Jeff Wettlaufer Sr. Technical Product Manager System Center Microsoft Corporation MGT317 Complete an evaluation on CommNet and enter to win!
Download ReportTranscript Jeff Wettlaufer Sr. Technical Product Manager System Center Microsoft Corporation MGT317 Complete an evaluation on CommNet and enter to win!
Jeff Wettlaufer Sr. Technical Product Manager System Center Microsoft Corporation MGT317 Complete an evaluation on CommNet and enter to win! Agenda The Changing Desktop Microsoft’s Approach to Managing the Modern Client Adaptive Application Delivery Application Compatibility Physical Software Installation Virtual Application Management Simplified Windows Vista Deployment Building the Corporate Image Customizing the Corporate Image with the Task Sequencer Securing the Corporate Image Desktop Management Solutions Streamlined Application and Desktop Delivery Optimized Client Health and Performance Ease User Access Without Compromise Adaptive Application Delivery Client Infrastructure Monitoring End-Point Security Management Managed client application delivery via traditional and virtual methods Simplified Windows Vista Deployment Automated OS deployment via image standardization Client health monitoring and proactive issue identification Remote PC Diagnostics & Repair Zero-touch remote diagnosis and remediation with Intel® vProTM Enforced compliance with system health policy definitions via remediation Configuration Compliance Assess systems compliance against established configuration baselines The Client Continuum Device-centric Unmanaged Rich Client Well-managed Rich Client Device-agnostic “Dynamic” Rich Client Client-Hosted Virtual Machine Blade-PC Presentation Server-Hosted “Ubiquitous Virtualization Virtual Machine Client” The Well-Managed Rich Client A familiar and viable model OS installed locally on the client device Applications installed locally on the client device Data [probably] stored locally on the client device Depends on device-specific physical resources The “Dynamic” Rich Client Rich client, only better OS installed locally on the client device Applications installed locally and/or streamed without install Data stored on network, with folder redirection/replication Uses device-specific physical resources Client-Hosted Virtual Machine A virtual PC image, running on the client device OS installed on device, plus managed “guest OS” running under VPC Applications installed on device and/or guest virtual machine Allows abstraction from application-compatibility issues Allows multiple user profiles on single client device “Deploy a corporate PC to any endpoint, and run it seamlessly” Presentation Virtualization The apps are “somewhere else,” but it looks like they’re here OS installed on device Applications execute in the datacenter Allows abstraction from physical details of client device Leverages datacenter resources (scale and elasticity) Server-Hosted Virtual Machine (aka VDI) A virtual PC image, running “somewhere else” The client image is a virtual machine running in the datacenter Client image is fully controlled/managed within datacenter Allows abstraction from physical details of client device Leverages datacenter resources (scale and elasticity) One Size Does Not Fit All Well-Managed Rich Client “Dynamic” Rich Client Client-Hosted Virtual Machine Presentation Virtualization Server-Hosted Virtual Machine Every one of these client profiles Has strengths and weaknesses Depends (to varying degrees) on the datacenter Depends (increasingly) on solid management tools/processes The question is… which one is “best”? Application Planning with System Center Begins with accurate inventory of existing applications Inventory data (hardware and software) needs to be in a meaningful business terminology Data has to be current (need for online sync) There are 3 key indicators to verify: Inventory (license, install source, configuration) Performance Compatibility Application compatibility knowledge can benefit everyone Use historical data to identify potential application issues Application Compatibility Toolkit Collect your application inventory Analyze your application inventory results Create your application portfolio Operations Manager Pre-deployment, performance-based knowledge and resource validation can benefit application preparation System Center and Application Planning System Center Configuration Manager 2007 Asset Intelligence, HW/SW Inventory Windows Vista Upgrade Advisor Application Compatibility Toolkit Collect your application inventory (using ConfigMgr) Analyze your application inventory results Operations Manager 2007 Review historical performance data across both hardware and software Proactively determine future procurement criteria Identify key software-based issues back into the planning loop Create your application portfolio Make decisions such as physical vs. virtual Performance Testing & Model-Based Planning Need to assure that applications scale and meet real-world expectations Issue exists for both new deployments and for upgrades Performance testing against test and staging environments helps: Understand the expected behavior of the application before deploying to production Identify potential constraints across existing physical and virtual environments Mitigate risks before going live Easily transfer developed monitoring models