Account T echnology Strategist

hotbroodSecurity

Nov 3, 2013 (3 years and 9 months ago)

86 views

Rich
Seymore

Account Technology Strategist

Microsoft Education

The Microsoft
®

Office System

CML

The Microsoft
®

Office System

Business Productivity Infrastructure

Core Infrastructure

Business Intelligence

Collaboration

Enterprise Content Management

Enterprise Search

Unified Communications

Desktop and Device Management

Data Protection and Recovery

Security

Access Management

Incident, Problem, and Change Management

Foundation for Business

Foundation for IT

Core Infrastructure

Desktop and Device
Management

Data Protection and Recovery

Inciden
t
, Problem, and
Change Management

Security

Access Management

Plumbing for Business

Plumbing for IT

Business Productivity Infrastructure

Business Intelligence

Collaboration

Enterprise Content Management

Enterprise Search

Unified Communications

5

Key

FY11 Enterprise CAL Suite

Enterprise

CALs

Servers

Standard

CALs

Exchange Server

(Std or Ent)

Office SharePoint
Server

Exchange Std
CAL

(Messaging,
Calendar, Contacts)

Office SharePoint
Std CAL

(ECM, Portal, Search)

Exchange Ent
CAL

(Archiving, Unified
messaging,
Compliance)

Office SharePoint
Ent CAL

(E
-
forms, Spreadsheet
publishing, Data
integration, FAST,
Performance Point)

Office Comm.
Server

Office Comm.
Server Std CAL

(IM, Presence)

OCS Standard

OCS Enterprise
CALs

(IM, Conferencing)

Enterprise CAL Suite
component

Software to run hardware

Microsoft
Operations
Manager

Windows Server

Windows Rights
Mgmt Services
CAL

Systems
Management
Server

Windows Server
CAL

(Workload, File and
Print, WSS, AD)

SMS CML

(Monitoring and
Updates)

Ops Manager
Client OML

(Desktop Monitoring
and Management)

Forefront Security Suite: Client Security, Exchange Security, Online Protection for Exchange , SharePoint Security, Office
Communication Server Security, Threat Management Gateway Online, Unified Access Gateway

Core CAL Suite component

System Center
Client Suite

DPM, Service
Manager

Operations
Manager Client
OML

ECAL Suite Technology Chronology


2006:

SharePoint 2007 + Exchange 2007


2007:

Office Communications Server 2007 + Forefront Security Suite +
SCCM 2007 + System Center Operations Manager 2007


2008:

Windows Server 2008 + SCCM 2007 R2


2009:

Performance Point + Fast Enterprise Search + Exchange 2010 + FF
Exchange 2010+UAG + TMG +
AD RMS
+ OCS 2007 R2 + Windows Server
2008 R2


2010:

SharePoint 2010 + OCS 14 + FF for Exchange + DPM
v3+
Service
Manager + FF for SharePoint

Key 2010 ECAL Suite Technology Innovation

Business Intelligence:
Access the right information to put strategy in action and enable accountability


Enterprise Search:
Find, explore, and connect to information and people.


Business Communities:
Collaborate in groups, share knowledge and ideas, connect with colleagues,
and find information and experts naturally.

SharePoint



Archiving:
Lower costs of implementing archiving policy with built
-
in functionality. Improve legal
discovery with multi
-
mailbox search.


Information Protection:
Automatically safeguard sensitive email with Rights Management Services.

Unified Communications


Secure Collaboration:
More secure anywhere access to collaboration tools.


Secure Messaging:
Improved email anti
-
virus and anti
-
spam in the cloud or on premise

Forefront


Data Protection:
Backup data on XP, Vista, and Windows7 clients.


Incident, Problem, and Change Management:
Reduce support costs and increase Helpdesk
responsiveness

System Center

ECAL Suite Business Productivity Technologies

ECAL Component

Description

Exchange Server 2010

Microsoft Exchange Server, the cornerstone of Microsoft’s Unified Communications solution,
is a flexible and reliable messaging platform that can help you lower your messaging costs by
50
-
80%, increase productivity with anywhere access to business communications, and
safeguard your business with protection and compliance capabilities that help you manage
risk.

Office Communications

Server 2007 R2

Microsoft Office Communications Server 2007 R2 helps you deliver streamlined
communications to your users, so everyone in your organization can communicate with the
right person, right now, from the applications they use most. Maintain operational control
without expensive infrastructure or network upgrades, and deliver streamlined
communications, including software
-
powered VoIP, Web and audio/video conferencing, and
enterprise instant messaging.

