Microsoft Confidential
The Changing Face of Deployment
CSM Event 22nd April 2008
Keith BakerDeployment SpecialistMicrosoft UK
Microsoft Confidential
Session agenda
• Customer goals and challenges• Current status• Changing Perspectives• How does this relate to you?• What’s changed ?• Available Resources• Deployment processes and best practices• Questions
Microsoft Confidential
Customer goals and challenges
Microsoft Confidential
Key Environmental GoalsWhat customers want…
Increase Operational Agility
GrowthCompetitive edgeCustomer serviceRegulatory complianceDevice managementVarying skill setsMobility
Reduce Costs and Complexity
Improve Security
PC maintenanceServer sprawlLegacy platformsDeployment and maintenanceIdentity managementSoftware updates
Malicious attacks, viruses, spam, etc.Evolving threatsPatch management, virtual private network, etc.Secure access
Microsoft Confidential
Customer challenges What customers are experiencing…
Applications
• Operating System Compatibility
• Inter Application Contention
• Testing overhead• Inconsistent and
ad hoc user installations
• High Cost of administration
Local User Data and Settings
Deployment Processes
• Data Loss• Extended rebuild
times• Inconsistent manual
backup / restore processes
• Regulatory compliance issues
• Infrastructure and tools not implemented
• Difficult to maintain and update when things change
• Inconsistency and variations
Microsoft Confidential
Current status
Microsoft Confidential
Where to focus ?
Microsoft Confidential
Source: IDC 2002, Microsoft Primary Quantitative Research. 400 30-minute phone surveys of IT professionals in data centers with 25 or more servers
More than 60% of TCO over a 5-year period is driven by people costs.
0
10
20
30
40
50
60
70
Staff Costs Downtime Training Software Hardware
The Manual Reality People and processes make the biggest difference
Microsoft Confidential
Changing Perspectives
Microsoft Confidential
Microsoft WIM imaging technology• Basis for current Microsoft platform’s installation – common to
Client and Server, applicable to recent legacy platforms• Removes need for third party imaging tools• Small footprint, network efficient• File based and so non destructive• Ability to modify elements of the build at the point of delivery
– speed and flexibility
WinPE 2.1• Replacement for DOS Boot environment.
New tool set• Single configuration file for install and build, image
manipulation tools etc.
Things have changedTechnology Enablers
Microsoft Confidential
So I need some tools then...Well, yes and no
The old adage is still true, a tool is only as good as the overall process in which you use it
New tool sets bring new possibilities, so don’t just look for ways to fit them in to the old processes.
Step back, look at best practice guidance, market trends, see what leaders are doing or planning to do. They may be bigger, have more resources, or smaller and more agile etc, but you can still cherry pick the best concepts and adapt.
The key point is to avoid traditional short term deployment focused decisions. Examine where your real costs lie over the life of a machine and focus decisions on those.
Microsoft Confidential
Traditional Deployment ObjectivesAre they still the right choices?Speed - what’s the quickest way to put the
operating system and a core group of applications on to a machineCost – Deployment is expensive. Having the fastest build time means more machines in a given timeframe so the cost are lower. This is the primary goal.Build – the “corporate build” has to be extensively engineered as it will form the platform for a number of years and so be designed to cope with all of the needs during this period. (In essence, making many of the decisions for this whole period, today).
Microsoft Confidential
Business As Usual ObjectivesWhat are the priorities here?
Managing Change – that image you started deploying last week – two of the apps need changing to new versions and there is another app to addPatching – we spend longer installing all the current patches than it takes to do the install in the first placeCost – sending a engineer out each time we need to rebuild a machine is very expensive.New machines – drivers and hardware support is part of the image so we need a new one when machines types are added/updated Build – There are things the business require which aren’t in the build and some things need changingTesting overhead – changes take too long and cost too much
Microsoft Confidential
Current thinking
Many companies are now focusing on the whole life costs of machines, often in line with a 3 or 5 year refresh cycle
Deployment has a cost associated with it, but taken out of the constraints of single financial years budget, it becomes clear that the traditional basis for deployment objectives can lead to substantially greater costs in terms of on going BAU support and maintenance
Focus is now being placed on cost effective BAU processes which encompass the ability to implement deployment of the “Corporate Build” and applications
Microsoft Confidential
How does this relate to you?
