAQS  Publish Certificate Revocation List (CRL) to Internet  HTTPS is optional on-prem  Supports Azure US Government (Fairfax)  Unsupported features (as of 1710) • Azure Resource Manager • Client deployment using client push • Automatic site assignment • User policies • Application catalog • Full operating system deployment (OSD) • Configuration Manager console • Remote tools • Reporting website • Wake on LAN • Peer cache • On-premises Mobile Device Management • Mac, Linux, and UNIX clients • Task Sequence
  • 11. TROUBLESHOOTING  Deployment:  CloudMgr.log  CMGSetup.log  Service health  CMGService.log  SMS_CLOUD_PROXYCONNECTOR.log  Client traffic  CMGHttpHandler.log -> CMGService.Log -> SMS_CLOUD_PROXYCONNECTOR.log
  • 12. REFERENCES CMG Setup video  https://youtu.be/-awTBMdMHFE Product documentation  https://docs.microsoft.com/en-us/sccm/core/clients/manage/manage-clients-internet Cost estimates  https://docs.microsoft.com/en-us/sccm/core/clients/manage/plan-cloud-management- gateway#cost-of-cloud-management-gateway

Editor's Notes

  1. Both
  2. Aaron Traditional management with SCCM (not ready for modern management via Intune) Clients roam onto Internet (home, travel, remote office) Still need to be managed, especially software updates
  3. Aaron This method relies on Internet-facing site system servers to which clients communicate for management purposes. This method requires clients and site system servers to be configured for Internet-based management. Advantages: No cloud service dependency. No additional cost associated with a cloud subscription. Full control of servers and roles providing the service. Disadvantages: Require additional infrastructure investment. Overhead and operational cost of additional infrastructure. Infrastructure must be exposed to the Internet.
  4. Aaron
  5. Aaron Advantages: No additional infrastructure investment required. Does not expose on-premises infrastructure to the Internet. Cloud virtual machines that run the service are fully managed by Azure and require no maintenance. Easily set up and configured in the Configuration Manager console. Disadvantages: Cloud subscription cost. Management data sent through cloud service.
  6. Dune
  7. Aaron
  8. Aaron
  9. Dune
  10. Dune
  11. Dune
  12. Aaron