- Published 1/19/2016
- 1st Edition
Enable employees to be productive and access data from any location or device
Protect both corporate assets and employee privacy, so your people can be fully productive from any device, anywhere. Learn how to use Microsoft Intune to manage applications to satisfy your unique requirements, make the most of Mobile Device Management (MDM) for Office 365, and defend on-premises resources with Microsoft Advanced Threat Analytics (ATA).
Plan, deploy, and deliver complete enterprise mobility while improving security
- Choose the right Microsoft enterprise mobility solution for your organization
- Protect apps and data with Microsoft Intune Mobile Application Management (MAM)
- Identify suspicious user or device activity in hybrid cloud/on-premises environments
- Prepare for and successfully implement Microsoft ATA
- Flexibly manage diverse mobile devices with MDM for Office 365
- Configure access, define policies, enroll mobile devices, and manage compliance
Table of Contents
Introduction xiii
Chapter 1: Understanding Microsoft enterprise mobility solutions 1
Enterprise mobility management concepts 1
Users 2
Devices 3
Apps 3
Data 4
Protection 4
Microsoft enterprise mobility solutions 4
Microsoft Enterprise Mobility Suite 5
Mobile device management for Office 365 7
Selecting the best solution for your organization 8
Planning and designing a solution 9
Comparing Microsoft mobility management solutions 15
Enterprise mobility management scenario 18
Chapter 2: Introducing mobile application management with Intune 21
The basics of app management with Intune 22
Set the mobile device management authority 22
Create user and device groups 23
Getting apps to the cloud 24
Software installation types 27
Understanding app deployment actions 33
Monitoring app deployments 35
Protecting apps and data with Intune MAM policies 36
Creating MAM policies to protect company apps and data 37
Creating a MAM-protected app of your own 41
Managing applications without managing devices 42
Chapter 3: Implementing mobile application management 47
Scenario 47
Implementation goals 48
Solution diagram 48
Planning and designing the solution 49
Users 49
Devices 50
Apps 50
Data-access strategy 50
Unmanaged devices 51
Preparing apps and policies 51
Publish the managed iOS apps 51
Create a managed app policy to deploy with managed iOS apps 58
Create a managed app policy to deploy without deploying apps or managing devices 61
Performing the app and policy rollout 68
Scope the rollout project 69
Proof of concept 70
Small production Pilot phase 80
Enterprise Rollout phase 81
Run State phase 81
Chapter 4: Introducing Microsoft Advanced Threat Analytics 83
Protecting on-premises resources 83
Understanding ATA 84
ATA architecture 90
Enhance enterprise mobility security with ATA 91
Planning and designing ATA 91
Infrastructure considerations 91
ATA Center considerations 92
ATA Gateway considerations 93
ATA Console considerations 93
Chapter 5: Implementing Microsoft Advanced Threat Analytics 95
Scenario requirements for on-premises protection 95
Implementation goals 96
Solution diagram 96
Deploying ATA 96
Installing ATA Center 97
Configuring domain connectivity 101
Installing ATA Gateway 102
Configuring ATA Gateway 105
Setting up the ATA environment 106
Configuring alerts 106
Monitoring resources 108
Detection settings 109
Telemetry settings 111
Database management 111
Leveraging ATA for threat mitigation and incident response 113
Reviewing suspicious activities 114
Attack detection 115
Chapter 6: Introducing Mobile Device Management for Office 365 117
Mobile device management concepts 118
Exchange ActiveSync 118
Mobile Device Management for Office 365 120
MDM for Office 365 architecture 120
MDM for Office 365 features and capabilities 121
Office 365 admin center 123
Office 365 Compliance Center 124
Planning for MDM for Office 365 125
Setting up MDM for Office 365 126
Apple Push Notification service certificate for iOS devices 126
Adding or configuring a domain 127
Multi-factor authentication 129
Device management 131
Organization-wide device access settings 132
Security policies 133
Wiping devices 135
Using the reporting features 137
Choosing MDM for Office 365 138
MDM for Office 365 and Intune coexistence 140
Chapter 7: Implementing Mobile Device Management for Office 365 145
Scenario 145
Implementation goals 146
Solution diagram 146
Planning for MDM for Office 365 147
Identity management 147
Policy considerations 149
Device considerations 149
Deploying MDM for Office 365 149
Office 365 tenant 150
Setting the MDM Authority 150
Configuring MDM for Office 365 151
Apple Push Notification service certificate for iOS devices 151
Organization-wide access settings 154
Security policies 155
Enrolling devices 158
Enrolling Android devices 159
Enrolling Apple iOS devices 161
Enrolling Windows Phone devices 163
Managing devices 166
Viewing enrolled devices 167
Viewing the device compliance report 167
Viewing and updating device security policies 168
User device management 169
Wiping mobile devices 170
Selective device wipe 171
Full device wipe 172
Appendix: Troubleshooting Microsoft Advanced Threat Analytics 173
Troubleshooting flow 173
Initial assessment 173
Data collection 174
Data analysis 175
Action plan 175
Validate the behavior and archive the ticket 176
Troubleshooting an ATA installation 176
Post-installation troubleshooting 178
Troubleshooting ATA operations 180
Hardware maintenance 181
Unable to access ATA Console 182
Unable to start ATA Center or ATA Gateway 183
Index 185