SlideShare une entreprise Scribd logo

SCCM Cloud Management Gateway

Télécharger en tant que PPTX, PDF
Anoop Nair
Anoop Nair

This is slightly customised ppt used in BITPro event by Rajul OS. Also the actual PPT is available here https://mms2017.sched.com/event/AUbW/cloud-management-gateway-deep-dive All credits to Aaron ! #BITPro

Technologie
1  sur  13
CLOUD MANAGEMENT GATEWAY Courtesy: Microsoft Corporation
SCENARIO AD CA Windows Update
INTERNET-BASED CLIENT MANAGEMENT AD CA Windows Update AD CA
 Manage traditional clients that roam on the Internet  Without additional infrastructure  Without exposing infrastructure to the Internet  That is easily configured through the Configuration Manager Console  Key features continue to work on the device when not on the corporate network  Software updates  Hardware and software inventory  Endpoint protection  Client notification  Settings  Applications PLAN TO SIMPLIFY
CLOUD MANAGEMENT GATEWAY AD CA Windows Update
CERTIFICATES  Management certificate  “Credentials” between site and Azure  Any certificate including self-signed  Public cert uploaded to Azure, .pfx with private key imports into site  Web Service (server authentication) certificate  Use public certificate provider (Symantec, Thawte)  Wild card certificate is not supported  Root/Subordinate certificate authority  Used by CMG for full chain validation on client PKI certificates  Client certificate
NETWORK PORTS  NO INBOUND PORTS REQUIRED! Source Port Destination Use Service Connection Point 443 Azure Deploy CMG CMG Connection Point 443 CMG CMG channel for first VM CMG Connection Point 10124-10140 CMG CMG channel for additional VM instances Client 443 CMG Client channel
SCALING CMG East US East Asia
PERFORMANCE CONSIDERATIONS  Any Internet-roaming client in the site will use the CMG  Reduce network latency by locating CMG, CMG Connection Point and Site Server in same geographic region  Client to CMG in Azure is not regional aware  For high availability, at least two VM instances and two CMG Connection Points per site  Scale-out by increasing VM instances, which leverages Azure load balancer in front of CMG  CMG does round-robin communication with multiple CMG Connection Points; creating more on-premises roles will distribute load
BEST PRACTICES AND FAQS  Publish Certificate Revocation List (CRL) to Internet  HTTPS is optional on-prem  Supports Azure US Government (Fairfax)  Unsupported features (as of 1710) • Azure Resource Manager • Client deployment using client push • Automatic site assignment • User policies • Application catalog • Full operating system deployment (OSD) • Configuration Manager console • Remote tools • Reporting website • Wake on LAN • Peer cache • On-premises Mobile Device Management • Mac, Linux, and UNIX clients • Task Sequence
TROUBLESHOOTING  Deployment:  CloudMgr.log  CMGSetup.log  Service health  CMGService.log  SMS_CLOUD_PROXYCONNECTOR.log  Client traffic  CMGHttpHandler.log -> CMGService.Log -> SMS_CLOUD_PROXYCONNECTOR.log
REFERENCES CMG Setup video  https://youtu.be/-awTBMdMHFE Product documentation  https://docs.microsoft.com/en-us/sccm/core/clients/manage/manage-clients-internet Cost estimates  https://docs.microsoft.com/en-us/sccm/core/clients/manage/plan-cloud-management- gateway#cost-of-cloud-management-gateway
QUESTIONS?

Recommandé

Sccm 2012
Sccm 2012Sccm 2012
Sccm 2012
ebuc
 
System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component
C/D/H Technology Consultants
 
System Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 OverviewSystem Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 Overview
Amit Gatenyo
 
SCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsSCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture Decisions
Anoop Nair
 
Office 365 migration
Office 365 migrationOffice 365 migration
Office 365 migration
Motty Ben Atia
 
Azure active directory
Azure active directoryAzure active directory
Azure active directory
Raju Kumar
 
Office 365 Mail migration strategies
Office 365 Mail migration strategiesOffice 365 Mail migration strategies
Office 365 Mail migration strategies
Fulvio Salanitro
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
Radhakrishnan Govindan
 

Recommandé

Sccm 2012
Sccm 2012Sccm 2012
Sccm 2012
ebuc
 
System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component
C/D/H Technology Consultants
 
System Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 OverviewSystem Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 Overview
Amit Gatenyo
 
SCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsSCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture Decisions
Anoop Nair
 
Office 365 migration
Office 365 migrationOffice 365 migration
Office 365 migration
Motty Ben Atia
 
Azure active directory
Azure active directoryAzure active directory
Azure active directory
Raju Kumar
 
Office 365 Mail migration strategies
Office 365 Mail migration strategiesOffice 365 Mail migration strategies
Office 365 Mail migration strategies
Fulvio Salanitro
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
Radhakrishnan Govindan
 
SCCM 2012 Presentation
SCCM 2012 PresentationSCCM 2012 Presentation
SCCM 2012 Presentation
Faisal Alvi [MCTS]
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
David J Rosenthal
 
Office 365 Migration Planning
Office 365 Migration PlanningOffice 365 Migration Planning
Office 365 Migration Planning
Credera
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via Intune
Anoop Nair
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptx
ceyhan1
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint Manager
George Grammatikos
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
Marco Alamanni
 
Ewug 1711 co management
Ewug 1711 co managementEwug 1711 co management
Ewug 1711 co management
Per Larsen
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity Management
Eng Teong Cheah
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Edureka!
 
