Mastering Microsoft Endpoint Manager
eBook - ePub

Mastering Microsoft Endpoint Manager

Deploy and manage Windows 10, Windows 11, and Windows 365 on both physical and cloud PCs

Christiaan Brinkhoff, Per Larsen

  1. 666 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Mastering Microsoft Endpoint Manager

Deploy and manage Windows 10, Windows 11, and Windows 365 on both physical and cloud PCs

Christiaan Brinkhoff, Per Larsen

Book details
Book preview
Table of contents
Citations

About This Book

Design and implement a secure end-to-end desktop management solution with Microsoft Endpoint Manager

Key Features

  • Learn everything you need to know about deploying and managing Windows on physical and cloud PCs
  • Simplify remote working for cloud-managed cloud PCs via new service Windows 365
  • Benefit from the authors' experience of managing physical endpoints and traditional virtual desktop infrastructures (VDI)

Book Description

Microsoft Modern Workplace solutions can simplify the management layer of your environment remarkably if you take the time to understand and implement them. With this book, you'll learn everything you need to know to make the shift to Modern Workplace, running Windows 10, Windows 11, or Windows 365.Mastering Microsoft Endpoint Manager explains various concepts in detail to give you the clarity to plan how to use Microsoft Endpoint Manager (MEM) and eliminate potential migration challenges beforehand. You'll get to grips with using new services such as Windows 365 Cloud PC, Windows Autopilot, profile management, monitoring and analytics, and Universal Print. The book will take you through the latest features and new Microsoft cloud services to help you to get to grips with the fundamentals of MEM and understand which services you can manage. Whether you are talking about physical or cloud endpoints—it's all covered.By the end of the book, you'll be able to set up MEM and use it to run Windows 10, Windows 11, and Windows 365 efficiently.

What you will learn

  • Understand how Windows 365 Cloud PC makes the deployment of Windows in the cloud easy
  • Configure advanced policy management within MEM
  • Discover modern profile management and migration options for physical and cloud PCs
  • Harden security with baseline settings and other security best practices
  • Find troubleshooting tips and tricks for MEM, Windows 365 Cloud PC, and more
  • Discover deployment best practices for physical and cloud-managed endpoints
  • Keep up with the Microsoft community and discover a list of MVPs to follow

Who this book is for

If you are an IT professional, enterprise mobility administrator, architect, or consultant looking to learn about managing Windows on both physical and cloud endpoints using Microsoft Endpoint Manager, then this book is for you.

]]>

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Mastering Microsoft Endpoint Manager an online PDF/ePUB?
Yes, you can access Mastering Microsoft Endpoint Manager by Christiaan Brinkhoff, Per Larsen in PDF and/or ePUB format, as well as other popular books in Ciencia de la computación & Ciberseguridad. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2021
ISBN
9781801072175
Topic
Ciencia de la computación
Subtopic
Ciberseguridad

Section 1: Understanding the Basics

Learn about all the fundamentals of the different Microsoft 365 services, what the benefits are, and how they are different in comparison to other technologies and services on the market.
This part of the book comprises the following chapters:
  • Chapter 1, Introduction to Microsoft 365
  • Chapter 2, What Is Unified Endpoint Management?

Chapter 1: Introduction to Microsoft 365

Understanding the fundamentals of a product is the most important thing for a successful deployment. Keeping your resources secure while leveraging other services within the Microsoft 365 product suite is what you will learn about in this chapter.
In this chapter, we'll go through the following topics:
  • Microsoft 365 services
  • Azure Virtual Desktop and Windows 365
  • Windows 10 and Windows 11

An introduction to Microsoft 365

Microsoft 365 includes many services that you might use in your day job, whether as an IT professional or a non-technical user. The services help you to become more productive by simplifying tasks that would require a lot of work in on-premises environments. A great example would be the shift we've made from Exchange Server to Exchange Online.

What do the services achieve?

In this introductory section of the book, we will briefly explain the Microsoft 365 core services and features that are relevant to the subject of this book, just to get a good baseline understanding of the differences between the various services. You'll also learn about the purpose and benefits of each service.

Microsoft Endpoint Manager

Microsoft Endpoint Manager (MEM) is the consolidation of Microsoft Intune and Microsoft Endpoint Configuration Manager (MECM). It provides one holistic management experience while adding new functionality and intelligent actions without any complex migration or disruption of productivity.
It provides a number of assets to aid your transition to modern management while also increasing customers' security and helping them move to the cloud. MEM now also includes management capabilities for different endpoints:
Figure 1.1 – MEM – service portfolio
Figure 1.1 – MEM – service portfolio
MEM helps you manage physical and virtual desktops, laptops, tablets, and other mobile devices, including iOS, Android, and macOS devices.
MEM uses Azure Active Directory (Azure AD) as the primary identity and directory store. It replaces the traditional Active Directory, includes hybrid identity capabilities, and can also integrate with local management infrastructures such as Configuration Manager via Kerberos.
Intune is extremely helpful for devices that are beyond the management scope of Group Policy, such as mobile phones, devices that are not Active Directory Domain Services (AD DS) domain members, or Windows 10 devices that are joined to Azure AD:
Figure 1.2 – MEM – management console
Figure 1.2 – MEM – management console
With MEM, you can achieve the following:
  • Let your organization's employees use their personal physical and virtual e ndpoint devices to access organizational data (commonly known as bring your own device (BYOD)).
  • Manage organization-owned phones.
  • Control access to Microsoft 365 from unmanaged devices, such as public kiosks and mobile devices.
  • Help ensure that devices and apps that do connect to corporate data comply with security policies.
For example, when a user attempts to open one of their line-of-business (LOB) apps on their phone or Windows 10 endpoint, Microsoft 365 checks with Azure AD to authenticate the user and verify whether that user can access the data from that app on that device. The granting of access depends on the following:
  • Conditional Access policies defined within Azure AD
  • Whether the app on that device complies with app configuration and data protection policies (Intune will confirm this for Azure AD)
If the device and app are both compliant with all policies, Azure AD notifies Microsoft 365 that the data can be accessed.

