C D H

C D H Best of Microsoft Management Summit 2012

May 2012

C D H Quick Facts

About Us• 22nd Year• Grand Rapids &

Royal Oak• 30 Staff

Approach• Vendor

Independent• Non-reseller• Professional

Services Only

Partnerships• Microsoft Gold• VMware Enterprise• Citrix Silver• Cisco Registered• Novell Gold

C D H Expertise

C D H Get Social with C/D/H

C/D/H Talks Tech C/D/H Tweets Tech

C D H Meet your Presenter

Erik Gilreath• Consultant with C/D/H • Currently focusing on System

Center, infrastructure and virtualization

• Been with C/D/H since 1999MCSE, MCITP, CNE, CCNA, CCDA, CCA, CCEA, GCWN

ErikG@cdh.com

C D HMicrosoft Management Summit

2012

• 10th Anniversary• Held at the Venetian Hotel in Las

Vegas, NV• Focus on System Center Products• 4500+ Attendees

C D HThe Evolution of Datacenter

Computing

C D H Cloud Attributes

C D H Private Cloud vs. Public Cloud

C D H Cloud Drivers

C D H Common Management Toolset

Predictable Private and Public

Flexible

PRODUCTIVE INFRASTRUCTURE

C D H System Center Product Line

C D H System Center Product Line

• Eat - Endpoint Protection• A - Application Controller• V - Virtual Machine Manager• O - Orchestrator • C - Configuration Manager• A - Advisor• D - Data Protection Manager• O - Operations Manager• S - Service Manager

C D H SCCM 2007 vs. SCCM 2012

Configuration Manager 2007 Configuration Manager 2012Optimized for Systems Management scenarios

• Still committed and focused on System Management scenarios

• Challenging to manage users:• Forced to translate a user to a device• Explicit: run a specific program on a

specific device

• Embrace User Centric scenarios:• Moving to a state based design, for

apps, deployments, content on DPs.• Full application lifecycle model. Install,

Revision Mgt, Supercedence and Uninstall

• Software Distribution is a glorified script execution

• Understand and intelligently target the relationships between user systems

• Management solution tailored for applications

C D HEmbracing User Centric: Administrator Promises

• Let the administrator think user first– Deploy applications to users– Manage users beyond the desktop

• ConfigMgr maintains relationship between users and systems to solve core user targeting– Set conditions to control installations – Schedule ‘pre-deploy’ to users’ primary devices for WoL,

off-hrs, workgroup, etc.• ConfigMgr will remember the relationship

between the user and his/her applications• Application model captures ‘administrative intent’

C D H Application Model

Deployment Type

Requirement Rules

Dependencies

Detection Method

End User Metadata

Supercedence

Install Command

The “friendly” information for your users

Keep your apps organized and managed

Workhorse for application

Can/cannot install app

Remove previous versions`

Is app installed?

Command line and options

Apps that must be present

App-V

Windows Script

Windows Installer (MSI)

Mobile (CAB)

Administrator PropertiesGeneral information about the application

C D HUser Centric: Device

Management

C D H User Centric: Software Catalog

C D HUser Centric: On Demand

Installation

1• User clicks “install” on Catalog item

2• Web site checks user’s permissions to

install

3• Web site requests Client ID from

ConfigMgr client agent and passes it to Site server

4• Server creates policy for the specified

client and app and passes it to client

5• Client agent evaluates requirements from

the policy and initiates installation

6• Client agent completes installation process

and reports status

Agent

Web Site

User

Site ServerProcess Flow

C D HUser Centric: End User

Preferences

C D H Collection Enhancements

C D H Client Activity and Health

• Product integrated health and remediation solution

• Server side metrics for evaluating client activity:– Policy requests– Hardware and software inventory– Heartbeat DDRs– Status messages

• Client side monitoring/remediation for: – Dependent Windows components and services– Client prerequisites– WMI repository and namespace evaluation– In console and Web reporting

• ‘In-console’ alerts when healthy/unhealthy ratio drops below configurable threshold

C D H Settings Management

• Unified settings management across servers, desktops and mobile devices

• ConfigMgr 2007 reports configuration drift – ConfigMgr 2012 can “set” for Registry, WMI and Script-Based

• Improved functionality: – Copy settings– Define compliance SLAs for Baselines to trigger console

alerts– Richer reporting to include troubleshooting, conflict,

remediation information• Enhanced versioning and audit tracking

– Ability to specify specific versions to be used in baselines

– Audit tracking includes who changed what

C D H Settings Management

C D H Remote Control

IS BACK!

