This document discusses mobile device management capabilities including managing devices both on-premises and in the cloud from a single console, enabling secure access to corporate resources, and protecting corporate data by selectively wiping devices. It also discusses managing Windows, Mac, iOS, and Android devices as well as BYOD.

5. Service Management
Provisioning
Configuration
Monitoring
Protection
Automation
Service
Management
Provisioning
ConfigurationMonitoring
Protection
Automation
Service Manager
Orchestrator
App Controller
Endpoint protection
Hybrid
Cloud
Private
Cloud

9. AppsUsers DataDevices

11. Mobile Device Management
Unify your environment
On-premises and cloud-based
management of devices within a
single console.
Simplified, user-centric application
management across devices
Comprehensive settings
management across platforms,
including certificates, VPNs, and
wireless network profiles
Enable users
Access to company resources
consistently across devices
Simplified registration and
enrollment of devices
Synchronized corporate data
Protect your data
Protect corporate information by
selectively wiping apps and data
from retired/lost devices
A common identity for accessing
resources on-premises and in the
cloud
Identify which mobile devices have
been compromised
√

13. ♥

14. Mac OS X
Windows PCs
(x86/64, Intel SoC),
Windows to Go
Windows Embedded
Windows 8 RT
Windows 8.1
Windows Phone 8.x
iOS, Android
Domain joined PCs
Mobile devices
BYOD

17. • If you deploy an application
to users, the application shortcuts
are only created for the targeted
users, regardless of who logs onto
the system
• If you deploy the application to a
system, the application is installed
for all users of the system
You can deploy applications to users or devices

18. A deployment type contains information about the files, commands, and programs
used to install software by using a particular method or command. The Create
Deployment Type Wizard provides you with the following settings:

19. Detection rules:
• Perform evaluation before
content is requested
• Can examine the registry,
file system, and Windows
Installer database or use a
custom script
• Are evaluated when an
application is deployed and
periodically thereafter to
detect missing applications
A procedure that enables the deployment process to determine
whether an application is present on a system

20. • Dependencies are defined on a
deployment type
• Dependencies allow you to ensure that
application requirements can be enforced
or remediated
• Dependencies define the application
deployment types that must be installed
before the deployed deployment type can
be installed
• After the dependencies are fulfilled, the
application will install
• Dependent applications can be configured
to install automatically

21. • Requirements specify the
conditions that must be
met before an application
can be installed
• Requirements are defined
in a deployment type
• When a deployment type
is evaluated, the
requirement must be
satisfied for that
deployment type to apply
• Requirements can be
created for reasons such
as:
• Hardware requirements
• Users primary device
Meets requirements?

22. • User device affinity allows a user to be
associated with a device
• Users can have an affinity with multiple
devices
• User device affinity can be a requirement
in an application so that applications are
installed automatically on users’ systems
if the systems meet any other
requirements
• When a user accesses a device without an
affinity relationship:
• Applications could be configured not to
install
• Applications could use a different
deployment type such as deploying a
virtualized application

23. Software Center is the users’ default interface for managing software deployments

25. The End User Experience Family

26. • You use application
supersedence to specify an
upgrade path for applications
• When you configure application
supersedence, the old
application is no longer available
• You can leave the old
application on the system,
upgrade it, or completely
uninstall it
• You can view the relationships
with the View Relationships
button on the ribbon

27. •You can uninstall an application by creating a
deployment with the uninstall action
•An uninstall will not execute if the client is
the target of a deployment with the install
action

28. • You can view a previous
version by using the View
button
• You can restore previous
versions of an application
if you need to; restoring a
previous version creates a
new revision of the
application
Whenever an application is modified, Configuration Manager tracks
the changes and stores them in the Configuration Manager database

33. Types of systems to update include:
Physical Desktops and Servers Virtual Desktops and Servers
Stored Images and Virtual Machine Templates

34. 1. Create a software update group:
• Add required software updates
2. Create and distribute deployment packages:
• Start the Download Software Updates Wizard
• Specify the package source and download location of the software updates
• Specify distribution points
3. Deploy the software update group:
• Start the Deploy Software Updates Wizard
• Specify the target collection
• Select whether the update is required or available
• Specify the deployment schedule and user experience

35. Automatic Deployment Rules automate:
• Selecting specific software updates based upon criteria
• Creating a software update group containing the list of
updates
• Downloading the update content to a deployment
package
• Distributing the deployment package
• Deploying the software updates to clients

36. Report categories related to software updates include:
• Software Updates – A Compliance
• Software Updates – B Deployment Management
• Software Updates – C Deployment States
• Software Updates – D Scan
• Software Updates – E Troubleshooting

39. ♥

41. Management Point
Configuration Manager Site
Server
Software Update Point
Endpoint Protection
point
Managed clients run
Endpoint Protection agent
Clients
report
back scan
status
Endpoint Protection
deployment
Endpoint Protection
operations
Endpoint Protection
policy
Endpoint Protection policies,
firewall and antimalware
definition files
Definition files

43. ConfigMgr MP Baseline ConfigMgr Agent
WMI XML
Registry IISMSI
Script SQL
Software
Updates
File
Active
Directory
Baseline Configuration Items
Auto Remediate
OR
Create Alert
(to Service Manager)!
Improved functionality
Copy settings
Trigger console alerts
Richer reporting
Enhanced versioning and audit tracking
Ability to specify versions to be used in baselines
Audit tracking includes who changed what
Pre-built industry standard baseline templates
through IT Governance, Risk & Compliance(GRC) Solution
Accelerator
Assignment to
collections Baseline drift

44. VPN Profile Management
Support for major SSL
VPN vendors
DNS name-based initiation
support for Windows 8.1 and iOS
Application ID based initiation
support for Windows 8.1
Automatic VPN
connection
Support for VPN
standards
SSL VPNs from Cisco, Juniper,
Check Point, Microsoft, Dell
SonicWALL, F5
Subset of vendors have Windows
Windows RT VPN plug-in
PPTP ,L2TP, IKEv2

45. Wi-Fi and Certificate Profiles
Wi-Fi settings Manage and distribute certificates
Deploy trusted root certificates
Support for Security Center Endpoint
Protection(SCEP) protocol
Manage Wi-Fi protocol and authentication settings
Provision Wi-Fi networks that device can auto
connect
Specify certificate to be used for Wi-Fi connection

47. • The power management feature provides a centralized,
enterprise-wide power management solution
• The benefits of the power management feature include:
• Reducing energy costs
• Performing off-hour maintenance tasks efficiently
• Minimizing the carbon footprint on the environment
• Maximizing energy and utility rebates

48. Default power plans
include:
• Balanced
• High Performance
• Power Saver
• Customized

52. Methods include:
• Configuration Manager console
• Remote Control Viewer Start menu item
• CmRcViewer.exe

53. Report Description
Remote Control –
All computers
remote controlled
by a specific user
Summary of status messages
indicating remote control of client
computers by a single specified user
Remote Control –
All remote
control information
Summary of status messages
indicating remote control of client
computers

65. A user state migration captures all of the custom
settings on source computers and restores these
settings on destination computers
Replace Refresh

66. Use the Update Operating
System Image Wizard to
schedule updates to keep
the images in your .wim
file updated and current

67. ♥