What are Device Health Services?
Device health services (DHS) is a set of APIs that allow you to query the health and status of devices in your organization. You can use the DHS to monitor your devices’ state, receive alerts when a device encounters an error, and troubleshoot issues.
DHS also includes APIs for managing firmware updates and security policies.
DHS is available in the Azure portal and the Microsoft Graph.
Monitoring Device Health with DHS:
Table of Contents
The following diagram shows how you can use DHS to manage firmware updates for devices in your organization.
How Does DHS Work?
In this scenario, a new device is added to the organization and registered with the Device Health service. The new device automatically retrieves its security policy from Azure Active Directory (Azure AD) and sends it to the Device Guard feature in Windows.
In this example, because no software update policies have been configured yet, Deployment Image Servicing and Management (DISM or Dism for short) is used to install an available update package on the device after confirming that it has no known issues.
This process requires administrator credentials previously stored in a secure location within the device’s registry, which is known only by DHS during registration of the managed code application that performs this task.
This process is repeated from a different device with an additional security policy. In this case, the Dism executable checks for any currently installed security policy updates and then downloads and installs an available update package if one exists.
This process requires administrator credentials previously stored in a secure location within the registry known only by DHS during registration of the managed code application that performs this task.
How do I Get Started with DHS?
To start with DHS, you must create a Device Health service instance. This is where you store information about the devices you want to monitor. You then add widgets to this instance by using the Add-Device cmdlet. Once you have added a machine, you can query its health status and receive alerts when there is a problem.
What are the Benefits of Using DHS?
The benefits of using DHS include:
– Monitoring the health of your devices
– Receiving alerts when a device encounters an error
– Troubleshooting issues
– Managing firmware updates
– Managing security policies for your devices.
In addition to the benefits listed above, This can help ensure your devices are updated with the latest security patches and features.
Devise health Service is Used For?
1) Monitor the health of your devices and detect issues that might result in downtime, data loss, or security breaches.
2) Receive alerts when a device encounters an error and take corrective action to identify and resolve the issue before it affects users or operations.
3) Troubleshoot issues by reviewing past health history and generating diagnostic information for further analysis.
4) Manage firmware updates- DHS includes APIs for managing firmware updates to ensure all devices are running the latest versions.
5) Manage security policies using Azure AD & Microsoft Intune: you can use DHS to manage security policies (e.g., Verify Integrity of Applications, Secure Boot), which makes it easier to manage security policy compliance for Windows devices.
Device Health Services can help you manage your devices’ security and keep them up-to-date with the latest security features and patches. To get started, create a Device Health service instance and add your widgets.
You can then use the APIs provided by DHS to manage firmware updates and security policies for your devices. For more information, see the Device Health Services documentation.
Consider using Device Health Services (DHS) to keep your devices healthy and updated with the latest security features.
DHS is a cloud-based service that allows you to monitor the health of your devices and receive alerts when they encounter an error.
Does that Mean DHS is Not Used for Health Monitoring Only?
No, Device Health Services can also manage security policies for your devices. You can use DHS to verify the integrity of applications, enable Secure Boot, and more. For more information, see the Device Health Services documentation.
Now that you know what Device Health Services can do, let’s look at how to use it. The first step is creating a Device Health service instance.
Some more Uses of DHS:
TRACKING & REPORTING – Get detailed information on each device, the operating system and applications installed, and their statuses. This information can be used to generate reports on your fleet’s or individual devices’ health.
SUPPORTED BY MICROSOFT—Device Health Services is a Microsoft product fully supported by Microsoft. If you encounter any problems, you can contact Microsoft for help.
FREE TO USE – Device Health Services is free to use. There are no licensing fees or subscription costs.
EASY TO USE – Device Health Services is easy to use. Create a Device Health service instance and add devices using the Add-Device cmdlet. Once you’ve added your devices, you can start using DHS APIs to monitor their health, receive alerts, and manage security policies.