1 / 26

Welcome

Welcome. Stay Connected with Microsoft Ireland http://www.microsoft.com/ireland/technet. TechNet Ireland - Resources for IT Professionals Irish TechNet Newsletter Events Microsoft technology user groups (SQL/NIMTUG) Early access to betas Community support

ifama
Download Presentation

Welcome

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome

  2. Stay Connected with Microsoft Ireland http://www.microsoft.com/ireland/technet • TechNet Ireland - Resources for IT Professionals • Irish TechNet Newsletter • Events • Microsoft technology user groups (SQL/NIMTUG) • Early access to betas • Community support • Don’t forget to hand back the evaluation forms • colmt@microsoft.com / daven@microsoft.com

  3. Agenda • 14:00 Setting the scene – IOI • 14:15 Active Directory and IPSec • 15.30 Tea / Coffee • 15:45 MOM • 17:00 Refreshments

  4. Value Creation Maintenance & Delivery A Crisis Of Complexity

  5. Solving The Challenge:Infrastructure Optimization

  6. Managed and consolidated IT Infrastructure with maximum automation Fully automated management, dynamic resource Usage , business linked SLA’s Managed IT Infrastructure with limited automation Uncoordinated, manual infrastructure More Efficient Cost Center Business Enabler Strategic Asset Cost Center * Based on the Gartner IT Maturity Model

  7. Technology View of Model

  8. Technology View of ModelOne Example Data Protection & Recovery • Local user data stored randomly and not backed up to network • Any backup happens locally • No user state migration available for deployment • Standards for local storage in “My Docs” but not redirected or backed up • Any backup happens at workgroup level • Backup/restore on critical servers • Some automation of user state migration available for deployment • Users store data to “My Docs” and synched to server • Backup managed at company level • Backup/restore of all servers with SLAs • User state is preserved and restored for deployment • Self managed backup and restore on all servers and desktop data with SLAs

  9. Translating IOI into action

  10. Know what you have

  11. Measure impact of change Point Solutions Integration Standards Based Common Tools Strategically Aligned Exception Management Core Applications Server SAP Dev File Print Messaging Web Client Messaging SAP Antivirus Remote Control Office Internet FileNET Utilities Suppor t Management Security File\Print\Fax Servers Platform Server Single Manufacturer Certified Installs Standard Build Managed Client Single Manufacturer Gold Build Version Control Other devices (PDA, mobile, etc.) File\Print\Fax Servers Domain NetworkServices DHCP etc. Authentication AD, SSO, etc NameServices DNS, WINS Replication Network WAN LAN RAS Internet

  12. AD Forest, Domain and OU Design & GPOs Common Practices/Tips and Tricks

  13. Forest/Domain Design • Majority of Active Directory Forests being implemented are single forest/single domain • separate development/pre-production forests • Multiple NT4 production domains collapsed into single domain • Significant impact on administration – centralised (some delegation of tasks) • Tip: Always start from single forest/single domain when planning • Try to avoid non-technical influences • Tip: Two things that “negatively affect” AD • Bad replication design • Bad Group Policies

  14. OU Design • OU creation based on • Delegation of Administration • Application of GPO’s • Increasing use of security/WMI filtering of GPO’s • Choice of 3 basic models reflect • Resources • Geography • BU Structure • Tip: use a top level OU • Tip: moving objects between OU’s affects • GPOs applied • Scripts • Tip: Naming Conventions

  15. GPOs • Minimum should be • Domain and Security policies • Automatic updates • Windows Firewall • Remote Desktop/Remote Assistance/Remote Control • Internet Explorer configuration • Restricted Groups • Office ADM’s • Tip: Take as much configuration out of the standard build process into Group Policy as possible • Tip: netstat –ano • Tip: Disable unused portions of GPO’s • Tip: Naming Conventions • Link: Group Policy Settings Reference for Windows Server 2003 with Service Pack 1

  16. Demo • Different OU Strategies • GPOs (Firewall, etc)

  17. IPSec • What’s it about? • Ensure only managed/known devices communicate with each other • IPSec or 802.1x? • Gathering momentum with Networking teams – take control of the options! • What’s achievable in standard environments? • Domain Isolation (full or partial) • Server Isolation in Isolated Domain • What is an IPSec Policy • Filters to identify machines and protocols/ports • Actions to taken when traffic matches a filter • Tip: Mandatory - Ensure that core domain traffic - Domain Controllers, WINS, DNS, DHCP etc. etc. is filtered out and always allowed • Tip: Keep it simple, get comfortable • Link: IEEE 802.1X for Wired Networks and Internet Protocol Security with Microsoft Windows

