Drift og Overvåkning Utfordringer og muligheter Karl Bjarne Westbye, Microsoft kbwest@microsoft.com, tel: 915 54 522
Vi skal snakke om Drift og overvåkning Strategisk tilnerming Prosess Kontroll på infrastruktur Sikkerhet Konfigurasjonsstyring Overvåkning Kostnader Gevinster Eksempler Støtte i Microsofts produktportefølje System Center Configuration Manager Operations Manager Data Protection Manager +++ Windowsserver 2008
More Pressure than Ever on IT Technology Change Regulatory Compliance Competition Security Cost Reduction Keep Business Up & Running Customer Connection End User Productivity Business Results & New Value
Utfordringer
Har din bedrift Veldefinerte retningslinjer for infrastruktur Enhetlig konsernfelles policy for konfigurasjonsstyring Effektiv håndtering av endrings- og konfigurasjonsstyring Kostnadseffektiv overvåkning, oppfølging og utbedring av feilsituasjoner Klart definerte SLA og gode rapporteringsrutiner på disse Fornøyde brukere / kunder / eiere Sett på outsourcing, serverkosolidering, fjernarbeid, etc
Infrastruktur Velg utfra behov og TCO, styr etter dette valget Tilfeldig utvikling av infrastruktur kan gi Økte driftskostnader Unødig høye lisenskostnader Overlappende kompetansebehov Dyrere systemintegrasjon Høyere konsulentkost Økt sikkerhetsrisiko Innsatsfaktorer Strategiske valg Anskaffelsesstrategi Kompetanse Beregning av kostnader
Prosesser Definer arbeidsprosesser / prosessflyt som en del av målbildearbeidet Feil i prosesser kan gi Redusert automatisering Forsinkelser, avtalebrudd, mislighold Dårlig datakvalitet Frustrerte brukere/kunder/medarbeidere Feil fokus på IT enheten Innsatsfaktorer Sunn fornuft Strategiverktøy og prosessmodellering IT Governance = Kr
Endrings- og konfigurasjonsstyring Utarbeidelse og håndheving av policy Mangelfull styring kan gi Vanskeligere og dyrere IT drift Redusert tilgjengelighet, kvalitet og oppetid Unødig ressursforbruk Overaskende kostnadselementer Innsatsfaktorer Definere effektiv policy Verktøy som dekker behovet IT Governance = Kr
Proaktiv overvåkning av tjenester Riktig leveranser av tjenestekvalitet Mangelfull overvåkning kan gi Unødig ressursbruk Uforutsette kostnader ved mislighold Frustrerte brukere/kunder/medarbeidere Feil fokus på IT enheten (brannslukning vs. forretningsutvikling) Innsatsfaktorer Definerte prosesser som understøttes av riktige verktøy IT Governance = Kr
Forbedringsagenda Proaktiv ende-til-ende Konfigurasjonsstyring Endringshåndtering Målbilder og prosesser Infrastruktur
ITIL
IT Operations Are Important More ^ Changes not managed Capacity requirements Root cause difficult to find Forget something Lack of procedures Backup errors / Security 40% Application Failure Other 20% Operator Error 40% Hardware, OS, Facilities Gartner Security Conference presentation "Operation Zero Downtime", D. Scott, May 2002
MOF Models Process Model Team Model Risk Model
Business Continuous Improvement When have you arrived? Service Improvement Drivers Scorecard Compliance BS15000, SarbOx Where do you want to be? Service Management Guidance Improvement Metrics IT How do you get there? Service Assessment ITIL, CMM, CobIT, Six Sigma Governance, Maturity, Quality Where are you now?
Conclusion Executive Sponsorship Measurement (Scorecard) Roles and Responsibilities Common Terminology Training Defined Documented Process Continuous Improvement
IT Challenges Infrastructure Change TCO & SLA Configuration End-User Experience
Key Drivers of Core Infrastructure Optimization People, Process and Technology IT and Security Process Identity and Access Management Desktop, Server and Device Management Security and Networking Data Protection and Recovery 18
Verktøy og muligheter
What is going on?