C D H

Unified Infrastructure

Reduce the cost of maintaining secure

endpoints with unified management and

security infrastructure

Simplified Administration

Single administrator experience for simplified endpoint protection and

management

Enhanced Protection

Protect against known and unknown threats with endpoint inspection at

behavior, application, and network levels

System Center 2012 Endpoint Protection

C D HSimplified Deployment of

Anti-Malware Policies Centralized management for AM

and Firewall Policy

AM and FW policy delivered as ConfigMgr policy – no package/program dependency

Out of box templates

Import, Export, Merge

Prioritization of policies by collection

Simplified UI for customizing policy

C D H

C D H

System Center Configuration Manager

C D H

Online Snapshots

Disk-Based Recovery

Active Directory

Tape-Based Backup

Data Protection Manager

Up to Every 15 minutes

Disaster Recoverywith offsite replication and tape

Data Protection Manager

DPM: Continuous Backup and Protection for Microsoft Workloads

C D HDPM Highlights: Hyper-V

Protection

• Incremental Backups Only – full only once • No More Backup Window – online

backups• Application consistency via VSS• Protect Live Migration VMs in CSV

clusters• Protect whole VM, recover individual items• Auto Protection of new VMs

C D HDPM Highlights: SharePoint

Protection

• Entire farm protection by a single check box– Leverages SharePoint VSS writer– Works across multiple severs in the farm to backup

• Backup Resiliency– Single failures will not fail all of the farm protection

• SharePoint Item Level Recovery (ILR) is supported– Similar workflows for all recovery operations –

item/DB/farm

C D H

• DPM supports stand alone, MSCS clusters, CCR, LCR, SCR and DAG– Protection continues after planned failover– Eseutil runs on DPM – lower load on Exchange, faster

completion

• Recoveries Supported– SG level– DB level – Mailbox level (Recovery Storage Group)

DPM Highlights: Exchange Protection

C D H DPM Highlights: SQL Protection

• Backup– DPM supports express full and incremental backups

– Logs are truncated as part of the incremental backups• DPM detects log shipping configuration and only performs

express full backups (no incremental backups supported)• Recovery

– Zero Data loss recovery• Rolling forward logs on the SQL server if log volume intact

– Any Point-In-Time (PIT) Recovery• Backups at 9:00 and 9:15; Recover to PIT 9:12

– Types: Original location ; Rename and restore ; Alternate location

C D H What’s New in DPM 2012

• Centralized Management• Infrastructure Enhancements

– Certificate Based Authentication– Smarter Media Co-location– Partner with SAN based De-dupe Vendors

• DPM – NetApp SAN appliance whitepaper ready to be published

• Workload Enhancements– SharePoint Optimized Item-Level Restore– Hyper-V ILR with DPM running in a VM– Generic Data Source Protection

C D H

Reduce Management Costs:

Centrally Monitor and Manage

• Centralized monitoring

• Remote Administration

• Role Based Management

Work on important issues

• SLA Based Alerting : Alert only when SLA violated

• Consolidated Alerts ensure one ticket per root cause issue

• Alert Categorization (Ex: infra alerts versus backup failure

alerts)

Reduce time for resolving issues

• Remote Recovery

• Remote Corrective actions

• Scoped Troubleshooting

• Push to Resume Backups

A single console for the datacenter that reduces management costs and can fit into the existing environment

Single Console for the Datacenter

• Up to 100 DPM Servers or 50,000 protected data sources

• Manage DPM 2010 and DPM 2012 using single console

Fits into my Environment

• Integration into existing ticketing systems, workflows and

team structures.

• Enterprise scale, Fault tolerance & Reliability.

