SlideShare a Scribd company logo

SCCM Cloud Management Gateway

Download as PPTX, PDF
Anoop Nair, profile picture
Anoop Nair

The document discusses the Cloud Management Gateway (CMG) by Microsoft for managing internet-roaming clients without exposing infrastructure to the internet. It outlines features like software updates, client notification, and endpoint protection, as well as management certificates and network port requirements. Additionally, it highlights best practices for deployment, performance considerations, and unsupported features.

Technology
1 of 13
Downloaded 113 times
1
2
3
4
5
6
7
8
9
10
11
12
13
CLOUD MANAGEMENT GATEWAY Courtesy: Microsoft Corporation
SCENARIO AD CA Windows Update
INTERNET-BASED CLIENT MANAGEMENT AD CA Windows Update AD CA
 Manage traditional clients that roam on the Internet  Without additional infrastructure  Without exposing infrastructure to the Internet  That is easily configured through the Configuration Manager Console  Key features continue to work on the device when not on the corporate network  Software updates  Hardware and software inventory  Endpoint protection  Client notification  Settings  Applications PLAN TO SIMPLIFY
CLOUD MANAGEMENT GATEWAY AD CA Windows Update
CERTIFICATES  Management certificate  “Credentials” between site and Azure  Any certificate including self-signed  Public cert uploaded to Azure, .pfx with private key imports into site  Web Service (server authentication) certificate  Use public certificate provider (Symantec, Thawte)  Wild card certificate is not supported  Root/Subordinate certificate authority  Used by CMG for full chain validation on client PKI certificates  Client certificate
NETWORK PORTS  NO INBOUND PORTS REQUIRED! Source Port Destination Use Service Connection Point 443 Azure Deploy CMG CMG Connection Point 443 CMG CMG channel for first VM CMG Connection Point 10124-10140 CMG CMG channel for additional VM instances Client 443 CMG Client channel
SCALING CMG East US East Asia
PERFORMANCE CONSIDERATIONS  Any Internet-roaming client in the site will use the CMG  Reduce network latency by locating CMG, CMG Connection Point and Site Server in same geographic region  Client to CMG in Azure is not regional aware  For high availability, at least two VM instances and two CMG Connection Points per site  Scale-out by increasing VM instances, which leverages Azure load balancer in front of CMG  CMG does round-robin communication with multiple CMG Connection Points; creating more on-premises roles will distribute load
BEST PRACTICES AND FAQS  Publish Certificate Revocation List (CRL) to Internet  HTTPS is optional on-prem  Supports Azure US Government (Fairfax)  Unsupported features (as of 1710) • Azure Resource Manager • Client deployment using client push • Automatic site assignment • User policies • Application catalog • Full operating system deployment (OSD) • Configuration Manager console • Remote tools • Reporting website • Wake on LAN • Peer cache • On-premises Mobile Device Management • Mac, Linux, and UNIX clients • Task Sequence
TROUBLESHOOTING  Deployment:  CloudMgr.log  CMGSetup.log  Service health  CMGService.log  SMS_CLOUD_PROXYCONNECTOR.log  Client traffic  CMGHttpHandler.log -> CMGService.Log -> SMS_CLOUD_PROXYCONNECTOR.log
REFERENCES CMG Setup video  https://youtu.be/-awTBMdMHFE Product documentation  https://docs.microsoft.com/en-us/sccm/core/clients/manage/manage-clients-internet Cost estimates  https://docs.microsoft.com/en-us/sccm/core/clients/manage/plan-cloud-management- gateway#cost-of-cloud-management-gateway
QUESTIONS?