System Center Investments
System Center Roadmap
System Center Solutions Change Initiation Review SLA Review Release Review Operations Review
Operations Manager 2007 Tjeneste-orientert Enkel å bruke Kunnskapsdrevet Enterprise-klasse
Operations Manager 2007 Solutions Proactive Proactive Monitoring Monitoring of Service of Health Service Health End to End Service Management End User perspective End User perspective monitoring monitoring Service Service Oriented Views, Views, Dashboards, and and Reports Reports Easy to Easy use to templates use templates and Service and Service Designer Designer Best of Breed for Windows Expertise for Microsoft apps, servers & clients Agentless exception monitoring Client monitoring of Vista, XP, and the Office suite Audit collection service archives security logs Increased Efficiency and Control Single integrated console with role based security Leverages AD for discovery, accounts & agent config Self tuning thresholds adjust to business usage patterns Easier to use, customize, and author reports
Demo System Center Operations Manager 2007
IT Systems Configuration Lifecycle Software Distribution SW and HW Updates OS Deployment Standardization Desired Configuration Asset Management Consolidation, License Compliance Out of Band Management, Remote Control Built On
SCCM 07 Key Investments Simplicity Deployment Security Simplicity Up and running in minutes Simplified UI Advanced Task Sequencing Reduced SCCM infrastructure costs with branch office support Improved scheduling and greater control including Wake-on-LAN Common processes for Windows Mobile and embedded device Deployment Unified delivery of Windows operating system for clients and servers One worldwide image to manage with Vista Built on Windows Vista technologies including Windows Imaging Vista and Office 12 upgrade assessment and resolution planning Offline media support for full offline provisioning Security Integration with Longhorn Network Access Protection Simplified, comprehensive software updating w/ templates for common tasks Enterprise Vulnerability assessment Securely managing devices across the Internet Secure network storage of user state during Operating System deployment Configuration Configuration Knowledge-driven desired configuration management based on the Service Modeling Language (SML) IT policies for analyzing corporate and regulatory compliance Out of the box configuration policies for server workloads e.g. Exchange, IIS, AD License and asset management
OS Deployment Architecture Bare Metal starts here
OS Deployment Architecture 2. Admin creates Task Sequence and advertises to collection containing client 1. Admin creates OS image and boot image and replicates to DP. MP Site Server 5. Client sends status as Task Sequence executes DP 3. Client retrieves Task Sequence from MP and executes it 4. Client retrieves boot image and OS image referenced in Task sequence Client
Demo System Center Configuration Manager 2007
System Center Essentials Driftskunnskap på boks tilpasset norske forhold Driftsverktøy designet for mellomstore selskaper med opp til 30 servere og 500 brukere Enkel installasjon Enhetlig opplevelse av administrasjon Omfattende overvåkning Utrulling av sikkerhetsoppdateringer Utrulling av programvare Oversikter over installert maskin- og programvare Integrert rapportering Støtte for fjerndrift
Active Directory System State Online Snapshots (up to 512) Disk-based Recovery Up to Every 15 minutes Windows XP Windows Vista Windows Server 2003 Windows Server 2008 file shares and directories DPM 2007 with integrated Disk & Tape Offline tape Tape-based Archive DPM 2007 Continuous Data Protection for Windows Application and File Servers Rapid & Reliable Recovery from disk instead of tape Advanced Technology for enterprises of all sizes
Data Protection Manager Roadmap Breadth of Support: Microsoft Exchange Microsoft SQL Server Microsoft SharePoint Server Microsoft Virtual Server 2005 R2 sp1 Windows File Servers Windows desktops Data Protection Manager 2006 File Protection and Recovery Rapid and reliable disk-based data recovery Efficient, continuous data protection Designed to work with existing tape archive software Centralized Backup of Branch Office Depth of Support: Tape Support System State & Bare Metal Recovery Continuous Data Protection High Availability Environments
Demo System Center Data Protection Manager 2007
A centralized management application solution for Microsoft virtual server software. Increased Physical Server Utilization Deploys multiple virtual servers on 1 physical server Increases flexibility Sets up servers for testing Decreases hardware costs Centralized Management of Virtual Infrastructure Uses MOM pack for reporting and health monitoring Reports on consolidation candidates, utilization trending, optimization opportunities Rapid Provisioning of New Virtual Machines Enables end users to use Self Service Provisioning UI to request and place VMs Enables administrators to configure rules and boundaries for provisioning VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VMVM VM VM VM VM VM V M
