Title of Presentation

dingdongboomNetworking and Communications

Oct 27, 2013 (3 years and 8 months ago)

73 views

José Luis Auricchio

Account

Technology

Specialist

Microsoft Switzerland

Lionel

Cau

Microsoft Practice Manager

Sogeti

Switzerland

Applications concerns during a migration

Vista / 7 applications compatibility issues

Introducing the ACF program

Microsoft Support Policy

Sogeti's

ADA
is

part of Microsoft ACF

Application
Deployment

Analysis

Microsoft ACT (Application
Deployment

Toolkit
)

Migration and application
virtualisation

App
-
V

MED
-
V

Terminal Server

Conclusion

Positive Feedback From Enterprise IT Pros

Percentage of IT Pros that
expect to have deployed
Windows Vista on a
majority of the PCs in their
company within in the next
12 months


Source:
MSPulse

Survey, 12/2008

60%

Migration takes too long, how do I preserve other IT
operations from risk?


I don’t know all the applications my users have !


What tools and guidance is available?


What’s the best way to test applications?


Can we make the application compatibility process more
predictable?


How do we validate tools and processes?


Can someone just do all the work for me?

Application running compatibility issues

Things that tend to change between releases

Version checking

Changes required for greater security

WRP


protecting registry and system files

User Account Control (UAC)

Internet Explorer
-

Lower Rights IE (
LoRIE
)

Microsoft Graphical Identification and Authentication (GINA)

Windows Display Driver Model

Session 0 Isolation

OS innovation

64
-
bit Windows Vista (32
-
bit Drivers and 16
-
bit code)

Firewall/Anti
-
Virus platform

Deprecated functions

WinHelp
, D3DRM, DHTML, NTLPSSP, ……

Windows Vista networking stack has been completely rewritten

Several new features and protocols enhancements.

Firewall
-
hook driver functions and the filter
-
hook driver functions have
been deprecated.

The R
-
series tools, including
rexec
,
rsh
, finger, etc.

The IPX protocol has been deprecated

Transport Driver Interface (TDI) filter drivers written in Kernel mode may
not work properly.


Windows Vista removes the following Windows XP components:

WinHelp
, D3DRM, DHTML and NTLPSSP


GINA

If an application takes advantage of the Graphical Identification and
Authentication (GINA) mechanism of Windows XP, this software will not
install or run on Windows Vista.

Operating System Versioning

Application is checking the Operating system version and is
following a different code path. The internal version number for
Windows Vista is 6, Windows XP is version 5.x


Application is violating the Windows Resource
Protection (WRP).

Attempts to write new registry keys or values to protected registry
keys may fail indicating “access was denied”.

Attempts to write to protected resources may fail if they rely on
registry keys or values.

Windows Servicing.

Installers attempting to replace, modify or delete OS files and/or
registry keys protected by WRP may fail indicating that the
resource could not be updated.

Application deployment issues

Standard and customized .
msi

packages

New Vista desktop and workplace

Installation Kernel mode drivers

Installation 16
-
bit components

Hardcoded path

Installation GINA based DLLs

Unauthorised

registry / folder access

Missing components



ACF is an initiative that teams Microsoft with service partners to help
our customers overcome application compatibility challenges.




Application Compatibility Factory (ACF) helps enterprise customers
assess and remediate Line Of Business (LOB) and custom applications
quickly and cost effectively.



ACF partners have access to deep technical training, the latest
technical information and an evolving remediation database.



ACF can benefit customers who are deploying Windows® Vista or 7
and Office 2007 and have or have not identified potential application
compatibility issues.



ACF program has unblocked over 1.4 million desktop seats and tested
and remediated over 55K applications

Deployment
Tools for Windows Vista

Costs

Quality

Windows Vista

Compatible

Applications

“What is ACF?”

Enterprise

Applications

BDD 2007

Architectural
Design
Sessions

Application
Compatibility
Factory

Portable
Deployment Kit

Remediate


Validate

Windows Vista ACF

Assess

ACT 5.0


The Application Compatibility Factory (ACF) connects
Enterprise customers with ACF Partners to deliver high
volume, low cost application compatibility and remediation
services

Microsoft selected a small number of ACF partners, and
has invested in helping them to build Windows Vista
application compatibility expertise. Microsoft has validated
the methodologies and support infrastructures of ACF
Partners, as well as given them exclusive access to deep
technical training, to ensure that they are qualified to
execute early
-
phase Windows Vista and Office 2007
compatibility programs



Higher Quality:


Microsoft validated partners and
methodologies


Access to product developers


Cumulative experience and faster
learning curves


Reduced Costs:

• High degree of partner specialization

• Global delivery

• Process automation


High Volume:


Specialized partners with
dedicated capacity


Cumulative experience and faster
learning curves


Access to Microsoft SWAT teams

Microsoft Support Lifecycle Policy

http://support.microsoft.com/lifecycle



The Microsoft Support Lifecycle policy took effect in October 2002, and applies to most products
currently available through retail purchase or volume licensing and most future release products.
Through the policy, Microsoft will offer a minimum of:

10 years of support (5 years Mainstream Support and 5 years Extended Support) at the
supported
service pack level

for Business and Developer products

5 years Mainstream Support at the
supported service pack level

for Consumer/Hardware/Multimedia
products

3 years of Mainstream Support for products that are annually released (for example, Money, Encarta,
Picture It!, and Streets & Trips)


Phased approach

Make an inventory of hardware, applications and
packages

Exclude Vista/7 compliant applications

Analysis of non
-
compliant applications

Can we fix the non
-
compliant applications?

Benefits

Realistic budget and planning, low impact on business

Early involvement of suppliers

Managed expectations

Sogeti

expertise

10 years experience in migration and testing project

Realistic goal (test to migrate, don’t test to test)

Application Portfolio exhaustive testing occurs too
late in the project

install and distribution test

functional acceptance tests

user acceptance tests

Risks

huge effort for application
admins

drifting project (Time, Budget)

bad IT organization image

Costs too much
(2 500 to 3 000 hours for 500
applications)


Log Processing
Service and DB

Data Collection Package/Compatibility Evaluators

Inventory

IE

Vista

Update

Etc…

Desktop Topology

Europe

North America

HR

Finance

1

2

Application
Compatibility
Manager

3

Wilma

Betty

Internet

17

Compatibility Exchange

4

Testing applications

installation and distribution
test

Functional Acceptance test

User Acceptance test (Pilot)

Project risks

large effort Application
Managers /Business

unmanageable project (re
-
work and re
-
test)

2.500 hrs for 500 MSI
packages

(≈
5

hrs

/ MSI package
)


Application Mgr impact

functional Acceptance test

(≈ 150
-
200 appl.)

modified applications

(≈ 100
-
150 appl.)

replaced applications

(≈ 50 appl.)

Pilot

User Acceptance test

Test effort (estimate)

for 500 applications : 1400 hrs

(≈
3

hr / MSI package)


By using

ADA methodology, the budget required for compatibility testing
and remediation can be decreased by 30 to 40%

The global saving can be above 50% using Offshore Delivery capabilities

Traditional approach

ADA assisted

Facts

Reason

non
-
compliance

Nature of issues

What to do

Supplier

new

version
, update,
drivers

Fix

application

policies

&
rights

fixes

(OS


applications
)

virtualisation (
automated
)

shims

/
repackage

Architecture


App
-
V
,
Med
-
V
, Terminal Services,
Citrix


RDS

MED
-
V

App
-
V

VECD

Hyper
-
V

Virtual PC

Above
the kernel virtualization for applications
Applications are virtualized per
instance:

Files (
incl

System Files)

Registry

Fonts

.
ini

COM/DCOM objects

Services

Semaphores,
Mutexes

Name Spaces

Applications do not get installed
or alter the operating system

Yet Tasks process locally on the
host computer

Dramatically reduces application
conflicts and regression testing


Application Virtualization
Sequencer


Virtualizes applications

Application Virtualization
Server


Delivers applications

Application Virtualization
Client


Runs Applications

Multiple versions of the same application

Office 2007 and Office 2003

Branched versions of the same application

Office 2003 and Office 2003 SP1

Multiple JRE Versions

Multiple MDAC versions

Multiple Oracle Drivers

Different configurations of the same application

Same database client, two different target database configurations

Virtual configurations of local applications

Internet Explorer add
-
ins (JRE, ActiveX, etc.)

