Vista Launch_Nixon.ppt

453 views
362 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
453
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message The Windows Vista™ operating system provides key benefits for IT professionals. Presenter Script Hello and welcome to this presentation, where we will discuss the top benefits of the Windows Vista operating system for IT professionals. My name is <<insert name>>. Presenter Guidance If appropriate, provide a brief background on your qualifications and experience. Additional Presenter Information © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Microsoft, Active Directory, BitLocker, the Security Shield logo, Visual Basic, Windows, the Windows logo, Windows NT, Windows Server, Windows Server System, and Windows Vista are registered trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Microsoft Corporation • One Microsoft Way • Redmond, WA 98052-6399 • USA
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Review content that will be covered during the presentation. Presenter Script So, let’s begin the presentation by quickly stepping through the agenda. First, we’ll do a level set by discussing why we are here and what you can expect to get out of this presentation. Next, we’ll spend a few minutes on a brief overview of Windows Vista as an operating system. Then we’ll dive into the discussion and demonstrations around the features that support the top Windows Vista benefits for IT professionals. Lastly, we’ll wrap everything up with a brief summary and the recommended next steps. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Enabling a people-ready business. Presenter Script The world that businesses operate in is changing. As users become more technically savvy, they expect tools that make them more effective in doing their work. Connectivity is expected, they think the answer can be found if they look in the right place with the right tools, and they believe that their efforts will make a difference. The way we learn, communicate, and work, changes. More than ever before, we can make our voices heard and engage and communicate with others all over the world. The center of gravity has shifted from big companies and institutions toward the individual. Businesses don’t gain insights or make decisions. Businesses don’t close deals, invent new products, or find new efficiencies. People do. To see results, you have to give your people the right tools, information, and opportunities—because success ultimately comes down to your people. But these same changes that have brought the individual to the center have also brought new concerns. Companies of all sizes experience the proliferation of the networks, form factors, and digital data; the increased exposure to security threats; and the ever-high pressure to reduce the costs of deploying and managing their corporate PCs. To address these challenges, as well as to take advantage of the opportunities of the changing world, the world of greater individual impact, businesses need to foster an environment that enables their people with the right tools and information. Modern software, such Windows Vista, is designed with information and people in mind and provides great tools to empower people, set them up for success, and help businesses thrive. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Windows Vista business scenarios. Presenter Script Let’s spend a few minutes talking about how Windows Vista can deliver value to your enterprise by addressing critical needs and can help you to achieve a people-ready business. First, it empowers your people by making it easy for them to find and use information. Second, it enables mobile and remote workers to stay connected and productive wherever they are. Windows Vista also addresses growing security threats and will help protect your people’s data in and out of the office, secure your environment, and make it easier to achieve compliance with government regulations and internal policies. Finally, it will help lower the cost of deploying, managing, and supporting your corporate PCs by helping you to optimize your desktop infrastructure. Windows Vista can give you all of these productivity, mobility, and security benefits while also helping you achieve a lower total cost of ownership. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Transition into benefits section. Presenter Script We discussed the overall goals and scenarios focused around Windows Vista to give you a feel for the intentions behind its features and functionality. Let’s shift gears now and dive into some of the specific top benefits that IT professionals can expect to see from Windows Vista. Keep in mind that as we identify each of these benefits, we will also discuss and in many cases demonstrate the Windows Vista features and functionality that support them. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Tools and resources are provided to reduce the deployment complexity and risk with Windows Vista. Presenter Script The first benefit that IT professionals have identified is “reduced deployment complexity and risk because of the Windows Vista deployment tools and resources that are provided.” There are three key phases in the deployment cycle. They are planning, engineering, and implementation. Let’s review each one and identify the tools/resources that can help you in that stage. Planning Phase The Microsoft® Application Compatibility Toolkit (ACT) and User State Migration Tool (USMT) are key tools to be used in the planning phase. When you want to deploy a new version of the Microsoft Windows® operating system, what are the steps that you have to go through? The first thing that you’ll have to do is inventory all the software applications that you have. You’ll have to analyze your applications for compatibility to see if they work on Windows Vista. If you come across challenges, you’ll need to determine what fixes to apply and how to mitigate the challenges. With Windows Vista, Microsoft provides a significantly enhanced tool called the Application Compatibility Toolkit (ACT). It is available to help you move your applications to Windows Vista by helping determine application compatibility and addressing some of the challenges. Once you have resolved any application compatibility issues, you have to decide what you want to migrate. A lot of users will want to have their settings and data migrated. With Windows Vista, Microsoft has enhanced the capability of moving applications with their settings. If you have an application that works in Microsoft Windows XP and you have tested it and it works in Windows Vista, you can put it into a “white list.” Windows Vista will migrate those applications from the user’s old Windows XP desktop to the new Windows Vista desktop. An additional part of this process is the creation of migration scripts—using a list of applications that you want to move. In Windows Vista, Microsoft provides another enhanced tool called