310 likes | 543 Views
Session Code: SM01. Implementing Core Infrastructure Optimization: The Implementer Resource Guides. Garry Corcoran IO Lead Microsoft UK. Original Presenter: Eduardo Kassner Enterprise Technology Strategist. Session Objectives. Why IO ?
E N D
Session Code: SM01 Implementing Core Infrastructure Optimization: The Implementer Resource Guides Garry Corcoran IO Lead Microsoft UK • Original Presenter: Eduardo Kassner • Enterprise Technology Strategist
Session Objectives • Why IO ? • Learn how to discuss implementation of Core IO concepts and best practices. • Find out how to navigate and leverage existing best practice implementation content and where to find it • Learn how to create project execution plans using products, WSSRA, MOF, TechNet and Solution Accelerator guidance.
Core Model Capabilities IT and Security Process Identity and Access Management Desktop, Server and Device Management Security and Networking Data Protection and Recovery
How It All Fits TogetherIO Customer Analysis Provide home & mobile workers operational access to CRM Link HR and all IT Identity systems Identity and Access Management Desktop Server & Device management Security and Networking
Best Practices Across Lifecycle Yield Optimization Plan/ Optimize Change Change Plan /Optimize Operate Support Operate Support Plan/ Optimize Change Plan/ Optimize Operate Change Support Operate Support 76 $1,320/PC 172 $580/PC 442 $230/PC PCs/ IT FTE 600 500 400 300 200 Improve IT efficiency Increase agility Shift investment mix 100 0 Note: $/PC represent annual IT labor per PC Source: IDC, 2006; Microsoft studies, 2005-06
PC Security $130/PC Savings Best Practices for Infrastructure Optimization Papers Located //www.microsoft.com/io (Desktop, AD, & SMS) Basic Standardized Rationalized $1,320/PC $580/PC $230/PC Standardized desktops $110/PC Centrally managed PC config $190/PC • None • No PC life cycle strategy • No policy based PC mgt • Many hw, swconfig • Standardization • Defined PC lifecycle • Limited policy based PC mgt • Many software configs • Stds Compliance • Defined PC Lifecycle, • stdsenforcement • Full policy based PC mgt • Minimal hw, swconfigs Comprehensive directory solution $120/PC Automated user provisioning $50/PC • Multiple Directories • Many auth. directories • No dir synchronization • Manual user provisioning • Single directory for Auth • One authentication dir. • Automated provisioning • Single Sign-on • Auto password reset • Auto user provisioning • Minimal PC Security • Anti-virus • Manual patching • No enforced sec. compliance • Limited PC Security • PC firewall • Auto patching • Comprehensive PC Security • Anti Spyware • Enforced security compliancewith Network Access Control Single system management tool $110/PC Automated software distribution $120/PC • No system-wide mgmt • Poor sys mgt tool coverage • Duplicate mgmt tools • Manual sw, patch deploymt • Limited sys mgmt • Single sys mgt tool • Software packaging • Software distribution • Comprehensive sys mgt • Hw, sw inventories • Hw, sw reporting • Auto/targeted sw dist. Source: IDC, 2006
Infrastructure Optimization • You might have experienced: • IO Assessment • IO Model Presentation • IT Plan Alignment NOW HOW DO YOU EXECUTE THIS ???
CORE IOCustomer Progression Roadmap Implement Group Policy through AD Identity & Access Management Automated Patch management Software Image based deployment Desktop, Devices & Server Management Implement XPSP2 as default OS MOM 2005 for managing servers Deploy a VPN solution Security & Networking Data Protection and Recovery Data Protection Manager NAS/SAN Solutions Security Process Develop Security Policies MOF Optimizing Quadrant MOF Team Model SLM & SLA Reviews ITIL/COBIT – based Management Process Governance Implement ITIL + MOF REAL WORLD EXAMPLE
You probably have seen IO over the last year, and maybe even planned your projects with this model Current IO Tools MOF BDD Infrastructure Optimization • Core IO • Model • IO Plans
Microsoft Operations Framework Continuous Improvement Roadmap Self Assessment Tool MOF Process Model The Microsoft Operations Framework (MOF) provides operational guidance that enables organizations to achieve mission-critical system reliability, availability, supportability, and manageability of Microsoft products and technologies. SOLUTIONACCELERATORS Act faster. Go further. microsoft.com/technet/SolutionAccelerators
Windows Server System Reference Architecture (WSSRA) Architecture Blueprints Logical Architecture Diagram WSSRA contains detailed IT infrastructure planning and design guidance, tested and proven in labs. This guidance enables organizations to build highly available, secure, manageable, and reliable enterprise IT infrastructure. Implementation Guides SOLUTIONACCELERATORS Act faster. Go further. microsoft.com/technet/SolutionAccelerators
Business Desktop Deployment (BDD) 2007Released: January 2007 Detailed Project Guidance and Job Aids Deployment Workbench MMC BDD 2007 simplifies Windows Vista and the 2007 Office system deployment, including comprehensive process guidance, job aids and tools to correspond with every stakeholder and phase of a large-scale desktop deployment project. TechNet Desktop Deployment Center SOLUTIONACCELERATORS Act faster. Go further. microsoft.com/technet/SolutionAccelerators
Core Infrastructure Optimization (IO) Implementer Resource Guides Released: Spring 2007 Rationalized to Dynamic Guide Standardized to Rationalized Guide Basic to Standardized Guide Core IO Capability Model IO provides a logical roadmap to progress the maturity of an IT organization. These guides describe the core concepts for implementing and managing IO-defined capabilities, linking to more detailed and actionable content for implementation. SOLUTIONACCELERATORS Act faster. Go further. microsoft.com/technet/SolutionAccelerators
