I109 TS And Virtualization

Uploaded from authorPOINT Lite
Download as
 PPT
Presentation Description 

No description available

Comments Sign in to comment
Embed URL Thumbnail


Custom Embed WordPress Embed

Happy Thanksgiving
What's up on authorSTREAM?
Views: 112
Like it  ( Likes) Dislike it  ( Dislikes)
Added: October 19, 2007 This Presentation is Public 
Presentation Category : Entertainment All Rights Reserved
Presentation Transcript

Slide2: Virtualization Name Lionel CAU Title Senior Consultant Group Infrastructure Services Company SOGETI Switzerland


Agenda: Agenda Longhorn Server Terminal Services Terminal Services Remote Programs Terminal Services Gateway Terminal Services Web Access Server Virtualization Hypervisor Virtual Server System Center Virtual Machine Manager Microsoft SoftGrid Application Virtualization A few words about licensing


Terminal Services: Terminal Services Central office Roaming user Branch office Home office Centralized Application Access Application Deployment Branch Office Secure Anywhere Access Compliance and Security Enabling Technologies TS Remote Programs$ TS Gateway TS Web Access Designed for low complexity scenarios


TS Remote Programs Overview: TS Remote Programs Overview


TS Gateway Overview: TS Gateway Overview Eliminates need for VPN TS Gateway and Network Policy Server RDP 6.0 tunneled over HTTPs


TS Gateway Remote Access: TS Gateway Remote Access Perimeter Network Internet Corp LAN Terminal Server Hotel External Firewall Internal Firewall Home Business Partner/ Client Site Other RDP Hosts Terminal Server Internet Terminal Services Gateway Server Network Policy Server Active Directory DC Tunnels RDP over RPC/HTTPS


TS Gateway Remote Access: TS Gateway Remote Access Perimeter Network Internet Corp LAN Terminal Server Hotel External Firewall Internal Firewall Home Business Partner/ Client Site Other RDP Hosts Terminal Server Internet Terminal Services Gateway Server Network Policy Server Active Directory DC Tunnels RDP over RPC/HTTPS


TS Gateway Remote Access: TS Gateway Remote Access Perimeter Network Internet Corp LAN Terminal Server Hotel External Firewall Internal Firewall Home Business Partner/ Client Site Other RDP Hosts Terminal Server Internet Terminal Services Gateway Server Network Policy Server Active Directory DC Tunnels RDP over RPC/HTTPS Strips off RPC/HTTPS


TS Gateway Remote Access: TS Gateway Remote Access Perimeter Network Internet Corp LAN Terminal Server Hotel External Firewall Internal Firewall Home Business Partner/ Client Site Other RDP Hosts Terminal Server Internet Terminal Services Gateway Server Network Policy Server Active Directory DC Tunnels RDP over RPC/HTTPS Passes RDP/SSL traffic to TS Strips off RPC/HTTPS


CAPs and RAPs: CAPs and RAPs Connection Authorization Policies (CAPs) Allow you to specify users, user groups (and optionally, computer groups) that can access a TS Gateway server Users are granted access to a TS Gateway server only if they meet or exceed the conditions specified in the CAP that contains their group name For example, you might require a user to use a smart card to connect through TS Gateway Resource Authorization Policies (RAPs) Create RAPs to allow access from the TS Gateway server to specific remote computers on the network Instead of creating a resource group manually, you can use a security group defined in Active Directory You create CAPs and RAPs by using TS Gateway Management


TS Web Access Overview: TS Web Access Overview Terminal Services Remote Programs available from a Web browser Default Web page or SharePoint Services Active Directory Domain Services


Other TS improvements: Other TS improvements PnP device redirection for media players and digital cameras Windows Embedded for Point of Service device redirection Remote Desktop Connection display improvements: Custom display resolutions Monitor spanning Desktop Experience Desktop composition Font smoothing Display data prioritization Single sign-on Microsoft Windows System Resource Manager (WSRM) on "Longhorn" Server allows you to control how CPU and memory resources are allocated to applications, services, and processes on the computer


Slide14: Longhorn Server TS TS Remote Programs TS Gateway TS Web Access + Microsoft SoftGrid Application Virtualization


Server Virtualization : Microsoft Virtual Server 2005 R2 Virtual Server MOM Management Pack Windows Server “Longhorn” System Center Virtual Machine Manager Virtual Server 2005 R2 SP1 Virtual Server MOM Management Pack R2 Windows Server virtualization Beta System Center: Virtual Machine Manager Beta Microsoft Virtual Server 2005 R2 SP1 Beta Server Virtualization Windows Server Virtualization within 6 months Of Windows Server “Longhorn”