the User State Migration Tool (USMT), which will help you with all of these steps. Before moving to the next phase, you have to test, test, and test it some more to help make sure that all of these applications work and that the migration is successful. Engineering Phase The purpose of the engineering phase is to build and customize the “perfect” image that you will use for deployment. Microsoft has developed a number of tools to assist with this process. ImageX is a command-line tool that can be used to capture an image, whereas the Windows Vista System Image Manager is a graphical user interface (GUI) tool to create a customized image. Imaging and modularization are two very important innovations in Windows deployment, and the desktop engineering tools correspond to these innovations. On the imaging side, ImageX is the tool of choice to create management files. With ImageX you can mount and edit Windows Image (WIM) files offline and add WIM files and packages into it directly. You can also capture the desktop volume. ImageX desktop versions are always version agnostic, and you can use ImageX to capture Windows XP or Windows 2000 images. On the modularization side, System Image Manager is the tool of choice to work with modules. You can use it to add optional components such as languages, service packs, and drivers. You can also use it to create an unattend file in XML, which offers significant benefits, particularly in terms of automating these processes. Although System Image Manager utilizes a GUI, it is also fully scriptable. The Business Desktop Deployment (BDD) Workbench for Windows Vista is a tool that assists in the creation and capture of a master image. The process for creating the golden image for Windows Vista deployments using BDD Workbench is very similar to earlier versions. The BDD Workbench is the replacement for BDD 2.5 Config.hta and is a Microsoft Management Console (MMC) 3.0 snap-in. In the BDD Workbench, you’ll be able to configure specific settings in Unattend.xml, the task sequencer, etc. Implementation Phase The purpose of the implementation phase is to actually deploy your master image of Windows Vista. There are a variety of tools to support the deployment of your Windows Vista master image. They include: Microsoft Systems Management Server (SMS) 2003 – SMS 2003 will support Windows Vista deployment with an update to the Operating System Deployment (OSD) Feature Pack. Windows Deployment Services (WDS) – WDS is a replacement for Remote Installation Services (RIS) and provides Preboot Execution Environment (PXE) boot services. BDD Workbench – The BDD Workbench has been updated to support Windows Vista for Lite Touch and Zero Touch Installations. SMS version 4 (v4) – With SMS v4, there will be a consistent mechanism for operating system deployment of clients and servers. Additional speaker notes on next slide.
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Complexity and required management activities for images is reduced in Windows Vista. Presenter Script The next benefit that IT professionals have identified is “reduced complexity and required management activities for images.” As discussed in the previous slide, image creation and management are key in the engineering phase of the deployment cycle. Microsoft has greatly enhanced the key Windows Vista tools that make this process simple and straightforward. ImageX ImageX is a command-line tool for manipulating WIM image files. It can be run from the command prompt or from the Windows Preinstallation Environment (WinPE). The fact that ImageX is command-line driven means that it can be scripted to perform batch operations, reducing the manual effort required for repetitive tasks. One of the interesting capabilities of ImageX is that it can be used to mount the contents of WIM files. Using the ImageX mount command, you can browse and edit the contents of an image file in the same way that you would access normal files and folders on disk. This makes it incredibly easy to monitor the contents of your WIM files. Instead of needing to apply an image to a computer and modifying the desktop before repackaging the updated image, with ImageX, you can simply drag files to make the desired changes. ImageX also allows you to modify the contents of WIM files in powerful ways. For example, with ImageX, you can create additional images within the same WIM file and update the contents of each image separately. Additional functions of ImageX include the ability to capture WIM images from existing systems, thereby applying changes to images, repackaging Windows images, and then exporting the contents of the WIM files. In short, ImageX provides a powerful, scriptable interface for most common image-related administrative functions. Windows System Image Manager Windows Vista also includes a powerful new tool called the System Image Manager. The System Image Manager replaced the Windows XP Setup Manager and is used to simplify the process of creating and editing the unattend.xml file even further. The System Image Manager can read the contents of an existing unattend.xml file and use this data to automatically create setup configuration sets that include all the components referenced by your configuration file. This means that administrators do not need to worry about resolving component paths and making sure that all setup components are in the right places—the System Image Manager takes care of these functions automatically. Since the System Image Manager handles component paths, this means that unattend.xml files are now portable. You can access your configuration file from any location without needing to edit the file paths that it contains. The System Image Manager also provides simple graphical or command-line interfaces for entering license data, specifying setup steps, and defining initial settings. Together, these functions mean that the System Image Manager replaces the disparate suite of tools needed to configure previous versions of Windows Setup with a single, powerful utility. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Complexity and required management activities for images is reduced in Windows Vista. Presenter Script The next benefit that IT professionals have identified is “the ease in identifying and managing compatibility issues with deploying legacy application.” The Application Compatibility Toolkit (ACT) 5.0 has been released to deal specifically with Windows Vista deployment. It can inspect your Windows Vista system and identify applications that may not run correctly with default Vista security settings. Information about these applications is stored in a local database, along with recommendations about appropriate security settings. Administrators can then review the contents of their local database and authorize each application to run with the security privileges it needs in order to function correctly. After an application has been added to the database and authorized by an administrator, Windows Vista will run that application with appropriate settings. By using the Application Compatibility Toolkit, administrators can deploy Windows Vista without disrupting the functionality of their existing enterprise software. ACT version 5.0 assists customers in understanding their application compatibility landscape, identifying which applications are compatible with Windows Vista, determining applications that require further testing, and delivering application compatibility fixes for applications. ACT helps customers lower their cost of application compatibility testing, prioritize their applications, and more quickly deploy Windows Vista. When you begin using ACT 5.0, you are shown a welcome video that will present the benefits of using it. The Application Compatibility Manager with ACT 5.0 will make the process of using this tool easier with updated configuration abilities, including the ACT Configuration Wizard, which guides you through the initial configuration of your ACT project, database, and log processing service. In addition, there are updated data collection abilities, enabling you to configure your compatibility evaluator settings and schedule, while gathering your compatibility status information -- all from one central location. Gathering data is important and necessary to determine which areas you need to focus your application compatibility resolution steps on; however, without a way to organize this data into meaningful categories, it could be overwhelming. The Application Compatibility Manager includes new data organization abilities, enabling you to categorize and prioritize your application inventory, include or exclude issues from your compatibility reports, and track your deployment status. Once your data is organized, updated data analysis abilities will enable you to view compatibility reports for your applications, computers, Web sites, and Windows Updates, and to save and export your reports for workgroup collaboration. Because ACT 5.0 was designed to work with Windows Vista deployment, compatibility evaluators have been added that are specific to Windows Vista. These include the Inventory Collector, the User Account Control Compatibility Evaluator (UACCE), the Update Impact Analyzer (UIA), and the updated Internet Explorer Compatibility Evaluator (IECE). Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Demonstrate ACT 5.0. Presenter Script In this demonstration, we will show how to install and configure the Application Compatibility Toolkit version 5.0 . Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Windows Vista Zero-Touch Provisioning (ZTP) provides a more consistent and predictable way to do provisioning. Presenter Script The next Windows Vista benefit that IT professionals have identified is the opportunity to “provide a more consistent and predictable way to do provisioning tasks with Zero Touch Provisioning (ZTP).” Administering and managing your network can be time consuming and complex. Although many of the common administrative and management tasks can be delegated to managers within your organization, you still want these tasks to go through an approval process before completion. With Windows Vista ZTP, you can delegate administrative tasks (known as ZTP services), acquire the appropriate approvals, and even accrue charges for the ZTP service as it’s fulfilled. In addition, you can allow users to perform self-administered ZTP services, such as installing an application or upgrading their operating systems. ZTP can also help automate other administration and management tasks. Not only does ZTP provide built-in core services, but you are able to utilize ZTP and SMS to create customized provisioning services. The core ZTP services include: Reset a password – Allows a user or delegate administrator to reset a forgotten user password from the ZTP Web portal. Provision a user – Allows a delegate administrator to create a user in the Microsoft Active Directory® directory service. Edit user details – Enables users to manage their own information (for example, phone, address, cubical, home address, etc.). ZTP queries the Active Directory properties of a user and allows them to be modified in the ZTP user interface based on business rules established by the company. Add a user to a security group – Allows a user or delegate administrator to add a user to an Active Directory group that they have permissions to control. Remove a user from a security group – Allows a user or delegate administrator to remove a user from an Active Directory group that they have administrative permissions to control. Add a user to a distribution list – Allows a user or delegate administrator to add a user to a Microsoft Exchange Server distribution list that they have permissions to control. Remove a user from a distribution list – Allows a user or delegate administrator to remove a user from an Exchange Server distribution list that they have administrative permissions to control. Add an application to a user – Uses SMS to deliver a specific application to a user via self-subscription or assignment by a delegated administrator. Remove an application – Enables applications that have been provisioned with ZTP to be removed via the ZTP Web user interface by the user or a delegate administrator. Invoke a Zero Touch migration – Migrates a machine from a legacy operating system to a Windows XP–based operating system while preserving applications, data, and settings. Four steps are involved for each service—an initial request by the end user or a delegate administrator, approval by the manager, automatic provisioning via ZTP, and finally distribution of the service. Let’s take a look at a ZTP core services in this next demonstration. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message USMT allows multiple desktops to be migrated simultaneously with minimal support incidents. Presenter Script The next benefit that IT professionals have identified is the ability to “migrate desktops simultaneously with minimized support incidents.” A key focus of Windows Vista deployment and migration is on making sure that a user’s settings and data can be seamlessly migrated to new machines or from earlier versions of Windows. For example, users who have their environments configured exactly the way that they want can transition to a new Windows environment or machine with very little loss of productivity. Windows Vista has combined and improved USMT and the Files and Settings Transfer Wizard to provide a unified upgrade migration framework. This common migration framework helps reduce the complexity and increase the reliability of migrations and upgrades. With the new Windows Vista USMT, you will find better heuristics for identifying user state data and migrating user documents and settings. During the user state migration process, it saves users’ state data to a server and restores it to the desktop after installation, upgrades users’ state data and applications