Endpoint Management Part 3

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

4 hours 24 minutes
Video Transcription
All right. Welcome back, ladies and gentlemen, to part two off this video series we are carrying on Talking about Microsoft Endpoint Manager.
All right, so we've just finished with desktop analytics and the way that it integrates with configuration manager. So let's move on and talk a little bit about that malware environment. And this is called Microsoft Defender Advanced threat protection. You may also see this
being called a T. P.
All right, so marks off defender a teepee on this is basically things like responses to breaches, investigation. You know, you're looking at the actual in the initial preventative measures that are done, and that's why 80 p does.
All right, so that's what we're looking at in general here. And I'm gonna bring up a quick photo of how it looks in the club. Excuse me in the cloud environment.
So what we're talking about here with 80 p is the things like, you know, response to problems, the detection of the breaches, you know? How did it happen? That kind of kind of root cause analysis on the initial protection as well that comes with it, eh? So what I'm gonna do now is I'm gonna put up. If I remove this,
I'm gonna put up a very quick
screen shot just to let you see how it looks in the cloud environment. I think very beneficial for you. So this is what you look at here Now, the you don't need to worry too much about it in general. But you're effectively. It's very visual is what I'm trying to get across many people. When they look auditing systems,
they think, Oh, my God, I'm gonna have, you know, a spreadsheet full of numbers and I won't know what to do with them and that kind of thing
that's all gone out the window. Now modern new eyes mean that you can pick out things very quickly. You can pick out trends and patterns and that kind of thing on, that's what 80 p now does for you. It will pick out things where there might be problems. You know, problem users. Maybe there's the same device being
breached constantly or, you know they're there. Find where the problem occurred and started
that kind of thing, and that's what that's what Now they give to you in this environment. But it's ah, it's a very handing piece of ah, piece of software. New.
The final thing I want to talk about with the endpoint manager group is Aziz Your a D Premium Now a. D stands for active directory.
If you've worked in any kind of I t before, you probably heard of Active Directory. It's the way that we deal with user accounts, groups anything to do with, you know, the way that you structure your network effectively. That's why Active directory does so with endpoint manager
you can use if you have a your A D premium.
Things like the self service password reset. This is quite handy. You can actually enroll people into this. Remember, we talked about enrolling the air, quotes enrolling users where they can answer a certain series of questions that they set themselves when they first join.
Onda allows them to set their own password without having to phone your auntie help desk or even yourself,
and say, Can you please reset my password for me? Then you've got to log into the system, change their passwords, emails them, then they can't get in. So then you have to read them a temporary password over the phone we all know we will be in there. We all know what it's like. All right, so that's a really handy feature. The next one
is It has right back from your i d to on premises Active directory
s. So what that means is is that your cloud and on premises areas are linked on effectively. When you make a change on one, it changes on the other. The right back terminology. We used to just call that synchronization basically, but they now call it right back. It means they come right back and forth between
the two environments effectively.
Which means if you do a change on the domain when you're in the office by the time you're out and about that change will hopefully have arrived on the cloud on the cloud will show that change as well. And likewise, the other way, you might be out. Make a change on your phone, come into the office log onto your computer
and your domain servers are actually has showing the update that you made while you were out
so very handy Feature.
It also covers is your multi factor authentication or m f A. You may not have heard of multi factor authentication, but you can almost be certain that if you haven't used already, you will do in the next 2 to 5 years.
I m f A is what you get when basically let's take a service. Let's talk about Facebook, for example. When I log into Facebook on my account, I have my email address on my password.
If I do not provide a pin or authentication request that has Bean positively acknowledged, then on my phone, then it won't allow me to log in. Which means if someone knows my password on my email address, they still cannot log in as May
because they don't have my physical phone and they can't receive
my multi factor authentication pin. So that's what it is. It's a another level of authentication to say. Are you actually who you say you are? That's That's the what MF A is there,
and then finally, we have conditional access. Now there's a few sections to do with this Now. The first is conditional access based on group location on device states, so you can check if someone is in a particular group
at a particular location or if their devices in a particular state. What do we mean by that? Well, I'm talking about things like whether they have service packs installed if you are using not Windows 10 but something else. But if you've got, like, a certain version of windows with service packs now, these will be called feature updates.
Feature up, put feature updates there. So I could say I only want laptops on my network that have 19 0
1903 as an example. All right, so 93 or higher. So if anything comes in below that it won't allow it to log on. That's basically what you could do with that. Now, the other option with this is to do conditional access based on a sign in or use of risk. So you could say right, Well,
this person is on a
ah phone that we don't officially support on the network. Maybe it's not. You know the hardware I d is not on the network s o. We need them to either prove who they are, or we need them to, uh, not log in, Basically, is the bottom line. So either prove that you are who you say you are
or show or don't don't find another way of coming in,
and that's basically what we're looking out on. We can also do a conditional access based on Sinan Means that you can check if the account is in a particular risk section.
