Your SlideShare is downloading. ×
Herramientas De AdministracióN
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Herramientas De AdministracióN

684
views

Published on

En esta presentación analizamos varias herramientas de administración disponibles en Microsoft para mejorar nuestra infraestructura. …

En esta presentación analizamos varias herramientas de administración disponibles en Microsoft para mejorar nuestra infraestructura.

Ing. Eduardo Castro Martinez, PhD
Microsoft SQL Server MVP
http://ecastrom.blogspot.com
http://mswindowscr.org
http://comunidadwindows.org

Published in: Technology, Design

1 Comment
0 Likes
Statistics
Notes
  • Great presentation !... could you send me a copy? Thanks
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total Views
684
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
1
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Ing. Eduardo Castro, PhD ecastro@grupoasesor.net http://ecastrom.blogspot.com
  • 2. Microsoft Confidential
  • 3. 1994 2000 2003 2006 2007 2008 Essentials SMS DPM debuts Extend debuts portfolio - debuts MOM debuts VMM debuts VMM manages ESX SMS 2 ships MOM 2005 Cross-platform System ships Beta Connectors Center released Milestones: MDOP debuts SCCM 2007 SMS 2003 ships ships System Center portfolio SCOM 2007 launches ships VISION LEARNING EXECUTION LEADERSHIP
  • 4. Packaged Knowledge Packaged Best Practices Partner Ecosystem Knowledge Management Packs Solution Accelerators Hardware Operation Microsoft Operations ISV Configuration Framework MOF/ITIL) System Integrators Connectors for Microsoft Consulting Services Interoperability Process Improvement Deployment Knowledge Creation Data Center Management Solutions Products Desktop & Device Management Infrastructure Windows Platform Virtualization Technology Open Standards Active Directory Server Virtualization WS-Management Windows WorkFlow Application Virtualization Open Pegasus WMI Desktop Virtualization SML/CML WSUS Presentation Virtualization Powershell
  • 5. Configuration End to End Server Data Protection Management Monitoring Compliance and Recovery Automated Proactive Platform Configuration Business Continuity Provisioning Monitoring Controls and Through and Updating Application & Reporting Virtualization of Physical Service Level Centralized Mgmt and Virtual Monitoring Security Auditing Backup Environments Interoperable Comprehensive and Recovery of Server and Extensible Security & Identity Physical and Consolidation Platform and Access Mgmt Virtual Resources Through Disaster Recovery Physical Virtualization Virtual
  • 6. Configuration Manager R2 with multicast Enhanced OS provisioning Ops Mgr R2 Cross-platform monitoring of Unix, Linux VMM 2008 computer support and unknown Ops Mgr v4 Native Connectors for interoperability VMware ESX server support Service Manager Service Manager Network-aware service monitoring Service Manager change and configuration Automated incident generation direct from management workflows operational alerts Baseline Compliance Solution Accelerator Ops Mgr R2 DPM vNext Increased onsite and offsite data protection Support for service management based Additional Config Packs capabilities VMM 2008 compliance practices via Service Manager Service Manager Additional Windows workloads protected Compliance Solution Accelerator Dynamically manage virtual hosts to avoid downtime using PRO tips
  • 7. Virtual Workload Provisioning
  • 8. Proliferation of Flexible Devices Work Styles Laptops outselling 30% of workforce desktops for the first mobile in 3 years (IDC) time (IDC) 50% of workers travel 4x number of managed with non-pc device by devices than PCs by 2012 (Gartner) 2009 (The Economist) Anywhere Security and Access Compliance Broadband increase to 81% surveyed report 64% of US households their business reported by 2011 (Forrester) missing laptops with 3.3 Billion people have confidential data in mobile phone service past year (Ponemon (Int.Telco Union) Institute Survey)
