2011 11-28 sccm-2012_technical_overview


Published on

Introduction of SCCM

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Forefront Endpoint Protection is the next generation of Forefront Client Security. It builds on the protection technologies included in the previous versions and provides a completely new management experience.Since FEP is built on Configuration Manager, it offers easy installation of FEP server and easier deployment of clients using the existing infrastructure. FEP is also able to support enterprise wide scalability up to 100s of thousands of clients across various Windows operating systems.FEP provides highly accurate detection of known and unknown threats using many new and improved technologies in its antimalware engine as well as through host firewall management. While providing comprehensive protection, FEP keeps employees productive with low performance impact scanning an productivity oriented default policies.And finally, with FEP Administrators have a central location for creating and applying all endpoint-related policies. With a shared view of endpoint protection and configuration, administrators can more easily identify and remediate vulnerable computers.In the following sections, we will look at these benefits in more details.
  • 2011 11-28 sccm-2012_technical_overview

    1. 1. What is in SCCM 2012? IT Asset Intelligence Software Update Management Software Metering Remote Control classic .msi Support forApp-V Applications the Mobile Workforce OS Deployment Power Management Selfservice Network Access Portal Protection Antivirus Settings Management (aka DCM)
    2. 2. Empower Users Unify Infrastructure Simplify AdministrationEmpower people to be Reduce costs by unifying IT Improve IT effectiveness andproductive from anywhere on management infrastructure efficiencywhatever device they choose Mobile, physical, and virtual Comprehensive client management management capabilities Application self-service Reduced infrastructure complexity
    3. 3. Application Model Unified monitoring experience Rich End user experience Content managementUser Device Affinity
    4. 4. Configuration Manager 2007 Configuration Manager 2012Optimized for Systems Management scenarios • Still committed and focused on System Management scenarios• Challenging to manage users • Embrace User Centric Scenarios • Forced to translate a user to a device • Moving to a state based design, for apps, deployments, • Explicit: run a specific program on a specific device content on DPs. • Full application lifecycle model. Install, Revision Mgt, Supersedence and Uninstall• Software Distribution is a glorified script execution • Understand and intelligently target the relationships between user systems • Management solution tailored for applications
    5. 5. Deploy applications to usersSCCM maintains relationships
    6. 6. Requirement rulesDependenciesSupersedenceUpdate an app
    7. 7. Evaluate application requirementUser Device Affinity support
    8. 8. define a relationship between a user and a deviceSingle primary userMultiple primary users
    9. 9. install the MSI version of Microsoft Visio if the device is a primary install the Citrix XenApp version ifthe device is not a primary device
    10. 10. General information about the software application
    11. 11. Feature Configuration Manager 2007 Configuration Manager 2012Create/Model Software Package Application and Deployment Program TypesDeploy Software Advertisement (Install Status) Deployment (state based) via detection methodTargeting Collection rules (Server) Requirement rules (Client)User-targeting None or limited User Device AffinityClient User Experience Run Advertised Programs Software CenterSoftware Install from Web site None Software CatalogContent Management None or limited Content library
    12. 12. more granular control over detecting the presenceComplex expressions containing multiple rules
    13. 13. Application InstallationApplication Uninstall Application Revision Application Retirement Application Supersedence
    14. 14. to create a relationship and declare oneapplication newer than another previous application
    15. 15. User only sees latest application version
    16. 16. Light Management • EAS-based policy delivery • Discovery and inventory 7 • • Settings policy Remote Wipe NOKIA • Secure over-the-air enrollmentDepth Management • Monitor and remediate out-of- compliance devices • Deploy and remove applications (WinCE 5.0, 6.0; Windows Mobile 6.0, 6.1, 6.5.x) • Inventory • Remote wipe
