Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Windows Server 2012 R2 Jump Start - AIP
1.
2. Day 1
Introducing Windows Server 2012 R2
Server Virtualization in Windows Server 2012 R2
Cloud Optimized Networking in Windows Server 2012 R2
Storage in Windows Server 2012 R2
Day 2
Server Management & Automation with Windows Server 2012
R2
VDI with Windows Server 2012 R2
Access & Information Protection with Windows Server 2012 R2
Web Application & Platform with Windows Server 2012 R2
Access & Information Protection with Windows Server 2012 R2
3. DOWNLOAD
Windows Server
2012 R2 Preview
aka.ms/ws2012r2
#WS2012R2JS
DOWNLOAD
System Center
2012 R2 Preview
aka.ms/sc2012r2
Hands-On Labs
http://www.microsoftvirtualacademy.com
System Center 2012 R2 Jumpstart
July 15th - http://aka.ms/SCR2JS
4. The explosion of devices is
eroding the standards-based
approach to corporate IT.
Devices
Deploying and managing
applications across
platforms is difficult.
Apps Data
Users need to be productive
while maintaining
compliance and reducing
risk.
Users expect to be able to
work in any location and
have access to all their
work resources.
Users
5. Devices AppsUsers
Empower users
Allow users to work on the
devices of their choice and
provide consistent access to
corporate resources.
Unify your environment
Deliver a unified application and
device management on-
premises and in the cloud.
Protect your data
Help protect corporate
information and manage risk.Management. Access. Protection.
Data
6. Protect your data
Centralize corporate information
for compliance and data protection
Policy based access control to
applications and data
Unify your environment
Common identity to access resources
on-premises and in the cloud
Empower users
Simplified registration and
enrollment for BYO Devices
Automatically connect to internal
resources when needed
Access to company resources
consistent across devices
7. Challenges Solutions
Users want to use the device of their choice and have
access to both their personal and work related
applications, data and resources
Users want an easy way to be able to access their
corporate applications from anywhere
IT want to empower users to work this way but also
need to control access to sensitive information and
remain in compliance with regulatory policies
Users can register their devices which makes them known to
IT who can then use device authentication as part of providing
access to corporate resources
Users can enroll their devices which provides them with the
Company Portal for consistent access to applications, data
and to manage their devices
IT can publish access to corporate resources with
conditional access based on the users identity, the device they
are using and their location
Empower
users
8. IT can publish access to
resources with the Web
Application Proxy
based on device
awareness and the users
identity
IT can provide seamless
corporate access with
DirectAccess and
automatic VPN
connections.
Users can work
from anywhere on
their device with
access to their
corporate resources.
Users can register
devices for single
sign-on and access to
corporate data with
Workplace Join
Users can enroll devices for
access to the Company Portal
for easy access to corporate
applications
IT can publish Desktop
Virtualization (VDI) for
access to centralized
resources
9. IT can publish access to corporate resources with
the Web Application Proxy based on device
awareness and the users identity. Multi-factor
authentication can be used through Windows
Azure Active Authentication.
Users can register BYO
devices for single sign-on
and access to corporate
data with Workplace Join.
As part of this, a certificate
is installed on the device
Users can enroll devices which
configure the device for management
with Windows Intune. The user can
then use the Company Portal for easy
access to corporate applications
As part of the registration
process, a new device object is
created in Active
Directory, establishing a link
between the user and their
device
Data from Windows Intune is
sync with Configuration
Manager which provides unified
management across both on-
premises and in the cloud
10. Users can access
corporate applications
and data wherever
they are
IT can use the Web Application
Proxy to authenticate users and
devices with multi-factor
authentication
Use conditional access for
granular control over how
and where the application
can be accessed
Active Directory provides
the central repository of
user identity as well as
the device registration
information
Developers can leverage Windows
Azure Mobile Services to integrate
and enhance their apps
Devices
Apps & Data
Published
applications
AD Integrated
11. Users can sync
their work data to
their devices.
Users can register
their devices to be
able to sync data
when IT enforces
conditional access
IT can publish access directly
through a reverse proxy, or
conditional access can be
enforced via device
registration through the
Web Application Proxy
IT can configure a File Server to
provide Work Folder sync
shares for each user to store
data that syncs to their devices,
including integration with
Rights Management
IT can selectively wipe the
corporate data from
Windows 8.1 clients
Devices
Apps & Data
Active Directory
discoverability
provides users Work
Folders location
12. Can originate admin
connection from intranet
Connection to
intranet is always active
Cannot originate admin
connection from intranet
VPN
DirectAccess
With DirectAccess, a users
PC is automatically
connected whenever an
Internet connection is
present.
Traditional VPNs are user-
initiated and provide on-
demand connectivity to
corporate resources.
An automatic VPN
connection provides
automated starting of the
VPN when a user launches
an application that requires
access to corporate
resources.
Firewall
13. Unify your
environment
Challenges Solutions
Providing users with a common identity when they
are accessing resources that are located both on-
premises in corporate environment, and in cloud-
based platforms.
Managing multiple identities and keeping the
information in sync across environments is a drain on
IT resources.
Users have a single sign-on experience when
accessing all resources regardless of location.
Users and IT can leverage their common identity for
access to external resources through federation.
IT can consistently manage identities across on-
premises and cloud-based identity domains.