  • 9. Adaptive Application Delivery Windows Vista Deployment Managed client application Automated OS delivery via traditional and deployment via image virtual methods standardization Client Infrastructure Monitoring Remote PC Diagnostics & Repair Client health monitoring Out of band remote and proactive issue diagnostics and identification remediation with Intel vPRO End-Point Security Management Configuration Compliance Enforced compliance with Assess systems system health policy compliance against definitions via established configuration remediation baselines Compliance Baseline Solution Accelerator
  • 10. Understand Applications & Hardware Restore Understand Applications Compatibility & State Deploy OS
  • 11. DESKTOP VIRTUALIZATION VIRTUALIZATION VIRTUALIZATION
  • 12. Adaptive Application Delivery Windows OS Deployment Config Mgr Virtualization* Application SP2 Config Mgr Deployment Windows 7 v5 integration into Config Mgr App Virt 4.5 Enterprise Desktop Virt* - centralized management of virtual OS and applications Client Infrastructure Monitoring Remote PC Diagnostics & Repair Ops Mgr v4 Desktop Error Monitoring* Config Mgr v5 Advanced Group Policy - custom reporting Config Mgr DCM Packs Management* - cross domains Service Manager Diagnostics and recovery fully scriptable toolset* - including offline Full incident & problem anti-malware diagnostics management with Svc Mgr End-Point Security Management Configuration Compliance Config v5 Client Security Forefront Config Mgr v5 Baseline Compliance integrationClient Security - ForeFront Solution Accelerator Config Mgr DCM Sterling Compliance Packs Support for service management best practices Service Manager via service manager * Part of the Microsoft Desktop Optimization Pack
  • 13. CY2008 2009H1 2009H2 2010 2008 V3 Rollup/SP1 V3 2007 SP1/R2 V5 2007 SP1 2007 R2 V4 V1 2008 2009 2009 2010 2008 2008 SP1 SP1 V2
  • 14. Microsoft Confidential
  • 15. What Is Virtual Server? What Is Windows Server Virtualization? Windows Server Virtualization Requirements Windows Server Virtualization Features Windows Server Virtualization Architecture
  • 16. Virtual Server: Is a hypervisor that runs parallel to the Windows operating system (hybrid VMM) Works with earlier versions of Windows Server Stores disks in .vhd files Stores configuration settings in .vmc files Hardware devices are emulated
  • 17. Windows Server Virtualization: Is a bare metal hypervisor for 64-bit editions of the Windows Server 2008 operating system Supports dynamic resource allocation Supports 32-bit and 64-bit guests Supports live migration of virtual machines Parent Partition Child Partition Child Partition Applications Applications Applications Windows OS 1 OS 2 Server 2008 Windows Hypervisor Hardware
  • 18. Software Requirements: Windows Server 2008 Standard, Enterprise, or Datacenter Windows Server 2008 64-bit editions only Windows Server 2008 Enterprise includes licenses for up to 4 virtualized servers Windows Server 2008 Datacenter includes licenses for an unlimited number of virtualized servers Hardware Requirements: • 64-bit x86 processor • Hardware assisted virtualization — AMD-V or Intel VT • Hardware enabled Data Execution Prevention — AMD NX (no execute bit) — Intel XD (execute disable)
  • 19. Features of Windows Server Virtualization: Large memory support in VMs Multiprocessor support in VMs Support for network offload technologies Virtual machine snapshots Scripting interface Minimum and maximum thresholds for CPU and network Offline Virtual Hard Disk manipulation Automatic failover to a recovery site
  • 20. Provided by: Parent Partition Windows Virtualization Stack Child Partitions Windows Virtualization WMI Provider ISV Applications VM VM Worker OEM Service Processes User Mode Virtualization Server Core Virtualization Service Clients Windows Kernel Service (VSCs) Windows Providers Kernel IHV (VSPs) VM Enlightenments Drivers Bus Kernel Mode Windows Hypervisor ―Designed for Windows‖ Server Hardware