in place, and increases automation of the deployment process by utilizing better scripting and XML technologies. We have found that during the task of migrating desktops, the migration scenarios can generally be categorized as one of two types—wipe-and-load or PC reallocation. The wipe-and-load scenario is where a new machine is slated to replace an old machine. This is also known as a hardware refresh. With Windows Vista, the steps to accomplish this are simple. First, run ScanState on the source (old) machine using a logon script or an SMS package and save the data to a file share or a Universal Serial Bus (USB) drive. Then, image the new machine with the organization’s standard operating environment (SOE). Finally, deploy the new machine, turn it on, and run ScanState.exe to restore the user’s data and settings to the freshly deployed machine. The PC reallocation scenario is where one user is receiving a new machine and their old machine is being reallocated to another user. With Windows Vista, the steps to accomplish this are simple as well. First, run ScanState on the source (old) machine using a logon script or an SMS package—saving the data to a file share or a removable hard disk. Then, image the new machine with the organization’s SOE. Third, deploy the new machine, turn it on, and run ScanState.exe to restore the user’s data and settings to the freshly deployed machine. Last, repeat the process for the old machine that is being reallocated to a new user. Let’s take a close look at USMT in this next demonstration. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Windows Vista provides security improvements that increase the management control and quality of service over network traffic. Presenter Script This next benefit focuses on the security improvements that have been make to help increase the management control and quality of service over network traffic in Windows Vista. Windows Firewall With Windows Vista, you can still configure the new Windows Firewall with the Windows Firewall item in Control Panel, which displays the same set of configuration options as the previous Windows Firewall. To configure enhanced features, Windows Vista provides a new Advanced Security Microsoft Management Console (MMC) snap-in. This provides a central location for configuration of both local and Active Directory Group Policy–based configuration. This snap-in allows you to configure the rules for inbound and outbound IP filtering with configurable defaults as well as manage Internet Protocol security (IPSec). This prevents conflicts between the technologies and provides a coordinated front against threats. Rules can be configured for Active Directory accounts and groups. For rules that specify that incoming or outgoing traffic must be protected with IPSec, you can specify the list of computer accounts and groups or user accounts and groups that are authorized to initiate protected communication. Rules can be configured for source and destination IP addresses. With the new Windows Firewall, you can configure both source and destination TCP or UDP ports for both incoming and outgoing traffic, allowing you to more closely define the type of TCP or UDP traffic that is allowed or blocked. You can also configure rules for all TCP or UDP ports or create a comma-delimited list of multiple ports. Rules can also be configured for specific types of interfaces. You can specify that a rule be applied to all interfaces or to specific types of interfaces, including local area network (LAN), remote access, or wireless interfaces. Finally, rules can be configured for services. To enable effective troubleshooting or to detect possible hackers, you must enable logging to view the log file. Monitoring of the Windows Firewall can be done in the Advanced Security MMC snap-in. The monitoring link provides information about incoming and outgoing traffic, as well as the current actions performed. You can also view security associations in either a main mode or a quick mode filter. There is a command-line version of the monitoring functions. There are also new performance counters available with Windows Firewall. Quality of Service In Windows Vista, an administrator’s ability to prioritize, manage, and monitor service for network traffic is greatly enhanced by the new Quality of Service (QoS) policy features. While most network traffic is currently delivered on a "best effort" basis, users and applications with specific network performance requirements may require preferential service levels. With Windows Vista, you can easily prioritize traffic and manage sending rates for any networking application using QoS policies. QoS in Windows Vista enables IT professionals to centrally manage network bandwidth sent by computers running Windows Vista, regardless of the application and across an entire Active Directory infrastructure. With a QoS policy, you can also manage the use of bandwidth by setting a throttle rate for outbound traffic. The throttle rate set in a QoS policy will limit the total outgoing network traffic to a specified rate. In addition, with QoS policies, you can define the priority of traffic. You can configure a QoS policy to mark outbound network traffic with a Differentiated Services Code Point (DSCP) value, which allows classification at the Internet Protocol (IP) level. When routers receive the traffic, they will use the DSCP value to decide in which queue to place the packet. You can configure how the routers will respond to traffic according to the DSCP values. The routers will use your configured settings to place the traffic into either a high-priority, best-effort, or lower-than-best-effort queue. This policy ensures that more critical network traffic gets preference and is not delayed by other lower-priority traffic. Both DSCP marking and throttling can be used together to manage traffic effectively. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Demonstrate how to configure and manage Windows Firewall inbound and outbound traffic. Presenter Script In this demonstration, we will introduce the Windows Firewall with Advanced Security snap-in and Windows Firewall management with the Group Policy Object Editor. We will also show options for creating rules, including inbound and outbound rules, how to open a port, and how to create a computer connection security rule. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Windows Vista provides features that help IT professionals isolate and fix problems quickly and easily. Presenter Script The next benefit that IT professionals have identified is the ability to “isolate and fix problems quickly and easily.” There are two primary areas that are focused on when monitoring system s for problems. They are the Reliability and Performance Monitor and the enhanced Windows Event Viewer. Diagnosing Performance Issues In Windows Vista, Microsoft has included performance diagnostics that provide instrumentation and services for both user-driven and tool-driven diagnoses of common problems, including “glitchy” media playback, slow application startup, slow boot, and network-related delays. These built-in performance diagnostics track how long it takes to execute common activities—such as booting the machine—and apply automated analysis when performance declines. The results of this analysis are written to the system event log, where they can be monitored by users or support professionals. In addition to built-in diagnostics, Windows Vista includes new tools and instrumentation that will make it easier for you to manage system performance. For example, performance counters are more reliable and secure and more widely implemented. Reliability and Performance Monitor All of the new reliability and performance diagnostic activities can be monitored from the Windows Reliability and Performance Monitor. Windows Vista uses the built-in Reliability Analysis Component to calculate a reliability index that provides an indication of your overall system stability over time. The Reliability Monitor also keeps track of important changes to the system that are likely to have an impact on stability, such as Windows updates, application installations, and driver installations. You can use the Reliability Monitor to see the trends in your system's reliability index correlated with these potentially destabilizing events, making it easy to trace a reliability change directly to a particular event. The Performance Monitor allows you to create sets of performance counters to capture different sets of information about your system. Performance counters are available for monitoring virtually every aspect of your Windows Vista system and most frequently used applications; they are accessed through a simple drag-and-drop interface. The Performance Monitor features multiple graph views to allow you to visually review performance log data. Custom views can be created in the Performance Monitor and exported as Data Collector Sets for use with performance and logging features. Event Viewer The Windows event logging infrastructure and other instrumentation in Windows Vista have been enhanced to provide greater visibility and control over the desktop environment. A key component of the Windows Vista event logging infrastructure is the Event Viewer—an indispensable tool for monitoring the health of systems and for troubleshooting issues when they arise. Although the Event Viewer has previously been a simple tool for viewing event logs, the Windows Vista Event Viewer includes features that dramatically improve the common usage scenarios. The redesigned Event Viewer also provides backward compatibility with Event Viewer files from the Microsoft Windows NT®, Windows 2000, Windows XP, and Windows Server 2003 operating systems. With the Event Viewer, you can query across multiple event logs, save useful queries as views that can be accessed later, and even schedule a task to run in response to an event. One of the key improvements to the Event Viewer is the Windows log summary. This summary displays events from all Windows logs and sorts them by event type (Critical, Error, Warning, Information, and Verbose). You can expand any category for specific event information, such as the event ID, the source, and the log that generated the event. Displayed at the bottom of the screen is the last time the summary was updated, along with the option to refresh the summary. To make viewing logs easier, there is also a window with shortcuts to recent views. The log summary shows key information of each log file, such as the log name, path, and retention policy. Other common actions are displayed on the right in the actions pane, which can be turned off on the toolbar button menu. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Demonstrate how to use the Windows Reliability and Performance Monitor. Presenter Script In this demonstration, we will examine the new Windows Reliability and Performance Monitor. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Windows Vista User Account Control and advanced security control helps IT professionals gain configurable control over end-user tasks. Presenter Script The next benefit that IT professionals have identified is the ability to “gain configurable control over end-user tasks with Windows Vista UAC and advanced security control .” UAC As IT professionals and administrators, we must determine the right balance between computer security and user productivity. In previous versions of Windows, you had to configure the majority of user accounts as members of the local administrator's group, because administrator privileges are required to install, update, and run many software applications without conflicts and to perform typical system-level tasks. Even the simplest operation, such as clicking the taskbar clock to view a calendar, requires administrator privileges. On the other hand, deploying a computer in a locked-down state by requiring users to operate in standard user mode severely limited a user’s productivity. A new feature of Windows Vista is User Account Control (UAC). The main goal of UAC is to reduce the exposure and attack surface of the operating system by requiring that all users run in standard user mode. This limitation minimizes the ability for users to make changes that could destabilize their computers or inadvertently expose the network to viruses through undetected malicious software (malware) that has infected their computer. With UAC, IT administrators run can run most applications, components, and processes with a limited privilege but have "elevation potential" for specific administrative tasks and application functions. Conversely, when users evoke a system task that requires administrator privileges, such as attempting to install an application, Windows Vista will notify the user and require administrator authorization. This type of prompting helps ensure that users do not accidentally make modifications to their desktops. It also helps eliminate the ability for malware to invoke administrator privileges without a user's knowledge. As a defense-in-depth measure, UAC also provides additional protection for administrators through its Administrator Approval Mode. With Administrator Approval Mode, Windows Vista will run most applications with standard user permissions even if the user is an administrator. If a user wishes to run a program that requires administrator permissions, they must give consent through a UAC prompt. This helps limit the ability of malware to make system-wide changes without the administrator's knowledge. Advanced Security Control In addition to UAC, Windows Vista also provides advanced security control. One of the top requests from IT administrators is the ability to have control over removable device installation. This addresses the concern of users taking corporate intellectual property away on a USB flash device. In high-security environments, this is a critical requirement. In