SharePoint Server 2010

Microsoft SharePoint 2010 enables organizations to connect and empower people through an
integrated set of rich features. SharePoint 2010 facilitates business collaboration in its
broadest sense and helps colleagues, partners, and customers to work together in new and
effective ways.

Microsoft Confidential

ECAL Suite Core Infrastructure Technologies

ECAL Component

Description

Windows Server 2008 R2

Windows Server 2008 R2 is the most advanced Windows Server operating system yet,
designed to power the next generation of networks, applications, and Web services.

System

Center
Configuration Manager
2007 R2

System Center Configuration Manager 2007 is the solution to comprehensively assess,
deploy, and update your servers, clients, and devices

across physical, virtual, distributed,
and mobile environments. Optimized for Windows and extensible beyond, it is the best choice
for gaining enhanced insight into, and control over, your IT systems.

System Center Operations
Manager 2007 R2

System Center Operations Manager is the end
-
to
-
end service
-
management product that is
the best choice for Windows because it works seamlessly with Microsoft software and
applications, helping organizations increase efficiency while enabling greater control of the IT
environment.

System Center Data
Protection

Manager 2010

*Provides an easily managed and scalable solution for backup and recovery of XP, Vista, and
Windows7 clients.

System Center Service
Manager


Microsoft System Center Service Manager is an integrated platform for automating and
adapting your organization’s IT service management best practices.

Active Directory Rights
Management Services

Active Directory Rights Management Services, a component of Windows Server 2008, is
available to help make sure that only those individuals who need to view a file can do so. AD
RMS can protect a file by identifying the rights that a user has to the file. Rights can be
configured to allow a user to open, modify, print, forward, or take other actions with the rights
-
managed information.

Forefront Unified

Access
Gateway

Forefront Unified Access Gateway is ONE solution to fit all of your remote access needs
through centralized management and policy control across all users, devices, and network
resources.

Forefront Protection

Suite

The Forefront Protection Suite is the next generation release of the Forefront Security Suite
and includes Microsoft Forefront Client Security, Microsoft Forefront Protection 2010 for
Exchange Server, Microsoft Forefront Security for SharePoint, Microsoft Forefront Security
for Office Communications Server and Microsoft Forefront Online Protection for Exchange.

Microsoft
SharePoint 2010

Composites

Rapidly Create
Dynamic Business
Solutions

Insights

Making Better,
Faster, More
Informed Decisions
through BI

Search

Rich, Reliable, Highly
Scalable Search
Engine

Sites

Sharing Information
Security Across
Stakeholders

Communities

Empowering People
to Work Together in
New Ways

Content

Manage Content
Lifecycle from
Creation to
Retirement

SharePoint
Enterprise CAL



Advanced
scenarios
with rich data
integration

SharePoint

Standard CAL



Single collaboration
platform across all
types of content

SharePoint

Foundation



Enabling technology
for developers and
basic scenarios




Forefront New SKUs and Functionality

Allows organizations to more easily publish
comprehensive remote access scenarios to
resources (e.g. SharePoint) for employees,
partners and vendors on both managed
and unmanaged machines.

Enterprise
Functionality for
Arrays

Comprehensive Remote
Access

Automated Policies

Administrative and
Provisioning Tools

Security Suite




Comprehensive security across
endpoints, messaging and
collaboration workloads, and
now web security.

Unified Access Gateway (Dec 2009)

Web Protection
Service (Dec 2009)

(.v2 H2 CY2010)

Optimize for

Software + Services


E
-
mail Archiving


Protect Communications


Advanced Security


Manage Inbox Overload


Enhance Voice Mail


Collaborate Effectively


Continuous Availability


Simplify Administration


Deployment Flexibility

Anywhere
Access

Flexible and
Reliable

Protection and
Compliance


Exchange 2010 CALs:

Enterprise CAL 2007

Additive

Forefront for
Exchange

Advanced
Mobile
Mngt
.

Per
-
user
Journaling

Managed
Custom
Folders

Unified
Messaging

Exchange
Hosted
Filtering

Organizations
requiring a
premium, feature
-
rich messaging
environment with
mobile device
access.


For users that need:


Unified Messaging


Multi
-
tier AV/AS
protection


Advanced
Compliance


Advance mobile
management

Enable your users to
be more productive
from virtually any
platform, browser, or
mobile device, with
new features that
help manage
communications
overload and lower
helpdesk costs.


