operational efficiency @ ms
DESCRIPTION
Operational Efficiency @ MS. Tibor Kolejak Regional IT Site Manger Microsoft Czech Republic. Company Logo Here. IT@Microsoft. 72,000 mailboxes. 150,000+ PCs >7,000 servers. 20 (?) Microsoft Exchange Messaging Servers. Stockholm. Benelux. Dublin. Munich. TVP. Chicago. Canyon Park, - PowerPoint PPT PresentationTRANSCRIPT
Operational Efficiency@ MS
Operational Efficiency@ MS
Tibor KolejakRegional IT Site MangerMicrosoft Czech Republic
Tibor KolejakRegional IT Site MangerMicrosoft Czech Republic
Company Logo Here
IT@MicrosoftIT@Microsoft
Sydney
Chofu & Otemachi
Les UlisTVP
DublinBenelux
Madrid
Dubai
Singapore
Johannesburg
Sao Paulo
72,000 mailboxes
Canyon Park,Redmond
Los ColinasCharlotte
ChicagoMilan
Stockholm
Munich
400+ supported Microsoft sites worldwide
4.5M+ e-mail messages per day internally
>400 apps 26M voice calls
per month 50K employees 5K contractors 17K vendors
150,000+ PCs >7,000 servers
20 (?) Microsoft Exchange Messaging Servers
Silicon Valley
ChallengesChallenges Large, highly dynamic environment Security
2,500 attacks, probes, and scans daily Over 125,000 virus-infected messages
quarantined monthly Unique IT environments for product
development, testing, support, and research require special security
Technology-literate staff 95% with local administrator right to their
desktop
Operational efficiencyOperational efficiency
To get more with less…
To increase service levels with less money…
Adequate synergy of various factorsrequired!
People
Processes
Platforms
Management tools
etc.Network solutionsPlatform
AgendaAgenda
Model Enterprise Windows Server 2003 Deployment Microsoft Operations Manager SMS 2003 Deployment
Model EnterpriseModel Enterprise
InternetInternet DC DC
Local Office Local Office
DSL/Local ISP/ Leased Line to local
ISP
AT&T/GX/Equant Leased Line
AT&T/GX Leased Line
ICO 1 - ICO 2 - Standard Building
Windows Server 2003 DeploymentWindows Server 2003 Deployment
Major milestone for MS A lot of new innovative features Internal deployment coming from the
need to improve security, availability and reliability
Beta Beta 22MarMar 200 20011
Int. InstallationsInt. Installations 2 2962 296 3 5903 590 3 6633 663 3 7183 718 3 7653 765 3 7903 790
Beta Beta 33NovNov 2001 2001
RC1RC1Jul 2002Jul 2002
RC2RC2Dec 2002Dec 2002
RTMRTMFebFeb 200 20033
LaunchLaunchApr 2003Apr 2003
Major Phases of DeploymentMajor Phases of Deployment
Future Technology Integration Planning Test and Pilot Enterprise
Deployment Sustain and Manage
00FutureFutureTechnologyTechnology
11Integration Integration PlanningPlanning
22Test &Test &PilotPilot
33EnterpriseEnterpriseDeploymentDeployment
44Sustain &Sustain &ManageManage
Business BenefitsBusiness Benefits
Reliability Scalability Security Lower Support Costs
Microsoft Operation ManagerMicrosoft Operation Manager
SituationSituationMonitoring the enterprise with many different Monitoring the enterprise with many different tools makes the task expensive and inefficienttools makes the task expensive and inefficient
SolutionSolutionConsolidate and adopt Microsoft Operations Consolidate and adopt Microsoft Operations Manager as key enterpriseManager as key enterprise
Groups @ MS IT using MOMGroups @ MS IT using MOM
Business Unit IT Messaging and Collaboration Services Enterprise Infrastructure Services Corporate Security
Business BenefitsBusiness Benefits
Lower TCO Proactive versus reactive/
Server availability increase Scaleable Flexible and interoperable
Patch ManagementPatch Management
Situation Security vulnerabilities can lead to loss of
revenue and intellectual property
Solution SMS 2003 is key tool in Microsoft IT patch
management process