to production System Center delivers model-based application monitoring Enables monitoring around the service that the application is delivering Monitor all components that deliver the application, their interrelationships and dependencies Asset Intelligence Console improvements Rich interface in Configuration Manager Admin Console New Catalog and License management tools Enhanced UI for all Asset Intelligence WMI Classes System Center Online Connection Certificate requirement removed in Service Pack 2 Keep software asset categorization up-to-date On-demand or scheduled catalog synchronization w/On-line Service New Configuration Manager site role: The Asset Intelligence Synchronization Point Upload requests for software categorization to On-line Service Basic replication to distribute AI content to other Configuration Manager sites Ability to import licensing data and compare to inventory Local edit support allows customers to categorize software assets Planning for Application Management with System Center Traditional Software Distribution with System Center Enhancements to a core feature, and new levels of control for package delivery New Features: Simplify application replication with Copy Package Wizard Control when change happens with Maintenance Windows Reduce your infrastructure with Branch Distribution Points Improvements: Efficient troubleshooting with improved Package Cache control Lower network traffic with Binary delta replication Client Branding for User Experience Wake on LAN support guarantees delivery Virtual Applications for the Enterprise System Center builds on the Full Application Virtualization infrastructure: Integrates with existing Active Directory relationships Provides a scalable infrastructure to support a distributed network Broad scenario support to support workers wherever and however they work; desktops, laptops, mobile across LAN/WAN/Branch and Internet connections Centralized management and reporting for physical and virtual applications Reduce costs for deployment, and align to organizational requirements by targeting both user and computer systems for applications Asset Intelligence brings meaningful business terminology for software titles, categories and families, with full support for Virtual Applications Integrate Virtual Application delivery with everyday Management operations: OS Deployment Patch Management Inventory Application Virtualization Management in Configuration Manager R2 Based on Application Virtualization 4.5 feature set Uses System Center Configuration Manager 2007 R2 Admin approach New in ConfigMgr 2007 R2: ConfigMgr can manage and deploy virtual applications Client roaming is supported so the client is always going to the “closest” server Dynamic nature of Application virtualization preserved Version checking, user-based targeting, streaming Core Scenarios for Application Virtualization Management Packaging and distribution of virtual applications • Create virtual application packages and copy them to distribution points Deployment of virtual applications to clients • Advertise the packages to clients (connected and offline) Launching and running • After the application is advertised and made available, end-users run the applications from their virtual applications desktop computers (connected and offline) Inventory and Reporting of virtual applications • ConfigMgr inventory and reports enable administrators to report on packages, applications and their usage within the ConfigMgr hierarchy Application Management Overview Determining When to Use Full Installation vs. Virtual Application Key consideration criteria may include: Large data-driven applications Examples include: “Streets & trips” Where you want localized data close to the app, which may not stream well Prior and/or unsupported versions of applications (retained for compatibility purposes) Examples include: “Spreadsheets” CAD drawings Stored in some proprietary format Those made obsolete through a new app installation Applications with dependencies Examples include: Office Charting tools “Infrastructure” style categories, such as .NET or BITS Code that need to remain with the system regardless of the higher level apps Software Updates with System Center Built on WSUS 3.0 architecture Included as Managed Server role in site hierarchy Full benefits of site management, Binary Delta Replication etc. Provides Compliance assessment Application/ Security updates All Microsoft software updates categories plus: OEMs and software vendors (ISVs) Internally-developed applications (LOB) Full integration into other areas of Configuration Manager: OS Deployment Internet Based Client Management Windows Server 2008 NAP System Center Update Publisher Desired Configuration Management Use System Center to Deliver Applications to Internet-based Clients Manage clients without a VPN Road Warriors (Sales force, Consultant) Point of Sale (Restaurant, Retail store, Gas station) Employee home computers Roam in and out intelligently Converge with standards-based technology PKI for certificate management SSL/TLS for secure HTTP communication Firewall for SSL termination Virtual Application Management supported Download and execute only Software Deployment Methodology Robust infrastructure providing flexible delivery options •MSI Utility for Application Virtualization •R2 