Desktop management and support

1,138 views

Published on

Desktop management and support

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,138
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Desktop management and support

  1. 1. Tony Krijnen IT Pro Evangelist tony.krijnen@microsoft.com Daniel van Soest IT Pro Evangelist danielvs@microsoft.com
  2. 2. Remote Management & Performance of Portable Computers Security Hardening and Defense in Depth Meeting Emerging Compliance Requirements Group Policy and Configuration Management Improving System Resiliency, Reliability, and Hardware Performance Advancing Desktop Management
  3. 3. Remote Management & Performance of Portable Computers Security Hardening and Defense in Depth Meeting Emerging Compliance Requirements Group Policy and Configuration Management Improving System Resiliency, Reliability, and Hardware Performance Advancing Desktop Management Direct Access NAP BrancheCach e AppLocker GPO AGPM Trouble- shooting DART Bitlocker
  4. 4. Standard user accounts Group Policy to control configurations Group Policy preferences to manage: Files Folders Registry settings And more
  5. 5. Up to 2,500+ policy settings in the past +300 in Windows 7 (~2800 currently) Group Policy is a Windows ‘manageability’ basic requirement Policy settings greatly expanded in a number of areas BranchCache BITS Offline Files Biometrics Troubleshooting & Diagnostics Windows Defender User Account Control Internet Explorer Smartcard Windows Error Reporting AppLocker System Audit Policies Desktop Shell Bitlocker Drive Encryption Remote Assistance
  6. 6. Similar to logon scripts, but with a GUI Use the Group Policy infrastructure to: Deploy non-native settings to Group Policy For example, to map a drive: 1. Create and edit a GPO 2. Edit the Drive Maps preference item *No script code required – just use the GUI.
  7. 7. The MDOP subscription management tools
  8. 8. Advanced Group Policy Management Enable group policy change management Provides granular administrative control Reduce risk of widespread failure Versioning, history & rollback of group policy changes Role-based administration & templates Flexible delegation model What it Does Benefits
  9. 9. Reviewer Full Control Editor Approver AGPM Delegation
  10. 10. Control Check-out Edit Check-inRequests Reporting Deployment Offline Workflow
  11. 11. Edit GPO AGPM Archive Group PolicyDeploy GPO
  12. 12. Remote Management & Performance of Portable Computers Security Hardening and Defense in Depth Meeting Emerging Compliance Requirements Group Policy and Configuration Management Improving System Resiliency, Reliability, and Hardware Performance Advancing Desktop Management Direct Access NAP BrancheCach e AppLocker GPO AGPM Trouble- shooting DART Bitlocker
  13. 13. IPv6 Devices IPv4 Devices DirectAccess Server Windows 7 Client Native IPv6 with IPSec IPv6 Transition Services Supports variety of remote network protocols DirectAccess provides transparent, secured access to intranet resources without a VPN Allows desktop management of DirectAccess clients Allows IPSec encryption and authentication Supports direct connectivity to IPv6-based intranet resources Support IPv4 via 6to4 transition services or NAT-PT (Or use FF UAG) IT desktop management AD Group Policy, NAP, software updates Internet DirectAccess
  14. 14. Network Access Protection Corporate Resources Quarantine network Netwerk Policy Server Client Computer Antivirus Firewall Antimallware Updates Antivirus Firewall Antimallware Updates Client Computer Compliant Non compliant
  15. 15. BranchCache Distributed Cache Data cached in cache pool Hosted Cache Data cached at the host server
  16. 16. IDDataIDData Data Distributed Cache
  17. 17. IDDataDataID Search ID ID ID Data ID Data Hosted Cache
  18. 18. Remote Management & Performance of Portable Computers Security Hardening and Defense in Depth Meeting Emerging Compliance Requirements Improving System Resiliency, Reliability, and Hardware Performance Advancing Desktop Management Direct Access NAP BrancheCach e AppLocker Trouble- shooting DART Bitlocker Group Policy and Configuration Management GPO AGPM
  19. 19. Eliminate unwanted/unknown applications in your network Enforce application standardization within your organization Easily create and manage flexible rules using Group Policy Users can install and run unapproved applications Even standard users can install some types of software Application Control AppLocker
  20. 20. Security Hardening and Defense in Depth Meeting Emerging Compliance Requirements Improving System Resiliency, Reliability, and Hardware Performance Advancing Desktop Management AppLocker Trouble- shooting DART Bitlocker Remote Management & Performance of Portable Computers Direct Access NAP BrancheCach e Group Policy and Configuration Management GPO AGPM
  21. 21. Technical Details BitLocker Enhancements Automatic 100 Mb hidden boot partition New Key Protectors Domain Recovery Agent (DRA) Smart card – data volumes only Bitlocker – What’s new?
  22. 22. BitLocker-To-Go BitLocker To Go Support for FAT* Protectors: DRA, passphrase, smart card and/or auto-unlock Management: protector configuration, encryption enforcement Read-only access on Windows Vista & Windows XP SKU Availability Encrypting – Enterprise Unlocking – All
  23. 23. Meeting Emerging Compliance Requirements Improving System Resiliency, Reliability, and Hardware Performance Advancing Desktop Management Trouble- shooting DART Bitlocker AIS Security Hardening and Defense in Depth AppLocker Remote Management & Performance of Portable Computers Direct Access NAP BrancheCach e Group Policy and Configuration Management GPO AGPM
  24. 24. Diagnostics And Recovery Toolset Accelerate TCO savings by minimizing recovery time Recover instead of reloading Windows Make PCs safer to use Recover unbootable PC Access deleted files, manipulate services, reset passwords, & more Safely detect and remove malware while the PC is offline What it Does Benefits
  25. 25. DART Screenshot
  26. 26. The MDOP subscription management tools
  27. 27. Thanks for your time! Tony Krijnen tony.krijnen@microsoft.com @tonykrij Daniel van Soest danielvs@microsoft.com @dansaap Andy O’Donald aodona@microsoft.com @andyodonald Stephen Rose stephen.rose@microsoft.com @stephenlrose Please fill out your evals!
  28. 28. Follow The Tour and Watch The Videos Windows Team Blog @MSSpringboard - Twitter

×