    17. 17. Web based „Software catalog‟User preferences to control ConfigMgrbehaviors: “My business hours” – used to control when to install software Presentation mode – don‟t notify when presenting Remote control settings – when allowed, end user can control their experience
    18. 18. Direct self-installation from software catalogRequest approval for software
    19. 19. Process Flow • User clicks “install” on Catalog item 1 • Web site checks user‟s permissions to install 2 • Web site requests Client ID from ConfigMgr 3 client agent and passes it to Site server • Server creates policy for the specified client 4 and app and passes it to client • Client agent evaluates requirements from the 5 policy and initiates installation • Client agent completes installation process 6 and reports status
    20. 20. Empower Users Unify Infrastructure Simplify AdministrationEmpower people to be Reduce costs by unifying IT Improve IT effectiveness andproductive from anywhere on management infrastructure efficiencywhatever device they choose Mobile, physical, and virtual management
    21. 21. ribbon interface• Role-Based Administration: Only show what is relevant to the administrative role• Simplified navigation
    22. 22. Functionality ConfigMgr 2007 ConfigMgr 2012What types of objects can I see and what Class rights Security rolescan I do to them?Which instances can I see and interact with? Object instance permissions Security scopesWhich resources can I interact with? Site specific resource Collection limiting permissions
    23. 23. Central Primary Sites Secondary SitesAdministrationSiteCentral primary Client management Content routingsite & settingsadministrationReporting 100K clients per site Distributions points Delegated Requires SQL Administration server Language Packs Lack of local administrator Support distributed organizational boundaries
    24. 24. deliver different installation formats basedon conditions MSI Script App-V Windows Mobile 6.x
    25. 25. Unique ConfigMgr 2007 Primary Site for: ConfigMgr 2012 solutions (no unique primary sites):Decentralized administration Role Based AdministrationLogical data segmentation Role Based AdministrationClient settings Client settings for the hierarchy and unique collectionsLanguage Language packsContent routing for deep hierarchies Secondary Sites or Distribution Points
    26. 26. Empower Users Unify Infrastructure Simplify AdministrationEmpower people to be Reduce costs by unifying IT Improve IT effectiveness andproductive from anywhere on management infrastructure efficiencywhatever device they choose Reduced infrastructure complexity
    27. 27. Simplified Desktop Ease of Deployment Enhanced Protection Management• Built on top of Microsoft® • Protection against all type of • Unified management interface System Center Configuration malware for desktop administrators Manager • Proactive security against zero • Effective alerts• Supports all System Center day threats Configuration Manager • Simple, operation-oriented policy topologies and scale • Productivity-oriented default administration configuration• Facilitates easy migration • Historical reporting for security • Integrated management of host administrators• Deploy across various firewall operating systems Windows® client and Server • Backed by Microsoft Malware Protection Center
    28. 28. Config. / Dashboard ReportsSpyNet DATA SQL ConfigMgr Site Reporting ConfigMgr Server & DB Services Software Distribution (or File Share) ConfigMgr Desired Configuration EVENTS Management TELEMETRY Desktops, Laptops, and Servers running ConfigMgr Client & FEP 2010
    29. 29. Client side monitoring/remediation
    30. 30.  Ability to validate content on a distribution point  Available as a set schedule or on demand  Updates package compliance in the monitoring node
    31. 31. Auto Deployment Rules Use search criteria to identify Schedule content download and deployment
    32. 32. Power ManagementPhase 1: Monitor•Enable client management agent•Begin monitoring usage and activity Non-Peak & PeakPhase 2: Plan•Continue monitoring on usage and activity•Begin to develop Power PlanMid-Month:•Power Plan has been confirmedPhase 3: Apply Power policy•Begin applying Power PlanPhase 4: Compliance & Analyze•Review before and after usage and activity•Determine savings in Kwh and Co2 saved
    33. 33. Copy settings compliance SLAs for Baselines Richer reportingEnhanced versioning and audit tracking Ability to specify specific versions to be used in baselines Audit tracking includes who changed what
    34. 34. IS BACK!
    35. 35. Assist with Migration of Objects Assist with Migration of Clients Minimize WAN impactMaximize Re-usability of x64 Server Hardware Assist with Flattening of Hierarchy