Application Virtualization Management •Rapid, Centralized Deployment of Applications •Low-bandwidth Access to Data •Windows Anywhere •Increased Scalability •Improved Manageability •Easy-to-use Remote Desktop Connection •Enhanced Remote Desktop Protocol (RDP) •Greater Color Depth and Screen Resolution •Additional Windows Server 2003 Enhancements •Terminal Services RemoteApp™ (W2K8) •Terminal Services Gateway (W2K8) •Terminal Services Web Access (W2K8) •Terminal Services Session Broker (W2K8) •Terminal Services Easy Print (W2K8) Web-based Web • Microsoft Application Virtualization (SoftGrid) • Virtual PC (Virtual Server, Virtual Machine Manager) • Enable applications to run without the need to visit a desktop, laptop, or terminal server • Applications are rapidly delivered using a streaming protocol • 5%-40% (depending upon application) is needed to launch the application • Centralized, policy-based management • Sequenced application package benefits client by zero footprint delivery • System Center integration Terminal Services Terminal Services •System Center Configuration Manager •Simplify application replication with Copy Package Wizard •Control when change happens with Maintenance Windows •Reduce your infrastructure with Branch Distribution Points •Efficient troubleshooting with improved Package Cache control •Lower network traffic with Binary delta replication •Client Branding for User Experience •Wake on LAN support guarantees delivery Virtual Applications Virtual Physical Full Installation •Cross-platform compatibility •Web-based applications are always updated to the last release •Immediacy of access •Ease of use •reasonable demands on end-user RAM memory than locally installed programs •Centralized management and revision control •Different cost and pricing models based on provider •Evolution of data storage supports application porting from local to web based •Concurrency and collaboration improvements •Security and Data protection improvements •Localization support Building the Desktop with System Center The goal is to simplify with common tools and processes Establish standards for: OS Configuration Application Packaging User Management/Migration Considerations for builds based on: User Hardware Location Business Role Other TOOLS ∙ System Center Configuration Manager Operating System Deployment ∙ Windows Automated Installation Kit (WAIK) ∙ Windows Image Format (WIM) ∙ SoftGrid ∙ Business Desktop Deployment (BDD) ∙ Microsoft Deployment Using System Center to Layer the Desktop Build User State Migration Tool Data Backup and Recovery Software Distribution Application Virtualization SoftGrid Terminal Services OS Deployment Task Sequencer Driver Catalog Data, User settings Applications OS Hardware WAIK WinPE The OS Build and Deployment Process Model-based approach using System Center tools User Data Layer • User Profile, either new or migrated Application Layer • Core Applications installed • User/Role/Location specific Apps, physical, virtual or Terminal services OS Layer • Operating System Image imported, captured, built from script Hardware Layer • Configuration, Drivers and OEM Tools Operating System Deployment System Center has nearly infinite flexibility to customize the OS deployment process Highly automated solution for assessing, migrating and deploying windows server and client operating systems End-to-end deployment automation support Assess migration readiness for Windows Server 2008, Vista and Office 2007 Built in reports for minimum and recommended settings Enable dynamic deployment of drivers at runtime Utilize Windows PnP detection Unknown computer support for bare metal deployments Multicast and Unknown Computer Support now available The Task Sequencer Core OS deployment mechanism Sequence of steps to execute Steps prior to deploying new OS Steps in Windows PE to deploy new OS Steps after the new OS is deployed Completely hands-off for full automation of the process Two kinds of actions Built-in actions provided within product Custom actions command line driven, Vbscript, Batch etc. Task Sequence can do other actions: Capture images Deploy Application chains Administer complex activities More (unlimited) Driver Catalog Catalog of Configuration Manager – managed device drivers “Drivers” node Import drivers into this node Set properties on drivers (metadata) Assign drivers to Driver Packages “Driver Packages” node Configuration Manager packages that are copied to DPs Typically group-related drivers into one package Windows Deployment with System Center Resources www.microsoft.com/teched www.microsoft.com/learning Sessions On-Demand & Community Microsoft Certification & Training Resources http://microsoft.com/technet http://microsoft.com/msdn Resources for IT Professionals Resources for Developers www.microsoft.com/learning Microsoft Certification and Training Resources Track Resources Key Microsoft Sites System Center on Microsoft.com: http://www.microsoft.com/systemcenter System Center on TechNet: http://technet.microsoft.com/systemcenter/ Virtualization on Microsoft.com: http://www.microsoft.com/virtualization Community Resources System Center Team Blog: http://blogs.technet.com/systemcenter System Center Central: http://www.systemcentercentral.com System Center Community: http://www.myITforum.com System Center on TechNet Edge: http://edge.technet.com/systemcenter