Patch Management FrameworkPatch Management Framework
1. Assess Environment to be Patched
Periodic TasksA. Create/maintain baseline of systemsB. Access patch management architecture (is it fit for purpose)C. Review Infrastructure/ configuration
Ongoing TasksA. Discover AssetsB. Inventory Clients
1. Assess1. Assess 2. 2. IdentifyIdentify
4. Deploy4. Deploy 3. 3. Evaluate Evaluate & Plan& Plan
2. Identify New Patches
TasksA. Identify new patchesB. Determine patch relevance (includes threat assessment)C. Verify patch authenticity & integrity (no virus: installs on isolated system)
4. Deploy the Patch
TasksA. Distribute and install patchB. Report on progressC. Handle exceptions
D. Review deployment
3. Evaluate & Plan Patch Deployment
TasksA. Complete patch acceptance testing B. Obtain approval to deploy patchC. Perform risk assessmentD. Plan patch release process
Business BenefitsBusiness Benefits Automated security update and application
deployment Enforcement within prescribed timeframes Minimized unplanned downtime
Central reporting and administration Clear communication path
More accurate and efficient patch management More updates, fewer administrators, less time
Reduction in manual effort to deploy updates Automated tools, fewer scripts
1 Central Site ServerWindows Server 2003SQL Server 2000 SP3a
10 Primary Site ServersWindows Server 2003
6,000 Windows Server 2003–BasedServers Running SMS 2003
Advanced Client with Advanced Security
Server Patch Management ArchitectureServer Patch Management Architecture
Server Patch Management Process: Team RolesServer Patch Management Process: Team Roles
MSRC Releases security bulletins
Corporate Security Assigns deployment priority
Data Center Operations Manages data centers Hosts SMS infrastructures Patches servers
Server Patch Management: PhasesServer Patch Management: Phases
Two schedules, one deployment/enforcement process
Phase 1: Monitoring for security bulletins and updates from Microsoft Process of deploying update to servers begins
after update is released
Server Patch Management Process: PhasesServer Patch Management Process: Phases
Phase 2: Determining the risk level MSRC - Critical, Important, or Moderate CSCT - Deployment scheduled - based on
adjusted MSRC rating DCOPS - Security Update Inventory Tool
helps determine which servers are vulnerable MBSA scans for missing/installed updates
Server Patch Management Process: PhasesServer Patch Management Process: Phases
Phase 3: Testing Deploying synthetic patch to test deployment
success Monitor success, investigate and fix failures
Server Patch Management Process: PhasesServer Patch Management Process: Phases Phases 4–7: Deploying the patch
ThursdayThursday
FridayFriday
SaturdaySaturday
SundaySunday
Hour 1Hour 1
Hour 2Hour 2
Hour 3Hour 3
Hour 4Hour 4
12 A.M.–12 A.M.–4 A.M.4 A.M.
12 A.M.–12 A.M.–4 A.M.4 A.M.
12 A.M.–12 A.M.–4 A.M.4 A.M.
12 A.M.–12 A.M.–4 A.M.4 A.M.
12 A.M.–12 A.M.–4 A.M.4 A.M.
12 A.M.–12 A.M.–4 A.M.4 A.M.
12 A.M.–12 A.M.–4 A.M.4 A.M.
12 A.M.–12 A.M.–4 A.M.4 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
4 A.M.–4 A.M.–8 A.M.8 A.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
8 A.M.–8 A.M.–1 P.M.1 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
1 P.M.–1 P.M.–4 P.M.4 P.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
4 P.M.–4 P.M.–8 P.M.8 P.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
8 P.M.–8 P.M.–12 A.M.12 A.M.
Stan
dard
Dep
loym
ent
Stan
dard
Dep
loym
ent
Emer
genc
y De
ploy
men
tEm
erge
ncy
Depl
oym
ent
Server Patch Management Process: PhasesServer Patch Management Process: Phases
Phase 8: Reporting Determine success of deployment and
degree of voluntary patching Advertisement Status Viewer
DemosDemos