• ** Requires Operations Manager 2012

Ticketing System

Centralized Management

C D H Role Based Access

C D HRecovering Data Using

DPM 2010

Search for DPM Server backing up the DB

STEP 1

Daily PS Script Generates database to DPM Server mapping

STEP 2

DPM Server

STEP 3

5 minutes to start recovery• Excel sheet not up to date• No Free RDP Session• 1+ hour to start recovery

C D HRecovering Data Using

DPM 2012

Time to Start Recovery – 15 seconds• Central Repository created and

! – DPM Remote Console eliminates need to RDP into servers

• DPM seamlessly to the DPM console

– Available for most common actions, like adding/removing items to protection, etc.

– Allows a user to be designated as a recovery operator thereby allowing only recoveries

C D H

MOM 2005

OpsMgr 2007

OpsMgr 2007 R2

MOM 2005 RTM

MOM 2005 SP1

OpsMgr 2007 RTM

OpsMgr 2007 SP1

OpsMgr 2007R2

SC 2012 OpsMgr

System Center 2012 Operations Manager

MOM 2005WorkloadDiscoveryState Monitoring

OpsMgr 2007RevolutionaryreleaseService modelingHealth modeling

OpsMgr 2007 R2HeterogeneoussupportSLA monitoring

SC 2012 OpsMgr360o monitoring• Network• App Insight• DashboardsReduced TCO

System Center Operations Manager: History

C D HOM 2012: Preserving Existing

InvestmentsWhat OM delivers• Best in class Server, OS and Workload

monitoring• Audit Collection Services (ACS)• Agentless Exception Monitoring (AEM)• Distributed Application Designer (DAD)• Reporting & Data Warehouse• Synthetic Transactions & Templates• Gateway Servers• PowerShell• Service Level Tracking (SLA/SLO)• Active Directory Integration• Notifications & Subscriptions• Existing Management Packs

C D H Topology Simplification

What OM delivers• RMS Removal and federation

of configuration service• Add or remove management

servers easily with resource pools

• RMS emulator role to ensure backwards compatibility

• Full support for the Operations Manager 2007 MPs

C D H

Operational Database Data Warehouse

X

Challenges Addressed: Out of the box HA Easy to scale out

Topology Simplification

C D H Server Pools

Operational Database Data Warehouse

XManaged by PoolManaged by a single MS

C D H Network Device Monitoring

What OM delivers• Out of the box discovery,

monitoring, and reporting• Memory utilization, processor

utilization, port traffic volume, port error analysis & port packet analysis

• Server to network dependency discovery

• Support large number of device vendors

C D H Unix and Linux Support

What OM delivers• Support for SSH keys and

sudo elevation• Workflows are targeted to a

management pool• Support for RHEL 6.0 and

AIX 7.1• New shell command

collection rule

C D H Application Monitoring

What OM delivers• Availability monitoring using rich

synthetic transactions• Performance & reliability

monitoring of the application through the .NET framework

• Rich diagnostics to pinpoint the root cause of application failures

• No new agents to deploy. No management packs to author

• Rich dashboard visualizations that can be viewed in the Web or SharePoint

• Integration with TFS to reduce mean time to fix

C D H Monitoring Visualization

What OM delivers• New IT Pro dashboard

creation using Widgets• Management Group health

dashboard for agent and infrastructure health

• SharePoint and Visio integration

• Created using a dashboard template option

C D H

C D H

System Center Operations Manager

C D H

Flexibility with delegation and control

Applications self-service across clouds

Physical, virtual, and cloud management

PREDICTABLE APPLICATIONSPRODUCTIVE INFRASTRUCTURE YOUR CLOUD

Deliver flexible and cost-effective infrastructure with what you

already know and own.

Heterogeneous support

Process automation

Self-service infrastructure

Applications power your business.Deliver predictable application service

levels with deep application insight.

Private and public cloud computing on your terms managed with

a common toolset.

