Roadmap

RTM

RTM

RTM

RTM

RTM

RTM

RTM

RTM

Microsoft and Interoperability

“DHMC runs both Windows Server 2008 and Windows Server 2003

as guest operating systems under Hyper-V, as well as Linux. To date,

DHMC has virtualized Web servers, sites on Microsoft Office

SharePoint® Server 2007, reporting servers, medical applications,

domain controllers, file and print servers, Citrix servers, and more.”

Dartmouth Hitchcock Medical Center Case Study

Interoperability agreements with Novell,

Citrix (Xen), and Red Hat to support Linux

(RedHat, Suse, CentOS) on Hyper-V

SVVP (Server Virtualization Validation

Program) to certify

non-Microsoft Hypervisors for Microsoft

Support

System Center Operations Manager

supports monitoring

of non-Windows, including Linux – Redhat

and Suse + centOS, Unix – HP UX, Sun

Solaris and IBM AIX; from February 2013-

Gentoo/Debian/Oracle Linux/Universal Linux/

MacOS

System Center Virtual

Machine Manager 2012 manages VMware

ESX servers and Citrix XEN Servers

CentOS

Microsoft Private Cloud – Server Platform

Simplify with integrated physical, virtual

and cloud management

Improve agility with private cloud

computing infrastructure

Optimize service delivery across

datacenter infrastructure and business

critical services

“We don’t have to manage our infrastructure with multiple tools…we have one

central monitoring and management console from which we can care for every

aspect of our environment” - Doug Miller, Practice Architect, Microsoft Practice

Group, CDW

SELF-SERVICE

VIRTUALIZATION

MANAGEMENT

Private Cloud Technologies

IDENTITY

Build your own Private Cloud

• Deployment Guides are available on the Microsoft Private Cloud website:

• http://www.microsoft.com/virtualization/en/us/private-cloud.aspx

• Technologies used:

Technologies Basic Private Cloud Advanced Private Cloud

Virtualization Hyper-V Hyper-V

VirtualizationManagement

SCVMM 2012 SCVMM 2012Service Manager 2012Self Service Portal

AdvancedManagement and Orchestration

Configuration ManagerOperations ManagerService ManagerData Protection ManagerOrchestrator

Self

Service

Service

Delivery and

Automation

Deploy

Configure

Service

Model

DC

Admin

Operate

Monitor

Virtual Machine Manager

Operations Manager

App Controller

Service Manager Service Manager

Orchestrator

Configuration

Manager

Application

Management

Service Delivery and

Automation

Infrastructure

Management

Data Protection

ManagerApp

Owner

Example Hybrid Deployment

Hybrid Service

Private

Fabric

Hyper-V Bare Metal

Provisioning

Hyper-V,

VMware, Citrix XenServer

Network Management

Storage Management

Update Management

Dynamic Optimization

Power Management

Monitoring Integration

Fabric

ManagementCloud

Management

Application

Owner Usage

Capacity and

Capability

Delegation and

Quota

Cloud

Service

Management

Service Templates

Application

Deployment

Custom Command

Execution

Image Based

Servicing

Services

Performance and Resource Optimization (PRO) with SCOM and SCVMM

• Workload and application aware resource optimization

• Create policies that SCVMM acts upon tips automatically or manually

• Minimize downtime and accelerating time to resolution.

• Enables partners to deliver value add to our mutual customers

Centralized monitoring across Windows, Linux and Unix

Configuration change monitoring

Monitor and Manage Microsoft and third party virtualization platforms

Diagram data center operations and visualize status

Proactive Platform

Monitoring

End to End Monitoring Solution

Application & service level monitoring

Problem resolution knowledge base

Track and report service levels

Service level dashboards

Application and

Service Level

Monitoring

Standards based

Open and extensible platform for customized support

Interoperability with 3rd

party management systems and help desks

Interoperable and

Extensible Platform

SCOM 2012- Enterprise ClassScale across IT teams and manage business critical environments

• Role based security for secure delegation of access to information and task execution

