microsoft goals engineer a product less vulnerable to piracy and counterfeit provide set of tools to...
Post on 02-Apr-2015
212 Views
Preview:
TRANSCRIPT
Breadth Technical ReadinessVolume License Activation for Microsoft Office 2010<Name><Event Date>
Volume Activation Goals
Microsoft Goals
Engineer a product less vulnerable to
piracy and counterfeit
Provide set of tools to help
ensure a more managed
installation environment
Help reduce VL key
leakage
Customer
Focused Goals
Enhance ease of
deployment with minimal impact to VL customers
Provide Multiple
and Flexible options
Strong and transparent
Microsoft privacy policy
around activations
VOLUME ACTIV. 2.0 IN MICROSOFT2010
ACTIVATION HISTORY
BACKGROUND: MICROSOFT OFFICE 2007
Volume Activation (VA) introduced in
Windows Vista
VA is now the standard for new
Operating systems and Office Client
products
Identified non-genuine software
displays permanent word-mark on screen
Re-activation required for a copy
determined as non-genuine at a later date - failure
to re-activate results in loss of
functionality
VA ensures customers receive and deploy legitimate software
Activation required for all VL Office Client products• Provisioned and managed by IT Pros
• Transparent end user experience
Pirated/ Counterfeit Software
• Some Customers unwillingly deploy
counterfeit software
• Malware in counterfeits result in higher support
costs
• Expensive down time
Associates the proof-of-license (5*5
product keys) to the device
Activation establishes a relation between a license you purchase and product on which
you exercise the licensing rights
Activation not required for
Office2010 Server products
Applies to Windows and Microsoft Client
products
Activation Journey
Enterprises were given “bypass” volume
license keys
• These Keys bypassed activation as no
activation was required after entering product
key
• Keys were easily compromised
• Eliminates need for individual clients to connect and activate with Microsoft• Product key is pre-
installed on clients
TWO ACTIVATION MODELS IN OFFICE 2010Enterprise Customers choose when planning infrastructure
• KMS clients must connect with KMS host at least once every 180 days to keep activation current• Transparent end user
experience
• Capable of activating hundreds of systems, as long as minimum threshold is established and maintained
• One time activation with Microsoft hosted service
• Supports online, phone and proxy activation
• One MAK key per product per organization
• Flexible options to install MAK on each PC client • Office Customization Tool
(OCT)• Automated install file
(Config.xml)• Change key in Backstage• Volume Activation
Management Tool (VAMT) 2.0
Key Management Service (KMS )
Multiple Activation Key (MAK)
Multiple Activation Key (MAK) for activating with Microsoft• One time activation with Microsoft hosted
activation service• Supports online, phone or proxy activations
Volume Activation 2.0Enterprise Customer chooses KMS or MAK as two options
Key Management Service (KMS) for enabling local activation• Eliminates the need for individual
machines to connect and activate with Microsoft
• Capable of activating unlimited number of systems, as long as the minimum threshold is established and maintained
• Client must connect with KMS host at least once every 180 days to keep activation current
MAK
VAMT
Image Count
Request
KMS Host KMS Client
KMS
DNS
Microsoft hosted Activation Services
InternalExternal
CountRequest
KMS host key automatically available to customers via normal channels
Install KMS host key on KMS host
Activate KMS service with Microsoft- One time activation of KMS host- KMS host registers SRV with DNS
KMS client discovers KMS host
KMS client activates- # of Office KMS clients ≥ 5
KMS client regularly re-activates- Non-perpetual activation (180 days)- Communication between KMS host and KMS client is never exposed to Microsoft
KMS HostKMS Client
Microsoft Hosted Activation Services
One T ime
DNS
Volume License Agreement
Key Management Service (KMS)
KMS Host
• One KMS host for Windows and Office• Highly scalable service (100’s of thousands)• Supported KMS host Operating Systems:
Operating System Office Windows
Windows Server 2003 √ √
Windows Vista √
Windows Server 08 √
Windows 7 VL √ √
Windows Server 2008 R2 √ √
Microsoft Hosted Activation Services
One T ime
InternalExternal
Volume License Agreement MAK key available to volume
license customers
Install the MAK on the client:OCT, config.xml, Backstage
Activate with MicrosoftOnline, Telephone
One-time activationHardware changes require reactivation
Multiple Activation Key (MAK)
Image
InternalExternal
MAK key available to volume license customers
Enter the MAK key in VAMT 2.0
IID sent, confirmation ID received(unique to each MAK client)
Perpetual activation:Hardware changes require reactivation
VAMT 2.0 pushes key to clients, receives installation ID (IID)
Each MAK client receives unique conf ID
MAK and VAMT 2.0Microsoft Hosted Activation Services
One T ime
Volume License Agreement
VAMT 2.0
As an IT Pro, you must be aware that volume activation is part of your Office 2010 deployment
Why it’s important
Familiar but better
Flexible, compatible
options
VA is for virtual,
too
Resources
Privacy and
security
VL activation never prevents an end-user from using Office 2010
Top Things to Know about Volume Activation
Activation Activation establishes a relationship between the software’s product key and software on the device
Activation helps ensure you are using genuine Office 2010 software, providing access to the latest features and protection against the malicious code common in counterfeit software
Volume Activation in Office 2010 builds on Vista and Windows 2008
• Microsoft has a variety of tools to help make deployment and management simple and easy
• www.microsoft.com/technet/volumeactivation
• Key Management Services (KMS): preferred method, ideal for vast majority of environments
• Multiple Activation Key (MAK): machine independent
• Virtual machines count toward minimum req.
