We will go through the new features, changes, and removed features in CM since CM 2012.
The following are the new features in CM since CM12:
In-console updates for Configuration Manager:CM uses an in-console service method called Updates and Servicing that makes it easy to locate and install updates for CM.
Service Connection Point: The Microsoft Intune connector is replaced by a new site system role named
Service Connection Point. The service connection point is used as a point of contact for devices you manage with, upload usage and diagnostic data to the Microsoft cloud service, and makes updates that apply within the CM console.Windows 10 Servicing: You can view the dashboard which tracks all Windows 10 PCs in your environment, create servicing plans to ensure Windows 10 PCs are kept up to date, and also view alerts when Windows 10 clients are near to the end of a CB/CBB support cycle.
This information is based on versions 1511 and 1602. You can find out if the change is made in 1602 or later by looking for the version 1602 or later tag. You can find the latest changes at https://technet.microsoft.com/en-us/library/mt757350.aspx.
Endpoint Protection anti-malware:
Real-time protection: This blocks potentially unwanted applications at download and prior to installation
Scan settings: This scans mapped network drives when running a full scan
Auto sample file submission settings: This is used to manage the behavior
Exclusion settings: This section of the policy is improved to allow device exclusions
Software updates:
CM can differentiate a Windows 10 computer that connects to Windows Update for Business (WUfB) versus the computers connected to SUP
You can schedule, or run manually, the WSUS clean up task from the CM console
CM has the ability to manage Office 365 client updates by using the SUP (version 1602 or later)
Application management:
This supports Universal Windows Platform (UWP) apps
The user-available apps now appear in Software Center
When you create an in-house iOS app you only need to specify the installer (
.ipa) fileYou can still enter the link directly, but you can now browse the store for the app directly from the CM console
CM now supports apps you purchase in volume from the Apple Volume-Purchase Program (VPP) (version 1602 or later)
Use CM app configuration policies to supply settings that might be required when the user runs an iOS app (version 1602 or later)
Operating system deployment:
A new task sequence (TS) type is available to upgrade computers from Windows 7/8/8.1 to Windows 10
Windows PE Peer Cache is now available that runs a TS using Windows PE Peer Cache to obtain content from a local peer, instead of running it from a DP
You can now view the state, deploy the servicing plans, and get alerts of WaaS in your environment, to keep the Windows 10 current branch updated
Client deployment:
You can test new versions of the CM client before upgrading the rest of the site with the new software
Site infrastructure:
CM sites support the in-place upgrade of the site server's OS from Windows Server 2008 R2 to Windows Server 2012 R2 (version 1602 or later)
SQL Server AlwaysOn is supported for CM (version 1602 or later)
CM supports Microsoft Passport for Work which is an alternative sign-in method to replace a password, smart card, or virtual smart card
Compliance settings:
When you create a configuration item, only the settings relevant to the selected platform are available
It is now easier to choose the configuration item type in the create configuration item wizard and has a number of new settings
It provides support for managing settings on Mac OS X computers
You can now specify kiosk mode settings for Samsung KNOX devices. (version 1602 or later)
Conditional access:
Conditional access to Exchange Online and SharePoint Online is supported for PCs managed by CM (version 1602 or later)
You can now restrict access to e-mail and 0365 services based on the report of the Health Attestation Service (version 1602 or later)
New compliance policy rules like automatic updates and passwords to unlock devices, have been added to support better security requirements (version 1602 or later)
Enrolled and compliant devices always have access to Exchange On-Premises (version 1602 or later)
Client management:
You can now see whether a computer is online or not via its status (version 1602 or later)
A new option, Sync Policy has been added by navigating to the Software Center | Options | Computer Maintenance which refreshes its machine and user policy (version 1602 or later)
You can view the status of Windows 10 Device Health Attestation in the CM console (version 1602 or later)
Mobile device management with Microsoft Intune:
Improved the number of devices a user can enroll
Specify terms and conditions users of the company portal must accept before they can enroll or use the app
Added a device enrollment manager role to help manage large numbers of devices
CM can help you manage iOS Activation Lock, a feature of the Find My iPhone app for iOS 7.1 and later devices (version 1602 or later)
You can monitor terms and conditions deployments in the CM console (version 1602 or later)
On-premises Mobile Device Management:
You can now manage mobile devices using on-premises CM infrastructure via a management interface that is built into the device OS
There are two features that were removed from CM current branch's initial release in December 2015, and there will be no more support on these features. If your organization uses these features, you need to find alternatives or stay with CM12.
Out of Band Management: With Configuration Manager, native support for AMT-based computers from within the CM console has been removed.
Network Access Protection:CM has removed support for Network Access Protection. The feature has been deprecated in Windows Server 2012 R2 and is removed from Windows 10.
Refer to the TechNet documentation on CM changes at https://technet.microsoft.com/en-us/library/mt622084.aspx