We built Pulse DMS so our customers can leverage the Cloud by simplifying and improving the way in which they can manage & secure their desktop devices; an option that didn’t exist until now. We Cloud-enabled one of the most powerful systems management solutions, addressing many problems from customers through our years of consulting.
Why Cloud-enabled ConfigMgr?
Microsoft System Center Configuration Manager (ConfigMgr) turned 25 last year with over 100 million active devices managed by the platform. ConfigMgr is a core platform for enterprises to migrate, manage and secure their desktop devices. As Microsoft continues to develop ConfigMgr’s cloud cousin (Microsoft Intune), ConfigMgr still remains a core part of Microsoft’s strategy to help customers to manage and migrate to Windows 10. Testament to this is the inclusion of the ConfigMgr Client Access License (CAL) in many of the Microsoft subscription licensing bundles. Interestingly Microsoft’s SaaS-ification of ConfigMgr aims to increases the release cadence for ConfigMgr builds to improve value, agility and release stability – not deliver ConfigMgr as a cloud service.
Enterprise Cloud adoption is growing at an exponential rate. Availability, cost, service level improvement and reduced risks are amongst many reasons why our customers are moving to Cloud platforms and subscriptions.
Our goal was to simplify how our customers could manage their environments with ConfigMgr, whilst using the Microsoft Azure Cloud platform and our experience to increase the functionality & security for modern workplace needs. We know that SaaS-ification of ConfigMgr combined with Windows-as-a-Service are great steps towards increasing value and security to customers, and we felt there was an opportunity to provide these as a cloud service, to simplify the burden that constant build releases from Microsoft may cause.
Many of our customers use ConfigMgr and have a good understanding of both the capabilities and complexity. Customers have spent time configuring the platform, operating system (OS) images, applications and policies to meet their needs. Ongoing maintenance is time consuming, and we are constantly asked about options to help either with managed services or professional services for upgrades.
What our customers wanted was a solution that would support more flexible working needs whilst protecting data and users. We also knew without significantly improving the capabilities of ConfigMgr, we wouldn’t overcome the change barrier for adopting a new solution – even one where IT were familiar with. We focussed on the key areas that would really help eliminate customer pain points.
Firstly, we knew providing a Cloud-enabled ConfigMgr service would address the maintenance pain and the increased rhythm of build updates, whilst still providing customers with access to the console and the ability to transfer configuration, policy and images they’d spent hours perfecting.
Secondly, managing devices directly from the internet would also benefit Service Desk & Desktop Support Teams with software deployment and device re-imaging available remotely if necessary.
We also knew having a pre-built platform simplified not only existing environments, but upgrade projects for Windows 10 deployment. Rapid acceleration of these projects are key, plus simplifying typically complex merger and acquisition projects.
Policy management was critical. We didn’t want people to re-invent the wheel starting from scratch (especially with Windows 10) so we reviewed the UK National Cyber Security Centre guidelines and built all the policy settings as templates for customers to use.
We also wanted to create a repository that was continually updated, helping customers with both Windows 10 images and core applications (such as Office), so we built these into the platform for customers to use. More importantly, if this work had already been done, customers have the ability to import these easily. With Windows-as-a-Service (WaaS) in Windows 10, the ongoing update management of the service is just as important as the deployment, so we worked hard to build this into the platform.
WannaCry (amongst other cyberthreats) highlighted the need for better Patch Management processes, and identified both technology and process gaps. We focussed on simplifying and creating a patching and OS updating framework in Pulse DMS, so our customers could use this approach should they need to.
Cloud-enabling ConfigMgr with Pulse DMS gave the ability to extend the reach of ConfigMgr beyond the network boundaries and reduce the reliance on end user-based VPN authentications. We can now patch, secure and report on compliance settings directly from the internet.
Using the Microsoft Azure Platform helped us integrate with Azure Active Directory (AD) services and provide a host of features such as multi-factor authentication (MFA), encryption and enable Windows Defender Advanced Threat Protection.
Although ConfigMgr is designed for enterprise, we wanted to make sure any business could easily use Pulse DMS.
We built Pulse DMS with two interfaces, so teams with little ConfigMgr experience can use this with little training or onboarding. Then as advanced scenarios are required, they can use the traditional administration console.
The idea was to allow an intuitive interface for The Service Desk, giving better visibility of the user, devices and application data which existed in ConfigMgr for better first line support resolution. Without needing the usual training the ConfigMgr console requires.
Zero on-premise infrastructure simplified the architectural and management needs for our customers too. Many of our early customers had benefited from this when migrating to Office 365 from exchange, so this was a key benefit.
What is Pulse DMS?
In my next blog, I’ll provide an overview of Pulse DMS, taking a deeper dive into the functionality, and also discuss the best uses of Pulse DMS and some scenarios where we have seen great results.