ADM242
Increasing Operational Efficiency with Microsoft Solutions for Management
Craig WilsonSolutions Product Manager
TCO doesn’t mean cutting costs
"TCO is really about process improvement and best practices that result in lower costs and improved service levels.“ TCO is a management issue, not a technology issue, "You can't just buy technology and lower your [IT] costs.“
IT Asset Management and TCO SummitAnalyst Bill Kirwin Gartner IncComputerworld June 11, 2003
Causes of Downtime
ApplicationFailure
40%
OperatorError40%
Other20%
• Untested Applications• Change Management• System / Application
Overload• Weak Problem Detection
• Forgot Something• Lack of Procedures• Backup Errors / Security
Source: source : Gartner Security Conference presentation "Operation Zero Downtime", D. Scott, May 2002
Operations
People & Process areas Important as Technology
• Hardware / Platform• Network• Power and Disaster
Guidance – Closing the Gap
Insert CD
Lack of Best Practices
Best Managed SystemsBest Managed Systems MicrosoftMicrosoft
TAM Now Available on TechNetNow Available on TechNet
Increase Operational Efficiency
Solutions for ManagementSolutions for Management
Bu
sin
ess
IT V
alu
eO
per
atio
ns
Ass
essm
ent
Sta
nd
ard
izat
ion
an
d P
rod
uct
ivit
yS
oft
war
e an
d I
mag
e D
eplo
ymen
tA
cco
un
t &
In
form
atio
n S
ecu
rity
Sec
uri
ty a
nd
Ris
k M
anag
emen
tP
atch
Man
agem
ent
Ava
ilab
ilit
y an
d P
erfo
rman
ceM
on
ito
rin
g W
ind
ow
s S
ervi
ces
Best Best EconomicsEconomics DependableDependable ConnectedConnected ProductiveProductive
Take technology and make into a IT Operations ServiceTake technology and make into a IT Operations Service
Securing Your EnterprisePatch Management Solution Accelerator
Deploying patches is cumbersomeDo we have the right patch?It takes a lot of administration to distribute patchesIt’s not easy to verify that every desktop has the latest patch
Technical AssessmentImplementation of technology
Systems Management ServerSoftware Update Services Feature Pack
Software Update ServicesGroup Policy objects (GPOs)
VPN access
Add Mobile users in Active Directory
Network Load Balancing
More than one SUS server
Add security group filtering on GPOs
Supports existing Heterogeneous tools
Lab for patch testing
Bandwidth considerations (TCP/IP)
# of mobile users
Patch Management Process
Co
nfiguration Manage
ment
Subscription
Baselining
Change Request
Change Classification
Change Authorization
Change Development
Quarantine Quarantine
Relevance
Identification
Change Review
-Roll-
Plan Release
Release Development
Acceptance Testing
Roll-Out Planning
Roll-Out Preparation
Release Deployment
Setup Activities
Change Initiation
Change Management
Change Management
Release Management
Setup Activities
Change Initiation
Change Management
Change Management
Release Management
Patching SQL & ExchangeHelp automate the deployment of SQL & Exchange patches
Procedures documented in MSM Solutions guidePerform audit
Define baselines
Change initiation
Change management
Rollout
Stand alone and clustered environmentsNo automated hotfix installer for Exchange-manual
There is an automated hotfix installer for SQL
Poor Systems Monitoring leads to interrupted services
IT cannot accurately measure their up-time.IT cannot accurately measure their up-time.
Most IT find out about a down service when Most IT find out about a down service when a user complains (cost of support)a user complains (cost of support)
Managing Windows ServicesService Monitoring and Control Solution Accelerator
STORAGESTORAGESERVERSSERVERS NETWORKINGNETWORKING
Service Monitoring as an IT Operations Service
Project Management Project plan, Risk Review
Technical Design Design Checklist, Design Template
System Testing Test Plan, Test Cases
Operational Process Planning Operational Procedures
Active Directory, SQL Server, and Exchange
Framework Integration Tivoli Enterprise Console, HP OpenView, SNMP Traps
SM&C Service Break DownEmail PerformanceEmail Performance
EmailEmail NetworkNetwork
Business Requirement
IT Services
ServerServerHWHW
EmailEmailApplicationApplication
RouterRouterHWHW
RouterRouterIOSIOS
IT Infrastructure Components
Memory Utilization
CPU Utilization
Disk space
Application Performance
Application State
Syslog Msgs.