System Center on Twitter: http://twitter.com/system_center Virtualization Feed: http://www.virtualizationfeed.com System Center Influencers Program: Content, connections, and resources for influencers in the System Center Community. For information, contact [email protected] Practical Guidance (1 of 7) If you are struggling with a chaotic desktop environment… Triage = “find the life-threatening wounds” Service desk costs/call patterns are key indicators IT labor allocations can also be a key indicator Also pay attention to OS diversity, app portfolio Blocking and tackling: see the IO best practices Pick a pain point Programmatically resolve it Use the recovered labor to attack the next pain point Do NOT shift chaos to the datacenter! “If you can’t manage a physical machine…” Practical Guidance (1 of 7, cont.) If you are struggling with a chaotic desktop environment… How to prioritize Consider endpoint cost: How much labor is spent on desktop deployment/operation/mgmt/support? Consider endpoint complexity: How many unique configurations are there? Do there need to be that many? Consider endpoint risk: How much data gets lost if the machine is lost or damaged? Consider endpoint compliance: How well does the configuration support your service-level obligations? Consider endpoint agility: e.g., Will the endpoint work in a disconnected state? Does it need to? Practical Guidance (1 of 7, cont.) If you are struggling with a chaotic desktop environment… One possible (but proven) approach Integrate/automate user provisioning and dir/auth processes Use recovered labor to integrate/automate patch management Use recovered labor to rationalize application portfolio Use recovered labor to automate application delivery Leverage APP-V or TS/RDS for problematic apps Provide self-service options to users, if feasible Use recovered labor to rationalize image management Leverage image-consolidation to drive lifecycle analysis, “managed diversity” Use recovered labor to detach data from local hard-drives Practical Guidance (2 of 7) If you are struggling with constrained IT staff/budget… Dominant variable in TCO is “IT labor costs” Manual processes are expensive Complexity is expensive, BUT Goal is not to eliminate complexity; goal is to manage it effectively Blocking and tackling: see the IO best practices, PLUS Focus on simplifying application delivery Use service-desk data to identify labor-intensive incident patterns Create automated and/or self-service solutions wherever possible Identify opportunities to remove obstacles to future progress E.g., start abstracting data and applications from discrete devices Practical Guidance (3 of 7) If you are struggling with application delivery… Inventory and rationalize the app portfolio Identify and eliminate unneeded apps Identify and collapse multiple versions of apps (e.g., Adobe) Identify “core applications” Thick image vs. thin image + discrete installs For anomalous or edge-case apps, virtualize where possible Self-service by policy, and/or stream [supported version] on demand Address problematic apps through APP-V, MEDV and/or TS/RDS Integrate and automate application delivery w/config mgmt Move towards desired configuration management and compliance Practical Guidance (4 of 7) If you are struggling with OS deployment… All of the above, plus Pay attention to SCCM-2007 R2 and/or SCO-DM Hardware assessment capabilities Application inventory capabilities Compatibility-check capabilities Designed to deploy Windows clients In addition, strongly consider early adoption of Windows-7 Designed to mitigate complexities of past deployments Integrates with and extends MDOP/Virtualization capabilities “The power is in the integration” Practical Guidance (5 of 7) If you are struggling with aging hardware… Desktop lifecycle research “Sweet spot” at about 42 months Aging hardware is usually a symptom of other problems (see above) Focus on reducing “tight coupling” with hardware Move data off local hard drives Abstract apps using virtualization and/or TS/RDS Reduce number and complexity of configurations The above will enable “Cascading” older hardware as part of overall lifecycle strategy Lowered barriers to hardware and/or OS refresh Practical Guidance (6 of 7) If you are struggling with supporting diverse user segments… Recognize it is about “agility”, not “reducing cost” Identify differentiating attributes of user segments Mobility requirements Offline operations Application targeting (allow/disallow) Risks to network, data and operations Corporate vs. non-corporate users and devices Leverage OS and MDOP capabilities to deliver Targeted solutions tailored to specific segments WITH appropriate management processes and risk-mitigation in place Practical Guidance (7 of 7) If you are struggling with increasing demand for IT services… Focus on alignment with business priorities Survive vs. conquer? (e.g., M&A) Business agility rather than TCO is driving deployment of desktop virtualization Strongly consider early adoption of SCCM R2 and Windows 7 Many capabilities designed to accelerate delivery of solutions “Virtualization creates flexibility” Leverage that flexibility to deliver the right capabilities to the right areas of the business, with reduced cycle time and higher quality © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.