More Related Content

PDF
Primeiros passos para estruturar uma equipe front-end
Diego Eis
 
PPTX
Linkedin sunum
Furkan Arı
 
PDF
Introduction of CCE and DevCloud
Opsta
 
PPTX
Cloud computing ppt.
abhishekdayal001
 
PPTX
Cloud Management Gateway Architecture (CMG) – Modern device management
vimaldas8
 
PPTX
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...
Simplilearn
 
PPTX
IBM MQ Overview (IBM Message Queue)
Juarez Junior
 
PDF
"DevOps > CI+CD "
Innovation Roots
 
Primeiros passos para estruturar uma equipe front-end
Diego Eis
 
Linkedin sunum
Furkan Arı
 
Introduction of CCE and DevCloud
Opsta
 
Cloud computing ppt.
abhishekdayal001
 
Cloud Management Gateway Architecture (CMG) – Modern device management
vimaldas8
 
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...
Simplilearn
 
IBM MQ Overview (IBM Message Queue)
Juarez Junior
 
"DevOps > CI+CD "
Innovation Roots
 

What's hot (20)

PDF
IBM MQ: Managing Workloads, Scaling and Availability with MQ Clusters
David Ware
 
PPTX
Micro services and Containers
Richard Harvey
 
PDF
Introduction to CICD
Knoldus Inc.
 
PDF
Flyway _ A Database Version Management Tool
Knoldus Inc.
 
KEY
The Developer Experience
Pamela Fox
 
PPTX
Introduction to Terraform Enterprise
Carlos Nunez
 
PPTX
What's New in API Connect & DataPower Gateway in 1H 2018
IBM API Connect
 
PDF
System Center Configuration Manager-The Most Popular System Center Component
C/D/H Technology Consultants
 
PPTX
SCCM 2012 Presentation
Faisal Alvi [MCTS]
 
PDF
The kvm virtualization way
Francisco Gonçalves
 
PPTX
Splunk metrics via telegraf
Ashvin Pandey
 
PDF
Introduction to MuleSoft
Salesforce Developers
 
PDF
Devops | CICD Pipeline
Binish Siddiqui
 
PPTX
Introduction to MuleSoft
Alexandra N. Martinez
 
PPTX
Build and release in code with azure devops pipelines
Gian Maria Ricci
 
PDF
ServiceNow Utah Release Highlights
Da Lin
 
PDF
Github Actions and Terraform.pdf
Vishwas N
 
PPTX
GitLab.pptx
LeoulZewelde1
 
PPTX
Azure Pipelines
Mithun Shanbhag
 
PPTX
CloudStack Overview
sedukull
 
IBM MQ: Managing Workloads, Scaling and Availability with MQ Clusters
David Ware
 
Micro services and Containers
Richard Harvey
 
Introduction to CICD
Knoldus Inc.
 
Flyway _ A Database Version Management Tool
Knoldus Inc.
 
The Developer Experience
Pamela Fox
 
Introduction to Terraform Enterprise
Carlos Nunez
 
What's New in API Connect & DataPower Gateway in 1H 2018
IBM API Connect
 
System Center Configuration Manager-The Most Popular System Center Component
C/D/H Technology Consultants
 
SCCM 2012 Presentation
Faisal Alvi [MCTS]
 
The kvm virtualization way
Francisco Gonçalves
 
Splunk metrics via telegraf
Ashvin Pandey
 
Introduction to MuleSoft
Salesforce Developers
 
Devops | CICD Pipeline
Binish Siddiqui
 
Introduction to MuleSoft
Alexandra N. Martinez
 
Build and release in code with azure devops pipelines
Gian Maria Ricci
 
ServiceNow Utah Release Highlights
Da Lin
 
Github Actions and Terraform.pdf
Vishwas N
 
GitLab.pptx
LeoulZewelde1
 
Azure Pipelines
Mithun Shanbhag
 
CloudStack Overview
sedukull
 
Ad

Similar to SCCM Cloud Management Gateway (20)

