1 / 31

SMS 2003 R2 Update & Sneak Peak – SMS v4

SMS 2003 R2 Update & Sneak Peak – SMS v4. Neil Hetherington Account Technology Specialist Microsoft Corporation. Session Overview. SMS Introduction SMS 2003 R2 Overview and Enhancements Introduction to “SMSv4” Deployment Enhancements Software Update Enhancements Security Enhancements

mitch
Download Presentation

SMS 2003 R2 Update & Sneak Peak – SMS v4

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SMS 2003 R2 Update &Sneak Peak – SMS v4 Neil Hetherington Account Technology Specialist Microsoft Corporation

  2. Session Overview SMS Introduction SMS 2003 R2 Overview and Enhancements Introduction to “SMSv4” Deployment Enhancements Software Update Enhancements Security Enhancements Demos!

  3. SMS 2003 Capabilities SecurityPatchManagement AssetManagement Support forthe Mobile Workforce Application Deployment LeveragingWindows Management Services

  4. Core scenarios In-Place Migration Machine Replacement / New Machine Help Desk Recovery Key Features Fully integrated with SMS 2003 infrastructure Utilizes advanced Windows imaging format Enables sophisticated custom sequencing OS Deployment Feature Pack The end-to-end desktop operating system deployment and upgrade imaging solution for Windows

  5. Device Management Feature Pack Partner Add-ons Device Management Feature Pack Extend change and configuration management to Windows CE-based and Windows Mobile devices

  6. SMS 2003 R2 Overview • New point release of SMS 2003 • Available for purchase to non-SA customers • SA customers receive it as part of the SA agreement • Built on SMS 2003 SP2 • Similar to Windows Server 2003 R2 • Smaller point release with features • Core changes are in Service Pack 2 so there will be no migration issues

  7. SMS 2003 SP2 Enhancements SMS 2003 SP2 Enhancements • SMS Setup Changes • Update.exe • Platform Changes • Deprecating AC Support for: • Windows 2000 SP3 systems • Windows XP RTM • Active Directory Security Group Discovery • FQDN Support • SQL Server Support (SQL 2005) • Performance Improvements • Integrated ITMU for patch management

  8. R2: Scan Tool for Vulnerability Assessment • Uses MBSA 2.0 for vulnerability assessment (VA) • Prior to a VA scan, MBSA 2.0 is deployed to clients • Provides VA reporting for common software mis-configurations defined by the MBSA 2.0 VA manifest • Administered identically to existing SMS 2003 scan tools

  9. R2: Scan Tool For Vulnerability Assessment Reporting for nearly 100 critical software misconfigurations • Critical vulnerabilities include • Are unnecessary services installed and running? • Do file shares have appropriate permissions? • Is Windows Firewall enabled? • Are strong passwords enforced? • Are unsecured Guest accounts enabled? • Are there too many local Administrators on a single machine?

  10. R2: Inventory Tool for Custom Updates • Enables the detection and deployment of third-party updates, security updates, service packs and more to non-Microsoft applications • Integrates with existing SMS 2003 software update management • Enables importing software update catalogs from outside sources • Enables the creation of in-house software update catalogs for line-of-business applications

  11. Integration with “Longhorn” Network Access Protection Simplified, comprehensive software updating w/ templates for common tasks Enterprise Vulnerability assessment Securely managing devices across the Internet Secure network storage of user state during Operating System deployment Key Investments InSystem Center Configuration Manager 2007 Up and running in minutes Simplified UI Advanced Task Sequencing Reduced SCCM infrastructure costs with branch office support Improved scheduling and greater control including Wake-on-LAN Common processes for Windows Mobile and embedded devices Simplicity Unified delivery of Windows operating system for clients and servers One worldwide image to manage with Vista Built on Windows Vista technologies including Windows Imaging Vista and Office 12 upgrade assessment and resolution planning Offline media support for full offline provisioning Deployment Security Knowledge-driven desired configuration management based on the System Definition Model (SDM) IT policies for analyzing corporate and regulatory compliance Out of the box configuration policies for server workloads i.e. Exchange License and asset management Configuration

  12. Simplicity • Easier to get up/running • Everything is in setup! When install is complete, SMS is online to service clients! • Redundant Infrastructure • Support for SQL clustering • Easier to use • New UI designed around key work areas • Home Pages anchor work areas with latest status for the feature • Sizeable dialogs for large datasets • Drag-n-drop and multi-select for key workflow scenarios

  13. Simplicity • Simplified and more cost effective infrastructure • Ability to use a workstation as a distribution point for branch offices • Easier to mirror operational process • Associate operational change windows with a SMS collection • WOL built-in • Subnet Directed Broadcast • Unicast (IPv6) • Non-proxied appraoch

  14. Simplicity • Native Support for Device Management • Fully Integrated with SMS • Smartphone support • Internet Facing Device Support • Over-the-air management of devices

  15. Home Pages and Actions

  16. Deploying Windows • Major upgrade to SMS OS deployment functionality • Significant enhancements compared with SMS 2003 OS Deployment Feature Pack • Brings in server deployment scenarios from ADS • Integrated part of SMSv4 • Not a Feature Pack add-on Great deployments of existing Windows! Even better with Vista/Longhorn!

