Microsoft's Mobility, BYOD Plans Taking Shape
- By Kurt Mackie
- May 07, 2014
Microsoft is using the run-up to next week's TechEd event to spotlight its mobile roadmap, starting with a blog post Wednesday describing its "enterprise mobility vision."
The blog post by Brad Anderson, Microsoft's corporate vice president for Windows Server and System Center, is the first of a series of posts on the topic, which will include upcoming TechEd news, a discussion of system integration aspects and the new Enterprise Mobility Suite licensing, among other details.
Microsoft released its Enterprise Mobility Suite licensing on May 1 for volume licensing customers. It bestows the rights to use Microsoft Azure Active Directory Premium, Windows Intune and Microsoft Azure Rights Management Services, which are key components of Microsoft's mobile vision. In addition, the Enterprise Mobility Suite is licensed on a per-user basis, which supposedly helps facilitate bring-your-own-device (BYOD) scenarios for organizations.
Anderson will be a keynote speaker at TechEd 2014 in Houston, starting on May 12. At last year's TechEd keynote, Anderson focused on mobile device management (MDM) features enabled by Windows Server 2012 R2, including Workplace Join, two-factor authentication, selective wipe and Work Folders.
Work Folders is a data synchronization and file-sharing feature of Windows Server 2012 R2 that was originally designed to work just with Windows 8.1 clients. Last month, though, Microsoft released support for Windows 7 clients using Work Folders, too.
At next week's TechEd, Microsoft plans to describe how it will use "native containers" to separate corporate content from personal content in BYOD scenarios.
"I believe that, eventually, all the mobile device/OS vendors will deliver native containers for corporate content (SAFE on Android is a specific example today), and these OS components will be integrated into solutions like Intune and Azure Active Directory," Anderson stated in the blog post.
He explained that in BYOD scenarios, Microsoft is aiming to let end users have "full control of what happens on their personal device" while also enabling organizations to have full control over the corporate data and applications on the device.
Anderson promised that organizations would be able to continue their expertise with System Center and Active Directory for such MDM scenarios. "Think of Windows Intune as System Center delivered from the Cloud," he explained.
Apparently, Anderson is referring to using a connector in System Center so that it serves as a "single pane of glass" for MDM capabilities that are only available in Windows Intune. That capability is enabled today through the use of System Center 2012 Service Pack 1. However, Anderson hinted that System Center also would be getting those MDM capabilities more broadly in some sort of future integration effort.
As a part of this effort to make our Enterprise Mobility solutions easy to use, we are also integrating all of the mobile management capabilities with our industry-leading PC management solution System Center. System Center administrators can now easily expand their impact and influence by using the current System Center console to also manage mobile devices -- all from that single console. There's no need to deploy and maintain any additional infrastructure or get trained on a new platform, and your end users have a consistent experience across PCs and all their mobile devices.
In past announcements, Microsoft has typically suggested that organizations would need both the latest System Center suite and Windows Intune to use many of the featured MDM capabilities.
MDM and Product Dependencies
Currently, Microsoft's latest flagship technologies are required to tap certain MDM features. Organizations typically need the licensing for Windows Server 2012 R2, System Center 2012 R2 and Windows Intune. It's possible to use a third-party management product too, perhaps, but that's a somewhat murky area in Microsoft's documentation.
Microsoft outlines the MDM capabilities of its products, as well as the Microsoft product dependencies necessary to get those capabilities, in its "Empowering People-Centric IT" publication, dated October 2013, which can be accessed at this page. The mobile capabilities have lots of product dependencies.
For instance, in order to enroll mobile devices to access applications from a company portal page, an organization would need licenses for Windows Server 2012 R2 and System Center 2012 R2 Configuration Manager, plus a Windows Intune subscription (p. 10). In order to provide secure access to corporate resources by remote users, organizations would need the Web Application Proxy feature of Windows Server 2012 R2, System Center 2012 R2 Configuration Manager and Windows Intune (p. 19).
Organizations sometimes have to check client support, too. For instance, the Work Folders feature of Windows Server 2012 R2 currently works with Windows 8.1 and Windows 7 clients. It's not supported for Windows 8 clients, though.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.