  • 21. System Center Virtual Machine Manager enables: Centralized deployment and management of VMs Placement analysis Physical to virtual conversion Creation of a library of VM components Delegated self-service provisioning
  • 22. Quick Migration enables VMs on a SAN to be migrated to a standby server Planned migration: • State is saved to disk then restored on standby server • Downtime depends on memory and speed of SAN • Downtime can be only several seconds Unplanned migration • State is not saved • Virtual machine is restarted on standby server • Downtime will be minutes
  • 23. Microsoft Confidential
  • 24. Active Directory Rights Management Services (AD RMS) is an information protection technology that works with AD RMS-enabled applications to help safeguard digital information from unauthorized use AD RMS can be used to: Restrict access to an organization’s intellectual property Limit the actions users can perform on content Limit the risk of content being exposed outside the organization
  • 25. RMS 1 Server 4 5 2 3 Information Recipient Author
  • 26. Action Application Features Microsoft® Office: • Word • Set rights (View, Change, Print) Protect Sensitive Files • Excel® • Set validity period • PowerPoint® • Help protect sensitive e-mail from being sent to the Internet Do-Not-Forward/Print Microsoft Office E-mail Outlook® • Help protect confidential e-mail from being taken outside of the company • Internet Help safeguard intranet content by Explorer® restricting access to: Help Safeguard View Intranet Content • Microsoft Office  SharePoint®  Change Services  Print Identity Federation All RMS-enabled Help safeguard data across AD FS Support applications trusts
  • 27. Active Directory SQL Server Domain Controller AD RMS Server RMS Enabled Application Information Author Recipient
  • 28. AD RMS Certificates and Licenses include: Lockbox Machine certificate Rights account certificate Client licensor certificate Publishing license Use license Revocation list
  • 29. SQL Server Active Directory Domain Controller 3 AD RMS Server 2 1 RMS- enabled Application 4 Information Recipient Author
  • 30. 3 SQL Server Active Directory Domain Controller 2 AD RMS Server 4 5 1 RMS-enabled Application Information Recipient Author
  • 31. Microsoft Confidential
  • 32. Overview of Active Directory Certificate Services Understanding Active Directory Certificate Services Certificates Implementing Certificate Enrollment and Revocation
  • 33. A certificate consists of a digital file that has two parts • Base certificate information • Public Key • Public keys are distributed to all clients who request the key • Private keys are stored only on the computer from which the certificate was requested
  • 34. Plaintext SSL Plaintext (Encrypted) Web Encrypt Decrypt Web Server Client Different keys are used to encrypt and decrypt the message Private Key Public Key
  • 35. Certificate templates: • Define what certificates can be issued by the CAs • Define certificates used for various purposes • Define which security principals have permissions to read, enroll, and configure the certificate template
  • 36. A Certification Authority (CA) is an entity entrusted to issue certificates to: • Individuals • Computers • Organizations • Services These certificates verify the identity and other attributes of the certificate subject to other entities
  • 37. CA hierarchies include a root CA and one or more levels of subordinate CAs Reasons for deploying more than a single server CA hierarchy: • Usage • Organizational divisions • Geographic divisions • Load balancing • High availability • Restrict administrative access
  • 38. When implementing a CA solution, you can: • Use an internal private CA • Use an external public CA Internal CAs are less expensive and provide more administrative options, but the issued certificates are not trusted by external clients
  • 39. Enterprise Stand-Alone Can use without AD DS  Uses Group Policy for Trusted Root  propagation Publishes certificates and CRL to AD DS  Can enforce credential checks during  enrollment Can have subject name generated  automatically from logon credentials Can use certificate templates  Can be used to generate smart card Windows domain authentication  certificates Can use certificate auto-enrollment 
