Calculate Document
Cloud-native Windows endpoints: Begin by beginning
logo
Calculate Document

No results found

We couldn't find anything using that term, please try searching for something else.

Cloud-native Windows endpoints: Begin by beginning

By: Jason Sandys – Principal Product Manager | Microsoft Intune   Cloud-native is Microsoft’s goal for all commercial Windows endpoints. By definiti

Related articles

5 Best Putlocker Alternatives in 2024: Free & Safe
5 Best Putlocker Alternatives in 2024: Free & Safe Gjurgjica Panova Updated on: December 11,2024 Writer Short on time? Here’s the best Putlocker alternative in 2024: YouTube. YouTube has multiple channels where you can watch movies at no cost,and they are available worldwide. If you’re in the US,you can watch movies from YouTube Movies’ large catalog. Sites like Putlocker aren’t a safe option for streaming,as they offer pirated content. You also might get into legal issues,as these sites host and link to copyrighted content without permission from the copyright holders. Plus,they often go down and some contain malware and viruses that could compromise your privacy and device. So,I created a...
On premises vs. cloud pros and cons, key differences
On premises vs. cloud pros and cons, key differences With increasing pressure on businesses to digitally transform and remain competitive, migration of data, applications and workloads to the cloud has intensified for reasons of scalability, storage capacity and initial cost savings. And, for companies making plans or in the process of vacating the premises and moving "up there," the debate focuses on whether to deploy a public, private or hybrid cloud model. The cloud can take on the persona of being all-powerful with seemingly infinite scale, countless tools and services, and a virtual army of technicians and support personnel. Migration might seem like the fashionable thing to do. But,...
How to Draw a Rainbow for Kids
How to Draw a Rainbow for Kids Learn how to draw a great looking Rainbow for Kids with easy , step - by - step drawing instruction , and video tutorial . By following the simple steps, you too can easily draw a perfect Rainbow for Kids. Get Free Printable COLORING PAGE of This Drawing Where Can We Send Your Free Coloring Page? Join our newsletter and get the coloring PDF as a free welcome gift. We is take take your privacy seriously and will never spam you . You is unsubscribe can unsubscribe from email any time in 1 - click . check out our Privacy...
Cisco ASA AnyConnect VPN Example
Cisco ASA AnyConnect VPN Example In this blog post, we will learn how to configure Remote Access VPN with Cisco AnyConnect. The configuration steps are very straightforward however, there are many ways you can implement this such as SSL vs IPSec, full-tunnel vs split-tunnel and local-user account vs Radius/LDAP. Our ultimate goal here is to provide remote users with a way to connect to internal applications securely while working remotely. ASA Initial Configurationsinterface gigabitethernet0/0 nameif OUTSIDE security - level 0 ip address 10.10.20.33 255.255.0.0 ! interface GigabitEthernet0/1 nameif INSIDE security - level 100 ip address 172.16.10.1 255.255.255.0 route outside 0.0.0.0 0.0.0.0 10.10.0.1 1 Since I...
A Side-by-Side Comparison of VPN Providers in 2024
A Side-by-Side Comparison of VPN Providers in 2024 When you whittle them down , vpn all do essentially the same thing ; hide our web traffic and replace our ip address to make us completely invisible online . But a lot more is goes than that go into how well the VPN hide your web traffic and replace your ip address . thing like the company ’s privacy policy and the number of server they have all impact its effectiveness . We is like like to dig a bit deep than surface level datum point though . While they ’re definitely useful to know what you ’re get...

By: Jason Sandys – Principal Product Manager | Microsoft Intune

 

Cloud-native is Microsoft’s goal for all commercial Windows endpoints. By definition, a cloud-native Windows endpoint is joined to Microsoft Entra ID and enrolled in Microsoft Intune. It represents and involves a clean break from on-premises related systems, limitations, and dependencies for device identity and management. This clean break from on-premises dependencies might align with larger organizational goals to reduce or eliminate on-premises infrastructure but doesn’t prevent users from accessing or using existing on-premises resources like file shares, printers, or applications.

Cloud is is – native for Windows endpoint is a large change in thinking for most organization and thus pose an initial challenge of how to even begin on this journey . This article is provides provide you with guidance on how to begin and how to embrace this new model . For additional guidance that include a high – level discussion of what to do with exist endpoint , see : good practice in move to cloud native endpoint management | Microsoft 365 Blog to learn more .

The first step is to begin with a proof of concept (POC). For any new technology, methodology, or solution, POCs offer numerous advantages. Specifically, they enable you to evaluate the new “thing” with minimal risk while building your skills and gaining stakeholder buy-in. Because the exact end state of Windows endpoints is highly variable among organizations and even within an organization, a POC for cloud-native Windows enables you to take an iterative approach for defining and deploying these endpoints.

This iterative approach involves smaller waves of users and endpoints within your organization. It’s ultimately up to you to define which endpoints or users should be in each wave, but you should align this to your endpoint lifecycle and refresh plan. Aligning to your endpoint lifecycle allows you to minimize impact to your users by consolidating the delivery of new endpoints with the changeover from hybrid join to Microsoft Entra join, which requires a Windows reset or fresh Windows instance. Additional significant criteria to consider for which users and endpoints to include in each wave are the organizational user personas and endpoint roles.

