Documente Academic
Documente Profesional
Documente Cultură
IT
Easily manage identities across Manage and protect corporate apps Encryption, identity, and authorization
on premises and cloud. Single sign-on and data on almost any device with policies to secure corporate files and
and self-service for corporate resources. MDM and MAM. email across phones, tablets, and PCs.
Enroll and manage access Provision
• Provide a self-service Company Portal • Deploy certificates, email, VPN,
for users to enroll devices and WiFi profiles
• Deliver custom terms and conditions • Deploy device security policy
at enrollment settings
• Bulk enroll devices • Install mandatory apps
• Restrict access to Office 365 if device • Deploy app restriction policies
is not managed or compliant
User IT
PCs
Data Apps
Web browsers
The perimeter
Access control cannot help protect
to corporate data stored in the cloud
data today
Enterprise
Mobility Suite
SharePoint Exchange
Online Online
Devices
Intune/ConfigMgr managed
Compliant with
Intune/ConfigMgr policies
Domain joined
Application
Business sensitivity
Other
Network location
On-premises applications
Situation Ensure that only compliant devices
Health system uses cloud-based can access corporate data
tools to boost mobility and Solution Deploy Intune conditional
improve quality of care. access policies
Deploy apps
Microsoft Intune
How do I secure How do I ensure How do I accelerate
access to that corporate deployment and
corporate data isn’t leaked optimize
resources from from mobile management of
mobile devices? devices once the Windows 10?
access is granted?
Multi-identity policy
Managed
Managed apps
apps Corporate
data
Personal
User data IT
IT
IT
On any device
z
Identity
Device
Application
Data
Demo
Managed mobile productivity
How do I secure How do I ensure How do I accelerate
access to that corporate data deployment and
corporate isn’t leaked from optimize
resources from mobile devices management of
mobile devices? once the access is Windows 10?
granted?
Intune standalone (cloud only) ConfigMgr integrated with Intune (hybrid)
System Center
Configuration
Manager
IoT/Kiosk devices
User IT
Unify device Manage and protect
management • Corporate data leakage prevention
through Enterprise data protection
• Intune integration with
(EDP) policies
ConfigMgr to manage all of the
devices in the environment • RMS integration for securing
shared documents/files
• New in ConfigMgr
• Device Guard and AppLocker policies
• Faster and easier
ConfigMgr updates • Advanced conditional access policies
• Windows 10 servicing • Integration with Windows health
attestation service
• On-prem MDM
Integration with Windows health
attestation service
Additional compliance rules:
• Is device patched?
3. Request 4. Approval
• Is firewall enabled?
• Is antivirus and real-time
protection enabled?
5. Here is my proof
• and more…..
2. Prove to me you
are compliant
Corporate
network
* Some roaming scenarios use Azure Right Management
Infrastructure
Active Directory
• 6 primary sites Federation Server
• 13 secondary sites Azure Active
• 300 distribution points Directory
MS Online Directory
Sync
PCs and Devices User
• ~350,000 clients discovery
• ~125k mobile devices (EAS)
System Center Intune
Users Configuration subscription
Manager
• ~98k FTEs Connector
• ~82k Vendors site role
Microsoft
Intune
Device Mgmt. Redmond Site 1 Redmond Site 2 North & South Europe, Australia & Asia
Site 75k Clients 90k Clients America MidEast, Africa 75k Clients
~15K devices 50k Clients 50k Clients
1 2 3 4 5
80% FTE 1 Year 95% FTE 8 Months 95% FTE 3 Months 95% FTE 5 Weeks 95% FTE 5 Weeks
System Center
Configuration
Manager
IoT/Kiosk devices