• Aggregate monitoring of client systems

• Self monitoring infrastructure

• Leverages clustering, and agent failover for high reliability

• Works across AD trust boundaries

Windows

AIX

Solaris

Java Monitoring – Supported Platforms

RHEL

SLES

Tomcat

JBoss WebSphere WebLogic

Supported JEE Application ServersIBM WebSphere 6.1, 7.0, (8 TBD)

Oracle WebLogic 11gRel1, 10gRel3

Redhat JBoss 4.2, 5.1, 6, (7 TBD)

Apache Tomcat 5.5, 6.0, 7

Supported Operating Systems Matrix

Managing Complex Applications with SCOM 2012 and

AVIcode

End users

Web servers

Application serversData servers

Data servers

Application servers

Web servers

Application users

Business

Application

View of application user’s

performance

Consistent Experience – Desktop Console

Active Alerts Top 5 SQL Servers database generating the most Alerts

SQL Server Summary Dashboard

Top 5 SQL Server computers with the highest % processor

utilization

Top 5 SQL Server computers with the highest % memory utilization Top 5 SQL Server computers with the lowest % free space

available

SQL Server alerts generated in the last 24 hours

Critical SQL Server Databases

SQL Server Performance Dashboard: OperationsManagerDW

SQL Server Availability over last 24 hours SQL CPU Utilization over last 24 hours

SQL Memory Usage in KB

Total Memory Used on

Server

80%

Total Memory: 50,000 KBDisk Storage

Data Files: 17.6 GB

66%

2%Log Files: 6.93 GB

SQL Server Properties

Total Physical Memory (MB): 1000

Available Physical Memory (MB): 200

Active Alerts Top 5 SQL Servers database generating the most

Alerts

SQL Server Summary

Dashboard Top 5 SQL Server computers with the highest % processor

utilization

Top 5 SQL Server computers with the highest % memory utilizationTop 5 SQL Server computers with the lowest % free space

available

SQL Server alerts generated in the last 24

hours

Critical SQL Server Databases

Supported Non MS Operating Systems

• Version 5.3 (Power)• Version 6.1 (Power)• Version 7.1 (Power)

AIX

• Version 11iv2 (PA-RISC/IA64)

• Version 11iv3 (PA-RISC/IA64)

HP-UX

• Version 4 (x86/x64)

• Version 5 (x86/x64)

• Version 6 (x86/x64)

Red Hat Enterprise

Linux

• Version 8 (SPARC)• Version 9 (SPARC)• Version 10

(SPARC/x86/x64)

Solaris

• Version 9 (x86)• Version 10 SP1

(x86/x64)• Version 11 (x86/x64)

SUSE Linux Enterprise

Server

Version Support

• New versions of operating systems supported within 180 days of release

• Old versions supported as long as vendor provides support

Network Monitoring in OpsMgr 2012

• Out of the box discovery, monitoring, and reporting

• Server to network dependency discovery

• Multi-vendor support

• Multi protocol support

− SNMPv1/v2c/v3

− IPv4 and IPv6

• Deliver robust platform for partners to build on

Network Monitoring

• Port/Interface − Up/Down (operational & admin status)

− Volumes of inbound/outbound traffic

− % Utilization

− Drop & Broadcast rates

• Processor− % Utilization

• Memory− In depth memory counters (Cisco Only)

− Free memory

SCOM 2012 – Network Map Design

Audit Collection Service (ACS)Archiving audit collections for forensincs and compliance

Account Management Reports

User account created/deleted/enabled/disabled, Security group changes, Changing password, Computer account creation/deletion

Access Violation

Unauthorized access attempts, Account locked

Policy Changes

Audit policy changed, Object SACL changed, Object permissions changed, Account policy changed, Privilege added/removed

System Integrity

Lost events, Audit failure, Log cleared

Security log consolidation & compliance - SCOM & interoperability

2012

Client Management

Infancy (NT Domain)Groups Model

Comprehensive

Management

Laptops, Servers,

Enterprise Scale

Consumerization

of IT

Management

from the Cloud

2012

Business Needs and IT Challenges

Business NeedsAgility and Flexibility

IT NeedsLower operational costs

How can IT maintain

user productivity

and protect against

evolving threats

How can IT reduce

complexity and scale

back infrastructure

requirements

• Device Choice

• Application Self-service

• Personalized Application Experience

• Non-intrusive management

• Manage all devices through single interface

• Deliver applications to the user, not the device

• Integrated security and compliance

• Reduced infrastructure complexity

Access to org. resources

across devices & platforms

Single admin

console

Empower Users

Empower people to be

more productive from

almost anywhere on

almost any device.