SNMP Traps
Version Operating System
Device Performance
ComponentCharacteristics
CMDBCMDB
Deploy Process and Technology
Each ComponentEach Component•Event/Alerts•Thresholds Healthy/Unhealthy state•Time interval between sampling•Rules on each breach – alert or performance collect – used for correlation.•Performance collection – near real-time – long term collection
Complete ServiceComplete Service•Correlated alerts/events/thresholds•End-to End script testing the service.
Requirements + Service/Component monitoring Instrumentation
Technology Capability
DeployDeploy
Modify Modify Management Management ArchitectureArchitecture
Yes
No
SM&C Configuration TypesSingle Configuration Group
One configuration group with one or more DCAMs in one or more domainsMOM Db on separate SQL Server
Multi-homed Agent reports to more than one configuration group
Each configuration group contains a dedicated SQL ServerHosts MOM databaseSingle dedicated DCAM server
Large Scale Management Alert Forwarding
Good for geographically dispersed agentsNetwork-efficient as only “Alerts” travel between zones
DCAMDCAM
AgentsAgents
MOM DBMOM DB
AgentsAgents AgentsAgents AgentsAgents
DCAMDCAM
MOM DBMOM DBSQL SQL
Multi-homed Configuration
SQL Server CatalogSQL Server Catalog
Report ServerReport Server
SQL Reporting Services for MOM
DeliveryDeliverySecuritySecurity
Data SourcesData Sources(MOM SQL,)(MOM SQL,)
Output Formats Output Formats (HTML, Excel, (HTML, Excel, PDF, Custom)PDF, Custom)
Report ProcessingReport Processing
URLURL WMIWMI Web ServiceWeb Service
Data RetrievalData Retrieval RenderingRendering
Business Productivity New Application Installation Solution Accelerator
A lack of coordination to have a standardized application
Loss of productivity when a user moves from one department to another
Inconsistent standards for users from other departments
No proper standards resulting in an increased number of support calls.
2000
XP
2003
Scenarios
Installing a new applicationWipe and load Windows OS onto desktop and mobile clients
Installation of temporary sites
Merge and Acquisition
Security whitewash (no record)
Upgrading hardware (NT → W2k3)
Tools and TechnologiesSystems Management Server
Preferred tool for deploying and managing distribution of new Windows software
Custom Installation WizardCreate MST files for customized installation
Office Profile Wizard (OPW)
Group PolicyDefine settings per user or per computer
Software Distribution Process
Co
nfig
uratio
n M
anag
emen
t (CM
DB
)C
on
figu
ration
Man
agem
ent (C
MD
B)
Change RequestChange RequestChange ClassificationChange ClassificationChange AuthorizationChange AuthorizationChange DevelopmentChange Development
Plan ReleasePlan ReleaseRelease DevelopmentRelease DevelopmentAcceptance TestingAcceptance TestingRoll-Out PlanningRoll-Out PlanningRoll-Out PreparationRoll-Out PreparationRelease DeploymentRelease Deployment
Change ReviewChange Review
Change InitiatorChange Initiator
Change Change ManagementManagement
Release Release ManagementManagement
Change Change ManagementManagement
Step by step guidance for accurate distribution of softwareStep by step guidance for accurate distribution of software
Solution accelerator for the rapid and low risk deployment Microsoft Windows XP and Microsoft Office XP/Office 2003
Uses an integrated set of Microsoft and third-party tools
Does not need SMS
Automation techniques for scripting the “hands-free” installation of Windows XP – compatible applications
Guidance to create an end-to-end solution
Targets customers Around 5,000 users
Running Microsoft Windows 95/98 or Windows NT4
Using Office 97 as productivity suite
Visit Self Paced HOL WinHOL09
Standardized DesktopBusiness Desktop Deployment Solution Accelerator
Technologies AppliedHW & SW Inventory – Application Compatibility Analyzer, Microsoft SQL Server\MSDE and Microsoft Access