5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilot
Andrew Bettany
 
Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education
Herman Arnedo
 
Introduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 EnterpriseIntroduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 Enterprise
Robert Crane
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
New Horizons Ireland
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Office 365: Migrating Your Business to Office 365!
Office 365: Migrating Your Business to Office 365!Office 365: Migrating Your Business to Office 365!
Office 365: Migrating Your Business to Office 365!
Michael Frank
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 
Azure notification hubs
Azure notification hubsAzure notification hubs
Azure notification hubs
Dinusha Kumarasiri
 
Managing the Role Hierarchy at Enterprise Scale
Managing the Role Hierarchy at Enterprise ScaleManaging the Role Hierarchy at Enterprise Scale
Managing the Role Hierarchy at Enterprise Scale
Salesforce Developers
 
Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cb
Kenny Buntinx
 
Cloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptxCloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptx
Satyam340172
 

Contenu connexe

Tendances

Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education
Herman Arnedo
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 
Managing the Role Hierarchy at Enterprise Scale
Managing the Role Hierarchy at Enterprise ScaleManaging the Role Hierarchy at Enterprise Scale
Managing the Role Hierarchy at Enterprise Scale
Salesforce Developers
 

Tendances (20)

SCCM 2012 Presentation
SCCM 2012 PresentationSCCM 2012 Presentation
SCCM 2012 Presentation
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
 
Office 365 Migration Planning
Office 365 Migration PlanningOffice 365 Migration Planning
Office 365 Migration Planning
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via Intune
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptx
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint Manager
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
 
Ewug 1711 co management
Ewug 1711 co managementEwug 1711 co management
Ewug 1711 co management
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity Management
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
 
5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilot
 
Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education
 
Introduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 EnterpriseIntroduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 Enterprise
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Office 365: Migrating Your Business to Office 365!
Office 365: Migrating Your Business to Office 365!Office 365: Migrating Your Business to Office 365!
Office 365: Migrating Your Business to Office 365!
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Azure notification hubs
Azure notification hubsAzure notification hubs
Azure notification hubs
 
Managing the Role Hierarchy at Enterprise Scale
Managing the Role Hierarchy at Enterprise ScaleManaging the Role Hierarchy at Enterprise Scale
Managing the Role Hierarchy at Enterprise Scale
 

Similaire à SCCM Cloud Management Gateway

Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
CA Technologies
 
Brk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azureBrk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azure
Abou CONDE
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
nvirters
 
Developing and deploying windows azure applications
Developing and deploying windows azure applicationsDeveloping and deploying windows azure applications
Developing and deploying windows azure applications
Manish Corriea
 

Similaire à SCCM Cloud Management Gateway (20)

Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cb
 
Cloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptxCloud Management Gateway for SCCMZ .pptx
Cloud Management Gateway for SCCMZ .pptx
 
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting TipsSCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
 
Citirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise MobilityCitirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise Mobility
 
Service management Dec 11
Service management Dec 11Service management Dec 11
Service management Dec 11
 
Service Management Dec 11
Service Management Dec 11Service Management Dec 11
Service Management Dec 11
 
Net Services
Net ServicesNet Services
Net Services
 
Expandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibridaExpandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibrida
 
Azure Cloud Application Development Workshop - UGIdotNET
Azure Cloud Application Development Workshop - UGIdotNETAzure Cloud Application Development Workshop - UGIdotNET
Azure Cloud Application Development Workshop - UGIdotNET
 
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
 
Brk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azureBrk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azure
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
 
SCCM on Microsoft Azure
SCCM on Microsoft AzureSCCM on Microsoft Azure
SCCM on Microsoft Azure
 
Azure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSOAzure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSO
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
 
Developing and deploying windows azure applications
Developing and deploying windows azure applicationsDeveloping and deploying windows azure applications
Developing and deploying windows azure applications
 
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerWMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
 
AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
 
The Future of PKI. Using automation tools and protocols to bootstrap trust in...
The Future of PKI. Using automation tools and protocols to bootstrap trust in...The Future of PKI. Using automation tools and protocols to bootstrap trust in...
The Future of PKI. Using automation tools and protocols to bootstrap trust in...
 