Simplify

Administration

Improve IT effectiveness

and efficiency.

Unify Infrastructure

Reduce costs by unifying

IT management

infrastructure.

Simplify

Administration

Improve IT effectiveness

and efficiency.

Modern Management Console

Role-based Administration

Operating System Deployment

Asset Intelligence

Client Health

Functionality ConfigMgr 2007 ConfigMgr 2012

Meg- WW Central System

Administrator

Louis-Software Update

Manager for France

Bob- US & France

Security Admin

• Can see & update “France” desktops

• Cannot modify security settings on “France” desktops

• Cannot see “All Systems” or “U.S.” desktops

• Can see & modify security settings on “France” and “U.S.” desktops

• Cannot update “France” or “U.S.” desktops

• Cannot see “All Systems”

Map the organizational roles of your administrators

to defined security roles

• Security organization role

• Geography

Reduces error, defines span of control for the organization

Understand software installation profiles

Plan for hardware upgrades

Identify over or under licensing issues

Track custom apps or groups of titles

Software Metering & License Reports

Asset Intelligence Service

Asset Intelligence Catalog

Real-time Application

and Hardware Intelligence

ConfigMgr Inventory

• PXE initiated deployment allows client

computers to request deployment over the

network

• Multi-cast deployment to conserve

network bandwidth

• Stand-alone media deployment for no network

connectivity or low bandwidth

USMT 4.0 UI integration makes it easier transfer

files and user settings from one machine to another

CAS

Primary Site

MP Role

Primary Site

DP Role

Image Task Sequence

Report

WDS PXE Server

SCCM 2012 Machine and application lifecycle

Update Management•Microsoft security updates•Harware and software vendors catalogs•Business Applications•Maintenance windows

Desired Configuration Monitoring•Microsoft best practices•Custom models•Ability to remediate some settings

Application distribution and installation•No Mandatory Packaging•Dynamic Targeting based on user affinity and/or inventory•User experience control•Network Access Protection integration•Wake-On-Lan

OS Deployment•Client or Servers•Existing or new machine•User parameters migration•WIM image format•Tasks sequencer•Application compatibility

SCCM & Intel AMT Integration- management of desktops and servers even they are stopped

Intel® Q35 Express Chipset

with ICH9-DO

Intel Platform Software

Ecosystem Solutions

Intel Key Platform

Technologies

• Intel® Active Management Technology (AMT) is a function of the chipset & network controller

• Hardware-based management for clients

• Desktop: Intel® vProTM Processor Technology

Intel® 82566DM Gigabit

Network Connection

Intel vPro

Components

Intel® Core ™ 2 Duo Processor

Empower Users

Empower people to be

more productive from

almost anywhere on

almost any device.

Modern Device Management

User-centric Application Delivery

Unify Infrastructure

Reduce costs by unifying

IT management

infrastructure.

Simplify

Administration

Improve IT effectiveness

and efficiency.

Management for all

Exchange ActiveSync (EAS)

connected devices

• EAS-based policy delivery

• Discovery and inventory

• Settings policy

• Remote Wipe

Empower

7

Mobile Device Management with SCCM

2012

EXCHANGE CONNECTOR REPORTS

EXCHANGE CONNECTOR REPORTS

• Windows XP Embedded• Windows Embedded Standard 2009• Windows Embedded Standard 7

Thin Clients

Same as Thin Clients, plus

• POS Ready 2009

• POS Ready 8POS/Kiosk

• Windows Embedded Standard 2009

• Windows Embedded Standard 7Digital Signage

• Windows Thin PCRepurposed PC

Supported Write Filters

• File Based Write Filters (FBFW)

(preferred for scalability)