14. User provided devices are
“unknown” and IT has no control.
Partial access may be provided to
corporate information.
Registered devices are “known”
and device authentication
allows IT to provide conditional
access to corporate information
Domain joined computers
are under the full control of IT
and can be provided with
complete access to corporate
information
Browser session single
sign-on
Seamless 2-Factor Auth
for web apps
Enterprise apps single
sign-on
Desktop Single Sign-On
15. Run Active Directory at
scale with support for
virtualization and rapid
deployment through
domain controller
cloning.
Developers can
integrate applications for
single sign-on across
on-premises and cloud-
based applications.
Leverage cloud platforms to run
Windows Server Active Directory and
Active Directory Federation Services
to reduce infrastructure on-premises.
Manage Active Directory
using Windows
PowerShell, use the
improved deployment
experience and leverage the
Active Directory
Administrative Center for
centralized management
Activate clients
running Office on at
least Windows 8 or
Windows Server 2012
automatically using
existing Active
Directory infrastructure.
16. Users get access through accounts in
Windows Azure Active Directory
to Windows Azure, Office 365 and
3rd party applications
IT can provide users with a common
identity across on-premises or cloud-
based services leveraging Windows
Server Active Directory and
Windows Azure Active Directory
Users are more
productive by having
a single sign-on to
all their resources IT can use Active Directory
Federation Services to connect with
Windows Azure for a consistent
cloud based identity.
Developers can build
applications that leverage
the common identity model
Dirsync keeps user attributes in sync
across directories.
17. Users can register their devices to gain access
to corporate data and apps and single sign-on
through device authentication
Conditional access with multi-
factor authentication is provided on
a per-application basis, leveraging
user identity, device registration &
network location
Organizations can
federate with partners
and other organizations
for seamless access to
shared resources
Organizations can connect to SaaS
applications running in Windows
Azure, Office 365 and 3rd party
providers
Enhancements to ADFS include simplified
deployment and management
Published
applicationsFirewall
18. Allow users to manage their identity
with an easy to use portal, tightly
integrated with Office.
Self-service group and
distribution list
management, including
dynamic membership
calculation in these
groups and distribution
lists, is based on the
user’s attributes.
Users can reset their
passwords via Windows
logon, significantly reducing
help desk burden and costs.
Sync users identity
across
directories, including
Active
Directory, Oracle, SQL
Server, IBM DS, and
LDAP.
Manage the complete life cycle of
certificates and smart cards
through integration with Active
Directory.
19. FIM
Workflow
Built-in workflow for
identity management
Automatically synchronize all
user information to different
directories across the enterprise
Automate the process of
on-boarding new users
Real-time de-provisioning
from all systems to prevent
unauthorized access and
information leakage
LDAP
Certificate Management
20. Protect your
data
Challenges Solutions
As users bring their own devices in to use for
work, they will also want to access sensitive
information and have access to this information locally
on the device.
A significant amount of corporate data can only be
found locally on user devices.
IT needs to be able to secure, classify and protect
data based on the content it contains not just where it
resides, including maintaining regulatory compliance.
Users can work on the device of their choice and be
able to access all their resources regardless of location
or device.
IT can enforce a set of central access and audit
polices, and be able to protect sensitive information
based on the content of the documents.
IT can centrally audit and report on information
access.
21. Desktop
Virtualization
IT can publish resources using the
web application proxy and create
business-driven access policies with
multi-factor authentication based
on the content being accessed.
IT can audit user access to
information based on
central audit policies.
Users can access
corporate data regardless
of device or location with
Work Folders for data
sync and desktop
virtualization for
centralized applications.
IT can provide a secure and familiar
solution for users to access sensitive
corporate data from anywhere with
VDI and RemoteApp technologies.
Centralized Data
Distributed Data
Devices
22. 1. Users attempts to login or
perform an action that is
subject to MFA
2. When the user
authenticates, the application
or service performs a MFA
call
3. The user must respond to
the challenge, which can be
configured as a txt, a phone
call or using a mobile app
5. IT can configure the type
and frequency of the MFA
that the user must respond
to
4. The response is returned
to the app which then allows
the user to proceed
23. Centrally manage
access control and
audit polices from
Windows Server
Active Directory.
Automatically
identify and classify
data based on
content. Classification
applies as files are
created or modified.
Integration with
Active Directory
Rights Management
Services provides
automated
encryption of
documents.
Central access and audit
policies can be applied
across multiple file servers,
with near real-time
classification and processing
of new and modified
documents.
File classification, access
policies and automated
Rights Management
works against client
distributed data through
Work Folders.
24. Protect your data
Centralize corporate information
for compliance and data protection
Policy based access control to
applications and data
Unify your environment
Common identity to access resources
on-premises and in the cloud
Empower users
Simplified registration and
enrollment for BYO Devices
Automatically connect to internal
resources when needed
Access to company resources
consistent across devices
25. DOWNLOAD
Windows Server
2012 R2 Preview
aka.ms/ws2012r2
#WS2012R2JS
DOWNLOAD
System Center
2012 R2 Preview
aka.ms/sc2012r2
Hands-On Labs
http://www.microsoftvirtualacademy.com
System Center 2012 R2 Jumpstart
July 15th - http://aka.ms/SCR2JS