Date post: | 13-Dec-2015 |
Category: |
Documents |
Upload: | joseph-benson |
View: | 215 times |
Download: | 0 times |
Business Desktop Deployment (BDD) Overview
Fritz Ohman
Alphageekwww.linkpad.co.uk
Welcome to this TechNet Event
FREE bi-weekly technical newsletter
FREE regular technical events hosted across the UK
FREE weekly UK & US led technical webcasts
FREE comprehensive technical web site
Monthly CD / DVD subscription with the latest technical tools & resources
FREE quarterly technical magazine
We would like to bring your attention to the key elements of the TechNet programme; the central information and community resource for IT professionals in the UK:
To subscribe to the newsletter or just to find out more, please visit www.microsoft.com/uk/technet or speak to a Microsoft representative during the break
Why you are here
You have computers to deploy
You think automation is a good thing
You want to spend less time ’fighting fires’ and more on getting the most from your IT budget
So if you want a car like this ...
... You had better do this!
Manual Deployment £250 - £500 per PC £250 - £500 per PC
USMT, Application Compatibility USMT, Application Compatibility Toolkit, Windows PE, RIS, PQDI, Toolkit, Windows PE, RIS, PQDI, GhostGhost
Light Touch Deployment~ £200 per PC~ £200 per PC
Deployment automation with Zero Deployment automation with Zero Touch (SMS, MOM) Touch (SMS, MOM)
Zero Touch Based DeploymentLess than £50< per PC (goal)
Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Calculator Calculator
Agenda
Solution Accelerators and the BDD
Deployment Blockers
BDD solutions
Cost effectiveness
Solution Accelerator for BDD
V1 Updated to Standard Edition
Introduction to the BDD
BDD 2.0 Enterprise is a Solution Accelerator
A Solution Accelerator is about tools and free guidance
Targeted at defined customer scenarios a.k.a., pain points
Covers the entire lifecycle - Evaluating, planning, building, deploying, and operating
Solution Accelerators leverage the combined experience of partners, customers and Microsoft Consulting Services
Engineered, real-life tested, and validated
Supported by Microsoft PSS!
Microsoft wants you to use their products, and Microsoft wants you to implement them correctly so that you get maximum return on your investment
It is a true win-win scenario
Sample Solution Accelerators
Domain Server Consolidation & Migration
File & Print Consolidation & Migration
Patch Management Using SMS 2003
Windows Server Deployment
Application Installation Using SMS
Service Monitoring and Control Using MOM
Business Desktop Deployment (BDD)
Plus many more in Security, Unix, SMB…
Finding Solution Accelerators
http://www.microsoft.com/desktopdeployment
Solution Accelerators for BDD
BDD Enterprise Edition
BDD Standard Edition
25 500 2000 ∞
Number of PCs in an organization
Two Versions: Standard Edition and Enterprise Edition
BDD Standard Edition for 25 or more unmanaged workstations
– Few infrastructure requirements
– Based on light tools, scripts, and commercially available imaging software
– Lite Touch installs and takes only a few moments per PC
BDD Enterprise Edition for 250 or more managed workstations
– Leverages SMS 2003 SP1, Active Directory,BizTalk Server 2004
– Zero Touch installs and provisions
– SMS 2003 OS Deployment Feature Pack includes Windows Imaging (WIM)
Perceived Deployment Blockers
Application compatibility issues are too difficult to overcome
Image management is too costly with our current hardware complexity
How can I reduce the cost of deployment if I have to send technicians to every single desktop?
Will our infrastructure be able to handle automated deployments?
Does desktop standardization really improve security levels?
Is it worth the investment in additional IT and best practices training?
Solution Accelerator for BDD
Perceived Deployment Blockers
Application compatibility issues are too difficult to overcome
Image management is too costly with our current hardware complexity
How can I reduce the cost of deployment if I have to send technicians to every single desktop?
Will our infrastructure be able to handle automated deployments?
Does desktop standardization really improve security levels?
Is it worth the investment in additional IT and best practices training?
