Professional Documents
Culture Documents
RTM RTM
RTM RTM
RTM
RTM RTM RTM
Interoperability agreements with Novell, Citrix (Xen), and Red Hat to support Linux (RedHat, Suse, CentOS) on Hyper-V
SVVP (Server Virtualization Validation Program) to certify non-Microsoft Hypervisors for Microsoft Support
CentOS
DHMC runs both Windows Server 2008 and Windows Server 2003 as guest operating systems under Hyper-V, as well as Linux. To date, DHMC has virtualized Web servers, sites on Microsoft Office SharePoint Server 2007, reporting servers, medical applications, domain controllers, file and print servers, Citrix servers, and more. Dartmouth Hitchcock Medical Center Case Study
System Center Operations Manager supports monitoring of non-Windows, including Linux Redhat and Suse + centOS, Unix HP UX, Sun Solaris and IBM AIX; from February 2013Gentoo/Debian/Oracle Linux/Universal Linux/ MacOS
System Center Virtual Machine Manager 2012 manages VMware ESX servers and Citrix XEN Servers
Improve agility with private cloud computing infrastructure Optimize service delivery across datacenter infrastructure and business critical services
We dont have to manage our infrastructure with multiple toolswe have one central monitoring and management console from which we can care for every aspect of our environment - Doug Miller, Practice Architect, Microsoft Practice Group, CDW
VIRTUALIZATION
SELF-SERVICE
MANAGEMENT
IDENTITY
Technologies used:
Technologies Virtualization Virtualization Management Advanced Management and Orchestration Basic Private Cloud Hyper-V SCVMM 2012 Advanced Private Cloud Hyper-V SCVMM 2012 Service Manager 2012 Self Service Portal Configuration Manager Operations Manager Service Manager Data Protection Manager Orchestrator
Configure
App Controller Orchestrator
Deploy
Self Service
App Owner
Service Model
Service Manager
Service Manager
Monitor
Operate
Application Management
Infrastructure Management
Hybrid Service
Private
Fabric
Cloud
Services
Fabric Management
Hyper-V Bare Metal Provisioning
Hyper-V, VMware, Citrix XenServer Network Management Update Management Dynamic Optimization Power Management
Cloud Management
Application Owner Usage
Service Management
Service Templates Application Deployment
Storage Management
Monitoring Integration
Workload and application aware resource optimization Create policies that SCVMM acts upon tips automatically or manually Minimize downtime and accelerating time to resolution. Enables partners to deliver value add to our mutual customers
Centralized monitoring across Windows, Linux and Unix Configuration change monitoring Monitor and Manage Microsoft and third party virtualization platforms Diagram data center operations and visualize status
Application & service level monitoring Problem resolution knowledge base Track and report service levels Service level dashboards
Standards based Open and extensible platform for customized support Interoperability with 3rd party management systems and help desks
Role based security for secure delegation of access to information and task execution Aggregate monitoring of client systems Self monitoring infrastructure Leverages clustering, and agent failover for high reliability Works across AD trust boundaries
JBoss
WebSphere
WebLogic
Web servers
Application users
Data server s
Active Alerts
Top 5 SQL Server computers with the highest % memory utilization Top 5 SQL Server computers with the lowest % free space available
Disk Storage
Data Files: 17.6 GB
66%
Log Files: 6.93 GB
2%
SQL Server Properties
80%
Active Alerts
SQL Server Summary DashboardServers database generating the most Top 5 SQL
Alerts
Top 5 SQL Server computers with the highest % memory utilization Server computers with the lowest % free space Top 5 SQL available
Version Support New versions of operating systems supported within 180 days of release Old versions supported as long as vendor provides support
HP-UX
Red Hat Enterprise Linux Solaris
SUSE Linux Enterprise Server
Network Monitoring
Port/Interface
Up/Down (operational & admin status) Volumes of inbound/outbound traffic % Utilization Drop & Broadcast rates
Processor
% Utilization
Memory
In depth memory counters (Cisco Only) Free memory
Access Violation
Unauthorized access attempts, Account locked
Policy Changes
Audit policy changed, Object SACL changed, Object permissions changed, Account policy changed, Privilege added/removed
System Integrity
Lost events, Audit failure, Log cleared
2012
2012
Groups Model
Comprehensive Management
Consumerization of IT
Business Needs
Agility and Flexibility
IT Needs
Manage all devices through single interface Deliver applications to the user, not the device Integrated security and compliance Reduced infrastructure complexity
Single admin console
Empower Users
Unify Infrastructure
Simplify Administration
Empower people to be more productive from almost anywhere on almost any device.