• VA makes activation of virtual systems easy
• 5 connected systems (PCs, servers, laptops)
• All information is private and not used by Microsoft or any other party
• Enhanced data security
• End-user experience• Customizable user experience for
enterprise• Notification dialog prompts
Supportability• Requires low deployment / management effort• Ensures full Microsoft / partner technical
assistance
Manageability• Reduces reuse of leaked keys• Integrated into deployment process and tools
License Compliance and Management Provides access to upgrades and contract options Helps avoid penalties, reputation damage, and
business interruption
Assurance • Helps protect against counterfeit• Delivers all Office 2010 capabilities
• Significant change in Volume Activation process for XP customers
• Executed by IT Pros as part of deployment
• Volume Activation has nominal IT impact
• Requires no end-user action• Microsoft does not collect user data• No additional hardware is required
KMS• Recommended default method• Enables local activation of unlimited
number of systems• Requires: At least 5 Office systems
connecting to KMS host in any given 30 days & client systems connect with KMS host at least once every 180 days for all Microsoft Office Client Products
MAK• No minimum number of PC’s for
activation• Best for computers rarely connected
to organization’s network• Is one time activation with Microsoft
hosted activation service• Supports online, phone or proxy
(VAMT) activations; use VAMT when activating
Volume Activation in Office 2010
Ease of activation in deployment • Inclusion of virtual systems in
customer hosted activation service (KMS)
• KMS clients pre-installed with KMS client key
• Key management & reporting through Volume License Service Center (VLSC)
• Tools for better manageability• One stop Volume Licensing Service
Center portal
Key Changes
How Does Activation Impact IT
User experience in KMS if not activated in 30 days (no UI experience in first 25 days)
User experience when not activated
User experience in MAK asking for activation
if VAMT is not used to orchestrate activation
Topology Guidance
Activation Scenarios
Selecting Your Activation Method
The Easy Scenario Core, Well-connected Environmental Characteristics
• All clients are always connected to the organization’s network (or connect on a regular basis)
• Assumes central or strong IT• Most common scenario:
− Large number of systems to activate
− Server and client operating systems; Office 2010
The Easy Scenario Core, Well-connected Solutions
• KMS with DNS auto-discovery• Firewalled environments (e.g. labs) that can
open TCP 1688• Use the same KMS host(s) as Core• Auto-discovery vs. direct connection
depends on lab DNS configuration
The Moderate Scenario Smaller Networks, Still Connected Environmental Characteristics• All clients are connected to the lab or test
network• Not managed and may not be standardized• High turnover of systems• Can be made up of physical, virtual or both• Unknown lifetime
The Moderate Scenario Smaller Networks, Still Connected Solutions
• If used <120 days, do not activate• Where a sufficient number of systems exist,
use KMS− KMS key has limited number of activations, may
require exception handling− Security concerns about delegating the KMS key
to every isolated lab owner• Use MAK and VAMT
− Save CID for rebuilds
The Complex ScenarioDisconnected or Isolated Environmental Characteristics
• Locked down firewalled environments without any external access
• Completely disconnected/unreliable communications
• Minimal number of systems
The Complex Scenario Disconnected or Isolated Solutions
• Where a sufficient number of systems exist, use KMS− KMS key has limited number of activations, may require
exception handling− Security concerns about delegating the KMS key to every
isolated lab owner− Admin must activate KMS host by phone
• Where you can connect to them, MAK proxy activation with VAMT
• Where you cannot connect, MAK – Activate with phone call
• May not be scalable
Configuration RecommendationsPrinciples
• Use KMS as much as possible, and minimize the number of KMS hosts− Central KMS for all, if politically possible− Two hosts should be sufficient for most− Best solution for virtual machines
• Use MAK only where needed− OK in small organizations/deployments− In medium and large orgs, use MAK only where you
cannot use KMS• Customers will probably need to use both methods• KMS port (1688 by default) should never be
exposed outside the organization− Access to a KMS host is the same as handing out free
volume licenses
Tools
• Volume Activation Management Tool (VAMT) 2.0− Search for Windows and Office in the enterprise
network− Deploy product keys to clients− Proxy MAK activation− Trigger MAK online and KMS activations
• Software licensing management script (slmgr.vbs)− Enter KMS host key− Activate KMS host− Monitor
− KMS host status− Number of client activations
Microsoft Confidential
Summary
• Activation is required for all volume editions of Microsoft Office 2010 client
• Customers need to decide between MAK, KMS and Token (highly secure disconnected environments)
• Office and Windows use the same activation technology
• Rich tools support is available
Microsoft Confidential
Next Steps
• Read the documentation onhttp://technet.microsoft.com/en-us/office/ee691939.aspxhttp://connect.microsoft.comhttps://partner.microsoft.com/office2010activation
• Help customers plan how to use KMS and/or MAK
Microsoft Confidential
Thank you
Thank you
© 2009 Microsoft Corporation. All rights reserved. Microsoft and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond
to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
top related