Office Packaging – Microsoft Office and Office Resource Kit
Imaging – VBScript, Batch, WinPE, Sysprep, RIS, PowerQuest (PQDI), Windows XP, and Windows XP Tablet Edition
Project Management – Microsoft Project 2002 (not required, but the sample project plans are in Microsoft Project format)
Application Packaging – Customer choice (MSI preferred)
User Data and Settings – USMT
Deployment Process – Batch, VBScript, HTA, Kixtart, RIS, and PowerQuest (PQDI)
Customer ProfileTargets the migration
Windows 9X or NT4 and Office 97 to Windows XP and Office XP or Office 2003
Focuses on customers who have already purchased the products
Enterprise Agreements or Select with SA
Download from TechNet soonDownload from TechNet soon
Data center Deployment AutomationWindows Server Deployment Solution Accelerator
Uses Automated Deployment ServiceFeature of Enterprise or DatacenterNo additional licensing fees apply – available Q3Deploy and administer W2K Server and Windows Server 2003 Not developed, licensed or supported for client OS deployments
A powerful tool for our enterprise customersEasy to use MMC UIThorough end user documentation and sample tasks provided Simple editor for creating/modifying XML task sequences
Solves server deployment and administration challenges data center environments
Visit Self Paced HOL WINHOL16Visit Windows Automated Deployment session DEP362
Target environment:Well-connected data center or staging lab
10MB or higher links (faster is better…)
Not supported across slow and unreliable links
PXE (DHCP)
Windows 2000 Server and Windows Server 2003
Target user:Administrators interested in automating server deployment and administration
Comfortable with MMC UI or command line tools
Automated Deployment ServicesTarget environment and userTarget environment and user
Ta
rge
t S
erv
er Deployment Agent
Pre-O/S
4 Agent authenticates/ requests image
SSL
DBLog all activity
6 Image is personalized and boots to full OS with agent
Administration Agent Full O/S
ADS ControllerADS Controller
ADS Secure, Remote ImagingZero Touch Server Builds from Bare Metal
PXEFW
Bare metal server PXE Boots and task sequence is initiated
1
3 Controller transfers deployment agent to RAM disk
RAM
Controller downloads DOS image for HW configuration2
5 Encrypted image is downloaded and deployed
PossiblyMulticast
HardDisk
Windows Server Deployment Architecture
Workstation usedto run the ADS
MMC Console totarget and run thetask sequences
on the targetservers
Windows 2003Enterprise
Running SQLServer 2000,ADS Image,
Controller andNBS/PXE
Windows 2003Server
Running MOMand SUS
Windows 2003Enterprise
Running DHCP andFile Server for Build
Process andApplications to be
installed
HP Proliant DL360 G11.26 GHz
896 GB RAM36 GB HD
100/1000 MB NIC
HP Proliant DL360 G1
DHCP+Build
ApplicationServer
Switch
Router
Switch
DeploymentWorkstation ServerServerServer Server Server
Deployment Environment Target Servers
SQL+ADS
Image/ControllerServer
HP Proliant DL360 G1Dual Proc - 1.26GHz
896 MB RAM36 GB HD
100/1000 MB NIC
256 MB RAM8 GB HD
100/1000 MB NIC
HP Proliant MLxxxDual Proc -
800MHz+ 800MHz+1 GB RAM
2 - 20 GB HD100/1000 MB NIC
HP Proliant XXxxxDual Proc -
800MHz+ 800MHz+1 GB RAM
2 - 20 GB HD100/1000 MB NIC
MOM+SUS
Server
Dual 1.26 GHz896 MB RAM
80 GB HD +Array100/1000 MB NIC
1.26GHz896 MB RAM
36 GB HD100/1000 MB NIC
WSD: Process FlowWindows Server 2003 Deployment Solution Accelerator - Process Flow of Feature Teams
Man
age
men
tS
ecur
ityIn
fras
tru
ctur
eD
eplo
ymen
tB
asel
ine
Bui
ld
Analyze HW dataEstablish HW
requirements andprioritization
Analyze networktopology to aid
deployment
Establishdeployment process
Establish imagecreation process
Update lab HWbased on inventory
assessment
Build deploymentprocess lab