• Enhanced Write Filters (EWF) RAM

Ability to force persistence of changes for

• Applications

• Packages and programs

• Software updates

• Task sequences

• Endpoint Protection client installation

Eventual persistence of changes for

• Client agent settings

• Settings management remediation

• Power management

Without write filters enabled, embedded devices can be managed like any other Windows client. When write filters are enabled, they require special handling, now provided seamlessly in SP1

• Version 4 (x86/x64)

• Version 5 (x86/x64)

• Version 6 (x86/x64)

Red Hat Enterprise Linux

• Version 9 (SPARC)

• Version 10 (SPARC/x86)Solaris

• Version 9 (x86)

• Version 10 SP1 (x86/x64)

• Version 11 (x86/x64)

SUSE Linux Enterprise Server

Supported OS’s across both:

• Configuration Manager

• Operations Manager

Old versions supported as long as vendor provides support

Broader Linux distro support being evaluated

for future releases

Hardware and Software Inventory

Software Deployment

• Using the Package and Program model

• Deploy/patch software, deploy OS patches and run

maintenance scripts that target a collection

Consolidated reports

• Deliver best user experience on each device

• Define application onceDelivery Evaluation Criteria

• User

• Device type

• Network connection

User/Device Relationships

Primary Devices

• MSI

• App-V

• Windows 8 Apps

• Windows 8 Apps in the Windows Store

Non-primary Devices

• VDI

• Remote Desktop

< >

Detection Method

Install Command

Requirement Rules

Dependencies

Supersedence

Administrator Properties

End User Metadata

Application “Package”

App-V

Windows Script

CAB / SIS

Windows Installer

General Information

Deployment Type

< >

IT

Administrators publish software titles

to catalog, complete with meta data to

enable search

• Deliver best user experience

on each device

Users can browse, select and install

directly from Catalog

• Application model determines

format and policies for delivery

User

Unify Infrastructure

Reduce costs by unifying

IT management

infrastructure.

Reduced Infrastructure Requirements

Unified Management of Virtual Clients

Endpoint Protection

Software Update Management

Compliance & Settings Management

Distribution Point for Windows Azure

Central Administration Site

• Central primary site administration

• Reporting

Primary Sites

• Client management and settings

• Delegated administration

Secondary Sites

• Content routing

• Distributions points

Central

Administration

Site

Primary Site Primary Site

Secondary Site Secondary Site Secondary Site Secondary Site Secondary Site Secondary Site

CONNECTION BROKER

User-centric application delivery through

Microsoft Application Virtualization or

Citrix XenApp.

Single admin experience for managing

physical and virtual desktops. Integrates with

Remote Desktop Services and Citrix

XenDesktop.• Recognizes pooled and personal virtual desktops

• Randomizes tasks

HYPER-V

CONFIGMGR

DP/MP

APP-V

SEQUENCER

Unified Infrastructure

• Simplified server

and client deployment

• Streamlined updates

• Consolidated reporting

Comprehensive Protection Stack

• Behavior monitoring

• Antimalware

• Dynamic Translation

• Windows Firewall Management

Signature

update

Policy

configuration

EP client

installation

Silent removal

of third-party

products

EP enabled in

the console- EP

installation

starts on the

device

EP agent installer

deployed with ConfigMgr

Client

Simplified Client Setup

Ease of client setup and deployment• No separate deployment needed for endpoint protection client

• Endpoint Protection agent installer deployed with Configuration Manager client setup

Flexible administrative control• Administrator can force or suppress any required reboots

• Configurable option for automatic removal of existing AV client

Easy migration from existing solutions and automatic removal of existing clients• Symantec

• McAfee

• TrendMicro

• Forefront Client Security or Forefront Endpoint Protection

Client Installation Flow

Signature Update Distribution

Ensures always up-to-date security regardless of the client location• Multiple update sources (ConfigMgr, WSUS, Microsoft Update, Windows File Share)

Easier distribution process• Automatic deployment rules within ConfigMgr console

Minimizes WAN impact • Uses distribution points and reduced definition size

MICROSOFT UPDATE

ON THE ROAD

Fallback to

online update

Corporate Network

Updates distributed through

ConfigMgr, WSUS or Windows

File Share

DELTA UPDATE SIZE: 50-2048 KB

UPDATE FREQUENCY: 3 TIMES/DAY

Simple Policy Administration With Templates

Simplified management for

antimalware policies• Templates for different

security needs

• Options to configure settings

granularly

Centralized management for

Windows firewall• Profile-based firewall policy

from the same dashboard

Comprehensive Protection Stack Building on Windows Platform Security

Proactive Techniques (Against Unknown Threats)