Simplify Administration
Map the organizational roles of your administrators to defined security roles Security organization role Geography Reduces error, defines span of control for the organization
Functionality
ConfigMgr 2007
ConfigMgr 2012
Can see & update France desktops Cannot modify security settings on France desktops Cannot see All Systems or U.S. desktops
Can see & modify security settings on France and U.S. desktops Cannot update France or U.S. desktops Cannot see All Systems
Understand software installation profiles Plan for hardware upgrades Identify over or under licensing issues Track custom apps or groups of titles
ConfigMgr Inventory
CAS
PXE initiated deployment allows client computers to request deployment over the network Multi-cast deployment to conserve network bandwidth Stand-alone media deployment for no network connectivity or low bandwidth USMT 4.0 UI integration makes it easier transfer files and user settings from one machine to another
Image Task Sequence
Report
SCCM 2012
Machine and application lifecycle
Application distribution and installation OS Deployment
Client or Servers Existing or new machine User parameters migration WIM image format Tasks sequencer Application compatibility No Mandatory Packaging Dynamic Targeting based on user affinity and/or inventory User experience control Network Access Protection integration Wake-On-Lan
Update Management
Desired Configuration Monitoring
Microsoft best practices Custom models Ability to remediate some settings Microsoft security updates Harware and software vendors catalogs Business Applications Maintenance windows
Intel Active Management Technology (AMT) is a function of the chipset & network controller Hardware-based management for clients
Empower Users
Unify Infrastructure
Simplify Administration
Empower
EAS-based policy delivery Discovery and inventory Settings policy Remote Wipe
Thin Clients
Windows XP Embedded Windows Embedded Standard 2009 Windows Embedded Standard 7 Same as Thin Clients, plus POS Ready 2009 POS Ready 8
Supported Write Filters File Based Write Filters (FBFW) (preferred for scalability) Enhanced Write Filters (EWF) RAM Ability to force persistence of changes for Applications Packages and programs Software updates Task sequences Endpoint Protection client installation Eventual persistence of changes for Client agent settings Settings management remediation Power management Without write filters enabled, embedded devices can be managed like any other Windows client. When write filters are enabled, they require special handling, now provided seamlessly in SP1
POS/Kiosk
Digital Signage
Repurposed PC
Windows Thin PC
Version 4 (x86/x64) Version 5 (x86/x64) Version 6 (x86/x64) Version 9 (SPARC) Version 10 (SPARC/x86) Version 9 (x86) Version 10 SP1 (x86/x64) Version 11 (x86/x64)
Supported OSs across both: Configuration Manager Operations Manager Old versions supported as long as vendor provides support Broader Linux distro support being evaluated for future releases
Deliver best user experience on each device Define application once < >
User/Device Relationships
Primary Devices MSI App-V Windows 8 Apps Windows 8 Apps in the Windows Store Non-primary Devices VDI Remote Desktop
General Information
Application Package
< >
Administrator Properties End User Metadata
Deployment Type
App-V Windows Script Windows Installer CAB / SIS Detection Method Install Command Requirement Rules Dependencies Supersedence
Administrators publish software titles to catalog, complete with meta data to enable search Deliver best user experience on each device
IT
Users can browse, select and install directly from Catalog Application model determines format and policies for delivery
User
Unify Infrastructure
Primary Sites
Client management and settings Delegated administration
Secondary Sites
Content routing Distributions points
Primary Site
Primary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Secondary Site
Single admin experience for managing physical and virtual desktops. Integrates with Remote Desktop Services and Citrix XenDesktop.