Packaging is now separated from
production constraints thanks to the App
-
V
virtualization abstraction layer



Applications


Operating
System

Hardware

What it does

Creates a package of an
application

Eliminates software
install

Isolates each application

What it is good for

Resolve conflicts
between applications

Simplify application
delivery and testing

What it does

Creates a package with
a full OS

What it is good for

Resolve incompatibility
between applications
and a new OS

Run two environments
on a single PC

Application
-
to
-
OS Compatibility Solution

Run legacy applications in a Windows® XP/2000
environment

MED
-
V leverages Microsoft Virtual PC, to enable
enterprise deployment of local desktop virtualization


Virtual images repository and deployment

Centralized virtual images repository for image creation/testing

Standard MSI for corporate software distribution

Auto
-
install package for self deployment

(via removable media (e.g. DVD) or from a website)

Efficient image delivery and updates over LAN or WAN

(using
TrimTransfer

de
-
duplication technology based on IIS)


Centralized management and monitoring

Centralized management server to control deployed VMs

Image provisioning based on Microsoft Active
-
Directory ®
users/groups

User authentication (online over SSL or offline based on local cache)

Support heterogeneous environments

Automate first
-
time virtual machine setups

(e.g. initial network setup, unique computer name, domain join)

Adjust VPC memory allocation based on available RAM on host

Centralized database for client activity and events

Usage policy and data transfer control

Per user/group usage policies (e.g. expiration, time limits for
offline work)

Host
-
guest data transfer control (e.g. copy
-
paste, file transfer,
printing)

Automatic redirection of predefined websites (e.g. corporate
intranet) to the virtual environment

End
-
user experience

Background VM management
-

hide the Virtual PC session from
the user, and automatically troubleshoot

“Publish” applications from VPC image to host Start Menu

Single desktop experience


applications that run in the VPC
seamlessly appear side
-
by
-
side with native applications

(including task
-
bar, tray
-
icons)

File transfer tool


share files between host and guest

Run an application in one location but have
it be displayed and controlled in another

only screen images, keystrokes and mouse
movements are sent over the network.


35

Solution

Advantages

Drawbacks

Typical

scenario

APP
-
V


Use local resources


Inter application compatibility preserved


Offline usage


fast delivery of applications
(streaming just what
you need to launch and run the application)


seamless integration for⁣ustomer


packaging takes less time as with classic
msi

tools


workstation security enhanced due to application
isolation within its own bubble


virtual applications have to be sequenced,
distributed and maintained


relies on a APP
-
V infrastructure or an SCCM
infrastructure or a third party software distribution
solution infrastructure


there' so⁧uarantee that aon⁣ompatible
application will run on
Vista / 7
once virtualized


application conflict with another one


application not compatible with Vista but
running as an APP
-
v application


application is not multi
-
user but works well
as an APP
-
v application running on a RDS
server


need for flexible deployment with upgrade
options


no packages available and no packagers
available


need for reducing application testing

MED
-
V


Use local resources


Offline usage


if the application works on XP, there's a
guarantee it will work as a MED
-
V application on
VISTA
/ 7


seamless integration for user


·


workstation security is nearly maximum due to
the fact that the virtualized application is running on
its own operating system


need to setup, distribute and maintain virtual
machines


relies on a MED
-
V infrastructure


need to run a whole additional virtual operating
system (
higher impact on workstation
requirements and performance
)


current solution's limitations could be⁡nnoying
(virtual applications use by default the local
drives of the underlying virtual machine, no USB,
...)


application not compatible with
Vista / 7
with no workaround


not aot of⁖楳ta


楮compat楢汥
applications to deal with (or all the
incompatible applications are not
conflicting with each
other

Remote

Desktop
Services
(Terminal)


client is already⁩nstalled by⁤efault on⁍S client
platform


seamless integration is possible


use fewer local resources and fewer network
bandwidth than any other virtualization solution


workstation security is maximum due to the fact that
the virtualized application is not running on the RDS
client


no offline mode


not suitable for some applications types such as
video, 3D, VoIP…


terminal server farms to maintain


one RDS server can only handle #50 remote
sessions at a time (when a APP
-
V or a


MED
-
V
server can handle
#2'000
)


application not compatible with Vista but
running on a Windows server 2003


application is multi user⁣ompatible


low network bandwidth available and/or
slow network link between workstation
and server

Virtual
Desktop
Infrastructure

(Hyper
-
V +
VECD + RDS)


same as RDS +


performance are excellent since this solution
combines the effectiveness of a Terminal
session + the effectiveness of an enterprise
virtual machines solutions with a real hypervisor
(unlike MED
-
V)


same as RDS +


complex architecture to maintain
involving not
only a RDS environment but also an hyper
-
V one


need⁴o setup andaintain virtual machines


resource required are higher than other
solutions (5 VMs per CPU core + 1Go RAM
per VM)


same as RDS +


machines configuration quite identical
throughout the company

14


15
avril

2010, CICG


Classic
Sponsoring Partners

Premium
Sponsoring Partners