APPLICATION

FILE SYSTEM

NETWORK

Reactive Techniques (Against Known Threats)

Behavior Monitoring

Data Execution

Prevention

Address Space

Layout

Randomization

Windows

Resource

Protection

Antimalware

Internet Explorer® 8

SmartScreenMicrosoft BitLocker

Dynamic Translation and

Emulation

Vulnerability Shielding (Network Inspection System)

Windows Firewall Centralized Management

DYNAMIC CLOUD UPDATES

Mic

roso

ft M

alw

are

Pro

tect

ion

Cen

ter

Dyn

am

ic S

ign

atu

re

Serv

ice

System Center Endpoint Protection

Windows 7

Microsoft AppLocker

User Account

Control

Dynamic Translation With Heuristics

Real Time

Protection

Driver

Intercepts

Industry-leading proactive

detection• Emulation based detection

helps provide better protection

• Safe translation in a virtual

environment for analysis

Enables faster scanning

and response to threats• Heuristics enable one

signature to detect thousands

of variants

Potential

Malware Execution attempt on

the system

VIRTUALIZED

RESOURCES

Safe

Translation

Using DT

Malware

Detected

Malicious

File Blocked

Behavior Monitoring and Dynamic Signature Service

Live system monitoring identifies

new threats

• Tracks behavior of unknown

processes and known bad processes

• Multiple sensors to detect OS

anomaly

Updates for new threats delivered

through the cloud in real time

• Real time signature delivery with

Microsoft Active Protection Service

• Immediate protection against new

threats without waiting for scheduled

updates

RESEARCHERS REPUTATION

REAL-TIME

SIGNATURE

DELIVERY

BEHAVIOR

CLASSIFIERS

Microsoft Active

Protection Service

Properties/

Behavior

Real-time

signature

Sample

request

Sample

submit

1 2 3 4

Network Vulnerability Shielding• Minimizes opportunities to exploit the system between vulnerability

announcements and patch deployments

• Based on Network Inspection System (NIS) Technology

• Detects and blocks Conficker-style threats

• Inspects inbound and outbound network traffic

• Enables signatures based on patch status—disabled on patched machines

• Disables traffic interception if no signatures are active

A new NIS signature is released

Exploits LaunchedAttack is

blocked

Patch validated

and deployed

NIS Event Logged, telemetry sent

Time to test the update patch

Update Patch

Available

A new vulnerability

discovered

Signature KB CVE ID Action Release date Windows 7 Windows 2008 R2 Protocol

MS08-067            KB958644 CVE-2008-4250 Block 10/23/2008 No No RPC

MS09-001            KB958687 CVE-2008-4835 Block 1/13/2009 No No SMB

MS09-050            KB975517 CVE-2009-2532 Block 10/14/2009 No No SMB

MS09-050            KB975517 CVE-2009-3103 Block 10/14/2009 No No SMB

MS10-020            KB980232 CVE-2010-0269 Block 4/13/2010 Yes Yes SMB

MS10-012 KB971468 CVE-2010-0020 Detect Only 2/9/2010 Yes Yes SMB

Protect Clients with Reduced Complexity

Simple interface• Minimal, high-level user

interactions

Administrative Control• User configurability options

• Central policy enforcement

Maintains high productivity• CPU throttling during scans

• Faster scans through advanced

caching

Certifications and awards for Forefront technology:

VB 100% December & October 2010 on Windows 7 / 2008

VB 100% August 2009 on Windows Vista SP2

VB 100% April 2009 on Windows XP

VB 100% December 2008 on Windows Vista x64

VB 100% October 2008 on Windows Server 2008

VB 100% February 2008 on Windows Server 2003

ICSA Labs certification – Forefront was the first product

certifed for Exchange 2007

West Coast Labs’ Checkmark certification

Industry thought leadership

“Behavioral Classification” paper delivered at 2006 European

Institute for Computer Antivirus Research (EICAR) conference

Microsoft SolutionOne infrastructure for desktop management and protection

Improved visibility and response to threats

Reduced cost and complexity

Centralized management and protection

ConfigMgr MP Baseline ConfigMgr Agent

WMI XML

Registry IISMSI

Script SQL

Software

UpdatesFile

Active

Directory

Baseline Configuration Items

Auto Remediate

OR

Create Alert (to Service Manager)!