Windows Vista, you have the ability to control what devices can be installed, so you’ll be able to set policies that allow mouse devices and keyboards to be installed but no other type of removable devices, such as a USB drive. Another new technology in Windows Vista is the Restart Manager. The intent of Restart Manager is to significantly reduce the number of patches that require a system reboot. Windows Vista also includes platform technology that can be used to prevent reboots or reduce the impact of reboots when they cannot be avoided. This new technology is used by Microsoft Windows Installer 4.0, so adding or removing applications packaged as MSIs is less likely to require a reboot. Some applications, including key 2007 Microsoft Office system applications, also leverage this technology to automatically save and restore the application state after a reboot due to an installation or an update. When a reboot cannot be avoided—such as in the case of an operating system update, Restart Manager can also help reduce the disruption caused by a reboot by capturing the state of applications before the reboot and then using Smart Relaunch to return applications to their state following the reboot. Lastly, Windows Vista includes enhancements to the Windows Security Center. These enhancements provide more visibility and an “anti-malware software status” to the Windows Security Center. This supports both Microsoft Anti-Spyware and third-party products. Let’s take a closer look at UAC in action. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Microsoft BitLocker™ Drive Encryption minimizes the risk of data theft or exposure from lost, stolen, or improperly decommissioned hardware. Presenter Script BitLocker Drive Encryption is a data-protection feature available in Windows Vista Enterprise and Windows Vista Ultimate for client computers and in Windows Server "Longhorn” (codename). BitLocker is a response by Microsoft to one of our top customer requests: address the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned PC hardware with a tightly integrated solution in the Windows operating system. BitLocker helps prevent a thief who boots another operating system or runs a software hacking tool from breaking Windows Vista file and system protections or performing offline viewing of the files stored on the protected drive. BitLocker enhances data protection by bringing together two major sub-functions: system volume encryption and checking the integrity of early-boot components. Drive encryption protects data by helping prevent unauthorized users from breaking Windows file and system protection on lost or stolen computers. The entire system volume is encrypted, including the swap and hibernation files. Checking the integrity of early-boot components helps to ensure that data decryption is performed only if those components appear tamper-free and that the encrypted drive is located in the original computer. BitLocker offers the option to lock the normal boot process until the user supplies a personal identification number (PIN), much like an automated teller machine (ATM) card PIN, or inserts a USB flash drive that contains keying material. These added security measures provide multifactor authentication and assurance that the computer will not boot or resume from hibernation until the correct PIN or USB flash drive is presented. Finally, BitLocker provides enhanced recovery options. BitLocker has a disaster recovery console integrated into the early boot components to provide for data retrieval. In the default setting, BitLocker requires no user actions, and even activation itself can be done remotely and automatically. By being tightly integrated with Windows Vista, BitLocker provides a seamless, secure, and easily manageable data protection solution for the enterprise. For example, BitLocker optionally leverages an enterprise’s existing Active Directory Domain Services infrastructure to remotely escrow recovery keys. Based upon policy, BitLocker can also be set to back up keys and passwords onto a USB dongle or to a file location. A recovery password should also be set by the administrator so that Windows operation can continue as normal. Presenter Guidance Additional Presenter Information BitLocker Drive Encryption: Protects data while the system is offline because it: Encrypts the entire Windows volume, including both user data and system files, the hibernation file, the page file, and temporary files. Provides umbrella protection for third-party applications. Third-party applications benefit automatically when installed on an encrypted volume. Helps ensure boot process integrity because it: Provides a method to check that early boot file integrity has been maintained and that there has been no adversarial modification of those files, such as with boot sector viruses or root kits. Protects the system from offline software-based attacks: any alternative software that might boot the system will not have access to the root keys that protect this Windows volume. Locks the system when tampered with—if any monitored files are tampered with, the system will not boot. This alerts the user to the tampering, since the system will fail to boot as usual. Eases equipment recycling by reducing the time to permanently and safely delete all data on the drive. Data on the encrypted volume can be rendered useless by simply deleting the keys that are required to access the drive.
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Demonstrate Microsoft BitLocker Drive Encryption. Presenter Script In this demonstration, we will see how to implement BitLocker and how it helps prevent data exposure from lost or stolen hardware. Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Presenter Script Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Presenter Script Evaluation Pilot Windows Vista in workgroup or department to evaluate potential benefits to end-users Planning Plan your deployment and conduct application compatibility testing using ACT and Application Compatibility Factory (highlight services from 6 partners participating in this program) Deployment Build system images and evaluate Zero Touch or Light Touch deployment options Security Discover how to protect your systems and data from malicious attacks Operations Manage your desktops and quantify the Total Cost of Ownership Contact a Partner to help you evaluate, pilot and deploy Windows Vista (highlight business practices and service offerings from top 25 Global SIs and Outsourcers – see appendix slide for a listing of all 25 partners with contact details) Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Presenter Script Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Key Message Presenter Script Presenter Guidance Additional Presenter Information
  • © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • Vista Launch_Nixon.ppt

    1. 1. David Nixon, MCSE Network Engineer County of Roanoke What is it? What does it mean to you?