PPTX
Cloud Management Gateway_Implemented.pptx
Satyam340172
 
PPTX
Cloud Management Gateway for SCCMZ .pptx
Satyam340172
 
PDF
Llunitebe2018 configuring a cmg in config mgr cb
Kenny Buntinx
 
PPTX
SCCM Intune Windows 10 Co Management Architecture Decisions
Anoop Nair
 
PPTX
I am sharing 'unit 4' with youuuuuu.PPTX
padhaipadhai639
 
PPTX
I am sharing 'unit 4' with youuuuuu.PPTX
padhaipadhai639
 
PPTX
gkkCloudtechnologyassociate(cta)day 2
Anne Starr
 
PPTX
dtechnClouologyassociatepart2
Anne Starr
 
PPTX
Transforming cloud security into an advantage
Moshe Ferber
 
PPTX
Operational Best Practices in the Cloud
RightScale
 
PDF
Best Practices for Multi-Cloud Security and Compliance
RightScale
 
PDF
8 Elements of Multi-Cloud Security
RightScale
 
PDF
Right scale enterprise solution
Brad , Yun Lee
 
PDF
Right scale enterprise solution
Brad , Yun Lee
 
PDF
RightScale Webinar: Security and Compliance in the Cloud
RightScale
 
PDF
Securing The Clouds with The Standard Best Practices-1.pdf
Chinatu Uzuegbu
 
PPTX
Cloud computing arma_nnj
scm24
 
PDF
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
PDF
cloud session uklug
dominion
 
PDF
Leveraging the Cloud: Getting the more bang for your buck
Desk
 
Cloud Management Gateway_Implemented.pptx
Satyam340172
 
Cloud Management Gateway for SCCMZ .pptx
Satyam340172
 
Llunitebe2018 configuring a cmg in config mgr cb
Kenny Buntinx
 
SCCM Intune Windows 10 Co Management Architecture Decisions
Anoop Nair
 
I am sharing 'unit 4' with youuuuuu.PPTX
padhaipadhai639
 
I am sharing 'unit 4' with youuuuuu.PPTX
padhaipadhai639
 
gkkCloudtechnologyassociate(cta)day 2
Anne Starr
 
dtechnClouologyassociatepart2
Anne Starr
 
Transforming cloud security into an advantage
Moshe Ferber
 
Operational Best Practices in the Cloud
RightScale
 
Best Practices for Multi-Cloud Security and Compliance
RightScale
 
8 Elements of Multi-Cloud Security
RightScale
 
Right scale enterprise solution
Brad , Yun Lee
 
Right scale enterprise solution
Brad , Yun Lee
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale
 
Securing The Clouds with The Standard Best Practices-1.pdf
Chinatu Uzuegbu
 
Cloud computing arma_nnj
scm24
 
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
cloud session uklug
dominion
 
Leveraging the Cloud: Getting the more bang for your buck
Desk
 
Ad

More from Anoop Nair (11)

PPTX
End to End Guide Windows AutoPilot Process via Intune
Anoop Nair
 
PPTX
Disaster Recovery using Azure Services
Anoop Nair
 
PPTX
Modern Device Management Intune Policies vs Group Policies
Anoop Nair
 
PPTX
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
Anoop Nair
 
PPTX
Azure Automation by Deepak Dhami
Anoop Nair
 
PPTX
Design & Secure Your Cloud Infrastructure
Anoop Nair
 
PPTX
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
PPTX
SCCM ConfigMgr Intune Architecture Decision Maker
Anoop Nair
 
PPTX
How to start Learning Microsoft Intune
Anoop Nair
 
PPTX
Windows 10 Autopilot #BITPro User Group Event
Anoop Nair
 
PPTX
Bangalore IT Pro Full Day Event on Intune and SCCM
Anoop Nair
 
End to End Guide Windows AutoPilot Process via Intune
Anoop Nair
 
Disaster Recovery using Azure Services
Anoop Nair
 
Modern Device Management Intune Policies vs Group Policies
Anoop Nair
 
SCCM CDP Cloud Distribution Point and Cloud Manage Gateway Troubleshooting Tips
Anoop Nair
 
Azure Automation by Deepak Dhami
Anoop Nair
 
Design & Secure Your Cloud Infrastructure
Anoop Nair
 
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
SCCM ConfigMgr Intune Architecture Decision Maker
Anoop Nair
 
How to start Learning Microsoft Intune
Anoop Nair
 
Windows 10 Autopilot #BITPro User Group Event
Anoop Nair
 
Bangalore IT Pro Full Day Event on Intune and SCCM
Anoop Nair
 

Recently uploaded (20)

PDF
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
PDF
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 

