System Center: Manage your core infrastructure from Desktop to Datacenter - Configuration Manager 2007
Paul CollinsEllis PaulMicrosoft UK
WHAT’S NEW?
System Center Configuration Manager 2007
System Center Configuration Manager 2007
Application & OS Deployment
Asset IntelligenceSoftware UpdateManagement
Desired Configuration Management
Support forthe Mobile Workforce
Software Update Management
•Built on WSUS 3.0 architecture
•Included as Managed Server role in site hierarchy
•Provides Compliance assessment
•All Microsoft software updates categories plus:• OEMs and software vendors (ISVs)• Internally-developed applications (LOB)
•Full integration into other areas of Configuration Manager
Comprehensive Deployment and
Updating
Enhanced
Insight and
Control
Optimized for
Windows and
Extensible
Beyond
Network Access Protection
Define and Enforce System Health
Validate Corporate Policy at the perimeter
• Validates the health of client systems as defined by corporate security policy
Place untrusted systems in lockdown area - Quarantine
• Restricts access from protected network regions based on client health state.
Control system access with Network Restriction
• Provides access to resources allowing clients to correct security policy compliance deficiencies
Perform Ongoing Compliance with constant perimeter health check
• Automatic enforcement of changes to defined corporate security policies ensuring sustained policy complianceComprehensive Deployment and
Updating
Enhanced
Insight and
Control
Optimized for
Windows and
Extensible
Beyond
Mobile Workforce: Internet Based Client Management
Manage clients without a VPN• Road Warriors (Sales force,
Consultant)• Point Of Sale (Restaurant, Retail
store, Gas station)• Employee’s home computers• Roam in and out intelligently
Converge with standards based technology• PKI for certificate management• SSL/TLS for secure HTTP
communication• Firewall for SSL termination
“Deliver a secure and reliable infrastructure to enable IT
administrators in an enterprise to manage computers on the internet with the same level of control as
computers on the intranet.”
Comprehensive Deployment and
Updating
Enhanced
Insight and
Control
Optimized for
Windows and
Extensible
Beyond
Configuration Manager is the solution to comprehensively assess, deploy and update your servers, clients, and devices – across physical, virtual, distributed and mobile environments • Need management for a broad set
of Windows and non-Windows mobile devices
• Need management for devices other than new or upgradable Windows Mobile devices
• Manage their desktops, laptops and mobile devices from a single console
A comprehensive server solution for Windows Mobile that enables IT to have full control of their Windows Mobile device deployment with respect to security, management and access to the corporate network via a Mobile VPN.• For new/upgradable Windows
Mobile devices• Need to deploy and secure new
mobile LOB applications• Need more security management
features than Exchange 2007 ECAL provides
• For customers looking at replacement and/or dual deployment of RIM/Blackberry
Mobile Workforce: Handheld Devices
Desired Configuration Management
DCM Terms And Concepts
Configuration Item (CI)Units of configuration that can be detected, applied, and
removed from Configuration Manager managed machines• Application CI• Operating System CI• General CI• Software Updates CI
Configuration BaselineA complex type of CI composed of other CIs which are:
• Required• Optional• Prohibited
Can be assigned to collections for compliance monitoring
Partner DCM Value-AddsConfiguration Packs
Forefront Server & EdgeHost Integration ServerProject ServerCompliance Libraries
Enhanced ReportingComprehensive ForensicsCompliance Knowledge Document Maps aka Bookmarks Dynamic Reporting SchemaDynamic Grouping and SortingLocalization SupportMulti-Select Filter Options PDF OptimizationSummary to Detail Drilldown
Asset Intelligence• ConfigMgr 2007 to ship with SMS 2003 SP3 asset intelligence features• System Center Online to follow
Integration with “System Center Online” – new rebranded, re-launched AssetMetrix service
Scheduled or on-demand catalog updates Community Integration: Administrators can identify / categorize unknown apps
and push to service Integrated reporting for MLS customers that shows licenses utilized vs. licenses
purchased Additional reports, including Windows Genuine Advantage summary
+ +Asset and License Reports
• License Reporting• SW Consolidation• Upgrade Planning
“System Center Online”
InventoryAMx KB
Real-time Applicationand HW Intelligence
DEPLOYING WINDOWS CLIENTS AND SERVERS
System Center Configuration Manager 2007
Operating System DeploymentHighly automated solution for assessing, migrating and deploying windows server and client operating systemsCommon toolset and processEnd-to-end deployment automation support Assess migration readiness for Windows Server 2008, Vista and Office 2007Built in reports for minimum and recommended settingsEnable dynamic deployment of drivers at runtimeOrganize, replicate and deploy packagesUtilize Windows PnP detection
Comprehensive Deployment and
Updating
Enhanced
Insight and
Control
Optimized for
Windows and
Extensible
Beyond
Significant improvements to existing scenarios
Increased range of scenario support
Windows Deployment
New machine
-Clean install-Wipe and Load
-No migration considerations- New or repurposed hardware
Comprehensive Deployment and
Updating
Enhanced
Insight and
Control
Optimized for
Windows and
Extensible
Beyond
The Task Sequencer•Core OS deployment mechanism
•Delivered to clients as policy via MP
•Sequence of steps to execute
•Completely hands-off for full automation of the process
•Task Sequence can do other actions:• Capture images• Deploy Application chains• Administer complex activities• More (unlimited)
Comprehensive Deployment and
Updating
Enhanced
Insight and
Control
Optimized for
Windows and
Extensible
Beyond
Driver CatalogueCatalog of Configuration
Manager- managed device drivers“Drivers” node
• Import drivers into this node• Set properties on drivers (metadata)• Assign drivers to Driver Packages
“Driver Packages” node• Configuration Manager packages
that are copied to DPs• Typically group related drivers
into one package
Comprehensive Deployment and
Updating
Enhanced
Insight and
Control
Optimized for
Windows and
Extensible
Beyond
Configuration Manager 2007 Roadmap
Configuration Manager SP1• Spring 2008 Availability• Windows Server 2008 and Vista SP1 Support• Asset Intelligence 1.5• Intel AMT Integration
Configuration Manager R2 Plan of Record• Summer 2008 Availability• Microsoft Application Virtualization* integration• Client Health Reporting• Server Provisioning scenarios (including multicast
support on WDS)• Forefront Client security integration (reporting only)• SQL Reporting service (side by side with ConfigMgr Reports)
*SoftGrid
Summary
• Comprehensive Deployment and Updates
• Enhanced Insight and Control
• Optimized for Windows and Beyond
Resources
Product pages – www.microsoft.com/systemcenter
Technet Technical Library - http://technet.microsoft.com/en-us/library/bb735860.aspx
Technet TechCenter http://technet.microsoft.com/en-us/configmgr/default.aspx
Webcasts and Audiocasts http://www.microsoft.com/events/series/technetmms.aspx?tab=webcasts
Configuration Packshttp://www.microsoft.com/technet/prodtechnol/scp/configmgr07.aspx?SCPProdID=6