Plus de Anoop Nair

Bangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCMBangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCM
Anoop Nair
 

Plus de Anoop Nair (8)

Disaster Recovery using Azure Services
Disaster Recovery using Azure ServicesDisaster Recovery using Azure Services
Disaster Recovery using Azure Services
 
Modern Device Management Intune Policies vs Group Policies
Modern Device Management Intune Policies vs Group PoliciesModern Device Management Intune Policies vs Group Policies
Modern Device Management Intune Policies vs Group Policies
 
Azure Automation by Deepak Dhami
Azure Automation by Deepak DhamiAzure Automation by Deepak Dhami
Azure Automation by Deepak Dhami
 
Design & Secure Your Cloud Infrastructure
Design & Secure Your Cloud Infrastructure Design & Secure Your Cloud Infrastructure
Design & Secure Your Cloud Infrastructure
 
SCCM ConfigMgr Intune Architecture Decision Maker
SCCM ConfigMgr Intune Architecture Decision MakerSCCM ConfigMgr Intune Architecture Decision Maker
SCCM ConfigMgr Intune Architecture Decision Maker
 
How to start Learning Microsoft Intune
How to start Learning Microsoft IntuneHow to start Learning Microsoft Intune
How to start Learning Microsoft Intune
 
Windows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group EventWindows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group Event
 
Bangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCMBangalore IT Pro Full Day Event on Intune and SCCM
Bangalore IT Pro Full Day Event on Intune and SCCM
 

Dernier

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Dernier (20)

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

SCCM Cloud Management Gateway

  • 1. CLOUD MANAGEMENT GATEWAY Courtesy: Microsoft Corporation
  • 3. INTERNET-BASED CLIENT MANAGEMENT AD CA Windows Update AD CA
  • 4.  Manage traditional clients that roam on the Internet  Without additional infrastructure  Without exposing infrastructure to the Internet  That is easily configured through the Configuration Manager Console  Key features continue to work on the device when not on the corporate network  Software updates  Hardware and software inventory  Endpoint protection  Client notification  Settings  Applications PLAN TO SIMPLIFY
  • 5. CLOUD MANAGEMENT GATEWAY AD CA Windows Update
  • 6. CERTIFICATES  Management certificate  “Credentials” between site and Azure  Any certificate including self-signed  Public cert uploaded to Azure, .pfx with private key imports into site  Web Service (server authentication) certificate  Use public certificate provider (Symantec, Thawte)  Wild card certificate is not supported  Root/Subordinate certificate authority  Used by CMG for full chain validation on client PKI certificates  Client certificate
  • 7. NETWORK PORTS  NO INBOUND PORTS REQUIRED! Source Port Destination Use Service Connection Point 443 Azure Deploy CMG CMG Connection Point 443 CMG CMG channel for first VM CMG Connection Point 10124-10140 CMG CMG channel for additional VM instances Client 443 CMG Client channel
  • 9. PERFORMANCE CONSIDERATIONS  Any Internet-roaming client in the site will use the CMG  Reduce network latency by locating CMG, CMG Connection Point and Site Server in same geographic region  Client to CMG in Azure is not regional aware  For high availability, at least two VM instances and two CMG Connection Points per site  Scale-out by increasing VM instances, which leverages Azure load balancer in front of CMG  CMG does round-robin communication with multiple CMG Connection Points; creating more on-premises roles will distribute load
  • 10. BEST PRACTICES AND FAQS  Publish Certificate Revocation List (CRL) to Internet  HTTPS is optional on-prem  Supports Azure US Government (Fairfax)  Unsupported features (as of 1710) • Azure Resource Manager • Client deployment using client push • Automatic site assignment • User policies • Application catalog • Full operating system deployment (OSD) • Configuration Manager console • Remote tools • Reporting website • Wake on LAN • Peer cache • On-premises Mobile Device Management • Mac, Linux, and UNIX clients • Task Sequence
  • 11. TROUBLESHOOTING  Deployment:  CloudMgr.log  CMGSetup.log  Service health  CMGService.log  SMS_CLOUD_PROXYCONNECTOR.log  Client traffic  CMGHttpHandler.log -> CMGService.Log -> SMS_CLOUD_PROXYCONNECTOR.log
  • 12. REFERENCES CMG Setup video  https://youtu.be/-awTBMdMHFE Product documentation  https://docs.microsoft.com/en-us/sccm/core/clients/manage/manage-clients-internet Cost estimates  https://docs.microsoft.com/en-us/sccm/core/clients/manage/plan-cloud-management- gateway#cost-of-cloud-management-gateway

Notes de l'éditeur

  1. Both
  2. Aaron Traditional management with SCCM (not ready for modern management via Intune) Clients roam onto Internet (home, travel, remote office) Still need to be managed, especially software updates
  3. Aaron This method relies on Internet-facing site system servers to which clients communicate for management purposes. This method requires clients and site system servers to be configured for Internet-based management. Advantages: No cloud service dependency. No additional cost associated with a cloud subscription. Full control of servers and roles providing the service. Disadvantages: Require additional infrastructure investment. Overhead and operational cost of additional infrastructure. Infrastructure must be exposed to the Internet.
  4. Aaron
  5. Aaron Advantages: No additional infrastructure investment required. Does not expose on-premises infrastructure to the Internet. Cloud virtual machines that run the service are fully managed by Azure and require no maintenance. Easily set up and configured in the Configuration Manager console. Disadvantages: Cloud subscription cost. Management data sent through cloud service.
  6. Dune
  7. Aaron
  8. Aaron
  9. Dune
  10. Dune
  11. Dune
  12. Aaron