environment basedon deployment
process
Define OScomponents andsettings and coreenterprise-wide
applications
Inventory coreapplications and HW
using Analyzer
Determine suitabilityof network
Establish HWupgrade
requirements
Establish HWupgrade process
Test deploymentprocess Pilot
Test with imageswith all approved
HW
Establish baselab environment
Create and testimages with
customized settingsand core apps
Build deploymentscripts
Define securitypolicies
Define servermanagement
policiesPrepare operations
managementenvironment
Deploy
Establish ADSenvironment
Analyze app data
Build ADSenvironment
Test securitypolicies in lab
Test managementpolicies in lab
Establish HWin base lab
environment
Establish HWin base lab
environment
Baseline Build Process (including Securityand Management Process Documents)
Document
Review servermanagement
policies
Reviewsecuritypolicies
Security ProcessDocument
ManagementProcess
Document
DeploymentProcess
Document
Inf. AnalysisDocument
Benefits of Windows Server Deployment using ADS Lower the TCO associated with server Lower the TCO associated with server
provisioning and script-based administrationprovisioning and script-based administration Reduce time, increase scale and efficiencyReduce time, increase scale and efficiency
Improve the consistency, security and Improve the consistency, security and scalability of your Windows Server data scalability of your Windows Server data centercenter Encode operational best practices and reduce Encode operational best practices and reduce
human errorhuman error
Leverage existing server administration Leverage existing server administration investmentsinvestments Extend and enhance existing scripting techniquesExtend and enhance existing scripting techniques
User Life Cycle Provisioning Account Management Solution Accelerator
Helps customers manage Active Directory, Network Services (WINS, DHSP & DNS), File and Print Services.
Delivers specific guidance forUser account management
Location management (branch offices etc)
Focuses on business initiated changePeople moving, organizational structure changing, offices relocating and consolidation
Provisioning Users Business Impact (Time)
Improves ProductivityAccess to basic file & print when staff join
Access to business applications
Connected to network
Maintains SecurityCorrect system and application privileges
Reduces IT Administration CostsAutomate for speed and fewer errors
Integrate with existing HR systems and processes
Microsoft Identity Integration Service (MIIS)
Microsoft Security Solution
Account Maintenance Business Impact
Manages ChangeMaintains reliable baseline of core file, print and network services
Access to new business applications
Meta-directory Services OptimizeJob role changes
Location and mobility requirements
Personal details and profile
Account Termination Business Impact
SecurityRemove access from the right systems at the right time
EfficiencyIntegrate with HR systems and processes
Automate best practices for speed and fewer errors
Data integrityMigrate ownership when someone leaves
Management TypesAdding users and locations (branch office)Users
Scripts to create user accounts in Active DirectoryTemplates which select a predefined set of applications and configuration Applies Change, Configuration & Release Management
LocationArchitectural impact on all locations from a change to one locationManages changes to administration and security model Information about the user may come from HR systems
Solution Accelerator DeliverablesTechnical Reference
Frameworks that translate the ITIL model into a set of consistent policies, procedures, standards, and best practices
ArchitectureArchitectural blue-print for the solution showing all the key components and how they interface and interact with each other.