Enterprise CAL 2010

Reduce the costs and
complexity of
compliance with new
integrated archiving
functionality, while also
cutting costs by
replacing your legacy
voice mail systems.


*Dependency on Windows Server RMS

All 2007
Features

Calendar
Sharing

Conversation
View

Message
Tracking

Universal
Inbox (Mail,
SMS, IM)

Mobile

& Browser
Improvement

IRM in OWA*

Mailtips

Default
Retention
Policies

Additive

Cross
-
Mailbox
Search

Custom
Retention
Policies

Personal
Archive

Info. Leakage
Protection*

All 2007
Features

Legal Hold

VM Preview, Answering Rules,
Protected VM, Message Waiting

Enhanced UM

E
-
mail &
Contacts

ActiveSync
Mobility

Calendar &
Tasks

Managed
Default
Folders

Improved
Anti
-
spam

Per
-
DB
Journaling

Suites: Core, SBS, EBS

Suites: E
-
CAL

No price
change

Improve the end
-
user
experience through

self
-
service and flexible
physical and virtual
software management

System Center Client Management Technology

Assess Inventory

& Compatibility

Deploy OS

& Applications

Manage User
Access

Backup, Repair

& Restore

Incident,

Problem & Change
Management

Monitor
Performance

& Configuration

Save costs through
integrated management

of PCs and software

Provide visibility,
reporting, and support
process compliance

Microsoft Confidential

Reduce help
-
desk and IT management costs through
user self
-
service and ITIL
-
based client management,
integrated with the System Center client suite.

Change
Management

Incident
Management

Backup and recovery of
Windows clients including file
and System State protection

End user
recovery of
file data

Integrated
CMDB

End
-
User Self
-
Service

Knowledge
Store and
Management

Reporting and
Analysis

Provides an easily managed and scalable solution for
backup and recovery of XP, Vista, and Windows7
clients.

Windows 7
Manageability

Intel Advanced
Management Technology
Enhancements

Assess, deploy and update your clients, and devices
across

physical, virtual, distributed and mobile environments
.

Operations Manager 2007 Client ML

Aggregate Problem
Identification for
Windows 7 Clients

Enables customers to proactively identify and
resolve the 90% of unreported problems that impact
user productivity by causing client systems to crash
.


System Center CML SKUs and Functionality

IT Service
Management

Data

Protection

Manager

Service Mgr

Capacity

Planner

Service Mgr

Operations

Manager

Data

Storage &


Recovery

Problem

Management

Capacity

Management

IT Reporting

Operations

Management

ConfigMgr
/
SoftGrid

Operations

Manager

Performance &

Availability

Monitoring

Software

Update &


Deployment

Enabler for Microsoft’s Best Practices

Microsoft Operations
Framework (ITIL
-
based)

Infrastructure
Optimization

Simplicity

Up and running in minutes

Simplified UI

Advanced Task Sequencing

Reduced SCCM infrastructure costs with branch office support

Improved scheduling and greater control including Wake
-
on
-
LAN

Common processes for Windows Mobile and embedded device

Deployment

Unified delivery of Windows operating system for clients and servers

One worldwide image to manage with Vista

Built on Windows Vista technologies including Windows Imaging

Vista and Office 12 upgrade assessment and resolution planning

Offline media support for full offline provisioning

Security

Integration with “Longhorn” Network Access Protection

Simplified, comprehensive software updating w/ templates for common tasks

Enterprise Vulnerability assessment

Securely managing devices across the Internet

Secure network storage of user state during Operating System deployment

Configuration

Knowledge
-
driven desired configuration management based on the Service Modeling Language (SML)

IT policies for analyzing corporate and regulatory compliance

Out of the box configuration policies for server workloads i.e. Exchange

License and asset management

Simplicity

Deployment

Security

Configuration

Microsof t Conf idential

Easier to install,
setup and get
running

New UI,

drag
-
and
-
drop
capabilities and
templates to

simplify ease of use

Simplified and more
cost effective
infrastructure

Mirror operational
process and
associate approved
change times with a
collection

Microsof t Conf idential

Integration with System
Center “Management
Services”

Integrated reporting for
MLS customers that shows
licenses utilized versus
licenses purchased

Community Integration:
Administrators contribute
knowledge

Customization to enable
software categorization
mapping to your enterprise
taxonomy

Additional reports; including
Windows Genuine
Advantage summary and
hardware report

