Thursday, November 27, 2014

Microsoft’s Mobile-first, Cloud-first vision (part 2)

In Microsoft’s Mobile-first, Cloud-first vision (part 1) I mentioned to be VERY excited about Microsoft’s Mobile-first, Cloud-first vision based on Microsoft Azure services. This time I mention new Intune and Windows 10 features, partly based on Experts Live sessions.

Windows 10 is created as One product family running on One platform using One appstore. It's the platform for the new world, where focus is on cloud-based devices and management. Using one Windows offers the same user experience on multiple devices, with universal Windows applications running on it. To make things easier, big changes are coming to deploy and manage the Operating System.

Some notes on Windows 10 for Enterprise:
-Windows 10 can be managed as mobile OS fully in Microsoft Intune. No GPO's needed for that.
-Every Microsoft-based device, system or phone should be support Windows 10, that's the idea or message!
-No image management in Windows 10 is needed anymore. Just manage it like a mobile OS from now on.
-Windows is called Windows 10 because it's really a new OS which everyone is familiar with! It's the platform for the new world.
-Join Windows 10 with Azure Active Directory instead of using on-premises Directory Services. New way of thinking ;)
-New infrastructure model will like to be Azure with Active Directory, Azure RemoteApp, Enterprise Mobility Suite and Windows 10.

-ConfigMgr still can be used, but is not needed anymore. Hybrid with Intune is best option I guess!
To manage Windows 10 for Enterprise, Microsoft Intune can be used. Microsoft released a new Wave this week with new functionality:
New Microsoft Intune capabilities coming this week
-iOS & android App Wrapper (company apps)
-Per-App VPN (can be used per single app)
-Conditional Access Policies (differs per OS)
-Managed Mobile Apps (Intune MAM)
-Protected Browser Management (URL filtering)
-Bulk Device Enrollment (single service account used)
-Device Lock Down (Kiosk Mode)
-Allow & Deny Applications (blacklist/whitelist)

Finally you can say that Microsoft Intune is enterprise ready now! Let's have a look at some notes during this week:
-New features mentioned on TEE14 will be available now!
-New ConfigMgr hotfix makes Intune policies applying much faster. It can be downloaded here: Microsoft Support
-Intune Q4 updates on data/application containerization and wrapping.
-Intune and ConfigMgr hybrid features still not in sync. Would be great if this can be optimized in the future. You must wait multiple weeks/months for having same functionality in ConfigMgr!
-Windowsphone Feature Pack for 8.x devices which offers many improvements on management.
-Bulk enrollment, enterprise lock and application wrapper are finally there! Many people were waiting for it.

With Windows Phone Feature Pack for 8.x devices (as mentioned earlier) there will be:
-Richer Policy set (more then other vendors)
-Wifi, (trigger) VPN, Certificates push
-Encryption intelligence for SD cards
-Improved Application lifecycle management
-Improved Inventory
-Remote Lock, Password (PIN) reset

With these products coming and already there, the future looks bright for Microsoft. There is a new System Center (and ConfigMgr) coming, but nothing to hear about that. It's about Mobile-first, Cloud-first vision, which seems to be a new way for getting things done. Stay tuned for a next blogpost on my own experiences!

No comments:

Post a Comment