  • 40. What methods are used for certificate enrollment? • Web Enrollment • Manual/Offline Enrollment • Automatic Enrollment
  • 41. To obtain a certificate using manual enrollment: 1 Create a certificate request 2 Submit certificate request to CA 3 Obtain administrative approval for certificate 4 Retrieve certificate from CA and install on client
  • 42. Group Policy triggers automatic request Enterprise CA Group Policy Domain Computer Auto-enroll is enabled on the template from which the requested certificate is created
  • 43. Certificate revocation occurs when a certificate is invalidated before its expiration period Clients can ensure the certificate has not been revoked by using the following methods: • Online Certificate Status Protocol responder service (OCSP) • Certificate Revocation Lists (CRLs)
  • 44. Microsoft Confidential
  • 45. Visual Studio Team Suite Visual Architecture Development Test Database Studio Industry Edition Edition Edition Edition Partners MSF Process and Guidance Modeling Code Analysis Load & Manual Database Code Metrics Testing Deployment Profiling Change Mgmt DB Testing Code Coverage Visual Studio Professional Edition Test Load Agent Team Foundation Server Version Control Reporting and BI Team Build Work Item Tracking Team Portal
  • 46. Visual Studio Your VSIP Package Your PCW plug in Your .NET App Your TE Node Team Foundation OM Work Item OM Version Control OM Registration Svc Proxy Linking Service Proxy Policy Framework Eventing Service Proxy Security Service Proxy Common Controls Classification Svc Proxy Client Application Tier Changeset / Source File Work Item Build Your Artifacts Version Control Service Work Item Tracking Svc Team Build Service Your Service Warehouse Adapter Warehouse Adapter Warehouse Adapter Warehouse Adapter Registration Service Linking Service Eventing Service Security Service Classification Service TF Facts Data Tier TF Data TF Facts Your Data Your Facts Reporting Warehouse
  • 47. Logical Class Diagram Use Case Diagram Sequence Diagram Component Diagram Activity Diagram .Net Class Diagram Model Explorer
  • 48. Work item tracking ensures traceability. Work Item Database & Queries Metrics Warehouse
  • 49. Hierarchal Work Items Improved Excel-based Agile planning tools High fidelity integration with Microsoft Project Server Cross project dashboard and reporting Simpler reporting
  • 50. Integration with Project Server
  • 51. Comprehensive business intelligence enables real-time decision making
  • 52. Work Outstanding To be Tested Completed Work
  • 53. Test rates (pass, inconclusive, fail) shown in bars code churn Against code coverage and active bugs
  • 54. Microsoft Confidential
  • 55. Communication and Collaboration challenges •Be part of a virtual team •Share and contribute information My Manager •Connect with the right person in the right way My team Role 3: External Contacts: Capital city / Contractors Global Customers Partners •Work Anywhere Other Dept •Connect with the – HR, right person in the Role 1: YOU Legal, right way Accounts •Search, Share and Find information •Share information •Mobile enable •Working across geographically dispersed locations Role 2: Company employee •Connect with the right people at the right time Home/Hotel Room/Cafe •Seamless transition from communication modes for ad hoc and formal situations
  • 56. Voice and e-mail as separate inboxes Different servers, access mechanisms Desktop software (e-mail) Phone (voice mail) Fax messages Stand-alone fax machines Users and administrators must manage their messages from multiple locations with different tools “With Exchange Server 2007, we look forward to being able to communicate better…Will this technology help us sell more golf clubs? In this case, yes, we believe that better communication will help us sell more golf clubs.” —Eric Hart, End-User Computing Manager, PING Inc.