Windows Server Virtualization: Windows Server Virtualization Virtualization Platform and Management


Virtual Server vs. WSV: Virtual Server vs. WSV


Virtual Server R2 SP1 Beta 2 (1/2): Virtual Server R2 SP1 Beta 2 (1/2) Hardware-assisted virtualization Support for Intel Virtualization Technology AMD Virtualization Technology (AVT) compatibility *(x64-hotfix) By default, hardware assisted virtualization is enabled if present Support for Intel Virtualization Technology and/or AMD Virtualization Technology can also be specifically enabled or disabled on a per virtual machine basis Virtual Server host clustering step-by-step Guide The host clustering whitepaper is now included with Virtual Server Installed at: ~:\Program Files\Microsoft Virtual Server\Host Clustering. The default size for dynamically expanding virtual hard disks has been changed from 16 GB to 127 GB. Virtual SCSI fix for Linux guests Some users encountered an issue when trying to install certain Linux distributions inside a virtual machine on the emulated SCSI bus. The issue occurred most often with the Linux 2.6.x kernel. This issue has been fixed in R2 SP1 Beta 1


Virtual Server R2 SP1 Beta 2 (2/2): Virtual Server R2 SP1 Beta 2 (2/2) Volume Shadow Service Support improved support for backup and disaster recovery. Instead of scheduling downtime for backing up each virtual machine individually, customers will now be able to take snapshot backups of physical machines that will in turn take snapshots of all the virtual machines on that physical host. Offline VHD Mounting view and manipulate the files in a VHD from the host OS. This enables administrators to easily deploy scripts and perform virus scans across VHDs without having to start each virtual machine. Active Directory integration and management features Virtual Server service now publishes its binding information in Active Directory as a Service Connection Point (SCP) object. System administrators can use this information to easily locate all instances of the Virtual Server service within an Active Directory forest.


System Center Virtual Machine Manager : System Center Virtual Machine Manager One Click switching between physical and virtual views VM State Transition, migration and checkpoints Complete details of both physical and virtual layers Customizable grouping of physical and virtual machines into resource pools


Virtual Machine Manager: Public Beta 1, TAP: Core features with limited documentation RTM: Full product, highest quality with complete documentation Q3 2006 Public Beta 2: Enterprise features, core documentation Virtual Machine Manager


VMM: Feature Summary (V1): VMM: Feature Summary (V1)


Centralized Management of Virtual and Physical Systems: Centralized Management of Virtual and Physical Systems ‘Host Groups’ are key to organization Container for physical assets or systems Derived from active directory or built manually by administrator Host Groups organized into completely customizable tree structure Enables resource pooling that drives hardware utilization Unit of policy application for Self-Service Portal


Consolidation: Consolidation Identification of consolidation candidates Integrated Operations Manager consolidation candidate report Consideration of peak vs. average performance Configurable report parameters Physical to Virtual Migration Not VSMT based, new VSS based P2V Support for Windows 2000 Server, Windows 2003 Server, optimized for Windows 2003 and above Optimized network transport using BITS No need to boot into PXE (W2K3 +) Wizard based or scripted via Powershell


Placement of Virtual Machines: Placement of Virtual Machines Capacity planning everywhere Placement of virtual machines onto physical hardware is the key in maximizing the utilization from physical assets Capacity considerations now required for every workload Placement in SC VMM Executed upon every placement of virtual machine: P2V, migration, template deployment Three inputs into rating scheme: hard and two types of soft Hard Requirements – Minimum CPU, RAM, Disk and Network resources that are not already committed to another VM Soft Requirements (Historical Performance) – For physical workloads this would be derived from MOM, for virtual workload this is derived from SC VMM data store Soft Requirements (Current Host Performance) – The actual resource consumption of the virtualization hosts


Offline Library Organizing the Virtual Data Center: Offline Library Organizing the Virtual Data Center Templates Captures both software and virtual hardware settings to standardize deployment of new virtual machines Implemented as “sysprepped.vhd” with associated hardware configuration Virtual Machines Enables controlled way to store and organize non-running virtual machines Enabler to scheduled VM deployment and tear down Disks, ISO and Scripts Distributed architecture Multiple library servers enable images to be distributed throughout organization Configuration of Distributed File System Namespace and Replication with library servers provides method for standard image distribution


Self-Service Portal: Self-Service Portal Web based interface Significant Controls for Managed Deployment End Users only able to engage with their VMs Limited set of templates offered to each user for deployment Quotas set on resources by individual Optionally deployed Stale machines “retired” after lease expiration