Microsoft Confidential
Deployment Vs BAU Management
3-5yrs
BAU BAU
NT4 Domai
n
NT4 - 9x
Clients
AD
W2K Clients
Point Solutio
n£
Point Solutio
n
£
Point Solutio
n £AD
2003
XP/SP2
Clients
Vista Clients
Office 2007
BAU
3-5yrs
Point Solutio
n
£
Traditional Deployment Approach:Blinkered A to B solution. Requirement for change will result in........
70 %of IT Spen
d
3-5yrs
Microsoft Confidential
Deployment Vs BAU Management continued...
BAU BAU
NT4 Domai
n
NT4 - 9x
Clients
AD
W2K Clients
£ ££AD
2003
XP/SP2
Clients
Vista Clients
Office 2007
BAU
£
Traditional Deployment Approach
Managed Desktop Environment:Long term view. Focused on reusability of investment and
flexibility
AD 2003
Managed
Desktop
BAU
Vista/Office 2007
implementation project utilising reusableManaged Desktop
Infrastructure
components
Microsoft Confidential
Build Architectures
User
Applications
Office
Core Utils
O/S
Monolithic (Thick image)
Image
Dynamic Delivery
Advantages• Quick installation times• Minimal Infrastructure• Fast skills acquisition• Well known approach
Disadvantages• High propensity for
change• High testing overhead• Inflexible• Large no of images• Does not scale easily
Microsoft Confidential
Build Architectures
Applications
Office
Core Utiils
O/S
Modular (Thin image)
Image
Dynamic Delivery
Advantages• Flexible• Manageable• Testing overhead
reduced• Fewer images
required
Disadvantages• Increases build times• Initial set up more
complex• Infrastructure
requirements
Microsoft Confidential
Desktop Deployment Cost
BasicManual Deployment $1,300 per PC
USMT, ACT, WinPE, WDS, ImageX, WIM
StandardisedLight Touch Deployment~ $580 per PC
Deployment automation with Zero Touch (SCCM, SCOM)
RationalisedZero Touch Based Deployment$230 per PC
Source: “Core Infrastructure Optimization Research, Survey of Findings,” IDC, June 2007
Microsoft Confidential
Zero-Touch
Heavy-Touch
x
• Limited best practices - steep deployment learning curves
• Basic infrastructure and limited compatibility inventory
• Repetitive manual processes result in high labour costs and inconsistent results
Manual Processes
Light-Touch
Semi-Automated Processes
• Best practices and end-to-end prescriptive guidance enable “light-touch” deployments
• Standardised infrastructure and central HW/SW inventory for more predictable and reliable deployments
• Semi-automated processes deliver lower BAU and support costs reducing ongoing TCO
Automated Processes
• Best practices and lifecycle management guidance enable ‘zero touch’ deployment, even in remote locations
• Rationalised infrastructure and dynamic inventory allows IT to align with business needs
• Automated processes deliver lowest BAU and IT labour costs and highest long term TCO savingsCost: < $230/PC*Cost: > $1300/PC* Cost: ~ $580/PC*
Reducing Deployment Cost And Complexity
*Source: “Core Infrastructure Optimization Research, Survey of Findings,” IDC, June 2007
Microsoft Confidential
Basic Standardised
Rationalised
Dynamic
Cost Center
More Efficient Cost Center
Managed IT infrastructu
re with limited automation
Request driven
management
Managed and Consolidated
IT infrastructurewith maximum
Automation
SLA accountability,
change management
Fully automated
management, dynamic resource
usage, business-
linked service level
agreements (SLAs)
Business Enabler
Strategic Asset
Uncoordinated, manual
infrastructure
Problem driven
management
Structured approach:Not trying to run before you can walk
Core Infrastructure Optimization Model
Microsoft Confidential
What’s Changed ?