Improved functionality• Copy settings

• Trigger console alerts

• Richer reporting

Enhanced versioning and audit tracking• Ability to specify versions to be used in baselines

• Audit tracking includes who changed what

Pre-built industry standard baseline templates

through IT GRC Solution Accelerator

Assignment to

collectionsBaseline drift

CAS

Primary SiteMP Role

Primary SiteDP Role

Assigns policy to scan for update

status or to deploy updateDistributes updates

Reports

compliance

Microsoft Update

Primary SiteSUP Role/WSUS

Identifies who needs updates

and reports on compliance

Downloads updates

Auto Deployment• Faster deployment through search

• Schedule content download and

deployment to avoid reboot during work

hours

State-based Updates• Allows individual

or group deployment

• Updates added to groups auto deploy to

targeted collections

Optimized for New Content Model• Reduce replication and storage

• Expired updates and content deleted

Security Compliance Manager

Patch Management

Network Policy ServerClient Network

Access

Device

(DHCP,

VPN)

SCCM Server

Management Point

SCCM Server

Distribution Point

May I have access?

I don’t have any patches installed. Should this client be restricted

based on it’s health?

Can you vouch for this client?

Is it up to date?

I can vouch for the client.

It’s not up to date. Tell it to install patches

You are being given restricted

access until patches are installed.

Requesting patch package.

Here is your patch

package.

Requesting access.

Patches are installed.

Quarantine client, request

it to install patches

Corporate Network

Restricted Network

I can vouch for the client.

Yes, meets policy.

Grant access.

Client is granted access to full intranet.

Security - SCCM & NAP

PR1

MP

MP DP

Windows Azure

Distribution Point

Microsoft

Update

Policy

Content

FIREWALL

Corporate Network

Reports and Power management with SCCM

SCCM Enterprise Dashboard

Em

po

wer

Un

ify

Sim

plify

Role-based Administration

Distribution Point for Windows Azure

Software Update Management

Reduced Infrastructure Requirements

Application Delivery

Modern Device Management

Compliance & Settings Management

Endpoint Protection

Unified Management of Virtual Clients

Operating System Deployment

Asset Intelligence, Inventory & Software Metering

2007 R3

MDM licensing

Device-centric

2012

EAS

User-centric

New

Improved

Integrated

Auto Remediation

Improved

New

Improved

Improved

2012 SP1

Unified

Win 8 Apps

Flexible hierarchies

Improved

Real-time actions

User Profile and Data

Improved

New

Improved

Improved

Modern Management Console New PowerShell

Client Activity and Health Improved Improved

Windows Embedded Device ManagementSeamless management of

write filter-enabled devices

Online Snapshots (up to 512)

Disk-based

Recovery

Tape-based

Backup

Data Protection

Manager

Up to

Every 15 minutes

Disaster Recovery

with offsite replication & tape

Data Protection Manager

Active Directory®

System State

file services

CONNECTORS

Asset Management

Self Service IT Business Intelligence

Service Manager - The Power is in the Integration

Automate and Deploy

Capacity and Utilization

Inventory and Usage

Alert Management

Incident and Problem

WorkflowsKnowledge Base Data WarehouseeCMDB

Active Directory

Change

Compliance and Risk

Arhitectura Service Manager

Analyst

Consola Authoring

Interfeţe

utilizatori

Sisteme

externe

Self-Service

portal

Infrastructura

Service

ManagerData

WarehouseCMDB

Service Manager SDKActive

Directory

ConfigMgr

OpsMgr

Knowledge

Base

Consola

Service Manager

Conectori

Management

Packs Change

Management

Problem

Management

Incident

Management

Utilizatori IT

Operations

IT business

analysts

Parteneri

Asset

Management

Risk &

Compliance

Release

Management

Orchestrator

VMM

Sincronizare cu Active Directory

• Import date dintr-un Domeniu sau OU

− Suport pentru forest-uri multiple

• Sincronizare date Active Directory despre:

− User

− Groups

− Printers

− Computers

• Informaţiile de contact pentru utilizatori

• Informaţii organizaţionale (Manager, Dept)

• Adrese de notificare (e-mail, IM)

Sincronizare cu SCCM• Sincronizează informaţiile din Configuration

Manager şi creează/actualizează Configuration Items:

− Hardware Inventory

− Software Inventory

− Software Updates

• Dacă există deja CI efectuează “merge” cu informaţiile existente

• Asset Intelligence top console user este preluat ca utilizator primar

• Crează incidente din erorile de conformitate Desired Configuration Management (DCM)

Creare Incidente din SCCM - DCM

• Crează Incidente automat pentru erorile de conformitate DCM

− Se selectează Baseline-urile DCM şi CI pentru care trebuie create Incidente

− Conectorul va sincroniza toate erorile de conformitate DCM

− Un workflow va crea Incidente doar pentru erorile DCM selectate

• Va fi generat un incident pentru fiecare computer şi CI neconform

− Poate crea o mulţime de incidente

Create Packages & Programs

Configure SM Portal

Advertisement Delivered

Software Deployed

End User Requests Software

End User

Manager Approves Request

Manager

Sincronizare cu SCOM

• Crează CI din obiectele descoperite de Operations Manager

• Crează Service Maps din Servicii şiDistributed Applications definite în SCOM

• Crează Incidente din alertele Operations Manager

− Sincronizează informaţii detaliate despre alerte

− Actualizează starea Alert-ului când sunt modificate proprietăţile incidentului în Service Manager

Examplu Service MapDefininirea dependintelor ce au ca impact disponibilitatea sistemului

ALERT GENERATED

INCIDENT CREATED

INCIDENT RESOLVED

INCIDENT DIAGNOSED

INCIDENT CLOSED

SERVICEMONITORED

IT Analyst / Operator

Service Desk Integrat

Active Directory

Configuration Manager

Operations Manager

Operator

Service Manager

Users

User Groups

Computers

Hardware Inventory

Software Inventory

Software Updates

Service Definitions

Service Maps

Incident

Apel

Suport

Alert

DCM

neconform

E-Mail

Verificare Configuraţie

Utilizator

Portal

Reports &

DashboardsE-Mail &

Other Clients

Excel

Price Sheet

Service manager – easy customizationClasses

• A class describes an “object”

• The most obvious classes in Service Manager are those for work items (fi: change request, incident) and configuration items (fi: computer, user)

• Classes and their “instances” form the heart of the CMDB

• Extending the CMDB can be done by adding classes

• Attributes are properties of a class the describe the object

Service Manager easy customization

• New classes can be defined by inheriting from the core model. For example, we can define a new “Projector” class for the overhead projector objects :

• List – An enumeration of values (optionally hierarchical) used to constrain value choices for a given class property.

Example : a List used in the “Condition” projector property:

ProjectorCondition {New, Working, Broken, Being repaired}

Configuration Item

Computer UserOperating

SystemProjector

•Serial Number (key)

•Make

•Model

•Location

•Condition – Projector

Condition List

Risk Management and Compliance

Personas Involved

Windows Server

SQLExchange

SOX PCI

COBIT

EUDPP

Internal

PoliciesISO

Scenario -- Always Ready for an IT Audit

Program

Manager

Operations

Engineer

Ma

na

gin

g C

om

pli

an

ce

Provide Audit

Trail

AutomationImplement Procedure

Map Control Objectives

ValidateSettings

Detect Failure

RecordResult

TakeAction

Activities• Process controls• Configuration settings• Monitoring

Reporting

Actions• Change control• Incident/issue• Problem

Audit Trail• Compliance Reports• Compliance History

Business Intelligence for IT

• Integrated across System Center

− Easy installation through Service Manager setup

− Supports Configuration Manager, Operations Manager, and Active Directory integration knowledge