Top Software
Products Installed

Compliance assessment

Security updates / vulnerability assessment

Application updates

Update deployment

Full Microsoft update content

Zero
-
day and routine deployments

Simplified admin experience

Also manage non
-
Microsoft software
updates

OEMs and software vendors (ISVs)

Internally
-
developed applications

Microsof t Conf idential

The Way to Deploy Windows Server and Windows Clients
Assess Windows Vista and

Office 2007 deployment

readiness

Integrated solution for

side by side machine

replacement, with
user state migration

Single solution for deploying

Windows desktops

and servers

Task Sequencing

Offline deployment with
removable media

Driver Catalog

Bare Metal starts here

Microsof t Conf idential

Apply an application
configuration and alert when
deviation from “desired
configuration” is detected

Common models to describe
application and system
configuration and operational
health

Import existing models from
software vendor or community

Modify existing models with
implementation specific
models

Create custom models based
on your requirements


Microsof t Conf idential

Integration with Server
2008 Network Access
Protection (NAP)

WSUS as an integrated
server role in site hierarchy

Manage devices securely
across the Internet

Manage all Microsoft
published updates and
custom updates

Integrated vulnerability
assessment

Manage clients without a VPN

Road Warriors (Sales force, Consultant)

Point Of Sale (Restaurant, Retail store,
Gas station)

Employee’s home computers

Roam in and out intelligently

Converge with standards based
technology

PKI for certificate management

SSL/TLS for secure HTTP communication

Firewall for SSL termination

“Deliver a secure and reliable infrastructure to
enable IT administrators in an enterprise to
manage computers on the internet with the
same level of control as computers on the
intranet.”

Device =
CE, PPC, Windows Mobile (
SmartPhone
)

Basic Management

Hardware/Software inventory, File collection, Software distribution,
Settings management
-

Password policy management, Security policy
management


Support for Smartphone

Over
-
the
-
air management of devices

Connection Management

Internet Based Management

Fallback Status Point

LOB Device Management

CE on ARM at RTM

Deployment

Automated client distribution via SMS Advanced Client desktop

Full integration with SCCM 07

Over
-
the
-
air client upgrade

Significantly faster performance

Using Vista/Windows 7 native “collaboration” technology

Back
-
ported to Windows XP and Windows Server 2003

Underlying protocol: RDP

Same basic functionality as SMS 2003:

No need for end
-
user acceptance of new session

3 levels of access

Full control

View only

None

Still integrated with Remote Assistance



Microsof t Conf idential

All three of these technologies can stand on their
own or can be complimentary to one another

We have already talked about how SCCM can
integrate with WDS (i.e. PXE Point Site System)

For ‘quick’ OS prep and deployment that does not
require a build out of an SCCM architecture, either
MDT and WDS can get the job done on their own.

The beauty is it doesn’t matter how you create
your images


they all use the exact same WIM
image format which can be consumed by any of
these technologies



Personal Archive

Primary Mailbox

E
-
Mail Archiving
Integrated archiving, retention and search

Personal Archive

Move and Delete
Policy

Hold Policy

Multi
-
Mailbox Search

Protect Communications

Protect access and control distribution

Business Intelligence


Information access to put
strategy into action and enable accountability


Easily navigate and
perform rich analysis in a
browser

Enable everyone to create
rich dashboards that
convey the right
information

Review performance
relative to strategy through
strategy maps

Go Beyond the Search Box

Find, Explore, and Connect

Active Directory
®

Federation Services
2.0

Enable more secure business collaboration from virtually anywhere and across
devices, while preventing unauthorized use of confidential information

Enable more secure business communication from virtually anywhere and on virtually
any device, while preventing unauthorized use of confidential information

Secure Messaging

Appendix / Backup Slides


Deliver a simple and secure remote user experience for SharePoint
through integrated SSL VPN capabilities.


Extend SharePoint portal functionality by integrating client/server
applications and networking resources.


Enables easy, secure access to multiple SharePoint portals through
integration with Active Directory and web
-
based single sign
-
on.

Anywhere
Access


Drive compliance through out
-
of
-
the
-
box rules and built
-
in policies for
SharePoint.


Easily integrate strong authentication and endpoint assessment into
access policies.


Limit information access and prevent data leakage.

Integrated
Security


Easily create and publish remote access policies for SharePoint
extranets.


Manage all remote access to SharePoint through a single gateway.


Simplify deployment and ongoing tasks through wizards and built
-
in
policies.

Simplified
Management

UAG is optimized for SharePoint, delivering secure, anywhere
access for your employees, partners and customers.