Image Mania
Source: WiPro/Intel/Microsoft PC Diversity 2004
Perceived Deployment Blockers
Application compatibility issues are too difficult to overcome
Image management is too costly with our current hardware complexity
How can I reduce the cost of deployment if I have to send technicians to every single desktop?
Will our infrastructure be able to handle automated deployments?
Does desktop standardization really improve security levels?
Is it worth the investment in additional IT and best practices training?
ReduceReduce LowerLower
EnableEnableDeliverDeliver
Reducing Deployment Cost and Complexity
Zero Touch Based DeploymentZero Touch Based DeploymentLess than $100 per PC (estimate**)Less than $100 per PC (estimate**)
SMS, Application SMS, Application Compatibility ToolkitCompatibility Toolkit
Light Touch DeploymentLight Touch Deployment~ $355 per PC*~ $355 per PC*
Deployment Deployment automation with automation with Zero TouchZero Touch
Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Calculator Calculator
Perceived Deployment Blockers
Application compatibility issues are too difficult to overcome
Image management is too costly with our current hardware complexity
How can I reduce the cost of deployment if I have to send technicians to every single desktop?
Will our infrastructure be able to handle automated deployments?
Does desktop standardization really improve security levels?
Is it worth the investment in additional IT and best practices training?
Solution Accelerator for BDD
Perceived Deployment Blockers
Application compatibility issues are too difficult to overcome
Image management is too costly with our current hardware complexity
How can I reduce the cost of deployment if I have to send technicians to every single desktop?
Will our infrastructure be able to handle automated deployments?
Does desktop standardization really improve security levels?
Is it worth the investment in additional IT and best practices training?
Windows XP Service Pack 2
Advanced Security TechnologiesAdvanced Security Technologies
Windows XP Service Pack 2
Most attacks Most attacks occur hereoccur here
SituationWhen do exploits occur?
ProducProduct t
shippeshippedd
VulnerabilityVulnerabilitydiscovereddiscovered
Fix Fix Made Made
AvailablAvailablee
Fix deployedFix deployedby customerby customer
Exploit TimelineProcess, Tools Critical
ProducProduct t
shippeshippedd
VulnerabilityVulnerabilitydiscovereddiscovered
Fix Fix Made Made
AvailablAvailablee
Fix deployedFix deployedby customerby customerDays between Fix and Exploit have
decreased so that patching can’t be the only defense in large organizations
Exploit
151151180180
331331
BlasterBlasterWelchia/ Welchia/ NachiNachi
NimdaNimda
2525
SQL SQL SlammerSlammer
1414
SasserSasser
How SP2 Would Have Helped
MSBlaster worm
– Windows Firewall, by default, blocks the ports required to exploit this vulnerability
– By denying unauthenticated requests to DCOM, this exploit would have been mitigated
– The /GS Switch and/or NX would have prevented this exploit by preventing the unchecked buffer from being exploited
W32.Sasser.worm
– Windows Firewall, by default, blocks the ports required to exploit this vulnerability
– The /GS Switch and/or NX would have prevented this exploit by preventing the unchecked buffer from being exploited
Mydoom and W32/Nimda.A@mm
– Attachment Manager would have blocked Mydoom had an infected e-mail been opened in Outlook Express
Various spoofing and phishing attacks on the Internet
– The new IE Popup Blocker and new limitations on script-initiated windows would have eliminated many of these attacks
Perceived Deployment Blockers
Application compatibility issues are too difficult to overcome
Image management is too costly with our current hardware complexity
How can I reduce the cost of deployment if I have to send technicians to every single desktop?
Will our infrastructure be able to handle automated deployments?
Does desktop standardization really improve security levels?
Is it worth the investment in additional IT and best practices training?