Deep application monitoring and diagnosis

Comprehensive application manageability

Service-centric approach

Heterogeneous support

Process automation

Self-service infrastructure

Deep application monitoring and diagnosis

Comprehensive application manageability

Service-centric approach

Flexibility with delegation and control

Applications self-service across clouds

Physical, virtual, and cloud management

System Center 2012 Cloud and Datacenter Management

C D H

Self-Service

Service Delivery and Automation

Delivering IT as a Service

DeployDeploy

ConfigureConfigure

Service Model

DC Admin

OperateOperate

MonitorMonitor

Virtual Machine Manager

Operations Manager

App Controller

Service Manager Service Manager

Orchestrator

Configuration Manager

Data Protection Manager

AppOwner

Application Management Service Delivery and Automation Infrastructure Management

C D HDelivering IT Services

Consistently

StandardizationService

ConsumerServiceProvider

Self-Service

Automation

Processes

Systems

C D H

1

INVOKE

MONITOR

CREATE

Import deploy VMrunbook and data

Build ‘New VM’request offering

Publish ‘New VM’ to Service Catalog

Create a ‘New VM’ request

Invokedeploy VM runbook

Monitor for new VM created and deployed

Automated Request Fulfillment in Six Steps

2 3

4

5

6

C D H

STANDARDIZATION SELF-SERVICE AUTOMATION

Give consumers of IT services the ability to identify, access, and

request services as needed.

Controlled empowerment.

Request offerings displayed based on user role.

Intuitive, easy-to-navigate portal.

Automate the service processes and systems necessary to the

fulfillment of consumer requests.

Automate routing of requests for approval and notification.

Automate provisioning of the service request.

Standardize the services provided by IT to consumers.

Define the services to be offered.

Define the request offerings that will be contained within a service offering.

Identify who needs to be involved (approvals, notifications, fulfillment).

Configure and Deploy –Service Delivery and Automation

C D H

ProcessesProcessesRequest TemplateRequest Template

Standardize Offerings

RUNBOOKS AND CI DATA SERVICE AND REQUEST OFFERINGS AUTOMATION

Define the services that IT will deliver to its consumers.Specify requests available for each service and what information will be required to fulfill each request.

Define the supporting organizational activities needed to deliver on the request and ensure traceability and compliance.

Request to extend VM

Destroy VMs

Request new VM

Cost and SLA information

Knowledge articles

Input values

Assignment

Notification

Approval

PUBLISHED TO THE SERVICE CATALOG Systems automation

Out-of-the-box integration across System Center stack to link process automation and systems automation to standardize delivery.

C D HSelf Service Through Service

CatalogCONTROLLED EMPOWERMENT ROLE-BASED SIMPLIFIED PORTAL

Translate business language into IT language. Requests are defined to capture information required to fulfill the specific request manually or via automation.

Offerings are delivered based on user’s role in the organization.

Service catalog designed for easy navigation.

C D H Controlled Empowerment

• Provider-published and user-initiated

• Expresses IT requests in business language

• Consistent delivery of service each time, every time

• Enables consumer to choose what level of service and cost they want

C D H Service Offering

• Work item used to identify and classify standard IT services

• Contains one or more request offerings

• Consistent delivery of service-related details including:– Knowledge articles

– Service-level agreement information

– Cost and chargeback-related information

C D H

Easy-to-Use Portal• Silverlight web parts hosted in

SharePoint Foundation 2010 or higher

• Customizable out-of-box web parts using SharePoint admin tools

• Extensible via custom web parts

Portal Features• Customizable, dynamic Forms

Simplified Portal

C D H Role-Based

• User sees offerings based on their role

• Dynamic: User role mapped to a Service Manager group within Active Directory

• Provide access at the service offering level or at the individual-request offering level

Private Cloud Offerings

Enterprise LOB App Offerings

VDI Offerings

Development Offerings

C D H

Service ManagerData WarehouseOrchestrator

Service Manager

Virtual Machine Manager

Operations Manager

Configuration Manager

Active Directory

Notifications via Exchange

LOB

Third Party Management Tools

Inbound to System CenterBi-directional from OrchestratorBi-directional for notifications/reportingBi-directional run book integration

Configuration items and automation data populated into CMDBAutomation commands issued to System Center, third-party tools, and line-of-business applicationsInbound and outbound notifications and reportingBi-directional connector for automation activities and executing automation workflows

Automation Integration

C D H

Configuration Manager Operations Manager Active Directory Virtual Machine Manager

Hardware inventory, software inventory, software updates

Primary computer owner based on asset-intelligence data

Operations Manager discovered objects

Distributed applications (Service Manager Business Service based on deployed application from VMM service template)

Active Directory data for user, user groups, printers, computers

User contact information, organization, notification addresses

Virtual Machines and Virtual Machine Template configuration items

Service Manager connectors facilitate System Center and Exchange connectivity for CI data and notifications.Orchestrator integration packs facilitate automating activities across System Center, LOB, and third-party management tools.