+

Microsof t NDA Material


Extend Windows DirectAccess to legacy applications and resources
running on existing infrastructure.


Support down
-
level and non Windows clients through integrated SSL
VPN capabilities and other connectivity options.

Anywhere
Access


Protect the DirectAccess gateway with a hardened edge solution.


Limit exposure associated with connecting unmanaged, down
-
level and
non
-
Windows clients through granular application access controls and
policies.

Integrated
Security


Minimize configuration errors and simplify deployment using built
-
in
wizards and tools.


Enhance scale and ongoing administration through built
-
in array
management and integrated load balancing


Consolidate access gateways for centralized control and auditing.

Simplified
Management

UAG extends the benefits of Windows DirectAccess across your
infrastructure, enhancing scalability and simplifying
deployments and ongoing management.

+

7
DirectAccess

Enterprise CAL 2007

ECM / WCM

Search

Social
Computing

Portals

Team
Collab

SharePoint: CALs

Additive

Forms /
Business
Processes

Business Data
Catalog

Business
Intelligence

For organizations
looking to connect
people, processes,
and information.


For organizations that
need expanded
information and data
management
capabilities:


Excel Services


KPIs / Dashboards


Web
-
based forms


Business data search /
connectivity

For organizations
looking to
standardize their
content and
collaboration
platform for content
and people.



Enterprise CAL 2010

For organizations

looking to expand the
capabilities of their

information and

collaboration platform

through line
-
of
-
business
interoperability, visualization
and development of Office
Business Applications.



All 2007
Features

Enhanced
Records
Management

Mobile
Access

Enhanced
Social
Computing

Digital Asset
Management

Find Experts
with People
Search

Additive

Office
Cient

LOB
Integration

Visio Services

*FAST Search
use rights

Workflow

Suites: Core, E
-
CAL

Suites: E
-
CAL

No Price
Increase

Suites: Core, E
-
CAL

Suites: E
-
CAL

*Dependency on FAST Server Purchased
Separately

Performance
Point
Services

Access
Services

Infopath

Forms
Services

Excel Services

Project
Server 2010
Pre
-
Req

SharePoint 2010: Sites

http://
sharepoint2010.microsoft.com/product/capabilities/Sites/Pages/upgrade
-
compare.aspx


SharePoint 2010: Communities

http://
sharepoint2010.microsoft.com/product/capabilities/Communities/Pages/upgrade
-
compare.aspx


SharePoint 2010: Content

http://
sharepoint2010.microsoft.com/product/capabilities/Content/Pages/upgrade
-
compare.aspx


SharePoint 2010: Insights

http://
sharepoint2010.microsoft.com/product/capabilities/Insights/Pages/upgrade
-
compare.aspx


BI in Microsoft SharePoint 2010



Ability to create, access, and
share information seamlessly
and easily

Empower Decision
Makers



Access the right information to
translate strategy into action and
enable accountability

Improve Organizational
Effectiveness



Create and maintain the
infrastructure to effectively drive
BI to all users, inside and
outside the firewall

Enable IT Efficiency

Discoverability

Collaboration

Self Service

Forming
Insights

Data Access

Data interaction

Organizational
Effectiveness

Decision Making

SharePoint 2010: Search

http://
sharepoint2010.microsoft.com/product/capabilities/search/Pages/upgrade
-
compare.aspx


Enterprise
Deployment

Knowledge
Amplification

Better

Answers
,
Faster

SharePoint 2010: Composites

http://
sharepoint2010.microsoft.com/product/capabilities/Composites/Pages/upgrade
-
compare.aspx


Solution
Deployment

Data
Connectivity

User
-
Driven
Solutions

Exchange
2003

Exchange 2007

Exchange 2010

Feature

Exchange CAL

Standard
CAL

Enterprise CAL

Std. + Ent. CAL

Standard
CAL

Enterprise
CAL

Std. + Ent.
CAL

Outlook Client

Yes

No

No

No

No

No

No

Mailbox Manager

Yes

No

No

No

No

No

No

Managed Folders

No

Default

Custom

All

Default

Custom

All

Retention Policies

No

No

No

No

Default

Custom

All

Advanced Exchange
ActiveSync Mobile
Policies

No

No

Yes

Yes

No

Yes

Yes

Journaling

Per Database

Per Database

Per User/DL

All

Per Database

Per User/DL

All

Voicemail with Unified
Messaging

No

No

Yes

Yes

No

Yes

Yes