ReduceReduce LowerLower
EnableEnableDeliverDeliver
Windows XP UpgradeWindows XP Upgrade
Active Directory,Active Directory,Group Policies, SMSGroup Policies, SMS
Managed Windows XP EnvironmentManaged Windows XP Environment$1367 annual TCO per PC$1367 annual TCO per PC
Unmanaged Windows 9xUnmanaged Windows 9x$2164 annual TCO per PC$2164 annual TCO per PC
Unmanaged Windows XP Unmanaged Windows XP EnvironmentEnvironment $1788 annual TCO per PC$1788 annual TCO per PC
Source: Comparing Managed and Unmanaged Client Environments, IDC, Source: Comparing Managed and Unmanaged Client Environments, IDC, February 2004, Annual cost based on 5 year IDC TCO studyFebruary 2004, Annual cost based on 5 year IDC TCO study
Lower Total Cost of Ownership
Short Term Payback, Long Term Benefits
TCO Analysis Overview Per Desktop WXP WXP+AD WXP+SMS WXP+AD+SMSDirect Costs (budgeted)
Hardware and software $1,367.81 $1,352.15 $1,329.46 $1,314.38 Operations $609.11 $522.39 $545.78 $473.74 Administration $373.63 $369.08 $368.61 $364.30
Total Direct Costs $2,350.55 $2,243.62 $2,243.85 $2,152.43
Indirect Costs (unbudgeted)
End user operations $2,359.08 $1,719.33 $2,063.10 $1,461.57 Downtime $118.55 $73.21 $97.48 $56.19
Total Indirect Costs
Annual Total Cost of Ownership (TCO) $4,828.18 $4,036.16 $4,404.43 $3,670.19
AD Direct Cost Savings $107SMS Direct Cost Savings $107AD and SMS Combined Direct Cost Savings $198 some AD and SMS benefits overlap
Perceived Deployment Blockers
Application compatibility issues are too difficult to overcome
Image management is too costly with our current hardware complexity
How can I reduce the cost of deployment if I have to send technicians to every single desktop?
Will our infrastructure be able to handle automated deployments?
Does desktop standardization really improve security levels?
Is it worth the investment in additional IT and best practices training?
BDD is designed to counter your deployment blockers and enable you to move forward
ReduceReduce LowerLower
EnableEnableDeliverDeliver
Enable Agile IT Infrastructure
Enable Agile IT Infrastructure
Agile IT? Huh? Once more, without jargon:
We would like you to better use what you already have
BDD helps you tap the full potential of Windows-based networks
BDD puts you in a great position to quickly take advantage of upgraded versions
Best Practice Deployment
Why Use Best Practices?
Traditional Deployment
$$
$$
Why use BDD?
Lower deployment costs– Overall, organizations that used the Microsoft Solution Accelerator for Business Desktop
Deployment realized benefits throughout the deployment process and experienced an average 22% reduction in annual deployment costs.
Faster rollouts – Organizations were able to reduce the time of delivery of desktop migration projects by reducing
the time needed to complete inventory, compatibility testing, and imaging tasks.
More efficient planning– By using accelerator planning resources, organizations provided more detailed and thorough
desktop strategies and developed comprehensive migration plans more quickly with less effort.
Improved IT staff and user productivity– Organizations across the survey significantly reduced deployment-related, end-user downtime. By
minimizing downtime and improving the desktop migration experience, surveyed organizations also significantly improved user productivity and reduced the disruption caused by deployments in large-scale desktop environments.
