First Look at ConfigMgr 2012 R2
In this post I want to touch on the changes which are coming with System Center 2012 R2. Obviously this blog will concentrate on ConfigMgr and Endpoint Protection, so let’s get started!
You can download the R2 preview of System Center 2012 along with an optional evaluation of Windows Server 2012 R2 (which looks amazing) from TechNet.
Deploying and Managing Windows 8.1
Let’s kick off by looking at what is available to the IT administrator when it comes to deploying Windows 8.1, this leads on from my post yesterday which if you read you will notice ConfigMgr addresses some of the capabilities.
- Boot support for Surface Pro is only available through USB media
- Surface Pro May 2013 driver pack and deployment guide
- VHD upload to Virtual Machine Manager, however VMM is still used for deployment
- Resultant client settings in console when having multiple policies
- Windows ADK 8.1 available
Unified Device Management
In ConfigMgr 2012 R2, we get unified device management by configuring the connector to Windows In Tune.
- Native company portal application for Windows, iOS and Android
- Choice between company or personal to decide management of devices for inventory
- Register and enroll devices through the Windows In Tune cloud and workplace join
- New site role, certificate registration point
- Ability to manage VPN profiles, WiFi profiles and certificates via ConfigMgr
Not a massive amount has changed in the Endpoint Protection space, just some minor improvements and things which take advantage of Windows 8.
- Early Launch Antimalware (ELAM)
- Measured Boot for boot protection
- Secure boot using UEFI
- Improved real-time client operations to clients < 1 minute
- Full support for Windows 8.1 and Windows Server 2012
- Supports alert toasts on the modern UI
- Supports Resilient File System (ReFS) and cluster shared volumes (CSV)
- Supports the scanning and remediation of modern UI applications
- Improvements made to Windows Defender in Windows 8 are now added to Endpoint Protection
- For MAPS customers, Endpoint Protection sends a recurring heartbeat, and new behavior monitoring telemetry from the new network sensor
- More resilient to malware attacks through AM Service hardening and improved methods of sending telemetry when under attack
A few other things are also coming in R2.
- Update cadence for cumulative updates is changed to quarterly
- Native integration of some MDT functionality such as Gather and Validate
- For untrusted forests, multiple network access accounts are supported
- More detailed status messaging
- New report for distribution point utilisation
- Enrollment UI for OS X devices, not longer a need to manually run a command line
- Maintenance windows specific for software updates
There you have it, quite a lot happening and a few things changing. I’m very happy with the changes, nothing massive has changed here just some minor tweaks here and there.