1、Deploying and managing applications across platforms is difficult.AppsTodays challengesUsers expect to be able to work in any location and have access to all their work resources.Users DataUsers need to be productive while maintaining compliance and reducing risk.The explosion of devices is eroding
2、the standards-based approach to corporate IT.DevicesUsersPeople-centric ITEnable your end usersAllow users to work on the devices of their choice and provide consistent access to corporate resources.Unify your environmentDeliver a unified application and device management on-premises and in the clou
3、d.Protect your dataHelp protect corporate information and manage risk.Management. Access. Protection.DataDevices AppsAccess and Information ProtectionProtect your dataCentralize corporate information for compliance and data protection Policy-based access control to applications and dataEmpower users
4、Simplified registration and enrollment for BYO devicesAutomatically connect to internal resources when neededAccess to company resources is consistent across devicesUnify your environmentCommon identity to access resources on-premises and in the cloudChallenges SolutionsUsers want to use the device
5、of their choice and have access to both their personal and work-related applications, data, and resources.Users want an easy way to be able to access their corporate applications from anywhere.IT departments want to empower users to work this way, but they also need to control access to sensitive in
6、formation and remain in compliance with regulatory policies.Users can register their devices, which makes them known to IT, who can then use device authentication as part of providing access to corporate resources.Users can enroll their devices, which provides them with the company portal for consis
7、tent access to applications and data, and to manage their devices.IT can publish access to corporate resources with conditional access based on the users identity, the device they are using, and their location.Empower usersEnabling IT to empower usersIT can publish access to resources with the Web A
8、pplication Proxy based on device awareness and the users identityIT can provide seamless corporate access with DirectAccess and automatic VPN connections.Users can work from anywhere on their device with access to their corporate resources. Users can register devices for single sign-on and access to
9、 corporate data with Workplace JoinUsers can enroll devices for access to the Company Portal for easy access to corporate applicationsIT can publish Desktop Virtualization (VDI) for access to centralized resourcesActive DirectoryWeb AppsWeb Application ProxyRemote AccessRDS Gateway VDI Session hostF
10、ilesLOB AppsRegistering and Enrolling DevicesIT can publish access to corporate resources with the Web Application Proxy based on device awareness and the users identity. Multi-factor authentication can be used through Windows Azure Active Authentication.Users can register BYO devices for single sig
11、n-on and access to corporate data with Workplace Join. As part of this, a certificate is installed on the deviceUsers can enroll devices which configure the device for management with Windows Intune. The user can then use the Company Portal for easy access to corporate applicationsAs part of the reg
12、istration process, a new device object is created in Active Directory, establishing a link between the user and their deviceData from Windows Intune is sync with Configuration Manager which provides unified management across both on-premises and in the cloudActive AuthenticationActive DirectoryWeb A
13、pplication Proxy ADFSDemoWorkplace JoinPublish access to resources with the Web Application ProxyUsers can access corporate applications and data wherever they are IT can use the Web Application Proxy to authenticate users and devices with multi-factor authenticationUse conditional access for granul
14、ar control over how and where the application can be accessedActive Directory provides the central repository of user identity as well as the device registration informationOther cloud based apps and identity storesMobile Services Active DirectoryDevelopers can leverage Windows Azure Mobile Services to integrate and enhance their appsActive DirectoryReverse proxy pass throughe.g. NTLM & Basic based appsPublished applicationsRestful OAuth appsOffice Forms Based AccessClaims & Kerberos web appsAD IntegratedADFSWeb Application ProxyDevicesApps & DataDemoWeb Application Proxy
