19. MFA
App
Service
App Insights
Subscriptions,
licenses,
billing
Storage
Azure DW
Machine
Learning
Bot Framework
Weird
services
Service Fabric
Cognitive
Services
Azure
DevOps
Git, Github
Automation,
Batch, WebJobs
Service Bus,
Queues, Tables
CDN
Logic Apps
Key Vault
Backup
Site Recovery
AKS
Containers
VNET
All things on-
premises
ExpressRoute
Traffic
Management
API Management
Data Factory
Cosmos DB
Data Lake
Functions
Stream
Analytics
Azure Gateway
Azure Stack
Security
Center
Web Apps Azure AD
Azure SQLVirtual Machines
Azure Cache
20.
21. Microsoft 365 Enterprise
Microsoft 365 Business
Office 365 Enterprise
Windows 10 Enterprise
Enterprise Mobility + Security
Intune
Office 365 for Business
Windows10Pro
3001
E5
E3
Licensing
22. Microsoft 365 Enterprise
Chat- centric workspace
Teams
Email & Calendar
Outlook
Voice, Video & Meetings
Skype for Business
Co-creating content
Office ProPlus
Sites & Content management
SharePoint and OneDrive
Analytics
Delve
Security & Compliance
Data Loss Prevention
M I C R O S O F T 3 6 5 E 3
Office 365 Enterprise E3 Enterprise Mobility
+ Security E3
Windows 10 Enterprise E3
Identity & Access Management
Azure Active Directory Premium P1
Managed Mobile Productivity
Microsoft Intune
Information Protection
Azure Information Protection Premium P1
Identity Driven Security
Microsoft Advanced Threat Analytics
Advanced Endpoint Security
Credential Guard, Device Guard
Designed For Modern IT
Azure AD Join, Dynamic Management
More Productive
Windows Ink, Cortana at Work
Powerful, Modern devices
Innovative designs, new in class devices
23. Microsoft 365 Enterprise
M I C R O S O F T 3 6 5 E 3
Office 365 Enterprise E3 Enterprise Mobility
+ Security Suite E3
Windows 10 Enterprise E3
Voice
PSTN Conferencing, Cloud PBX
Analytics
Power BI Pro, MyAnalytics
Security & Compliance
ATP, TI, ASM, Advanced eDiscovery & more
M I C R O S O F T 3 6 5 E 5
Office 365 Enterprise E5 Enterprise Mobility
+ Security E5
Windows 10 Enterprise E5
Identity & Access Management
Azure Active Directory Premium P2
Information Protection
Azure Information Protection Premium P2
Identity Driven Security
Microsoft Cloud App Security
Advanced Endpoint Security
Windows Defender Advanced Threat Protection
24. Choose deployment model
Self-install, Office Deployment
Tool or System Center
Configuration Manager
Prepare install
Config.office.com
Assess current infrastructure
Readiness Toolkit, licensing
model, network capability
Office deployment approach
25. Customers expect a lot
“We’ve been putting this
off for 10 years but have
to do it over the weekend
now”
“The cloud? No, it
doesn’t work for us as
we have SPECIAL
needs”
“Everything has to
remain the same”
“There was a new service
released in Office 365
last night..”
29. IT Pros for the past 25 years
▪ Install Windows $VERSION
▪ Install IIS + furiously configure settings
▪ Install SQL Server $VERSION
▪ Install service pack
▪ Install hotfix 1-9999
▪ Install cumulative updates 1-57
▪ Reboot server 27 times
30. Required skills in 2019
▪ Microsoft Azure: IaaS, PaaS
▪ ARM templates. And Terraform!
▪ PowerShell and Azure CLI and Az PS and Bash scripts
▪ Docker and Containers and Kubernetes and basically everything
▪ Windows Server
▪ Active Directory and Azure Active Directory
▪ Windows 10 management
▪ System Center and Intune and co-management
▪ Office 365: Exchange Online, SharePoint Online, Teams etc.
▪ Security *.*
▪ Networking
▪ Browsers & Office clients
31. Identities, security, GPOs,
groups, office objects
Centralized patching
Centralized deployment,
reporting
Business Intelligence,
company wisdom
Extension to file servers, and
also platform for business
apps
Typically third-party
business apps
Traditional workplace model
32. Everything else
Additional services, add-
ons, licenses, restrictions
Windows 10 rollout
Automated approach, that
follows Microsoft update
cycles (n-1)
Modern teamwork
Office 365, with its
numerous services
Heart of security and
management
Identities, security,
reporting, licenses.
Deployment approach
38. Securing Privileged Access
Office 365 Security
Rapid Cyberattacks
(Wannacrypt/Petya)
https://aka.ms/MCRA Video Recording Strategies
SQL Encryption &
Data Masking
Office 365
Dynamics 365
+Monitor
Data Loss Protection
Data Governance
eDiscovery
39. Windows 10 Enterprise capabilities
Windows10EnterpriseE5
Windows10EnterpriseE3
The most trusted platform
Enterprise Data Protection
Prevent accidental leaks by separating
personal and business data
Windows Hello for Business
Enterprise grade biometric and
companion device login
Credential Guard
Protects user access tokens in a
hardware-isolated container
AppLocker
Block unwanted and inappropriate
apps from running
Device Guard
Device locked down to only run fully
trusted apps
Advanced Threat Protection
Behavior-based, attack detection
Built-in threat intelligence
Forensic investigation and mitigation
Built into Windows
More personal
User Experience Virtualization (UX-V)
OS and app settings synchronized across
Windows instances
Granular UX Control
Enterprise control over user experience
More productive
Azure Active Directory Join
Streamline IT process by harnessing the
power of the cloud
MDM enablement
Manage all of your devices with the
simplicity of MDM
Windows Store for Business,
Private Catalog
Create a curated store experience for
employee self-service
Application Virtualization (App-V)
Simplify app delivery and management
Cortana Management
Create, personalize, and manage Cortana
profiles through Azure Active Directory
Windows 10 for Industry Devices
Turn any inexpensive, off-the-shelf
device, into an embedded, handheld, or
kiosk experience
The most versatile devices
40. ▪ Exchange only
▪ Only few security related settings (PIN,
encryption)
▪ Full wipe
▪ All Office 365 services
▪ Security policy only
▪ Selective wipe, full wipe
▪ iOS, Android, Windows Phone
▪ All applications
▪ Compliance and Configuration policies, WiFi, VPN and
Email profiles
▪ Application deployment and management
▪ Various different management tasks, including
selective/full wipe
▪ iOS, Android, macOS, Windows PC, Windows Phone
▪ The best of both worlds
▪ Adds complexity, but provides best on-premises angle
Management models
44. Understand Azure Active Directory
Features, licenses, limitations and
capabilities and how to setup stuff.
Understand modern Windows 10
deployment models
Windows 10 Autopilot, MDM enrollment
Be vigilant with security, but keep it
reasonable
Utilize good practices, employ security
services and make an effort. Operational
and design time checklists are great!
On-premises has a future. Kind of.
Many companies still need on-premises, like it or not.
Build from the ground up, but respect the
history
You need to see and anticipate for the future.
Unlearn when needed; stick to legacy when it
makes more sense.
No need to change everything overnight. Start with
Windows 10 and EM+S, move to Office 365 and build
from there.
Survival guide
45. Deploy Microsoft 365 Enterprise
aka.ms/m365edeploy
Microsoft 365 architectures
aka.ms/m365eposter
Contoso reference implementation
aka.ms/m365econtoso
Test lab guides
aka.ms/m365etlgs