56%
IT time spent on
app/update testing,
managing security
Complex
process
On-premise
Active Directory
Acquire
Windows
Deploy
SCCM
Identity
Managing
Device &
Apps
Wipe & Reload
(SCCM OSD)
(Test, Manage
& Monitor)
Group policy, SCCM, 3rd
party security mgmt.
tools, Win32 app install
Update
Windows Update
for Business,
Intune
Simple with per
user licensing
Azure AD (w/ Identity
based roaming)
Acquire
Windows
Identity
WDATP,
Security mgmt
Security
Manage
licenses
Deploy
Windows as a
subscription
Cloud based
Provisioning
Analytics
& Mgmt
Update
App
Mgmt
Enterprise Store,
Centennial
Windows Analytics,
Intune
Best of Both Worlds:
Traditional and Modern Converge with ConfigMgr and Intune
Intune stand-alone (cloud only)
ConfigMgr with Intune (hybrid)
Intune web console
ConfigMgr console
System Center
Configuration
Manager
IoT/Kiosk devices
Transition = IT Desire +
Functional Requirements
Mobile devices and PCs
Domain-joined PCs
MICROSOFT CONFIDENTIAL
Mobile devices
Product version
System Center
Configuration Manager
Release vehicle
Availability
Current Branch
In market for 9+
months, 3 releases
(1606 the latest). Tech
Preview every month
Windows 10 features
supported
Support
Can defer updates
for up to 12 months
before you must
deploy updates to
maintain support
New features, security
updates, and bug fixes
Windows Servicing
Model supported
Windows 10 Current
Branch, Current Branch
for Business, and Long
Term Servicing Branch
System Center Configuration Manager
Current Branch (version 1511)
Winter 2015
Current Branch (version 1602)
2016
Current Branch (version 1606)
(1610)
Configuration Manager Current Branch
Tenants by Version
20,533 Total Tenants
4,142
10,286
1511
6,105
1602
1606
Configuration Manager Current Branch
Clients by Version
40,497,142 Million Total Clients
17.17
9.47
13.86
1511
1602
1606
New or Existing Windows
Devices
Win32 Apps, AD Auth, GP
ConfigMgr agent
Upgrade/Refresh 7, 8,
8.1 to Windows 10
with ConfigMgr
Preserve apps and configuration
Maintain management processes
and principles of today
Azure Hosted SCCM
ConfigMgr
Cloud Based Mgmt
Modern Manage
Windows 10 Device
Universal Apps,
MDM Policy
Enroll in Intune
(Azure AD Join/provision)
Manage via MDM
Universal apps (Store/LOB)
MDM Policy
Simplify deployment
Configure Windows 10
• Azure AD Join with Intune auto
enrollment
• Provisioning packages and
profiles for bulk enrollment
• In-place upgrade to Windows 10
with ConfigMgr
• Expanded MDM settings
• Per-app VPN
• Microsoft Passport policies
and certificates
• Windows Universal and Win32 apps
• Support volume purchase of apps
Unify device
management
• Intune integration with
ConfigMgr to manage all devices
in the environment
• New in ConfigMgr:
• Faster and easier
ConfigMgr updates
• Windows 10 servicing
• Deep cloud integration
User
IT
Manage and protect
• Corporate data leakage prevention
through Windows Information
Protection policies
• Azure Information Protection
integration for securing
shared documents/files
• Device Guard and AppLocker policies
• Advanced conditional access policies
• Integration with Device Health
Attestation Service
Traditional
Improved
Modern
Existing devices
Existing devices
New devices
Refresh
Upgrade
IT Pro Provisioning
• Let Windows and ConfigMgr do the
work
• Preserve all data, settings,
apps, and drivers
• Install (standard) OS image
• Restore everything
•
Recommended for existing
devices (Windows 7/8/8.1)
User Provisioning
•
•
Use if significant changes are
needed, such as OS architecture
change x86 versus x64
Traditional process
• Capture data and settings
• Deploy (custom) OS image
• Inject drivers
• Install apps
• Restore data and settings
ConfigMgr/MDT
ConfigMgr/MDT
•
Provisioning package
• Windows Image and
Configuration Designer (WICD)
• Transform into an enterprise
device
Provisioning profile with ConfigMgr
• Azure AD Join with Intune auto
enrollment
ConfigMgr/WICD/Intune/Azure AD
Azure AD Join for Windows 10
Azure AD Join makes it possible to connect
work-owned Windows 10 devices to your
company’s Azure Active Directory.
With Azure AD Join, you can auto enroll
devices in Microsoft Intune for management.
Intune/MDM
auto enrollment
Intune auto enrollment
Enterprise-compliant services
Single sign-on from the desktop to cloud
and on-premises applications with no VPN
Support for hybrid environments
Windows 10 Azure AD
Joined Devices
http://myignite.microsoft.com
https://aka.ms/ignite.mobileapp
www.microsoft.com/itprocareercenter
www.microsoft.com/itprocloudessentials
www.microsoft.com/mechanics
https://techcommunity.microsoft.com