Microsoft Confidential
New Tools
SYSPREPSETUPIMAGEXWindows System Image ManagerPEIMGWindows Deployment ServicesOCSETUPPNPUTILWAIK
Bitlocker Configuration ToolsPKGMGRBCDEDITApplication Compatibility Toolkit 5.0User State Migration Tool 3.0Volume Activation Tools
Microsoft Confidential
Client and Server O/S delivery Single Solution
Client deployment• O/S - Vista (32 and 64 bit), XP (32 and 64 bit)• Configuration and settings• Application installation• User data and settings
Server deployment• O/S – Server 2008, Server 2008 Core, Server 2003• Hardware config (raid, NIC teaming etc.)• Server roles• Application installation
Common tool set
Microsoft Confidential
Tools Replaced For New O/S’sWINNT.EXE and
WINNT32.EXE• Replaced by SETUP
and imagesMS-DOS boot floppies• Use Windows PE!Setup Manager / Notepad• Use Windows System
Image Manager for editing XML files
SYSOCMGR• Replaced by
OCSETUP, PKGMGRRemote Installation Services• Replaced by Windows
Deployment Services (retains “legacy support”)
• RIPREP and RISETUP
Microsoft Confidential
ChallengesSteep learning curve• Understand use and capabilities of individual
tools, their roles and how they can be used
Current practices may no longer be a good fit• Much of the deployment processes required for
new O/S’s can be utilised for their predecessors
Opportunity to re evaluate current practices• How can the best use of this opportunity be
made and also minimise the overhead in doing so
Microsoft Deployment Toolkit (MDT) 2008 Solution Accelerator provides help and guidance
Microsoft Confidential
Available Resources
Microsoft Confidential
What is MDT2008 ?
• A free Solution Accelerator
• Download from: http://www.microsoft.com/deployment
• End-to-end guidance, best practices, and tools for efficient planning, building, and deploying Microsoft Windows, Office and other apps
• Based on real-world experience
• Increases automation• Decreases costs
Microsoft Confidential
Detailed Project Guidance and Job Aids
DeploymentWorkbench MMC
TechNet Deployment Center
Microsoft Deployment Toolkit 2008
MDT 2008 simplifies Windows operating systems and Office deployment, configuration and application installation, includes comprehensive process guidance, job aids and tools corresponding with each phase of the project.
Microsoft Confidential
Microsoft Deployment Toolkit:Deployment Scenarios
New Computer• A new installation of the standard platform and pertinent
applications are deployed to a new computer where there is no user data or profile to preserve.
Refresh Computer • Re-image a currently managed machine to bring it to the
current standard platform and including delivery of the pertinent applications or rebuild to address an issue. This scenario includes ability to preserve existing user data and profile(s) on the computer.
Replacement Computer • A new installation of the standard environment is deployed to a
new or reprovisioned computer, along with pertinent applications plus apply user data and profile(s) migrated from an existing computer.
Microsoft Confidential
Microsoft Deployment Toolkit:Deployment Methods
Lite Touch Installation (LTI)Deployment without management infrastructureManually initiatedUses network share, Windows Deployment Services, CD/DVD, or USBRefresh, upgrade, replace, new computer
Zero Touch Installation (ZTI)Uses SMS 2003 OS Deployment Feature Pack or integrates with SCCM native OS deploymentScheduled via SMS or SCCM and is completely automatedCentrally monitored with Microsoft Operations Manager (MOM) 2005 or System Center Operations Manager (SCOM) Management PackRefresh, replace, new computer
Microsoft Confidential
Microsoft Deployment Toolkit: Advantages
Dynamic driver injection at point of delivery• Reduces number of builds required• Flexibility to cope with new hardware• Reduces management overheadBuild changes at point of delivery based on:• Hardware, Network Location, Mac
Address, Machine Name or BIOS Asset tag using a Database Lookup
Non destructive delivery• User state and data never needs to leave
the machine – reduces migration time, network load and storage requirements
Microsoft Confidential
BenefitsAutomated builds reduce costs and increase reliabilityDynamic Driver injection based on PnP ids reduces number of builds required for XP and VistaVista HAL independence makes a single corporate image a realityStandardisation and consistency reduce support incidents and raise end user satisfactionReduced complexity decreases patching and update cycle times through lower testing overheadsChange management simplified and more responsive to business requirementsSCCM Task Sequencing engine provides extensive automation of LTI processes enhancing standardisation
Microsoft Confidential
Roadmap
Microsoft Confidential
Microsoft Deployment ToolkitRoadmap
Microsoft Confidential
Questions
Microsoft Confidential
© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions,
it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.