Slide28: VS R2 SP1 B2 + SC VMM B1


SoftGrid : 3 Key Components: SoftGrid : 3 Key Components


MVS 2005 R2 MP State view : MVS 2005 R2 MP State view


MVS 2005 R2 MP Diagram view: MVS 2005 R2 MP Diagram view


MVS 2005 R2 MP Virtualization Candidates: MVS 2005 R2 MP Virtualization Candidates


A few words about licensing: A few words about licensing Windows Server 2003 R2 Enterprise Edition Includes 4 virtual instances Windows Server 2003 R2 Datacenter Edition Includes unlimited virtual instances Note: Requires a Windows Server Datacenter Terminal Services CAL Licensing per virtual processor SQL, BizTalk, ISA server, etc “Running Instance” based licensing Will enable new usage models http://www.microsoft.com/licensing/userights


Licensing by Virtual Processor: Licensing by Virtual Processor LESS VMs Than Processors MORE VMs Than Processors Previous License Rights: Total: 2 WS licenses + 4 SQL processor licenses New License Rights: Total: 2 WS licenses + 1 SQL processor license Previous License Rights: Total: 6 WS licenses + 4 SQL processor licenses New License Rights: Total: 6 WS licenses + 5 SQL processor licenses Proc 2 Proc 1 Proc 3 Proc 4 Proc 3 Proc 2 Proc 1 Proc 4


A LPS international leader: A LPS international leader Dedicated to Local Professional Services in Information Technology A leader with € 1.1 b rev. and 17’000+ eng. An international player covering Europe and USA Backed by Capgemini group (55 000 staff) USA (2’000) Baltimore, Chicago, Cincinnati, Cleveland Columbus, Dallas, Detroit Houston, Indianapolis Kansas City, Minneapolis New York, Omaha, Portland, Seattle, Washington DC Europe (14'500) France (8'500) United Kingdom (70) Spain (1'200) Belux (900) Switzerland (100) Germany (80) Sweden (620) Netherlands (2'000) Ireland (50) Poland (partners)


Offer perimeter: Offer perimeter


MS IOM: 4 phases and 5 capabilities: MS IOM: 4 phases and 5 capabilities Identity & Access Management Desktop, Server, & Device Management Security & Networking Data Protection & Recovery IT Management & Security Process


Slide39: The Core IO model Mastering backup and restore processes on critical servers Users data are managed and controlled Centralized administration of backups Restore tests performed regularly Anti-virus on all workstations Centralized firewall Basic network services Remote accesses sevures Firewall on laptops Secured wireless network Complete automation Quarantine feature Security logs centralized Network and security Data protection Services support processes No standard Limited security Backups are not sures and not tested Multiple storage locations for end users data Informal processes No SLA SLAs have been validated Centralized Service Desk Incident and problem management in line with ITIL best practices Change and configuration management in line with ITIL best practices Services management dashboard Users data synchronized Disk to disk backups Manual administration Minimal policies in terms of granting access to ressources Automatic updates Standardized images for workstations Complete monitoring of critical servers Automatic inventory and setup Laptops are secured Capacity Management Automatic laptop management Centralized users identification Security Automation Administration partially centralised Administration totally centralised External access authentification Access and identity management Workstations and servers mangement No standardized workstation, several images No centralised management


Slide40: Mastering backup and restore processes on critical servers Users data are managed and controlled Centralized administration of backups Restore tests performed regularly Anti-virus on all workstations Centralized firewall Basic network services Remote accesses sevures Firewall on laptops Secured wireless network Complete automation Quarantine feature Security logs centralized Network and security Data protection Services support processes No standard Limited security Backups are not sures and not tested Multiple storage locations for end users data Informal processes No SLA SLAs have been validated Centralized Service Desk Incident and problem management in line with ITIL best practices Change and configuration management in line with ITIL best practices Services management dashboard Users data synchronized Disk to disk backups Manual administration Minimal policies in terms of granting access to ressources Automatic updates Standardized images for workstations Complete monitoring of critical servers Automatic inventory and setup Laptops are secured Capacity Management Automatic laptop management Centralized users identification Security Automation Administration partially centralised Administration totally centralised External access authentification Access and identity management Workstations and servers mangement No standardized workstation, several images No centralised management Optimization steps (1/4) Phase 1: Evaluate OIM steps


