1 / 40

Preparation & planning your deployment

Preparation & planning your deployment. Richard Smith Senior Consultant – Management, Operations and Deployment Microsoft UK. Agenda. Agenda for the Day and Introductions Common Deployment Project Activities Weapons of Mass Deployment The Deployment Landscape Other Deployment Options.

zarola
Download Presentation

Preparation & planning your deployment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Preparation & planning your deployment Richard Smith Senior Consultant – Management, Operations and Deployment Microsoft UK

  2. Agenda • Agenda for the Day and Introductions • Common Deployment Project Activities • Weapons of Mass Deployment • The Deployment Landscape • Other Deployment Options

  3. Questions? Text Microsoftto 60300 Or Tweet #uktechdays

  4. Agenda for the Day

  5. Today’s Speakers

  6. Desktop Pain Points

  7. What hardware do I need to replace? Are my applications compatible with the new OS? How do I plan my deployment project? How do I get to a standard OS image? How do I migrate data and settings? How do I avoid spending time at the computers receiving the upgrade? Where do I find guidance for desktop and server deployment?

  8. Evolving Customer Needs Unprecedented volumes of data Increasing compliance requirements Increased Focus on Compliance Sarbanes-Oxley, HIPAA, Basel II CIA/FBI Report, 2005 High Costs of Gathering InformationUp to $14K annual opportunitycost per user for inefficient data searchIDC Dramatically Increased Security breaches ~95 million records containing sensitive personal information involved insecurity breaches since  Feb 2005 www.privacyrights.org End Users IT Pros Mobile PCs yield positive ROIMobile users work on average 3.2 hours per week more than desktop usersGartner, Forrester High Costs to Deploy and Manage PCs$200-$1,300 annual IT labor costs/PCGartner / IDC HW mix shifting to laptops Increased emphasis on manageability to lower cost, increase agility Corporate knowledge assets at riskOver 600K laptops lost in US in 2005; 80% of companies’ data on user PCsSafeware Insurance

  9. Common Deployment Project Activities Planning Workshop Compatibility Testing • Project kickoff Image Lifecycle Administration Guide Post deployment Assistance Project Closeout Application Management workshop Inventory Collection Compatibility Remediation Test summary Documentation Vision & Scope Application Assessment Application Packaging / Sequencing Pilot Deployment Project Plan Client Design Microsoft Office Files Conversion Deployment Infrastructure Design Image Creation Solution Definition Workshop Create Solution Administration Guide Proof of Concept Conduct IT Professional Training Discovery & Assessment Image Testing Test Plans Configuration and Operations Testing End User Training Plan

  10. Weapons of Mass Deployment • MDT 2010 • WAIK 2.0 • WinPE 3.0 • Windows SIM • WIM Format • Workbench • ACT 5.5 (Shim DB) • OCT • USMT 4 • APPV 4.6 • OEM Builds • Media Builds • Windows DS • Lite Touch • Zero Touch • ConfigMgr • Service Mgr • MDT 2010 • ACT 5.5 • MAP 4/5 • OMPM • OCCI/OEAT • ConfigMgr • SMS • Security Guides • Offline Service • ConfigMgr • OpsMgr • DEM • Windows DS • DFS/R • MDOP

  11. The Deployment Landscape

  12. Image Engineering • Image Engineering for Windows Vista • Image Engineering for Windows 7

  13. Deployment Tools > Image Engineering > WindowsVista

  14. Deployment Tools > Image Engineering > Windows 7

  15. Image Deployment • LTI deployment with MDT 2010 • Unattended deployment with Windows Deployment Services • ZTI deployment with System Center Configuration Manager SP2

  16. Deployment Tools > Image Deployment MDT 2010 • Includes Support for Windows 7 • Includes Support for USMT 4.0 • Includes Support for WAIK 2.0 / Win PE 3.0 • Includes Support for servicing using DISM • Most of the functionality is very similar to MDT 2008

  17. Deployment Tools > Image Deployment Windows Deployment Services • Dynamic Driver Provisioning with Driver Groups • Multiple Stream Multi-cast transfer • Authorisation for machine Build • Automation of Windows DS client and OS install

  18. WDS - Dynamic Driver Provisioning • Allows machines being deployed through the WDS Client to get only the drivers they need. • Details: • Driver repository resides on the server • Drivers are outside the image • Correct drivers selected for each client at deploy time (by PnP enumeration) • Server policy restricts drivers based on OS image and BIOS information Deployment Tools > Image Deployment > WDS

  19. System Center Configuration Manager SP2 Deployment Tools > Image Deployment • Supports Windows 7 Zero Touch Installation • OS deployment • Driver management • Offline servicing • Application package installation • Support for Binary Delta Replication (available previously with R2) • Support for unknown computers • Support for BranchCache

  20. Application Lifecycle • Application Compatibility with Windows Vista • Application Compatibility with Windows 7 • ACT 5.5/5.6 • Internet Explorer Application Compatibility • Applocker

  21. Challenges with Windows Vista Deployment Tools > App Compatibility > Windows Vista • Deep changes with security model • Deep changes with drivers and service architecture • Not enough granularity with control