SCCM Cloud Management Gateway

  • 1. CLOUD MANAGEMENT GATEWAY Courtesy: Microsoft Corporation
  • 3. INTERNET-BASED CLIENT MANAGEMENT AD CA Windows Update AD CA
  • 4.  Manage traditional clients that roam on the Internet  Without additional infrastructure  Without exposing infrastructure to the Internet  That is easily configured through the Configuration Manager Console  Key features continue to work on the device when not on the corporate network  Software updates  Hardware and software inventory  Endpoint protection  Client notification  Settings  Applications PLAN TO SIMPLIFY
  • 5. CLOUD MANAGEMENT GATEWAY AD CA Windows Update
  • 6. CERTIFICATES  Management certificate  “Credentials” between site and Azure  Any certificate including self-signed  Public cert uploaded to Azure, .pfx with private key imports into site  Web Service (server authentication) certificate  Use public certificate provider (Symantec, Thawte)  Wild card certificate is not supported  Root/Subordinate certificate authority  Used by CMG for full chain validation on client PKI certificates  Client certificate
  • 7. NETWORK PORTS  NO INBOUND PORTS REQUIRED! Source Port Destination Use Service Connection Point 443 Azure Deploy CMG CMG Connection Point 443 CMG CMG channel for first VM CMG Connection Point 10124-10140 CMG CMG channel for additional VM instances Client 443 CMG Client channel
  • 9. PERFORMANCE CONSIDERATIONS  Any Internet-roaming client in the site will use the CMG  Reduce network latency by locating CMG, CMG Connection Point and Site Server in same geographic region  Client to CMG in Azure is not regional aware  For high availability, at least two VM instances and two CMG Connection Points per site  Scale-out by increasing VM instances, which leverages Azure load balancer in front of CMG  CMG does round-robin communication with multiple CMG Connection Points; creating more on-premises roles will distribute load
  • 10. BEST PRACTICES AND FAQS  Publish Certificate Revocation List (CRL) to Internet  HTTPS is optional on-prem  Supports Azure US Government (Fairfax)  Unsupported features (as of 1710) • Azure Resource Manager • Client deployment using client push • Automatic site assignment • User policies • Application catalog • Full operating system deployment (OSD) • Configuration Manager console • Remote tools • Reporting website • Wake on LAN • Peer cache • On-premises Mobile Device Management • Mac, Linux, and UNIX clients • Task Sequence
  • 11. TROUBLESHOOTING  Deployment:  CloudMgr.log  CMGSetup.log  Service health  CMGService.log  SMS_CLOUD_PROXYCONNECTOR.log  Client traffic  CMGHttpHandler.log -> CMGService.Log -> SMS_CLOUD_PROXYCONNECTOR.log
  • 12. REFERENCES CMG Setup video  https://youtu.be/-awTBMdMHFE Product documentation  https://docs.microsoft.com/en-us/sccm/core/clients/manage/manage-clients-internet Cost estimates  https://docs.microsoft.com/en-us/sccm/core/clients/manage/plan-cloud-management- gateway#cost-of-cloud-management-gateway

Editor's Notes

  • #2: Both
  • #3: Aaron Traditional management with SCCM (not ready for modern management via Intune) Clients roam onto Internet (home, travel, remote office) Still need to be managed, especially software updates
  • #4: Aaron This method relies on Internet-facing site system servers to which clients communicate for management purposes. This method requires clients and site system servers to be configured for Internet-based management. Advantages: No cloud service dependency. No additional cost associated with a cloud subscription. Full control of servers and roles providing the service. Disadvantages: Require additional infrastructure investment. Overhead and operational cost of additional infrastructure. Infrastructure must be exposed to the Internet.
  • #5: Aaron
  • #6: Aaron Advantages: No additional infrastructure investment required. Does not expose on-premises infrastructure to the Internet. Cloud virtual machines that run the service are fully managed by Azure and require no maintenance. Easily set up and configured in the Configuration Manager console. Disadvantages: Cloud subscription cost. Management data sent through cloud service.
  • #7: Dune
  • #8: Aaron
  • #9: Aaron
  • #10: Dune
  • #11: Dune
  • #12: Dune
  • #13: Aaron