So if there, for example, on an airport wireless network. Andi, you don't want to log in because, well, that wireless network doesn't particularly have good encryption or it's not meeting the standards of encryption that you require. You can actually say No, I'm not letting you in on That's the end of that story
Now the key thing is, those two last ones, the sign in and the user risk
our only on certain plans off Microsoft 36 fives. That's something to keep in mind, usually at the top end of the market.
All right, so keep that in mind when you're talking about conditional access. All right, let's move on a little bit to co management. So
what is it? So co management in its most basic form is the secret in Ized Cloud and on premise is control off endpoints. That's what we're talking about here s O. Co management means that It doesn't matter which way around you manage your network,
you can manage your on site. You can manage it in the cloud.
It doesn't matter. They both synchronize up. That's the key thing regarding co management.
So things like conditional access. We've just been speaking about that remote actions when I save remote actions. I'm talking about things like deleting company data on, like a stolen device or something like that. I'm talking about renaming devices, even restarting devices. I can send a signal
either on my network or on the cloud to tell a device to restart. I can also look at the device inventory and make sure that you know that nothing's out of the ordinary, perhaps, or something like that, as well as remotely controlling device. This is what you would use mainly for support
with remote control, any kind of support that you would use their
and I can. Also, this is probably the most critical thing for May. Certainly wipe out a pre installed O. E M app. Fresh start reboots. These things are brilliant. I love these. Basically, you get a machine from Lenovo, HP, Dell, whoever you want and it's got their software plastered all over it.
On this button, the fresh start reboot
basically tells all of that to just get lost. It's lovely. I love it. It's one of my favorite buttons. I used to spend hours as an engineer having toe wipe off Oh, am applications from a machine when it first arrived. Gnome or no, no more. Now you just click a button and you sit back and wait for it to reboot. And it's great. All right,
then. You also have the ability to do a factory reset on any Windows 10 device as well.
So those are the Ramo actions that you can do with co management.
Let's have a look at client health. So client health, you're talking about the ability to check on things. So do they have the right anti virus? Is their firewall configured? What version of Windows Air they running? Do they need to be updated? Have they checked in
with the I don't know the latest intelligence update for Windows Defender
as an example, that kind of thing you can say if they haven't reached those points, then you could send out requests for the machine to do so
and co management. Also, we come back to this Windows autopilot. I won't spend too long on this because I showed you that nice little graphic on how it works. But Window Co management supports Windows autopilot as well, and it also supports hybrid is your a D. Now
that sounds quite complex. It's really not. We've already talked, talked about a D. Being active directory hybrid just means it's a mix of clouds and on site. That's all it means, And it just it fits up that were there, fits right up with that.
That's what he does,
All right, on what you can do with that is you can do things like single sign on to cloud. Resource is so you don't need to type your password in multiple times. You can use Windows. Hello for business. We've spoken about this before, where you can have pins and picture passwords and facial recognition on machines. That kind of thing.
You could also use a conditional access based on the device because they will.
That's an android device, and we only allow IOS or you know any anything along those lines as well. On. Then you can also do automatic device licensing you can push devices to so you can push licenses to devices. I wish we could push devices to licences that would be cool.
You just click a button and it sends your phone down the line to the user. That would be quite cool on it also does self service functionality. We spoke about the self service password reset on several other features as well that it can do Onda Enterprise State roaming. This basically means that you don't have to worry about switching between
different areas of the network or even off the network. The machine will just deal with it. Basically
eso If you come in on to your network, it will start to manage it with the on site. If you then disappear out because you've got meeting, then it switches to cloud automatically that kind of thing.
All right, let's finish up then. So we'll finish up with our usual pop quiz. Let's have a go. So what is the name off the Cloud based Enterprise Mobility Management Tool? Remember, there were two tools.
So we're talking about two tools here. What was the cloud based one?
Can anyone remember?
All right, if you said in tune you would be absolutely correct.
Does anyone remember what the last one was? What? The second option Waas The on premises version the on premises one was called configuration manager. So these are the two e m. M's.
All right, keep that in mind when you're working with those. One is on site and one is cloud.
All right in this video are in these two videos, I should say today we have discussed Andi extrapolated what? To unified endpoint management means. So that's just the idea. The unified point is just to bring things together. That's effectively what we're talking about.
We don't want to go to six different consoles in order to do
one thing. We want to go to one place and we want to click a few buttons.
Then we talked about the challenges involved with managing and securing devices, so he talked about B y o D. If a user brings their own device, we talked about having items lost or stolen the cost of replacement with that
the you know that the monetary value that comes with it, that's a pound sign. For those of you who aren't from the UK a dollar sign right next to it as well.
Every guy.
Um And then we also spoke about how Microsoft 365 protects data across devices. So we're talking about windows information protection. Advanced threat protection came into it as well. On also the way they integrate with tours that people will news on a daily basis.
All right, well, thank you for joining me. I hope this video video has been informative for you.
And I'd like to thank you for watching.
Up Next