  22. Application Compatibility Improvements Deployment Tools > App Compatibility >Windows 7 • Few changes over Vista • Problem Steps Recorder – record issues and send feedback • If it does not works with Vista, it will probably NOT work with Win 7 • ACT 5.5 – support for Vista SP2, Win 7, IE8

  23. ACT 5.5/5.6 Deployment Tools > App Compatibility >Windows 7 • Deprecation compatibility for Windows 7 • Support for Windows update compatibility manifests for Windows Vista with Service Pack 2 (SP2) and Windows 7 Beta • Compatibility information from the Windows Compatibility Center • Review of data before synchronizing with Microsoft • Filtering on specific operating system • Participation in the Customer Experience Program • Standard User Analyzer (SUA) tool, with AppVerifier 4.0 • Internet Explorer Compatibility Evaluator (IECE) replaced by Internet Explorer Compatibility Test Tool (IECTT)

  24. IE7 Challenges Deployment Tools > App Compatibility >IE 7 • Standards Compatibility to HTML DOM and W3C specifications was a sharp change • To avoid app compat issues, “Standards” were not as well-defined as they should have been • Various bugs with running pages in compatibility mode

  25. IE 8 App Compat Improvements Deployment Tools > App Compatibility >IE 8 • X-UA Tag for Quirks mode or EmulateIE7 • Intranet pages default to EmulateIE7 • User can choose Compatibility Mode • Strict adherence to HTML DOM and W3C standards

  26. AppLocker Deployment Tools > Application Lifecycle • Enhancements over software restriction policies (SRP) • SRP used Hash or Path rules – hard to manage and maintain • Limited testing support • No auto generation • Auto generate rules based on a reference machine

  27. User State • Migration Challenges • USMT 4.0

  28. Deployment Tools > User State > Windows Vista > USMT 3.0.1 Migration Challenges • Space requirements meant local capture was often not feasible • Required Domain connectivity to migrate Domain Profiles • Difficult rule combinations to migrate documents

  29. Deployment Tools > User State > Win 7 > USMT 4.0 USMT 4.0 • Hardlink migration • Offline Migration in WinPE • Streamlined Windows.Old folder andDocument Finder • VSS and AES support • Now included in the WAIK download

  30. Security • Security Challenges • BitLocker Drive Encryption

  31. Deployment Tools > Security > Windows Vista Security Challenges • Adding BitLocker after the fact required re-partitioning • No way to protect removable media • UAC was not granular enough

  32. BitLocker Drive Encryption • Deployments of Windows 7 pre-provision BitLocker partition by default • BitLocker To Goprotects removable media • Fully controlled via Group Policy Deployment Tools > Security > Windows 7

  33. Deployment Tools > Security The Evolving Desktop UAC • New UAC Control Panel • Six Admin Prompt Levels • Elevate without prompting • Prompt credentials on secure desktop • Prompt consent on the secure desktop • Prompt credentials without secure desktop • Prompt consent without secure desktop • Prompt for consent for non-windows signed binaries (this is the “Allow certain Windows signed binaries to elevate silently”) • Three Standard User Prompt Levels • Automatically deny elevation requests • Prompt for credentials on the secure desktop • Prompt for credentials without the secure desktop • Mandate the use of encryption with Group Policies

  34. VDI Other Deployment Solutions Essential • User State Virtualisation • Application • Virtualisation Discretionary • Client-hosted desktop virtualization • Session Based Desktop • Virtual Desktop Infrastructure

  35. Additional Technical Detail Local Execution (User PC) Central Execution (Server) • User State Virtualization & Deployment Data Layer Windows Roaming User Profile • Client Side Catching • Folder redirection • Application Virtualization Application Layer • Application Deployment Remote App OS Layer • Desktop Virtualization VDI • Desktop Deployment Remote Desktop

  36. So how should you select an architecture Client / HW Driven Approach Application Driven Approach Yes No Basic Environment Start Active Directory Deployed Group Policy Per Role Configured 80% Desktops >2GB Ram 80% Desktops > 25GB Free Space Regulatory / Security Compliance Network > 10Mb/s to the desktop Special Peripherals Smart Client Environment Building Blocks (Profile / Role / Security / Data Management) Volume Local Printing Smart Client • Group • Policy • Corporate • Base Image • Security • Policy • Data • Syncronisation Requires Mobility Requires Offline Requires Roaming Application Delivery and Requirements App Public Cloud App Private Cloud Remote App Federated Cloud Remote App Private Cloud Virtualized App Centrally Controlled Locally Deployed App Legacy or Emulation Mobile Smart Client Smart Client Applications Require Special or Full HW i.e. Online CRM i.e. Remote Business App i.e. Remote Vendor App i.e. Office i.e. Unified Comm. i.e. 3270 App Local Hosting Needed Can the applications be delivered via Remote Desktop Services Adminsitrator Access needed Local Hosted VDI Remote Desktop Services VDI Task Mobile Office non company PC Contract/ Offshore CorporateImage

  37. Summary • The deployment landscape is richer than ever with many tools and technologies to help with your deployment • Knowing what tools are available and where and when to use them is key to a successful deployment project • Alternative deployment options are now available to drive the idea of a user centric desktop instead of a device centric desktop

  38. For resources, decks and video: www.microsoft.com/uk/techdays my blog blogs.technet.com/deploymentguys

  39. © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related