Azure Virtual Desktop

Azure Virtual Desktop, or AVD for short, is a Microsoft-managed platform-as-a-service offering on top of the Microsoft Azure cloud. Unlike traditional virtual desktop infrastructure (VDI) deployments, all the infrastructure services, such as brokering, web access, load balancing, management, and monitoring, are all set up for you as part of a control plane offering.

Windows 365 Cloud PC

A new way of experiencing Windows, on any device – that's the best way to describe the new Microsoft cloud service Windows 365 Cloud PC. Microsoft's vision is to have people use Windows 365 the same way as they would manage a physical endpoint but with the flexibility of the cloud.
Windows 365 is everything you need if you are looking for a simple way of running your Windows desktops in the cloud. You can decrease the costs and complexity of your environment by deploying and managing virtual endpoints in MEM; no additional VDI expertise or resources are needed. More about this will be explained later in this chapter.

AVD and Windows 365 Cloud PC – shared responsibility model 1

As with many cloud services, there is a shared set of security responsibilities. You have control and flexibility, and with that comes responsibility. If you are adopting Windows 365 Cloud PC, it's important to understand that while some components come already secured for your environment, there are other areas where you will need to configure things to fit your organization's security needs:
Table 1.1 – Shared responsibility model 1
Table 1.1 – Shared responsibility model 1

AVD and Windows 365 Cloud PC – shared responsibility model 2

The following table is an extension of the previous one, but it goes a bit deeper in terms of the differences in management experience:
Table 1.2 – Shared responsibility model 2
Table 1.2 – Shared responsibility model 2

Windows 10 Enterprise

Windows 10 Enterprise is one of the primary components of your Microsoft 365 subscription. Windows 10 meets the needs of large and midsize organizations, providing users and organizations with the tools, services, and support to enhance their personal and organizational productivity.
Windows 10 also supports collaboration through Microsoft 365 apps, Microsoft Teams, Microsoft Whiteboard, and OneNote.
Windows 10 helps improve productivity by providing faster, safer ways to get work done across all your users' devices. Users can find apps, setti...

Table of contents

  1. Mastering Microsoft Endpoint Manager
  2. Foreword
  3. Preface
  4. Section 1: Understanding the Basics
  5. Chapter 1: Introduction to Microsoft 365
  6. Chapter 2: What Is Unified Endpoint Management?
  7. Section 2: Windows 365
  8. Chapter 3: Introducing Windows 365
  9. Chapter 4: Deploying Windows 365
  10. Section 3: Mastering Microsoft Endpoint Manager
  11. Chapter 5: Requirements for Microsoft Endpoint Manager
  12. Chapter 6: Windows Deployment and Management
  13. Chapter 7: Manager Windows Autopilot
  14. Chapter 8: Application Management and Delivery
  15. Chapter 9: Understanding Policy Management
  16. Chapter 10: Advanced Policy Management
  17. Chapter 11: Office Policy Management
  18. Chapter 12: User Profile Management
  19. Chapter 13: Identity and Security Management
  20. Chapter 14: Monitoring and Endpoint Analytics
  21. Chapter 15: Universal Print
  22. Section 4: Tips and Tricks from the Field
  23. Chapter 16: Troubleshooting Microsoft Endpoint Manager
  24. Chapter 17: Troubleshooting Windows 365
  25. Chapter 18: Community Help
  26. Other Books You May Enjoy
Citation styles for Mastering Microsoft Endpoint Manager

APA 6 Citation

Brinkhoff, C., & Larsen, P. (2021). Mastering Microsoft Endpoint Manager (1st ed.). Packt Publishing. Retrieved from https://www.perlego.com/book/2995583/mastering-microsoft-endpoint-manager-deploy-and-manage-windows-10-windows-11-and-windows-365-on-both-physical-and-cloud-pcs-pdf (Original work published 2021)

Chicago Citation

Brinkhoff, Christiaan, and Per Larsen. (2021) 2021. Mastering Microsoft Endpoint Manager. 1st ed. Packt Publishing. https://www.perlego.com/book/2995583/mastering-microsoft-endpoint-manager-deploy-and-manage-windows-10-windows-11-and-windows-365-on-both-physical-and-cloud-pcs-pdf.

Harvard Citation

Brinkhoff, C. and Larsen, P. (2021) Mastering Microsoft Endpoint Manager. 1st edn. Packt Publishing. Available at: https://www.perlego.com/book/2995583/mastering-microsoft-endpoint-manager-deploy-and-manage-windows-10-windows-11-and-windows-365-on-both-physical-and-cloud-pcs-pdf (Accessed: 15 October 2022).

MLA 7 Citation

Brinkhoff, Christiaan, and Per Larsen. Mastering Microsoft Endpoint Manager. 1st ed. Packt Publishing, 2021. Web. 15 Oct. 2022.