Connector Framework Integration

C D H Automation Concepts

Activities

Intelligent tasks that perform defined actions

Runbooks

System-level workflows that execute a series of linked activities

Databus

Used to publish and consume information as a runbook executes

Standard Activities

A rich set of out-of-box activities

Invoke Web Services

Compare Values

Send e-mail

Query Database

Run .NetScript

Get Server ID from DPM

Get Data Sources

Create Recovery Point

Create Incident

Create Checkpoint

Start Maint Mode

Shut Down VM

E-mail on error

Update on success

Return Data Check Schedule

C D HBuilding Automation – Runbook

Designer

• Easy authoring and debugging – Drag and drop, Visio-like

authoring, nested runbooks, built-in features like looping and branching.

• Databus– Abstracts developer-level

complexity from the runbook author and enables hub-and-spoke integration model

• 20+ integration packs (IPs) for System Center, Microsoft, and third party management tools

C D HBuilding Automation – Runbook

Designer• Standard activities to support

delivery of private cloud offerings– Run system commands– Perform schedule-based

activities– Monitor processes or system-

level alerts– Manage file interactions such

as copying and moving files

– Send e-mail notifications– Support other notification types– Search for or modify data

within a workflow– Manipulate text files– Manage workflows

C D HBuilding Automation – Build Your

Own

• Build and distribute your own integrations• Use the Orchestrator Integration

Toolkit (OIT) command-line interface (CLI) – Wizard-based GUI – Wraps command, program, SSH, and

PowerShell executions into activities• Or take advantage of the OIT software

development kit– No wizard, no GUI– Use .NET or Java IDEs to compile DLL

or JAR resource files

C D H

• External interface to System Center• Standards-based

– RESTful web interface– Uses OData (Open Data Protocol)

• Take advantage of existing investments in PowerShell, .NET scripting, and third-party APIs, and build them into Orchestrator runbooks

Building Automation – Build Your Own

C D HBuilding Automation – Build Your

Own• Microsoft Runbook Integration Packs

– System Center 2007• Operations Manager• Configuration Manager

– System Center 2008 VMM– System Center 2010

• Service Manager• Data Protection Manager

– System Center 2012 Operations Manager– System Center 2012 Configuration

Manager– System Center 2012 Service Manager– System Center 2012 VMM– System Center 2012 DPM– Active Directory

C D HAutomated Datacenter and

Private Cloud

Service Catalog

Service Desk

Asset/CMDB

Configuration

Hypervisor

Security

Storage

Server

Network

Self S

ervice Request Fulfillm

ent

Configure &

Deploy A

pplications

Configure &

Deploy Fabric S

ervices

Configure &

Deploy Infrastructure

Create Service Request

Approvals

Create CIs in CMDB

VMM Admin Assigned

Admin Creates Capacity

Select Hypervisor

Overlay Security

Assign Storage

Identify Host for VMs

Assign Switch and Adapters

CMDB Updated

Set Permissio

ns

Requestor Notified

Service Request Updated/Closed

C D H

SERVICE MANAGER ORCHESTRATOR SELF-SERVICE PORTAL E-MAIL NOTIFICATIONS

View status in work item formsEasily link over to Orchestrator console to view detailed statusRetry failed runbooks

Detailed status down to activity level

Historical view of runbook execution

Input, output, and runtime variable data

Summarized view of status for consumer

Notify about progress, failure, or successful completion

Rich HTML formatted emails with context data inserted

Monitoring Progress

C D H

• Moved from 100+ SKUs to 2 SKUs

System Center 2012 Licensing

System Center 2012 Standard

System Center 2012 Datacenter

C D H MCSE Reinvented for the Cloud

C D H

Royal Oak306 S. Washington Ave.Suite 212Royal Oak, MI 48067(248) 546-1800

Thank You

Grand Rapids15 Ionia SWSuite 270Grand Rapids, MI 49503(616) 776-1600

(c) C/D/H 2007. All rights reservedwww.cdh.com