Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Pim van de Vis
• Sr Solutions Architect at VMware
• Part of the field engineering team, working on Windows 10 modern management with AirWatch…ehh Workspace ONE UEM
• Joined VMware through the acquisition of Immidio in 2015
• IT infrastructure consultant for 10+ years
@pimvandevis
Agenda
• Why Modern Management?
• SCCM and AirLift
• Workspace ONE UEM• Dell integration
• Security - Windows Update & Bitlocker
• P2P for software distribution
• VMware CSP Fling
• Workspace ONE Intelligence
The New World
Private
CloudsHybrid
Clouds
Infrastructure
Devices
Apps
Traditional Apps Cloud-Native Apps SaaS Apps
Public
Clouds
“Digital Workspace” is the Convergence of Big Industry Trends
Any Application Mobile | Cloud | Web | Win
Any Device Unified Endpoint Management (UEM)
Any Identity Management Single Sign-On
Microsoft Embracing Modern Management of PCs
Comes with integrated MDM
framework for modern management
Enables OOBE device enrollment and
ongoing management from the cloud
Microsoft’s own IT moving away from
SCCM to modern management
Efficiencies for Windows 10 PCs
$0
$100
$200
$300
$400
$500
$600
$700
$800
Traditional ModernDeployment Software Administration Support Maintenance
$718
$276
62%lower
Workspace ONE UEM for Windows 10
Peer-to-Peer Distribution
Co-exist with PCLM
Updates On or Off Network
Device HealthAttestation
Win32 AppManagement
Instant Push Configuration
GPOs On or Off Domain
Data Protection
Patch Audit & Analytics
Granular Controls
5. Client Health & Security
3. OS Patch Management
4. SoftwareDistribution
2. ConfigurationManagement
1. MDM for Windows
Asset Tracking
Device and OS Lifecycle ManagementApp Management and
DeliveryEnd-to-end Security
Management
App Inventory
BitLocker Management
Company App Store & SSO
Imageless Provisioning
Out-of-the-BoxDeployment
Modern Management
Intelligent Insights and Rules Engine
BIOS Management
DeliveryOptimization
AutomatedCompliance
EXPANDED EXPANDED EXPANDEDNEWNEW
EXPANDED
On-premises PCLMWorkspace ONE“AirLift” Traditional PCLM Workloads to Workspace ONE
AirLiftNEW: Fast & Easy Transition to Modern MgmtWindows 10 Co-Management
Easing the Journey to Windows 10
COMPLEMENT
Clean move to cloud / modern management for
specific use cases
TRANSITION
Hybrid management for priority payloads
(iterative)
TRANSFORM
Full migration from legacy to cloud / modern management
SaaS and Web Apps
3D Graphic Resspources
Virtualised Apps
Native Mobile Apps
SearchApp CatalogBookmark
Single Sign On
Sort Order Arrange Custom View
PublishedRSDH Desktops
PublishedApplications
LinuxDesktop
CitrixPublished Apps
Published Desktop
Dell Technologies is a unique family of businesses that provides the essential infrastructure for organizations to build their digital future, transform IT, and protect their most important asset: information.
Windows 10 Provisioning for Dell DevicesEliminate manual configuration of PCs and drop-ship straight to user
Factory End userDistributor SystemIntegrator
(Staging / Kitting)
ITDepartment
Factory End userWit
h W
ind
ow
s 1
0
Pro
visi
on
ing
Serv
ice
Cu
rren
t A
pp
roac
h
Cloud-Management to the Firmware Level
OS and App Level
End-to-End Security Management
Device and OS Lifecyle Management
App management and Delivery
Battery lifecycle and power
Hardware error reporting
BIOS health and password
Asset management
Security and virtualization
System Level
Dell Command | Monitor
Data Protection
Enable Per Application DATA Protection.
Define Work Apps and how the data will be stored and Encrypted.
Unlock the Power of BitLocker
• Use built-in TPM for secure authentication at lower cost (no need for additional startup flash drives) and also ensure pre-startup OS integrity
• Enforce login PIN in conjunction with TPM for multifactor authentication and lock out the OS from auto-resume
• Set recovery password rotation meeting compliance requirements and protecting against the key falling into the wrong hands
• Display recovery password URL and escrow in self-service portal to reduce helpdesk tickets
• Suspend BitLocker temporarily for scheduled maintenance tasks so the user isn’t constantly prompted for password / PIN
Application ControlApp Locker - Profile
Integration into the Windows 10 App Locker settings.
Enable or Disable any application.Whitelist or Blacklist applications.
• Offices in remote locations with low bandwidth and with little means to increase the network bandwidth.
• Enterprises that use branch office hierarchies.
• Enterprises that have multiple branch offices that have a large number of devices.
• The peer distribution system works to reduce the traffic on networks and the time to install Win32 apps.
• This initial download takes time. However, installation times improve because devices are not taxing the storage system or the line of communication for the app package.
• If the network is busy, installations pauseuntil the network availability increases.
• Beneficial Use-Cases • Peer-to-Peer Overview
Peer-to-Peer (P2P) Distribution Overview
Enterprise-wide Software DeploymentsRapidly deploy any software to any location from a global CDN, even with large files like Windows apps
CDN
Replace servers with
breakthrough peer-to-peer
software deployment
technology
Adaptiva OneSite
VMware AirWatch UEM
Microsoft Windows
Traditional approaches to content delivery must rely on throttling to ensure the network is protected, which slows content delivery
OneSite’s unprecedented bandwidth harvesting technology proactively:
1. Predicts future network conditions - in milliseconds - to optimize software delivery with no throttling
2. Compresses the content, using advanced algorithms, to use bandwidth intelligently
3. Speeds the content when the time is right and without negatively impacting the network
Predictive Bandwidth Harvesting: No throttling
Competitive P2P solutions require admins to allocate storage on client machines, negatively impacting end users
OneSite prevents end user impacts by intelligently storing content locally in a self-forming Virtual Storage Area Network
• No estimating, configuring, or manual clean-up of storage
• Automatically caches content in unused space on peer computers using “zero footprint caching”
• Joins all content caches into a virtual SAN• Self-manages content caches to provide every
endpoint what it needs
Reduce WAN Impacts by Intelligently Storing Content
Self-forming Virtual SAN
No end user storage and performance impacts
Security Silos Result in Restrictive Policies
Infrastructure Security
Security Operations & Incident Response
Endpoint Security Application Security
Messaging Security Web Security
IoT Security Threat Intelligence Mobile Security Data Security
Cloud Security
Specialized Threat Analysis & Protection Identity & Access ManagementTransaction Security
Risk & Compliance
!
Growing Gap Between Experience and Security
EXPERIENCE SECURITY
Choice and Flexibility
Apps Everywhere
Cloud-Based Delivery
Siloed Solutions
Restrictive Policies
Perimeter-based Security
Key Use Cases for Workspace ONE Intelligence
Security & Compliance
Resource Optimization
User Experience