Core Infrastructure Optimization Implementer Resource Guide: Basic to Standardized
Identity and Access Management Content Guide Planning and Architecting the AD Infrastructure Deploying the AD Infrastructure Logical Structure Design Reqs Defining the Service Configure Domain Configure DNS on Domain Controllers Forest Design Domain Design Designing the AD Logical Structure Forest Root Design Operating Active Directory AD Namespacing design DNS Infrastructure to support AD • Based on : • WSSRA Directory Services • MOF Directory Administration • Identity and Access Management Series Solution Accelerators • Active Directory Guidance in Windows Server 2003 TechNet Rendering the AD Logical Design S IDA Creating Organizational units DD&SM S&N DP&R
Desktop, Device and Server Management Moving from Basic to Standardized Basic Standardized • Automated patch management • Defined set of standard images • Desktop image strategy in place that includes anti-virus, management tools, line of business applications • Consistent plan to manage operating systems • Monitoring present for most critical servers • Mobile device provisioning • Security policy provisioning for mobile devices • Remote wipe and policy enforcement for mobile devices • Lacking automated patch management for most desktops • Lacking standard images for most desktops, no desktop image strategy • Inconsistent plan to manage multiple operating systems • Not monitoring most servers • No provisioning for mobile devices
Desktop, Server & Device Management Content Guide Determine go/ no go Inventory/Discover computing assets Plan release Sources for SW Updates Conduct acceptance testing Assess existing infrastructure for updates Determine inventory set to be patch Assess operational effectiveness Discover new SW Updates Obtain SW Updates in a reliable manner Develop SW Updates screening methods Identify process owners Develop and review process documentation S&N DP&R Automated Patch Management Automated Patch Management … cont Assess Phase Evaluate and Plan Phase Communicate rollout schedule Deploy Phase Identify Phase Preparation Stage updates on distribution point Advertise SW Monitor deployment Deployment Handle failed deployments Vulnerability update IDA Update build images Review S DD&SM Validate plan vs deployed • Based on : • Patch Management Solution Accelerators Validate risk mitigation
Desktop, Server & Device Management Content Guide S&N DP&R Standardized Computer Images Consolidation of Desktop Images to 2 OS versions Define type of image to use (thick or thin) Plan Multiple Standard Images Create build Create deployment point Patches and Updates Development Update the deployment points Maintenance Contracts Install a build User Productivity Test build Application Compatibility Stabilization Test deployment process Exceptions Update build and log changes IDA Maintenance S DD&SM • Based on : • Business Desktop Deployment 2007
Desktop, Server & Device Management Content Guide S&N DP&R Centralized Management of Mobile Devices Identity Validation, Data Protection, and Data Backup of Mobile Devices Device Management Capabilities Active Directory User Access, Passwords Managing Exchange ActiveSync Device Lockout, Certificates Managing Exchange ActiveSync Users Exchange Server 2003 and Exchange Server 2007 Data Access, Data Encryption Remotely Enforced Device Security Policies Remote Device Wipe Certificate-Based Authentication IDA • Based on : • Step-by-Step Guide to Deploying Windows Mobile-based Devices with Exchange Server 2003 SP2 • Product Guides: Exchange Server, SMS 2003 S/MIME-Encrypted Messaging SMS 2003 Device Management Feature Pack S DD&SM
Desktop, Device and Server Management Moving from Standardized to Rationalized Standardized Rationalized • Automated patch management • Defined set of standard images • Desktop image strategy in place that includes antivirus, management tools, line of business applications • Consistent plan to manage operating systems • Monitoring present for most critical servers • Mobile device provisioning • Security policy provisioning for mobile devices • Remote wipe and policy enforcement for mobile devices • Primary desktop operating system is Vista or XP SP2 • Automated software distribution and automated asset management and tracking • Patch management solution for servers • Layered image strategy • Consistent plan to manage operating system • SLA monitoring of mission-critical servers
Desktop, Server & Device Management Content Guide Automated Operating System Distribution Automated Tracking of Hardware and Software for Desktops Latest Two OS Versions and Service Packs on Desktops App Inventory and Compatibility Asset Inventory Reasons to Move to two latest versions of the OS Infrastructure Remediation Application Deployment and Usage Wired and Wireless Network Support Packaging Applications Data Protection and Recovery Security Patch Management Building Images User State Migration System Status Web Security Desktop Hardening OS Deployment Integrated Firewall IDA Automated Deployment HAL-Independence R DD&SM • Based on : • Business Desktop Deployment 2007 • Product Guides: • SMS 2003 • Windows Vista • Windows XP Drive Encryption
Download the guideSand please give us feedback !!!Guide 3 is coming soon!!! You can find the first guide at: http://www.microsoft.com/io
Links & Resources Web site http://www.microsoft.com/io Blog http://blogs.technet.com/io/ Other Sessions at MMS 2007: SM20 Implementing Core Infrastructure Optimization: The Implementer Resource Guides
Thank you for attending this TechNet Event Find these slides at: http://www.microsoft.com/uk/technetslides Ihr Potenzial. Unser Antrieb.