  • 57. Convenient, integrated access to your vital business communications Reducing costs, increasing operational efficiency by consolidating infrastructure, training Unified store, transport, directory Increasing client reach to the telephone ―Anywhere access‖ to your messages, calendar, contacts “Having anywhere access to e-mail and voice mail is going to be a huge benefit... People can access information and interact with it using a variety of devices, at work, at home, and on the road; and all of this translates directly into productivity.” —Steven Presley, Senior IT Engineer for Messaging, QUALCOMM
  • 58. Custom Rendering Voice messages Play (multimedia) Play on phone Fax messages Voice mail options Reset PIN E-mail folder Missed call notifications
  • 59. Phone interface to Exchange Server 2007 Speech enabled (English) or Touch Tone Voice Play, forward, delete, call sender, etc. E-mail messages Language detection, play, forward, delete, find, hide etc. Calendar Accept invitation, play details, clear, etc. Personal contacts, directory Call (office/cell/home), send a message
  • 60. VoIP protocols (SIP, RTP, T.38) between UM and IP PBX/gateway Works with many varieties of PBX Well suited to site consolidation Scalable, reliable
  • 61. UC endpoints QOE Public IM Monitoring Archiving Clouds CDR AOL MSN DMZ Yahoo Data Inbound Audio/ Routing Video Outbound SIP Routing Remote Voice Mail Users Routing Active Access Front-End Server(s) Conferencing Backend (IM, Presence) Server(s) SQL server Directory Server Exchange Mediation Server Federated 2007 Server UM Businesses (SIP-PSTN GW) Voicemail PRI PSTN PBX
  • 62. Role Scenario Purpose Standard Edition All All-in-one functionality for proof-of-concepts Enterprise Edition: Front End All SIP communications between client and servers Enterprise Edition: Back End All SQL Server: Back End store for state information Director External Access Authentication of external users Edge Server External Access Remote access, federation, PIC, media traversal Mediation Server Voice Interoperability with IP-PSTN Gateways Archiving Server All Compliance and Call Detail Records Communicator Web Access Web Access Web Access for IM and Presence functionality
  • 63. Consolidated Configuration Example Deployment Medium Size Business AD Regional Deployment Functionality SQL IM, Presence, Peer-to-peer Voice, Conferencing Highly Available, Medium Scale No External Access Enterprise Edition Front-End PSTN requires Mediation Server Servers: Consolidated Server Roles IIS Share Presence Audio/Video Conferencing Scalability 5 Servers Up to 30,000 users
  • 64. Expanded Configuration Example Deployment Large Enterprise AD Central Datacenter Active Passive Functionality Enterprise Edition SQL SQL IM, Presence, Voice, Conferencing Front-End Servers: Expanded Back-end Back-end Server Server No external access, No PSTN Server Roles IIS Servers A/V Conferencing Servers Web Conferencing Scaled-out across servers Servers High Availability, High scale Enterprise Pool: Expanded Scalability 14 Servers Up to 125,000 users
  • 65. External Access (Primary) AD Access Edge Server Traffic: SIP Web Conf Edge Server Traffic: PSOM Internet Corporate Network A/V Conf Edge Server DMZ Traffic: A/V Active Passive REDMOND Datacenter Traffic: HTTPS DMZ ISA (reverse proxy) Corporate Network SQL SQL Primary Access Corporate Network Loc 1 A DMZ Edge Server Web Conf Enterprise Edition Front-End Servers: Expanded Back-end Server Back-end Server Site Edge Server IP-PSTN GW PSTN Internal Deployment Director Loc 2 A/V Conf Edge Server B Region I IIS Servers A/V Conferencing Servers Web Conferencing Servers Secure connection IP-PSTN GW Mediation over TLS Server Enterprise Pool: Expanded Loc 3 ISA (reverse proxy) B WAN Link Load Balancer COMO Console IP-PSTN GW Mediation Server Director authenticates OCS Access Corporate Network Edge Server OC UC phone ... remote user SQL Web Conf Internet Edge Server Secure OCS 2007 SE OCS 2007 SE Internal Deployment connection over A/V Conf Edge Server MTLS Load Balancer AD Secondary User authenticates Directors Site Access Proxy Datacenter SINGAPORE ISA (reverse proxy) External Loc 1 A Access IP-PSTN GW (Secondary) Pool A Pool B Pool C PSTN Loc 2 B Region II Enterprise Pool: Consolidated IP-PSTN GW Mediation Server Loc 3 B IP-PSTN GW
  • 66. Ing Eduardo Castro, PhD ecastro@grupoasesor.net http://ecastrom.blogspot.com