  18. Demo • IPSec

  19. Coffee BreakBack @ 15:40

  20. Microsoft Operations Manager

  21. MOM 2005 Management Packs Active Directory Application Center 2000 Automated Deployment Services (ADS) BizTalk Server 2002 Enterprise Edition Biztalk Server 2004 Commerce Server 2000 Domain Name Service (DNS) Dynamic Host Configuration Protocol (DHCP) Exchange Intelligent Message Filter Exchange Server 2000 and 2003 Exchange Server Best Practices Analyzer Exchange 5.5 Group Policy Host Integration Server 2000 Internet Information Services (IIS) Internet Security and Acceleration (ISA) Server Live Communications Server 2003 Live Communications Server 2005 Microsoft Baseline Security Analyzer Microsoft Distributed Transaction Coordinator Microsoft Identity Integration Server 2003 Microsoft Message Queuing (MSMQ) Microsoft Office Project Server 2003 Microsoft Server Clusters Microsoft SharePoint Portal Server 2003 Microsoft Transaction Server (MTS) Microsoft Windows File Replication Service Microsoft Windows SharePoint Services Microsoft Operations Manager 2005 .NET Framework Network Load Balancing Password Change Notification Service Proxy Server 2.0 Routing & Remote Access Service for Windows 2000 Routing & Remote Access Service for Windows Server 2003 SNA Server 4.0 SQL Server Systems Management Server 2.0 Systems Management Server 2003 Terminal Services Virtual Server Web Sites and Web Services Windows Base Operating System Windows DFS Service Windows DHCP Service Windows File Replication Service Windows Internet Name Service (WINS) Windows Media Services Windows Print Server Windows Rights Management Services Windows System Resource Manager Windows Terminal Server

  22. 3rd Party MOM Management Packs 3Com AirDefense Anti-Virus Applications APC UPS AVICode Intercept Studio BayNetworks (Nortel) Bindview BlackBerry Enterprise Server Brocade Cisco Cisco PIX Firewalls Cisco Routers Cisco Switches Cisco VPN Concentrators Citrix MetaFrame XP Debian Linux Dell OpenManage EMC EqualLogic SAN Foundry FreeBSD Generic SNMP HP Insight Manager HP Integrity HP ProLiant HP Tru64 HP-UX IBM AIX IBM FastT storage iVision Liebert Lotus Domino Mac OS X Magellan-Passport (Nortel) Mandrake Linux MiraPoint NetApp NetBSD NetScreen Nice OpenBSD OpenVMS Oracle RDBMS Generic Syslog RedHat Linux SAP R3 SCO Unix F5 Network BigIP Sun Solaris SuSe Linux Synoptics (Nortel) Tidal Enterprise Scheduler Veritas Backup Exec VMWare Wellfleet (Nortel) WindowsCE CONNECTORS Aprisma SPECTRUM, BMC Impact CA Solve for z/OS, CA Unicenter Clarify Amdocs, Fujitsu-Siemens ServerView HP Network Node Manager HP OpenView Operations (OVO) Maranti Networks, Metilinx Connector Micromuse NetCool, NetIQ AppManager OpalisRobot, Peregrine Service Center Quest InTrust, Remedy ARS, Siebel HelpDesk SMARTS InCharge, Tivoli Enterprise Console Tivoli Information/Management for z/OS Tivoli Net View Connector, Tivoli Service Desk Tivoli Net View for OS/390, Vantive

  23. MOM • Why MOM (from a field perspective?) • Why implement any mission critical environment without MOM? • Always asked “What should we monitor in AD, or Exchange, or SQL?” • Answer – what MOM monitors • Knowledge driven – intended to supply the resolution with the problem • SO easy to integrate with other management tools • Dell OpenManage Server Administrator, HP Insight Manager • SLA evidence (Reporting) • It isn’t expensive • Tip: Check for MP’s regularly • Tip: MOM on SQL SP4 gotchas

  24. Demo • MOM install - guidance • Agent deployment • MP imports • Reporting • Create Management Packs • MOM 2005 Resource Kit • Extending MOM

  25. Additional Links • Service overview and network port requirements for the Windows Server system - http://support.microsoft.com/default.aspx?scid=kb;en-us;832017 • MOM Management Packs - http://www.microsoft.com/management/mma/catalog.aspx • Windows Server System Reference Architecture - http://www.microsoft.com/technet/itsolutions/wssra/raguide/default.mspx • Windows XP Security Guide - http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/default.mspx • Windows Server 2003 Security Guide - http://www.microsoft.com/technet/security/prodtech/windowsserver2003/w2003hg/sgch00.mspx • What's New in Windows Server 2003 R2 - http://www.microsoft.com/windowsserver2003/r2/whatsnewinr2.mspx

More Related