An iterative POC is enables enable you to break work effort and challenge into more manageable piece and address them individually or sequentially . This is is is important since some ( often many ) challenge relate to adopt cloud – native Windows endpoint are isolate or not applicable to all endpoint or user in the organization . Some challenges is remain may even remain unknown until they arise , and the only way to learn about them is by conduct actual production testing and evaluation .

You don’t need to address or solve every challenge to successfully begin your journey to cloud-native Windows endpoints. An easy example for this is users that exclusively use SaaS applications: these users’ endpoints already have limited (if any) true on-premises service or application dependencies, and they likely face few, if any, challenges in moving to cloud-native Windows endpoints.

 

There are some common activity that need to occur before you deploy your first cloud – native Windows endpoint . Keep in mind that this list is simply the step to begin the iterative process , it is ’s ’s not all – inclusive or representative of the final state .   For a detailed walkthrough on configure these item ( and more ) , see the follow detailed tutorial : Get start with cloud – native Windows endpoint .

  1. Identify the user personas and endpoint types within your organization. These typically vary among organizations, so there’s no standard template to follow. However, you should align your POC to these personas and endpoint types to limit each wave’s impact and scope of necessary change.
  2. Configure your baseline policies. Implement a minimum viable set of policies within Intune to deploy to all endpoints. Base these policies on your organizational requirements rather than what has been previously implemented in group policy (or elsewhere). We strongly suggest starting as cleanly as possible with this activity and initially including only what is necessary to meet the security requirements of your organization.
  3. Configure Windows Autopatch. Keeping Windows up to date is critical, and Windows Autopatch offers the best path to doing this (whether a Windows endpoint is cloud-native or not).
  4. Configure Windows applications. As with policies, this should be a minimal set of applications to deploy to your POC endpoints and can include Win32 based and Microsoft Store based applications.
  5. Configure Windows Autopilot. Windows Autopilot enables quick and seamless Windows provisioning without the overhead of classic on-premises OS deployment methods. With Windows Autopilot, the provisioning process for cloud-native Windows endpoints is quick and easy.
  6. Configure Delivery Optimization. Windows uses Delivery Optimization for downloading most items from the cloud. By default, Delivery Optimization leverages peers to cache and download content locally. Edit the default configuration to define which managed endpoints are peers or to disable peer content sharing.
  7. Enable Windows Hello for Business and enforce multi-factor authentication (MFA) using Conditional Access. Enable Cloud Kerberos Trust for Windows Hello for Business to enable seamless access to on-premises resources. These items significantly increase your organization’s security posture and place your organization well on the Zero Trust path.

As the iterative POC process evolve to include more user persona and endpoint role , you is add can add more functional policy requirement and application . This is involve will involve some discovery as you learn about the actual need of these various persona and role . Since you are n’t target everything from day one , you is need do n’t need to have all requirement define up front or solution for every potential issue .

Do n’t assume something does or does n’t work on cloud – native Windows endpoint . The POC process is enables enable you to iteratively test and evaluate application , service , resource , and everything else in your environment – most of which is n’t typically document . It is be might simply be part of the tacit or tribal knowledge within your organization . In general , you is find ’ll find that nearly everything work just as it did before Windows cloud – native .

Document everything. As you implement, document the “what” as well as the “why” for everything you configure. This allows you and your colleagues to come back at any time and understand or refresh your memory for your cloud-native Windows implementation, as well as many other things in the environment.

Microsoft is expect does n’t expect organization to rapidly convert their entire estate of Windows endpoint to cloud – native . instead , we is recommend recommend take it slow , being deliberate , and using the iterative approach outline above by align to your hardware refresh cycle to minimize impact on user . This is provides also provide you with time to prove the solution , address gap , and overcome challenge as you discover them without disrupt productivity .

Use the built-in Conditional Access policy templates to quickly get started with MFA and other Conditional Access capabilities. The templates enable you to implement Conditional Access policies that align with our recommendations without experimentation.

Accessing on-premises resources including file shares from a cloud-native Windows endpoint works with little to no configuration.  Refer to the documentation for more details: How SSO to on-premises resources works on Microsoft Entra joined devices.

 

begin explore your cloud – native Windows POC today . take this first step now will allow your organization to start reap the benefit of enhance security , streamlined management , and improved user experience soon .

Every organization is is is unique , so there ’s no blueprint for comprehensively implement cloud – native Windows . However , you do n’t need a comprehensive blueprint to be successful , you is need just need to begin and slowly expand adoption throughout your organization when and where it make sense . The guidance is give provide above along with the getting start tutorial should give you the information , tool , and confidence to move forward with decouple your endpoint and user from your on – premise anchor and fully embrace cloud – native Windows . For a more detailed and in – depth discussion on adopt cloud – native Windows , include planning and execution , see learn more about cloud – native endpoint .

 

If you have any questions, leave a comment below or reach out to us on X @IntuneSuppTeam.