Source WiPro Jan 2005
Solution Accelerators for BDD
BDD Enterprise Edition
BDD Standard Edition
25 500 2000 ∞
Number of PCs in an organization
Two Versions: Standard Edition and Enterprise Edition
BDD Standard Edition for 25 or more unmanaged workstations
– Few infrastructure requirements
– Based on light tools, scripts, and commercially available imaging software
– Lite Touch installs and takes only a few moments per PC
BDD Enterprise Edition for 250 or more managed workstations
– Leverages SMS 2003 SP1, Active Directory,BizTalk Server 2004
– Zero Touch installs and provisions
– SMS 2003 OS Deployment Feature Pack includes Windows Imaging (WIM)
BDD Enterprise vs BDD StandardThe differences explained
BDD V2 – Two Versions
“Standard” and “Enterprise”
Zero Touch Provisioning (ZTP)
Zero Touch Installation(ZTI)
Light Touch Wipe & Load
Common Tools & Guidance
BDD BDD StandardStandard
BDD BDD EnterpriseEnterprise
It’s not a numbers decision
Infrastructure dependant
Active Directory
SMS/OSD
Zero Touch, BizTalk, SQL, Active Directory
BDDe can be used in small to medium sized organizations
Provisioning
- Identities
- Security
- Desktops
- Software
- Terminal Server sessions
- Smartcards
- Web sites
- Email features
- Server software features
- Shares
- Storage
- Voicemail
- PDA
- Cell Phone
- VOIP
- Integrate with B2E, B2B
Method of creating, constructing, deploying, and managing any service, software, or device, whether dependant on human interaction or system automation
Provisioning Defined
BDD Tools And ApplicationsStandard Edition and Enterprise Edition Comparison
Business Desktop Deployment Standard Edition Enterprise Edition
Customer ScenariosLight Touch Wipe & Load
Zero Touch Install
Zero Touch Provisioning
Tools UsedApplication Compatibility Toolkit 3.0
Virtual PC & Virtual Server
Windows Pre-Installation Environment (WinPE 1.5)
User State Migration Tool 2.6
Remote Installation Server (RIS) for Windows Server 2003
Symantec DeployCenter Library
Symantec Ghost Corporate Edition
Access 2003 Conversion Toolkit
SMS 2003 SP1
SMS OS Deployment Feature Pack
BizTalk Server 2004 (ZTP)
Microsoft Operations Manager 2005
Applications and OSWindows XP Service Pack 2
Office 2003 Service Pack 1
Zero Touch OS Refreshes
Zero Touch SW Refreshes
Zero Touch App Additions
Standardized Procedure
Fewer Images
Less Costly Re-imaging
More Productive Resources
Accelerated Deployments(reduced people cost)
Fewer Post-Deployment Problems
Solution Accelerator for Business Desktop Deployment
Long-Term Value of Business Desktop Deployment Best Practices
Value of Automated Deployment
Task Manual Automation
Software Inventory4 hrs elapsed time
4 hrs tech.1 hrs elapsed time
0 hrs tech
Software Compatibility Testing(based on 10 applications)
20 hrs elapsed time20 hrs tech
.1 hrs elapsed time.1 hrs tech
Hardware Inventory2 hrs elapsed time
2 hrs tech.1 hrs elapsed time
0 hrs tech
User Configuration/Data Saved Not Applicable2 hrs elapsed time
0 hrs tech
Operating System Installation*1 hrs elapsed time
1 hrs tech.5 hrs elapsed time
.5 hrs tech
User Configuration Applied2 hrs elapsed time
2 hrs tech2 hrs elapsed time
0 hrs tech
Application Installation(based on 10 applications)
2 hrs elapsed time2 hrs tech
.5 hrs elapsed time0 hrs tech
*Manual time based on CD installation Automation time based on OS image applied Research provided by Microsoft® Corporation
Remember the red car?
Manual Deployment £250 - £500 per PC £250 - £500 per PC
USMT, Application Compatibility USMT, Application Compatibility Toolkit, Windows PE, RIS, PQDI, Toolkit, Windows PE, RIS, PQDI, GhostGhost
Light Touch Deployment~ £200 per PC~ £200 per PC
Deployment automation with Zero Deployment automation with Zero Touch (SMS, MOM) Touch (SMS, MOM)
Zero Touch Based DeploymentLess than £50< per PC (goal)
Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Calculator Calculator
What’s the downside?
The BDD guidance documentation is extensive
Can seem like a daunting task
But ... help is at hand!
BDD Partners
Linkpad Ltd (me!)
... and a host of other MS Certified partners will be able to assist you in your migration
Look for Microsoft QuickStart and Microsoft QuickPlan certified Partners
Microsoft QuickStart and Microsoft QuickPlan are fixed-length, fixed-scope, fixed-price engagements that enable you to move rapidly towards a full rollout while managing cost
BDD Systems Integrations Partners
Avanade
Atos
Bellerephon
Capgemini
Computacenter
CSC
Dell
EDS
Getronics
HP
Linkpad
Satyam
TCS
Unisys
Wipro
http://www.microsoft.com/uk/technet