Slide41: Mastering backup and restore processes on critical servers Users data are managed and controlled Centralized administration of backups Restore tests performed regularly Anti-virus on all workstations Centralized firewall Basic network services Remote accesses sevures Firewall on laptops Secured wireless network Complete automation Quarantine feature Security logs centralized Network and security Data protection Services support processes No standard Limited security Backups are not sures and not tested Multiple storage locations for end users data Informal processes No SLA SLAs have been validated Centralized Service Desk Incident and problem management in line with ITIL best practices Change and configuration management in line with ITIL best practices Services management dashboard Users data synchronized Disk to disk backups Manual administration Minimal policies in terms of granting access to ressources Automatic updates Standardized images for workstations Complete monitoring of critical servers Automatic inventory and setup Laptops are secured Capacity Management Automatic laptop management Centralized users identification Security Automation Administration partially centralised Administration totally centralised External access authentification Access and identity management Workstations and servers mangement No standardized workstation, several images No centralised management Phase 1: Evaluate Improvment areas defined OIM steps Optimization steps (2/4)


Slide42: Mastering backup and restore processes on critical servers Users data are managed and controlled Centralized administration of backups Restore tests performed regularly Anti-virus on all workstations Centralized firewall Basic network services Remote accesses sevures Firewall on laptops Secured wireless network Complete automation Quarantine feature Security logs centralized Network and security Data protection Services support processes No standard Limited security Backups are not sures and not tested Multiple storage locations for end users data Informal processes No SLA SLAs have been validated Centralized Service Desk Incident and problem management in line with ITIL best practices Change and configuration management in line with ITIL best practices Services management dashboard Users data synchronized Disk to disk backups Manual administration Minimal policies in terms of granting access to ressources Automatic updates Standardized images for workstations Complete monitoring of critical servers Automatic inventory and setup Laptops are secured Capacity Management Automatic laptop management Centralized users identification Security Automation Administration partially centralised Administration totally centralised External access authentification Access and identity management Workstations and servers mangement No standardized workstation, several images No centralised management PROJECT 3 PROJECT 1 PROJECT 2 Phase 1: Evaluate Improvment areas defined Phase 2: Optimization projects OIM steps Optimization steps (3/4)


Slide43: Mastering backup and restore processes on critical servers Users data are managed and controlled Centralized administration of backups Restore tests performed regularly Anti-virus on all workstations Centralized firewall Basic network services Remote accesses sevures Firewall on laptops Secured wireless network Complete automation Quarantine feature Security logs centralized Network and security Data protection Services support processes No standard Limited security Backups are not sures and not tested Multiple storage locations for end users data Informal processes No SLA SLAs have been validated Centralized Service Desk Incident and problem management in line with ITIL best practices Change and configuration management in line with ITIL best practices Services management dashboard Users data synchronized Disk to disk backups Manual administration Minimal policies in terms of granting access to ressources Automatic updates Standardized images for workstations Complete monitoring of critical servers Automatic inventory and setup Laptops are secured Capacity Management Automatic laptop management Centralized users identification Security Automation Administration partially centralised Administration totally centralised External access authentification Access and identity management Workstations and servers mangement No standardized workstation, several images No centralised management Optimization steps (4/4) Phase 1: Evaluate Improvment areas defined Phase 2: Optimization projects OIM steps Reevaluate


Virtualization Progression: Virtualization Progression


Slide45: SOGETI added value SOGETI is Microsoft « GOLD Partner » certified The highest level of certification, recognizing SOGETI experience and knowledge in Microsoft products and processes SOGETI is a global Microsoft worldwide partner with strong links between companies and permanent technical and administrative interfaces Microsoft IOM is based on MOF and Microsoft experience while SOGETI added value lies in Deeper knowledge using Microsoft products in heterogeneous environments Professional expertise in IT project management (+ people) Existing material and experience in evaluating infrastructures’ strengths and weaknesses and how to improve current situation SOGETI 3 main axis of action Automation (Tools, Scripts, Web portals, Tasks sequencers, Schedulers, Monitoring) Availability (Clustering, Load balancing, Caching, Backup/Restore, Security) Agility (Virtualization, Update mechanisms, Standardization, Simplicity) SOGETI’s offer MIO « Microsoft Infrastructure Optimization » In partnership with Microsoft Based on IOM from Microsoft, completed with SOGETI’s processes and people


Deliveries: Deliveries MIO is based on predefined materials, all are customized and detailed regarding your environment Projects are part of a complete and detailed service catalog, depending on your needs


Benefits of MIO: Benefits of MIO Simplify Microsoft infrastructure Makes it closer to real business needs Simplify all operating tasks as a consequence Reduce security threats (#hardening) Automate maintenance tasks Improve flexibility (new applications, migrations, …) Reduce compatibility issues (#ever greening) Evaluate maturity level and highlights optimization tracks Study licensing issues and potential benefits  Reduce costs and improve service quality AND … Helps to clarify IT staff vision of available technologies Helps finding appropriate tools and techniques when new projects are starting Helps technical staff to realize the potential benefits of ready to use guides and scripts as well as IT process management (#ITIL) Helps to spread knowledge within IT departments and between IT departments