• Data Warehouse repository database

− Store large amounts of dimension and fact data

− Provide a historical record

− Retain data groomed from the CMDB

− Model-driven: MP extends DW schema

Service Manager Dashboards

IT Process Automation and System Center Orchestrator (Opalis)

Automate provisioning,

resource allocation and

retirement

Extend virtual machine

management to the cloud

Orchestrate incident

management and resolution

Integrate across monitoring

tools, service desks and

CMDBs

Scale automated

configuration across

platforms and tools

Ensure reliable change with

intelligent workflow

branching

Virtual Machine Lifecycle Management Incident Management Automated Configuration

Management

Microsoft Active Directory

Microsoft Systems Management Server

Microsoft Operations Manager

Microsoft Configuration Manager

Microsoft Virtual Machine Manager

Microsoft Data Protection Manager

Microsoft Service Manager

BMC Atrium CMDB

BMC Remedy AR System

BMC Event Manager

BMC Patrol

BMC BladeLogic Operations Manager

CA AutoSys

CA eHealth

CA Service Desk

CA SPECTRUM

CA Unicenter NSM

HP Operations for UNIX

HP Operations Windows

HP Operations Solaris

HP Network Node Manager

HP Service Desk

HP Service Manager

HP Asset Manager

HP iLO 2

FTP

Symantec VERITAS NetBackup

IBM Tivoli Enterprise Console

IBM Tivoli Netcool/Omnibus

IBM Tivoli Storage Manager

EMC Smarts InCharge

EMC Infra

VMware VI / vSphere

UNIX Integration

System Center App Controller 2012

Offers intuitive and service-centric access

• Intuitive service-

centric interface

• Library of

standardized

templates

• Role-based view

• Web interface

• Create, manage, and

move resources rather

than

manage servers

Empowers

application owners

through self service

Increases visibility

and control

• Private and public cloud

services plus virtual

machines

• Job tracking

• Change history

Applications Across CloudsSelf–Service Application Management

Offers Intuitive and Service-Centric Access

Applications Across CloudsConsistent Application Monitoring

Hybrid Service

Private

Increases Visibility and Control

What’s Changing with System Center 2012 Licensing

Simplifying & Optimizing Licensing for Private Cloud

What Stays The Same?

Managed devices require

Management Licenses

Concept of an Operating System

Environment (OSE) and when a

Management License is required

Server MLs differentiated based on

virtualization rights & suited into

ECI

Client MLs differentiated on

component functionality and

suited into Core CAL / ECAL

What Changes?

Standalone ‘products’ become

components of integrated product

Management Licenses

Software Assurance is included with

all licenses

Server Management Licenses align to

‘processor-based’ model, each license

covers 2 processors

The right to run Management Server

software and supporting SQL

Runtime are now included with every

Management License. Management

Server Licenses are discontinued.

Management

Server

• Rights to run Management

Server software are included with

Client MLs and Server MLs

• SQL runtime is included with

Management Server software

Managed Clients

Managed Servers

Licenses Required Deployment

Management Server

Licenses

No Longer Required

2 Processors , Two VMs (OSE) 2 Processors , Unlimited VMs

• Operations Manager

• Configuration Manager

• Data Protection Manager

• Service Manager

• Virtual Machine

Manager

• Endpoint Protection

(new)

• Orchestrator

• App Controller (new)

2 Processors, 2 OSEs

2 Processors, Unlimited OSEs

Each license covers up to 2

physical processors. ECI

requires a 25 license

minimum initial purchase.

Enrollment for Core

Infrastructure

Standard

Enrollment for Core

Infrastructure

Datacenter

http://www.microsoft.com/systemcenter

http://www.microsoft.com/en-us/server-cloud/system-center/sp1-default.aspx

http://systemcenter.pinpoint.microsoft.com

http://www.microsoft.com/en-us/server-cloud/evaluate/trial-software.aspx

http://www.microsoft.com/downloads/details.aspx?FamilyID=a171bcea-2dbb-4fc5-8dd1-4ec22f2eb4ef

http://blogs.technet.com/server-cloud

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be

interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. Some information relates to pre-released product which may be

substantially modified before it’s commercially released. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.