Recognizes pooled and personal virtual desktops Randomizes tasks
Unified Infrastructure
Simplified server and client deployment Streamlined updates Consolidated reporting
Administrator can force or suppress any required reboots Configurable option for automatic removal of existing AV client
Easy migration from existing solutions and automatic removal of existing clients
Symantec McAfee TrendMicro Forefront Client Security or Forefront Endpoint Protection
EP client installation
Policy configuration
Signature update
Corporate Network
MICROSOFT UPDATE
DELTA UPDATE SIZE: 50-2048 KB UPDATE FREQUENCY: 3 TIMES/DAY
Proactive Techniques
APPLICATION
FILE SYSTEM
Microsoft AppLocker
Microsoft BitLocker
NETWORK
Behavior Monitoring Windows Address Space Data Execution User Account Resource Layout Prevention Control Protection Randomization Dynamic Translation and Antimalware Emulation
Potential Malware
Malware Detected
Updates for new threats delivered through the cloud in real time
Real time signature delivery with Microsoft Active Protection Service Immediate protection against new threats without waiting for scheduled updates
Microsoft Active Protection Service Properties/ Behavior Sample request Sample submit Real-time signature
Exploits Launched
Attack is blocked
Windows 7 No No No
Windows 2008 R2 No No No
Administrative Control
User configurability options Central policy enforcement
Microsoft Solution
Centralized management and protection Improved visibility and response to threats Reduced cost and complexity
ConfigMgr MP
Baseline
Assignment to collections
ConfigMgr Agent
Baseline drift Auto Remediate OR Create Alert
Improved functionality
Copy settings Trigger console alerts Richer reporting
Ability to specify versions to be used in baselines Audit tracking includes who changed what
Faster deployment through search Schedule content download and deployment to avoid reboot during work hours
State-based Updates
Allows individual or group deployment Updates added to groups auto deploy to targeted collections
SUP Role/WSUS
Primary Site
DP Role
Primary Site
MP Role
Distributes updates
Reports compliance
Patch Management
I can vouch for the client. I can vouch for the client. Its not up to date. Tell itYes, meets policy. to install patches Can you vouch for this client? Is it up to date? Requesting access. May I have access? Patches are installed. installed. I dont have any patches You are being given restricted access until patches are installed.
Client
Network Access Device (DHCP, VPN)
Should this client be restricted based on its health? Quarantine client, request Grant access. it to install patches
Network Policy Server
Microsoft Update
Content
Windows Azure
Distribution Point
Policy
MP
FIREWALL
Corporate Network
PR1
MP
DP
2007 R3
Empower
2012
EAS User-centric
2012 SP1
Unified Win 8 Apps
New
Improved Integrated Auto Remediation Improved
Flexible hierarchies
Improved Real-time actions User Profile and Data Improved
Seamless management of write filter-enabled devices
Compliance & Settings Management Software Update Management Windows Embedded Device Management Distribution Point for Windows Azure Modern Management Console Role-based Administration
Simplify
Improved
Improved
Improved
Improved
Disk-based Recovery
Up to
Every 15 minutes
Data Protection Manager Disaster Recovery with offsite replication & tape
Tape-based Backup
file services
Self Service
IT Business Intelligence
Asset Management
Change
Knowledge Base
CMDB
Data Warehousee
Workflows
CONNECTORS
Automate and Deploy Capacity and Utilization Inventory Active Directory Alert and Usage Management
Interfee utilizatori
Management Packs
Incident Management
Problem Management
Asset Management
Change Management
Release Management
Sisteme externe
Active Directory
Conectori
VMM
ConfigMgr
CMDB
Orchestrator OpsMgr
Knowledge Base
Data Warehouse
Informaiile de contact pentru utilizatori Informaii organizaionale (Manager, Dept) Adrese de notificare (e-mail, IM)
Sincronizare cu SCCM