Project GuideMSF guidance and suggestions to the Microsoft or Partner team delivering the engagement
Build & Deployment Guide High level design document for the solution as it applies to the stated customers business needs and IT operations
Test GuideTest scenarios and specific test cases that will be executed to verify that the solution meets it's objectives within the customer environment
Operations GuideDetailed information about the daily, weekly, monthly and as-required tasks that need to operate the solution
Improve Business IT MOF Operations Assessment
Determines whether the you are achieving Operational Efficiency
Addresses Business Level Needs
Identify gaps and maturity of organization
Offers an action plan to get processes in placehttp://www.microsoft.com/solutions/msm/techinfo/default.asphttp://www.microsoft.com/solutions/msm/techinfo/default.asp
Signs of readiness include:Installed SMF processes and roles
A well-maintained IT infrastructure
Well prepared in mitigating risk
Address Business Level Needs
Foundational CapabilitiesSecurity Patch ManagementOperational AgilityService AvailabilityService ManagementService Level AgreementCritical Incident Services
Cost of OperationsCost of Operations
MOF Core ModelsProcess and Team
Capacity ManagementAvailability Management
Financial ManagementWorkforce Management
Service Continuity ManagementService Level Management
Service DeskIncident ManagementProblem Management
Change ManagementConfiguration ManagementRelease Management
Service Monitor & ControlSecurity AdministrationNetwork AdministrationSystem AdministrationJob SchedulingStorage ManagementPrint/Output ManagementDirectory Services Administration
Infrastructure RoleSecurity RolePartner Role
Support Role
Release Role
Operations RoleSecurity RolePartner Role
Support Role
…………..Risk Management..Risk Management
Five-phase Assessment Process
Building Action PlanBuilding Action PlanBuilding Action PlanBuilding Action Plan
Analyzing ResultsAnalyzing ResultsAnalyzing ResultsAnalyzing Results
EnvisioningEnvisioningEnvisioningEnvisioning
PlanningPlanningPlanningPlanning
Gathering DataGathering DataGathering DataGathering Data
OutputsOutputs
OutputsOutputs
OutputsOutputs
OutputsOutputs
Rating Process Maturity MOF hierarchy — from quadrants to process attributes
Rating the maturity of a specific process
QuadrantQuadrant
SMFSMF
ProcessProcess
Process AttributesProcess Attributes
Change ManagementChange Management
Receipt of RFCReceipt of RFC
Example proposal for 3 SMF
MOF Essentials Training (2 days)
MOF Workshop (2 days)
Prepare the SMF questions (5 days)
Interviews with the customer (X days)
Analyse the interview results (5 days)
Prepare the GAP Analysis Report (5 days)
MOF Executive Presentation & Report Overview (1 day)
TOTAL: 20 days + X Interview days
Businessvalue
Work order/scope
Projectclosure
MOFAssessment
Architectureguide
Test Case detail plan
Deploymentguide
Operationsguide
Workingpractices, roles, and
responsibilities
Evaluate Planning Build Test Deploy Operate
A Consistent and Predictable ProcessA Consistent and Predictable Process
Project Time LineEngagement Process
MSM Delivery PartnersGlobal System Integrators
Certified regional partners
Microsoft Worldwide Services
MSM CustomersIT Operations Service
Implemented MOF guidance to manage
the Data center
City of Hambur
gMOF new
architecture delivers outstanding levels of
performance, manageability and
return on investment
MOM implementation of the Microsoft Solutions for Management (MSM) strategy
MSM brought a paradigm shift to CNF, Now we know that when we
approve a patch and apply it, there will be follow-up
Improved processes into their change and
configuration environment
ResourcesMicrosoft Solutions for Management (MSM)http://www.microsoft.com/solutions/msm
http://www.microsoft.com/mof
New Application Installation Using Microsoft Systems Management Serverhttp://microsoft.com/downloads/details.aspx?FamilyId=5FF4248A-D286-4482-941F-3B56E14490F9&displaylang=en
Patch Management Using Microsoft Systems Management Server and Patch Management Using Microsoft Software Update Serviceshttp://microsoft.com/downloads/details.aspx?FamilyId=7D8999AF-7E88-416C-8404-56912F886E8D&displaylang=en
Service Monitoring and Control Using Microsoft Operations Managerhttp://microsoft.com/downloads/details.aspx?FamilyId=73C382BA-3D3B-4CCF-A320-AA1AAE0C301D&displaylang=en
Automated Deployment Services http://www.microsoft.com/windowsserver2003/techinfo/overview/ads.mspx http://www.microsoft.com/windowsserver2003/evaluation/news/bulletins/ads.mspx
© 2003 Microsoft Corporation. All rights reserved.© 2003 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.