    2. 2. Agenda <ul><li>Why are we here? </li></ul><ul><li>Windows Vista™ operating system overview </li></ul><ul><li>Top benefits for IT professionals! </li></ul><ul><li>Take a Vista tour </li></ul><ul><li>Next steps </li></ul>
    3. 3. Enabling People-Ready Business Secure Corporate Environment Manage Information Build Connections Improve Operations Proliferation of form factors and networks Corporate knowledge assets Pressure to reduce costs Keep systems up and running Team collaboration Protect against threats Collaborate Act Decide Discover People
    4. 4. Windows Vista Key Business Scenarios End Users Help improve security and compliance Find and use information Optimize desktop infrastructure Enable mobile workforce IT Pros
    5. 5. What Edition is right for you? Ultimate Business Home Premium Home Basic X X X X Windows Defender & IE7 X Drive Encryption X X Enhanced Media Support -Media Center, DVD Maker X X Domain Support X X X Tablet Support X X X Aero Desktop $399/259 $299/199 $239/159 $199/99 Retail / Upgrade Price
    6. 6. Hardware Requirements Vista Capable vs. Premium Ready <ul><li>Capable </li></ul><ul><ul><li>800 MHz CPU </li></ul></ul><ul><ul><li>512 MB RAM </li></ul></ul><ul><ul><li>DirectX 9 </li></ul></ul><ul><li>Ready </li></ul><ul><ul><li>1 GHz CPU </li></ul></ul><ul><ul><li>1024 MB RAM </li></ul></ul><ul><ul><li>DirectX 9 w/ </li></ul></ul><ul><ul><ul><li>WDDM Driver </li></ul></ul></ul><ul><ul><ul><li>Pixel Shader 2.0 in Hardware </li></ul></ul></ul><ul><ul><ul><li>32 bits per pixel </li></ul></ul></ul><ul><ul><ul><li>128 MB Video RAM </li></ul></ul></ul>
    7. 7. Top Benefits for IT Professionals
    8. 8. <ul><li>Planning </li></ul>Reduce deployment complexity and risk with deployment tools and resources 1 Engineering Implementation <ul><li>Application inventory </li></ul><ul><li>Application analysis </li></ul><ul><li>Application compatibility mitigation </li></ul><ul><li>Migration testing </li></ul><ul><li>Migration scripts </li></ul><ul><li>ACT, USMT, BDD, ORK </li></ul><ul><li>Build desktop image </li></ul><ul><li>Customize image </li></ul><ul><li>Add drivers, languages, and applications </li></ul><ul><li>Capture image </li></ul><ul><li>Prepare for rollout </li></ul><ul><li>ImageX, BDD, Sysprep, ORK </li></ul><ul><li>Install image on desktops </li></ul><ul><li>Migrate/upgrade </li></ul><ul><li>Deploy remotely </li></ul><ul><li>WDS, SMS, BDD, USMT </li></ul>BDD
    9. 9. <ul><li>Reduce image complexity and required image management activities </li></ul>2 <ul><li>Create and edit unattend files in XML </li></ul><ul><li>Add and modify optional components – languages, service packs, drivers </li></ul><ul><li>Apply unattend offline or online </li></ul><ul><li>Fully scriptable via command line </li></ul>System Image Manager <ul><li>Utility to create and manage WIM images </li></ul><ul><li>Mount and edit WIM files offline </li></ul><ul><li>Capture desktop volume into a WIM file </li></ul><ul><li>Operating system version agnostic </li></ul><ul><li>Command line only </li></ul>ImageX
    10. 10. <ul><li>Easily identify and manage compatibility issues with deploying legacy applications </li></ul>3 Compatibility Exchange Agent Framework/Compatibility Evaluators DCOM WF Inventory IE UAC UIA Etc… Internet Desktop Topology Log Processing Service Local ACT DB ACT Manager
    11. 11. Application Compatibility Toolkit 5.0
    12. 12. <ul><li>Provide a more consistent and predictable way to do provisioning tasks with ZTP </li></ul>4 <ul><li>Reset password </li></ul><ul><li>Provision a user </li></ul><ul><li>Edit user details </li></ul><ul><li>Add user to/remove from security group </li></ul><ul><li>Add user to/remove from distribution list </li></ul><ul><li>Add an application to/remove from a user </li></ul><ul><li>Invoke a Zero Touch migration </li></ul>Zero-Touch Provisioning (ZTP) Basic Services Subscriber Service Request Provisioning Processing Automated Delivery
    13. 13. <ul><li>Migrate desktops simultaneously with minimized support incidents using USMT </li></ul>Twenty new desktop computers are being deployed to users in the accounting department 5 Pam gets a new laptop, and her old laptop gets reallocated to George <ul><li>Increases automation </li></ul><ul><li>Upgrades user state data </li></ul><ul><li>Migrates documents and settings </li></ul><ul><li>Identifies user state data </li></ul>User State Migration Tool (USMT) 3.0 Scenario 1 Scenario 2