Sincronizeaz informaiile din Configuration Manager i creeaz/actualizeaz Configuration Items:
Hardware Inventory Software Inventory Software Updates
Dac exist deja CI efectueaz merge cu informaiile existente Asset Intelligence top console user este preluat ca utilizator primar Creaz incidente din erorile de conformitate Desired Configuration Management (DCM)
Configure SM Portal
Advertisement Delivered
Software Deployed
End User
Manager
Sincronizare cu SCOM
Creaz CI din obiectele descoperite de Operations Manager Creaz Service Maps din Servicii i Distributed Applications definite n SCOM Creaz Incidente din alertele Operations Manager
Sincronizeaz informaii detaliate despre alerte Actualizeaz starea Alert-ului cnd sunt modificate proprietile incidentului n Service Manager
SERVICE MONITORED
ALERT GENERATED
INCIDENT CREATED
INCIDENT DIAGNOSED
INCIDENT RESOLVED
INCIDENT CLOSED
IT Analyst / Operator
Configuration Manager E-Mail Service Definitions Service Maps DCM neconform Apel Suport
Excel
Price Sheet
Configuration Item
Computer
User
Operating System
Projector
Serial Number (key) Make Model Location Condition Projector Condition List
List An enumeration of values (optionally hierarchical) used to constrain value choices for a given class property. Example : a List used in the Condition projector property:
ProjectorCondition {New, Working, Broken, Being repaired}
SOX
PCI
EUDPP
COBIT
ISO
Internal Policies
Windows Server
Exchange
SQL
Personas Involved
Activities
Managing Compliance
Program Manager
Automation
Validate Settings
Detect Failure Record Result Take Action Provide Audit Trail
Reporting
Actions
Operations Engineer
Audit Trail
Virtual Machine Lifecycle Management Automate provisioning, resource allocation and retirement Extend virtual machine management to the cloud
Incident Management Orchestrate incident management and resolution Integrate across monitoring tools, service desks and CMDBs
Automated Configuration Management Scale automated configuration across platforms and tools Ensure reliable change with intelligent workflow branching
Microsoft Active Directory Microsoft Systems Management Server Microsoft Operations Manager Microsoft Configuration Manager Microsoft Virtual Machine Manager Microsoft Data Protection Manager Microsoft Service Manager BMC Atrium CMDB BMC Remedy AR System
HP Operations for UNIX HP Operations Windows HP Operations Solaris HP Network Node Manager HP Service Desk HP Service Manager HP Asset Manager HP iLO 2 FTP Symantec VERITAS NetBackup IBM Tivoli Enterprise Console IBM Tivoli Netcool/Omnibus IBM Tivoli Storage Manager EMC Smarts InCharge EMC Infra VMware VI / vSphere UNIX Integration
CA Service Desk
CA SPECTRUM CA Unicenter NSM
Private
What Changes?
Standalone products become components of integrated product Management Licenses Software Assurance is included with all licenses Server Management Licenses align to processor-based model, each license covers 2 processors The right to run Management Server software and supporting SQL Runtime are now included with every Management License. Management Server Licenses are discontinued.
Licenses Required
Deployment
Managed Servers
Management Server Licenses No Longer Required
2 Processors, Unlimited OSEs
Orchestrator
App Controller (new)
2 Processors, 2 OSEs
Each license covers up to 2 physical processors. ECI requires a 25 license minimum initial purchase.
http://www.microsoft.com/systemcenter http://www.microsoft.com/en-us/server-cloud/system-center/sp1-default.aspx
http://systemcenter.pinpoint.microsoft.com
http://www.microsoft.com/en-us/server-cloud/evaluate/trial-software.aspx http://www.microsoft.com/downloads/details.aspx?FamilyID=a171bcea-2dbb-4fc5-8dd1-4ec22f2eb4ef
http://blogs.technet.com/server-cloud
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. Some information relates to pre-released product which may be substantially modified before its commercially released. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.