System Center Virtual Machine Manager Host Groups Context Sensitive Actions VM Views Centralized Library Live Thumbnail
System Center And Core IO Basic Standardized Rationalized Dynamic Desktop, Server and Device Management Ad-hoc Patching Backups No Multiple Recovery Desktop Testing Configurations Manual Server Monitoring Backup Desktop and Recovery Patching for Critical Standard Server Desktop Images and Apps Monitoring Critical Servers Server SLA Backup Patching and Automated Recovery for OS all Deploy servers Virtualization Central and SLA Branch for Server Office and Backup WAN Data Protection and Recovery Infra. Self Capacity service Model data backup and administration Mobile Mgmt. management and Security Dynamic Workload with Virtual Infrastructure Standard OS images Back-up Workload-level Server and and Recovery Workload Monitoring for App. Management Technology Critical Virtualization Impact Servers Awareness Asset Intelligence Software Update Management Device Management Process Data SLA Center Back-up and and Service and Branch level Recovery Consolidation for Monitoring All Servers Using Central Business and Virtualization Impact Branch awareness Office Automated Back-up OS Deployment Maintenance Windows Dynamic Internet-based Resource Client Allocation Proactive Using Management Virtualization /Preventative Self-Service Monitoring Data of Back-up Services and Administration Management Proactive outage Management Desired Configuration Management Zero- or Light-Touch Deployment Network Access Protection Integration
System Center Mobile Device Manager System Center Mobile Device Manager is a comprehensive server solution designed to improve security, management, and access for mobile devices in a cost-effective manner for enterprises with investments in Windows Server System Security Management Active Directory Domain Join Policy enforcement using Active Directory/Group Policy targeting (>125 policies and settings) Communications and camera disablement* File encryption Application allow and deny Remote wipe OMA-DM Compliant *Part of LTK requirement Device Management Single point of management for mobile devices in enterprise Full over-the-air (OTA) provisioning and bootstrapping OTA software distribution based on Windows Software Update Service (WSUS) 3.0 Inventory Microsoft SQL Server 2005 based reporting capabilities Role based administration MMC snap-ins and Microsoft Windows PowerShell cmdlets WMU On/Off control Mobile VPN Machine authentication and double envelope security Session Persistence Fast Reconnect Internetwork roaming Standards based (IKEv2, MobIKE, IPSec tunnel mode)
Device Management Strategy Leverage existing resources: Client side, such as OMA-DM Server side, such as AD, GP, WSUS System Center Mobile Device Manager acts as the client on behalf of the device Enterprise OMA-DM proxy server Device connects to the Device Management Server and gets configuration and update data that resides in multiple back end systems through Systems Center Mobile Device Manager OMA DM SyncML Future backend integration (SCCM)
Windows server 2008
Windows Server 2008 Web Virtualization Security Delivers rich webbased experiences efficiently and effectively Reduces costs, increases hardware utilization, optimizes your infrastructure, and improves server availability Provides unprecedented levels of protection for your network, your data, and your business Solid Foundation for Your Business Workloads Most flexible and robust Windows Server operating system to date Provides the most versatile and reliable Windows platform for all of your workload and application requirements
Terminal Services RemoteApp Virtualization RemoteApp Programs Only supported programs look console like by Remote they used integrated are Desktop make running application client with locally 6.0, or computer available newer Centrally Also used configure to make a terminal programs server available with via the TS Terminal Web Access Server Configuration console Remote Desktop client required Terminal Services Gateway Server
Windows Vista and Windows Server 2008 Better Together More Efficient Management Single worldwide servicing model Event forwarding between client and server Faster and more reliable remote operating system deployments Network Access Protection ensures health of connecting systems Greater Availability Scalable print servers with client-side rendering Smooth offline experience with client-side caching Transactional File System for file and registry operations Policy-based Quality of Service to prioritize application bandwidth Efficient Communications Fast enterprise class search on clients and servers Faster networking with new TCP/IP stack and native IPv6 Improved file-sharing performance over high-latency links Integrated remote access to internal applications and resources