  17. Deploying Windows Goals • “Hands-off deployment” • End-to-end, secure and flexible processes • Make upgrading to Vista/LH seamless • Build on core Vista/Longhorn functionality • Unified client and server deployment Fully automate the deployment process in a secure and highly flexible manner

  18. Deploying Windows • Vista and Office 12 centralized upgrade assessment and resolution planning • Application Compatibility Toolkit 5.0 • Office 12 Migration Toolkit • Deployments driven by customizable task sequences • Wizards to generate standard task sequences • GUI task sequence editor gives full control of the deployment process • Drive toward single worldwide image • Integrated device driver catalog

  19. Deploying Windows • Side-by-side computer replacement with secure user state migration • Automation of build and capture reference machine • Deploy from offline media (CD/DVD/USB) in locations with limited or no network connectivity • Integration with Windows Deployment Services PXE server to handle bare-metal

  20. Security • Raising the bar on security in the SMS infrastructure • Full mutual authentication between client/server • https from client to server • Location awareness for client machines moving between intranet and Internet • Securing Windows • Network Access Protection (NAP) integration • Rebuilt Software Update Experience • SMS 2003 R2 – native • Inventory Tool for Custom Updates • Scan Tool for Vulnerability Assessment

  21. Securing WindowsSoftware Updates Management • Scope of updates extended to include all Microsoft Update content • Simplified user experience thru template concepts (18 dialogs down to 6 clicks) • Key compliance data presented on the home page • Improved client experience – support for both mandated and optional updates • Extensible to support third party and in house LOB application updates • Integrated with the Inventory Tool for Custom Updates

  22. Software Updates Management

  23. Securing WindowsSoftware Updates Management • Integrates with Service Windows • Task Sequence can install updates • More efficient infrastructure • State based for improved visibility of update installation lifecycle • Updates are defined as CIs and rely on DCM rather than standard software distribution • Update synch as a core site role • Support for custom severity definitions

  24. How NAP And SMS Work Together Corporate Network Restricted Network SMS Server SMS Server Here is your patch package. Requesting patch package. I can vouch for the client. It’s not up to date. Tell it to install patches I can vouch for the client. Yes, meets policy. Can you vouch for this client? Is it up to date? Requesting access. Patches are installed. May I have access? I don’t have any patches installed. Should this client be restricted based on it’s health? Quarantine client, request it to install patches Grant access. You are being given restricted access until patches are installed. Client Network Access Device (DHCP, VPN) IAS Server Client is granted access to full intranet.

  25. Desired Configuration ManagementManage the configuration of Windows environments and ensure system configuration compliance against defined corporate standards • Detect server configuration “drift” • Improve Helpdesk (HD) troubleshooting and “time-to-resolve” (TTR) • Regulatory compliance reporting • Change verification

  26. Desired Configuration Management • Built on System Definition Model (SDM) • A modeling language that is used to capture a model of a system including: • Structure of the system • Relationships between system’s components • Relationships between the system and its environment • Configuration constraints and invariants • SMS v4 will consume the configuration portion of SDM models

  27. Desired Configuration Management • Tight integration with Software Updates Management (SUM) • Software Updates as configuration items • SUM built over DCM infrastructure • Flexible settings provider model with built-in support for: • Installed Applications (MSI) • File system settings • Security settings • Registry settings • WMI • SQL • XML • IIS Metabase • Scripts

  28. Feb 2006 Beta 1 June/July 2006 Beta 1 Refresh Q1 2007 Beta 2 1H 2007 Public Availability System Center Configuration Manager 2007Helping IT Drive Business Value • Get ready for SCCM 2007, deploy SMS 2003 SP2 today! • Driven by feedback from customers and partners • Enterprise feature focus emphasizing operational simplicity, enterprise scale, security and corporate compliance • Continued long-term commitments to investment in the following areas: • Lowest cost and best solution for deploying Windows and Office • Continued investments in partner ecosystem • Key component of the Dynamic Systems Initiative w/ support for SDM • Download Systems Management Server v4 Open Beta 1 today http://connect.microsoft.com • Request entry into the TAP or Rapid Deployment Programs https://www.surveymonkey.com/s.asp?u=97751006343

  29. Resources • SMS Home Page www.microsoft.com/sms • System Center Family of products www.microsoft.com/systemcenter • Community Sites http://www.microsoft.com/smserver/community/default.mspx MyITForum.com • SMS 2003 Scripting Center http://www.microsoft.com/technet/scriptcenter/default.mspx • SMS Download Center http://www.microsoft.com/smserver/downloads/default.mspx • Partner Resources – SMS Alliance http://www.sms-alliance.com/ • Webcasts http://www.microsoft.com/events/webcasts/upcoming.mspx

  30. © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

More Related