    14. 14. Increase management control and quality of service over network traffic 6 Firewall Rules <ul><li>Directory service accounts and groups </li></ul><ul><li>Source/destination Internet Protocol (IP) addresses </li></ul><ul><li>Source/destination Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports </li></ul>Quality of Service Policies <ul><li>Manage the use of network bandwidth </li></ul><ul><li>Define priority of traffic </li></ul>
    15. 15. Windows Firewall Management: Inbound/Outbound
    16. 16. Isolate and fix problems quickly and easily 7 Reliability and Performance Monitor Performance Monitoring <ul><li>Performance counters </li></ul><ul><li>Comprehensive monitoring </li></ul>Reliability Monitoring <ul><li>Reliability index </li></ul><ul><li>Event tracking </li></ul><ul><li>Query across multiple event logs </li></ul><ul><li>Reusable views </li></ul><ul><li>Cross-log queries </li></ul><ul><li>Forward events </li></ul><ul><li>Schedule tasks in response to events </li></ul>Windows Vista Event Viewer
    17. 17. Using the Windows Reliability and Performance Monitor
    18. 18. Gain configurable control over end-user tasks 8 User Account Control <ul><li>Allows system to run as standard user </li></ul><ul><li>Allows selected applications to run in elevated context </li></ul><ul><li>Enables inappropriate administrative checks to be fixed or removed </li></ul><ul><li>Provides capability through registry and file virtualization </li></ul>Advanced Security Control Control over removable device installation Restart Manager Security Center enhancements
    19. 19. Microsoft BitLocker™ Drive Encryption Minimize risk of data theft or exposure from lost, stolen, or discarded hardware 9 <ul><li>Improved at-rest data protection with full-drive encryption </li></ul><ul><li>Scalable security protection </li></ul><ul><li>Enterprise-ready deployment capabilities </li></ul><ul><li>Offline system tampering resistance </li></ul><ul><li>Worry-free hardware re-purposing and decommissioning </li></ul><ul><li>Integrated disaster recovery features </li></ul>
    20. 20. Implementing BitLocker Drive Encryption
    21. 21. Summary <ul><li>BDD Workbench </li></ul><ul><li>ImageX and System Image Manager </li></ul><ul><li>Application Compatibility Toolkit 5.0 </li></ul><ul><li>ZTP </li></ul><ul><li>USMT </li></ul><ul><li>Microsoft Windows Firewall </li></ul><ul><li>Reliability & Performance Monitor and Event Logs </li></ul><ul><li>UAC </li></ul><ul><li>BitLocker </li></ul>
    22. 22. Next Steps <ul><li>Evaluation </li></ul><ul><ul><li>Pilot Windows Vista in workgroup or department to evaluate potential benefits to end-users </li></ul></ul><ul><li>Planning </li></ul><ul><ul><li>Plan your deployment and conduct application compatibility testing using ACT and Application Compatibility Factory (highlight services from 6 partners participating in this program) </li></ul></ul><ul><li>Deployment </li></ul><ul><ul><li>Build system images and evaluate Zero Touch or Light Touch deployment options </li></ul></ul><ul><li>Security </li></ul><ul><ul><li>Discover how to protect your systems and data from malicious attacks </li></ul></ul><ul><li>Operations </li></ul><ul><ul><li>Manage your desktops and quantify the Total Cost of Ownership </li></ul></ul><ul><li>Contact a Partner to help you evaluate, pilot and deploy Windows Vista </li></ul>
    23. 23. Additional Resources <ul><li>Visit TechNet </li></ul><ul><ul><li>www.microsoft.com/ technet </li></ul></ul><ul><li>Visit Microsoft.com </li></ul><ul><ul><li>Microsoft Windows Server System™ integrated server software </li></ul></ul><ul><ul><li>http://www.microsoft.com/ windowsserversystem </li></ul></ul><ul><ul><li>Microsoft Solution Accelerator for Business Desktop Deployment (BDD) </li></ul></ul><ul><ul><li>http://www.microsoft.com/ technet/desktopdeployment/default.mspx </li></ul></ul><ul><li>Attend a free chat or webcast </li></ul><ul><li>http://www.microsoft.com/communities/chats/ default.mspx </li></ul><ul><li>http://www.microsoft.com/ usa/webcasts/default.asp </li></ul><ul><li>Participate in related newsgroups </li></ul><ul><ul><li>http://www.microsoft.com/technet/community/newsgroups/default.mspx </li></ul></ul><ul><li>Locate local user groups </li></ul><ul><li>http://www.microsoft.com/communities/ usergroups/default.mspx </li></ul><ul><li>Find a partner to work with </li></ul><ul><li>http:// directory.microsoft.com/mprd / </li></ul>
    24. 24. Questions
    25. 25. © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Microsoft, Active Directory, BitLocker, the Security Shield logo, Visual Basic, Windows, the Windows logo, Windows NT, Windows Server, Windows Server System, and Windows Vista are registered trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Microsoft Corporation • One Microsoft Way • Redmond, WA 98052-6399 • USA

    ×